qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ulf Lilleengen <l...@redhat.com>
Subject Qpid Proton SSL and SNI
Date Mon, 14 Nov 2016 14:18:50 GMT
Hi all,

I've been playing around with setting Server Name Indication (SNI)
 when using the qpid proton python bindings.

For configuring SSL, it seems to be expected that configuration
parameters come from a SSLDomain python object, which maps to the
underlying pn_ssl_domain_t in proton-c.

Today, setting SNI is done through the pn_ssl_t instance using
'pn_ssl_set_peer_hostname'. The pn_ssl_t instance does not seem to be
exposed in the end APIs in the same way as pn_ssl_domain_t, at least
not in the python bindings. I tried to work around this in the python
bindings by passing an extra parameter in addition to the ssl_domain
instance on connect(), but it didn't seem like a good approach.

Would it make sense to add the peer_hostname attribute to the
pn_ssl_domain_t instance, and use that when configuring the pn_ssl_t
internally (in addition to keeping todays API)? 

Ulf Lilleengen

To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org

View raw message