You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Justin Ross (Jira)" <ji...@apache.org> on 2021/11/01 09:48:00 UTC

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c

     [ https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Ross updated PROTON-855:
-------------------------------
    Labels: features patch tls  (was: features patch)

> Add axTLS (embedded SSL) support to proton-c
> --------------------------------------------
>
>                 Key: PROTON-855
>                 URL: https://issues.apache.org/jira/browse/PROTON-855
>             Project: Qpid Proton
>          Issue Type: New Feature
>          Components: proton-c
>    Affects Versions: proton-0.9, proton-0.9.1, proton-0.10
>         Environment: Platform independent
>            Reporter: Tomasz Nowicki
>            Priority: Major
>              Labels: features, patch, tls
>             Fix For: proton-c-future
>
>         Attachments: axtls.c, axtls_proton_example.c, qpidproton-AXTLS.patch, ssl_io.h
>
>   Original Estimate: 0h
>  Remaining Estimate: 0h
>
> The axTLS embedded SSL project is a highly configurable client/server 
> TLSv1 SSL library designed for platforms with small memory requirements. 
> It comes with a small HTTP/HTTPS server and additional test tools. 
> axTLS It's free! (BSD style licensing)
> http://axtls.sourceforge.net/
> axTLS integration with proton is done on socket layer(posix layer). On the other hand OpenSSL integration with proton is done on the transport layer. To use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send (daclared in include/ssl_io.h) which in openssl mode, without crypting, invoke native proton "pn_send" and "pn_receive (io.c)". In axTLS mode, those methods are replaced with proper axtls comunication methods. Those are defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
> Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used in pni_connection_writable(pn_selectable_t *sel), pni_connection_readable(pn_selectable_t *sel) (connection.c).
> Moreover we introduced new file axtls.c located in src/ssl. The file is an equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
> PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
> Example of axTLS integration with ex ActiveMQ atatched(axtls_proton_example.c):
> It's based on
> http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3CCACL1BnC5JerbNikd_4fgkJqh13H5NL_2z-SSZP3Jg2t+ywAu2A@mail.gmail.com%3E



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org