You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by gs...@apache.org on 2008/10/20 20:00:05 UTC

svn commit: r706349 - in /incubator/qpid/trunk/qpid/cpp/src: qpid/client/SslConnector.cpp qpid/sys/SslPlugin.cpp qpid/sys/ssl/util.cpp ssl.mk

Author: gsim
Date: Mon Oct 20 11:00:05 2008
New Revision: 706349

URL: http://svn.apache.org/viewvc?rev=706349&view=rev
Log:
Remove default location for certificate database.
Some extra checking in loading ssl libraries.


Modified:
    incubator/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
    incubator/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp
    incubator/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/util.cpp
    incubator/qpid/trunk/qpid/cpp/src/ssl.mk

Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp?rev=706349&r1=706348&r2=706349&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp Mon Oct 20 11:00:05 2008
@@ -146,8 +146,12 @@
             try {
                 SslOptions options;
                 options.parse (0, 0, CONF_FILE, true);
-                initNSS(options);                
-                Connector::registerFactory("ssl", &create);
+                if (options.certDbPath.empty()) {
+                    QPID_LOG(warning, "SSL connector not enabled, you must set QPID_SSL_CERT_DB to enable it.");                    
+                } else {
+                    initNSS(options);                
+                    Connector::registerFactory("ssl", &create);
+                }
             } catch (const std::exception& e) {
                 QPID_LOG(error, "Failed to initialise SSL connector: " << e.what());
             }

Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp?rev=706349&r1=706348&r2=706349&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp Mon Oct 20 11:00:05 2008
@@ -89,13 +89,21 @@
         broker::Broker* broker = dynamic_cast<broker::Broker*>(&target);
         // Only provide to a Broker
         if (broker) {
-            ssl::initNSS(options, true);
-
-            const broker::Broker::Options& opts = broker->getOptions();
-            ProtocolFactory::shared_ptr protocol(new SslProtocolFactory(options,
-                                                                        opts.connectionBacklog, opts.tcpNoDelay));
-            QPID_LOG(info, "Listening for SSL connections on TCP port " << protocol->getPort());
-            broker->registerProtocolFactory("ssl", protocol);
+            if (options.certDbPath.empty()) {
+                QPID_LOG(warning, "SSL plugin not enabled, you must set --qpid-ssl-cert-db to enable it.");                    
+            } else {
+                try {
+                    ssl::initNSS(options, true);
+                    
+                    const broker::Broker::Options& opts = broker->getOptions();
+                    ProtocolFactory::shared_ptr protocol(new SslProtocolFactory(options,
+                                                                                opts.connectionBacklog, opts.tcpNoDelay));
+                    QPID_LOG(info, "Listening for SSL connections on TCP port " << protocol->getPort());
+                    broker->registerProtocolFactory("ssl", protocol);
+                } catch (const std::exception& e) {
+                    QPID_LOG(error, "Failed to initialise SSL plugin: " << e.what());
+                }
+            }
         }
     }
 } sslPlugin;

Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/util.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/util.cpp?rev=706349&r1=706348&r2=706349&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/util.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/util.cpp Mon Oct 20 11:00:05 2008
@@ -49,7 +49,6 @@
 }
 
 SslOptions::SslOptions() : qpid::Options("SSL Settings"), 
-                           certDbPath(CERT_DB),
                            certName(defaultCertName()),
                            exportPolicy(false)
 {

Modified: incubator/qpid/trunk/qpid/cpp/src/ssl.mk
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/ssl.mk?rev=706349&r1=706348&r2=706349&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/ssl.mk (original)
+++ incubator/qpid/trunk/qpid/cpp/src/ssl.mk Mon Oct 20 11:00:05 2008
@@ -13,7 +13,7 @@
 
 libsslcommon_la_LIBADD= -lnss3 -lssl3 -lnspr4 libqpidcommon.la
 
-libsslcommon_la_CXXFLAGS=$(AM_CXXFLAGS) $(SSL_CFLAGS) -DCERT_DB=\"$(sysconfdir)/qpid_cert_db\"
+libsslcommon_la_CXXFLAGS=$(AM_CXXFLAGS) $(SSL_CFLAGS)
 
 lib_LTLIBRARIES +=  libsslcommon.la