You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@jmeter.apache.org by bu...@apache.org on 2019/02/17 20:54:57 UTC
[Bug 63185] New: Option to implicitly trust SSL/TLS
connections/Disable hostname verification
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
Bug ID: 63185
Summary: Option to implicitly trust SSL/TLS connections/Disable
hostname verification
Product: JMeter
Version: 3.2
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Main
Assignee: issues@jmeter.apache.org
Reporter: wolfebrian2120@gmail.com
Target Milestone: JMETER_5.2
Hi,
I am looking for additional functionality regarding SSL connections.
Specifically when doing LDAP load testing. Sometimes the servers I am working
with have issues regarding their certificates or they are using custom certs
and jmeter doesn't have the roots. In either case, it would be helpful to have
an option to turn off hostname verification and cert path validity. In short
have JMeter implicitly trust a connection to a server. The default behaviour
should be that it does check those things, but we should have another checkbox
next to the "Secure Connection?" that would ask us if we wanted to implicitly
trust the connection.
Pros:
* Allow for faster development of load testing scripts.
* Remove the need to manage the SSL on remote jmeter-server instances
* Useful for HTTPS testing.
My specific case is with regards to testing LDAP using the extended ldap
request sampler.
The best way I think this should be done would be to add a custom TrustManager
instance and reference that when making any secure connections in jmeter if the
option is turned on.
btw which ever version this is completed for does not matter for me. I am using
3.2 since that is the last one I downloaded. As far as I know the new versions
do not have this feature either.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 63185] Add option to implicitly trust SSL/TLS
connections/Disable hostname verification
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk
Hardware|PC |All
OS|Linux |All
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #2 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Author: pmouawad
Date: Fri Mar 1 10:03:02 2019
New Revision: 1854570
URL: http://svn.apache.org/viewvc?rev=1854570&view=rev
Log:
Bug 63185 - Add option to implicitly trust SSL/TLS connections/Disable hostname
verification
Based on contribution by Brian Wolfe
Changes:
- Fixed existing NPE if log level is DEBUG if attr is null
- Fixed some SONAR warning
- Simplified code
- Modified TrustAllSocketFactory (renamed and fixed static attribute sf
affectation from Constructor)
This closes #443
Bugzilla Id: 63185
Added:
jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/TrustAllSocketFactory.java
(with props)
Modified:
jmeter/trunk/src/core/org/apache/jmeter/resources/messages.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_es.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_fr.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_pt_BR.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_tr.properties
jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/config/gui/LdapExtConfigGui.java
jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LDAPExtSampler.java
jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java
jmeter/trunk/xdocs/changes.xml
jmeter/trunk/xdocs/usermanual/build-ldapext-test-plan.xml
jmeter/trunk/xdocs/usermanual/component_reference.xml
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 63185] LDAP related elements: Add option to implicitly trust
SSL/TLS connections/Disable hostname verification
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Add option to implicitly |LDAP related elements: Add
|trust SSL/TLS |option to implicitly trust
|connections/Disable |SSL/TLS connections/Disable
|hostname verification |hostname verification
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 63185] Add option to implicitly trust SSL/TLS
connections/Disable hostname verification
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |p.mouawad@ubik-ingenierie.c
| |om
Summary|Option to implicitly trust |Add option to implicitly
|SSL/TLS connections/Disable |trust SSL/TLS
|hostname verification |connections/Disable
| |hostname verification
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 63185] Add option to implicitly trust SSL/TLS
connections/Disable hostname verification
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
--- Comment #3 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Thanks wolfebrian2120 for your contribution.
It is now merged but I made modifications. Can you checkout the currently
building jenkins if it's successful:
https://builds.apache.org/job/JMeter-trunk/
Test and give us feedback.
Also, it would be better to make in GUI, Trust All only enabled if "Use Secure
LDAP Protocol" is enabled as it is only used then.
Thanks
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 63185] Option to implicitly trust SSL/TLS connections/Disable
hostname verification
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63185
--- Comment #1 from Brian Wolfe <wo...@gmail.com> ---
I created pull request #443 with branch 63185. This pull request addresses the
LDAP trust all feature for the Extended LDAP Request Sampler. It is currently
awaiting review and a decision on when the feature can be merged for a release.
--
You are receiving this mail because:
You are the assignee for the bug.