You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2012/12/12 18:40:47 UTC
svn commit: r1420866 - in /qpid/proton/branches/kgiusti-proton-136:
proton-c/bindings/python/
proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/
proton-j/proton/src/main/scripts/ tests/proton_tests/
Author: kwall
Date: Wed Dec 12 17:40:45 2012
New Revision: 1420866
URL: http://svn.apache.org/viewvc?rev=1420866&view=rev
Log:
PROTON-136: fixed various minor bugs in Python SSL code. Also tweaked how SSLEngineFacadeFactory handles anonymous peer mode.
Applied patch from Philip Harvey<ph...@philharveyonline.com>.
Modified:
qpid/proton/branches/kgiusti-proton-136/proton-c/bindings/python/proton.py
qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/scripts/proton.py
qpid/proton/branches/kgiusti-proton-136/tests/proton_tests/ssl.py
Modified: qpid/proton/branches/kgiusti-proton-136/proton-c/bindings/python/proton.py
URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-c/bindings/python/proton.py?rev=1420866&r1=1420865&r2=1420866&view=diff
==============================================================================
--- qpid/proton/branches/kgiusti-proton-136/proton-c/bindings/python/proton.py (original)
+++ qpid/proton/branches/kgiusti-proton-136/proton-c/bindings/python/proton.py Wed Dec 12 17:40:45 2012
@@ -2323,7 +2323,7 @@ class SSLDomain(object):
def allow_unsecured_client(self, allow_unsecured = True):
return self._check( pn_ssl_domain_allow_unsecured_client(self._domain,
- allow_unsecured )
+ allow_unsecured ))
class SSL(object):
@@ -2336,8 +2336,10 @@ class SSL(object):
def __init__(self, transport, domain=None, session_details=None):
if domain:
+ session_id = None
if session_details:
- self._ssl = pn_ssl_new( domain._domain, transport._trans, session_details.get_session_id() )
+ session_id = session_details.get_session_id()
+ self._ssl = pn_ssl_new( domain._domain, transport._trans, session_id )
else: # old api:
self._ssl = pn_ssl(transport._trans)
if self._ssl is None:
@@ -2374,7 +2376,7 @@ class SSLSessionDetails(object):
self._session_id = session_id
def get_session_id(self):
- return self.session_id
+ return self._session_id
__all__ = [
"LANGUAGE",
@@ -2383,7 +2385,7 @@ __all__ = [
"AUTOMATIC",
"PENDING",
"MANUAL",
- "REJECTED"
+ "REJECTED",
"UNDESCRIBED",
"Array",
"Condition",
Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java?rev=1420866&r1=1420865&r2=1420866&view=diff
==============================================================================
--- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java (original)
+++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java Wed Dec 12 17:40:45 2012
@@ -179,7 +179,7 @@ public class SslEngineFacadeFactory
kmf.init(ksKeys, dummyPassword);
final TrustManager[] trustManagers;
- if (sslDomain.getTrustedCaDb() == null && sslDomain.getPeerAuthentication() == SslDomain.VerifyMode.ANONYMOUS_PEER)
+ if (sslDomain.getPeerAuthentication() == SslDomain.VerifyMode.ANONYMOUS_PEER)
{
trustManagers = new TrustManager[] { new AlwaysTrustingTrustManager() };
}
Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/scripts/proton.py
URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/scripts/proton.py?rev=1420866&r1=1420865&r2=1420866&view=diff
==============================================================================
--- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/scripts/proton.py (original)
+++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/scripts/proton.py Wed Dec 12 17:40:45 2012
@@ -757,13 +757,6 @@ class SSL(object):
def get_session_details(self):
return self._session_details
- RESUME_REUSED = "unused-for-java"
-
- def resume_status(self):
- # Java has no way to determine if an SSL session is being reused
- return SSL.RESUME_REUSED
-
-
def cipher_name(self):
return self._ssl.getCipherName()
Modified: qpid/proton/branches/kgiusti-proton-136/tests/proton_tests/ssl.py
URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/tests/proton_tests/ssl.py?rev=1420866&r1=1420865&r2=1420866&view=diff
==============================================================================
--- qpid/proton/branches/kgiusti-proton-136/tests/proton_tests/ssl.py (original)
+++ qpid/proton/branches/kgiusti-proton-136/tests/proton_tests/ssl.py Wed Dec 12 17:40:45 2012
@@ -144,16 +144,16 @@ class SslTest(common.Test):
self._testpath("server-private-key.pem"),
"server-password")
self.server_domain.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
- server = SslTest.SslTestConnection( self.server_domain )
self.server_domain.set_peer_authentication( SSLDomain.VERIFY_PEER,
self._testpath("ca-certificate.pem") )
+ server = SslTest.SslTestConnection( self.server_domain )
# give the client a certificate, but let's not require server authentication
self.client_domain.set_credentials(self._testpath("client-certificate.pem"),
self._testpath("client-private-key.pem"),
"client-password")
- client = SslTest.SslTestConnection( self.client_domain )
self.client_domain.set_peer_authentication( SSLDomain.ANONYMOUS_PEER )
+ client = SslTest.SslTestConnection( self.client_domain )
client.connection.open()
server.connection.open()
@@ -172,15 +172,15 @@ class SslTest(common.Test):
self._testpath("server-private-key.pem"),
"server-password")
self.server_domain.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
- server = SslTest.SslTestConnection( self.server_domain )
self.server_domain.set_peer_authentication( SSLDomain.VERIFY_PEER,
self._testpath("ca-certificate.pem") )
+ server = SslTest.SslTestConnection( self.server_domain )
self.client_domain.set_credentials(self._testpath("bad-server-certificate.pem"),
self._testpath("bad-server-private-key.pem"),
"server-password")
- client = SslTest.SslTestConnection( self.client_domain )
self.client_domain.set_peer_authentication( SSLDomain.ANONYMOUS_PEER )
+ client = SslTest.SslTestConnection( self.client_domain )
client.connection.open()
server.connection.open()
@@ -200,12 +200,12 @@ class SslTest(common.Test):
self._testpath("server-private-key.pem"),
"server-password")
self.server_domain.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
- server = SslTest.SslTestConnection( self.server_domain )
self.server_domain.set_peer_authentication( SSLDomain.VERIFY_PEER,
self._testpath("ca-certificate.pem") )
+ server = SslTest.SslTestConnection( self.server_domain )
- client = SslTest.SslTestConnection( self.client_domain )
self.client_domain.set_peer_authentication( SSLDomain.ANONYMOUS_PEER )
+ client = SslTest.SslTestConnection( self.client_domain )
client.connection.open()
server.connection.open()
@@ -295,7 +295,6 @@ class SslTest(common.Test):
# now re-try with a client that does not require peer verification
self.client_domain.set_peer_authentication( SSLDomain.ANONYMOUS_PEER )
- self.client_domain.set_trusted_ca_db( None ) # proton-j only allows ANONYMOUS if there is no CA DB.
client = SslTest.SslTestConnection( self.client_domain )
server = SslTest.SslTestConnection( self.server_domain )
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org