AMQP TLS session negotiation

[Chefo <ch...@gmail.com>]

Hi folks,

I've been digging through the proton code for a couple days, looking for a
way to initiate a TLS session upgrade as defined in section 5.2 of the AMQP
1.0 spec (
http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-security-v1.0-os.html#section-tls
).

If I get it correctly that should be negotiated by the client by sending
the 'A', 'M', 'Q', 'P', 2, 1, 0, 0  header, but I can't find this being
handled by proton anywhere. In fact, as far as I can see, the only
recognized headers are the plain { 'A', 'M', 'Q', 'P', 0, 1, 0, 0 } and the
SASL one { 'A', 'M', 'Q', 'P', 3, 1, 0, 0 }.

Is the TLS session upgrade supported by proton? Am I missing something?

Thanks in advance,
Stefan

Re: AMQP TLS session negotiation

[Robbie Gemmell <ro...@gmail.com>]

On 27 November 2015 at 16:06, Chefo <ch...@gmail.com> wrote:
> Hi folks,
>
> I've been digging through the proton code for a couple days, looking for a
> way to initiate a TLS session upgrade as defined in section 5.2 of the AMQP
> 1.0 spec (
> http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-security-v1.0-os.html#section-tls
> ).
>
> If I get it correctly that should be negotiated by the client by sending
> the 'A', 'M', 'Q', 'P', 2, 1, 0, 0  header, but I can't find this being
> handled by proton anywhere. In fact, as far as I can see, the only
> recognized headers are the plain { 'A', 'M', 'Q', 'P', 0, 1, 0, 0 } and the
> SASL one { 'A', 'M', 'Q', 'P', 3, 1, 0, 0 }.
>
> Is the TLS session upgrade supported by proton? Am I missing something?
>
> Thanks in advance,
> Stefan

I don't think it is supported. I'm not personally aware of other
things using the explicit layer either, instead taking the "pure TLS"
approach covered in "5.2.1 Alternative Establishment".

Robbie