You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ch...@apache.org on 2012/04/04 21:04:37 UTC

svn commit: r1309548 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/ apollo-stomp/src/test/resources/

Author: chirino
Date: Wed Apr  4 19:04:36 2012
New Revision: 1309548

URL: http://svn.apache.org/viewvc?rev=1309548&view=rev
Log:
Fixes APLO-178: Using key_alias= causes all SSL connects to fail.

Also added tests to verify.

Modified:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
    activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
    activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks
    activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala?rev=1309548&r1=1309547&r2=1309548&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala (original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala Wed Apr  4 19:04:36 2012
@@ -67,7 +67,7 @@ class KeyStorage(val config:KeyStorageDT
       if( config.key_alias!=null ) {
         key_managers = key_managers.map  { m =>
           m match {
-            case m:X509KeyManager => AliasFilteringKeyManager(config.key_alias, m)
+            case m:X509ExtendedKeyManager => AliasFilteringKeyManager(config.key_alias, m)
             case _ => m
           }
         }
@@ -78,11 +78,13 @@ class KeyStorage(val config:KeyStorageDT
 
 }
 
-case class AliasFilteringKeyManager(alias: String, next:X509KeyManager) extends X509KeyManager {
+case class AliasFilteringKeyManager(alias: String, next:X509ExtendedKeyManager) extends X509ExtendedKeyManager {
+  override def chooseEngineClientAlias(keyType: Array[String], issuers: Array[Principal], engine: SSLEngine) = alias
+  override def chooseEngineServerAlias(keyType: String, issuers: Array[Principal], engine: SSLEngine) = alias
   def chooseClientAlias(keyType: Array[String], issuers: Array[Principal], socket: Socket) = alias
   def chooseServerAlias(keyType: String, issuers: Array[Principal], socket: Socket) = alias
-  def getClientAliases(keyType: String, issuers: Array[Principal]) = next.getClientAliases(keyType, issuers).filter(_==alias)
-  def getServerAliases(keyType: String, issuers: Array[Principal]) = next.getServerAliases(keyType, issuers).filter(_==alias)
+  def getClientAliases(keyType: String, issuers: Array[Principal]) = next.getClientAliases(keyType, issuers)
+  def getServerAliases(keyType: String, issuers: Array[Principal]) = next.getServerAliases(keyType, issuers)
   def getCertificateChain(alias: String) = next.getCertificateChain(alias)
   def getPrivateKey(alias: String) = next.getPrivateKey(alias)
 }
\ No newline at end of file

Modified: activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml?rev=1309548&r1=1309547&r2=1309548&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml (original)
+++ activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml Wed Apr  4 19:04:36 2012
@@ -24,7 +24,7 @@
     <host_name>localhost</host_name>
   </virtual_host>
 
-  <key_storage file="${basedir}/src/test/resources/apollo.ks" password="password" key_password="password"/>
+  <key_storage file="${basedir}/src/test/resources/apollo.ks" password="password" key_password="password" key_alias="broker-localhost"/>
   <connector id="ssl" bind="ssl://0.0.0.0:0" />
 
 </broker>
\ No newline at end of file

Modified: activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks?rev=1309548&r1=1309547&r2=1309548&view=diff
==============================================================================
Files activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks (original) and activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks Wed Apr  4 19:04:36 2012 differ

Modified: activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks?rev=1309548&r1=1309547&r2=1309548&view=diff
==============================================================================
Files activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks (original) and activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks Wed Apr  4 19:04:36 2012 differ