You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2018/04/05 15:29:29 UTC

[2/2] qpid-jms-amqp-0-x git commit: QPID-8153: [Qpid JMS AMQP 0-x] Pass host/port through to the SSLEngine so that SNI may function

QPID-8153: [Qpid JMS AMQP 0-x] Pass host/port through to the SSLEngine so that SNI may function


Project: http://git-wip-us.apache.org/repos/asf/qpid-jms-amqp-0-x/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-jms-amqp-0-x/commit/78cf85c6
Tree: http://git-wip-us.apache.org/repos/asf/qpid-jms-amqp-0-x/tree/78cf85c6
Diff: http://git-wip-us.apache.org/repos/asf/qpid-jms-amqp-0-x/diff/78cf85c6

Branch: refs/heads/master
Commit: 78cf85c60fbedddfc08f978262aaa23061cae2b4
Parents: 44cec58
Author: Keith Wall <kw...@apache.org>
Authored: Thu Apr 5 15:21:28 2018 +0100
Committer: Keith Wall <kw...@apache.org>
Committed: Thu Apr 5 16:22:03 2018 +0100

----------------------------------------------------------------------
 .../network/security/SecurityLayerFactory.java          | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-jms-amqp-0-x/blob/78cf85c6/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java b/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java
index 7239c5a..0522936 100644
--- a/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java
+++ b/client/src/main/java/org/apache/qpid/transport/network/security/SecurityLayerFactory.java
@@ -29,6 +29,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.TrustManager;
 
+import org.apache.qpid.client.BrokerDetails;
 import org.apache.qpid.configuration.CommonProperties;
 import org.apache.qpid.ssl.SSLContextFactory;
 import org.apache.qpid.transport.ByteBufferSender;
@@ -122,7 +123,16 @@ public class SecurityLayerFactory
                     CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_BLACK_LIST_DEFAULT);
             try
             {
-                _engine = sslCtx.createSSLEngine();
+                if (BrokerDetails.SOCKET.equals(settings.getTransport())
+                                                || settings.getHost() == null
+                                                || settings.getHost().length() == 0)
+                {
+                    _engine = sslCtx.createSSLEngine();
+                }
+                else
+                {
+                    _engine = sslCtx.createSSLEngine(settings.getHost(), settings.getPort());
+                }
                 _engine.setUseClientMode(true);
                 SSLUtil.updateEnabledTlsProtocols(_engine, protocolWhiteList, protocolBlackList);
                 SSLUtil.updateEnabledCipherSuites(_engine, cipherSuiteWhiteList, cipherSuiteBlackList);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org