Author: kgiusti Date: Tue Aug 14 15:55:12 2012 New Revision: 1372947 URL: http://svn.apache.org/viewvc?rev=1372947&view=rev Log: NO-JIRA: add SSL support to fetch mailbox client
Modified: qpid/proton/branches/driver_abstraction/examples/mailbox/README.txt qpid/proton/branches/driver_abstraction/examples/mailbox/fetch Modified: qpid/proton/branches/driver_abstraction/examples/mailbox/README.txt URL: http://svn.apache.org/viewvc/qpid/proton/branches/driver_abstraction/examples/mailbox/README.txt?rev=1372947&r1=1372946&r2=1372947&view=diff ============================================================================== --- qpid/proton/branches/driver_abstraction/examples/mailbox/README.txt (original) +++ qpid/proton/branches/driver_abstraction/examples/mailbox/README.txt Tue Aug 14 15:55:12 2012 @@ -59,6 +59,7 @@ Optional - using SSL to encrypt the data certificates: $ post -m myMailbox --ssl-cert-db ./trusted_db "Here is a message" + $ fetch --ssl-cert-db ./trusted_db myMailbox [1] At the time of this writing SSL/TLS is implemented using OpenSSL, and is only Modified: qpid/proton/branches/driver_abstraction/examples/mailbox/fetch URL: http://svn.apache.org/viewvc/qpid/proton/branches/driver_abstraction/examples/mailbox/fetch?rev=1372947&r1=1372946&r2=1372947&view=diff ============================================================================== --- qpid/proton/branches/driver_abstraction/examples/mailbox/fetch (original) +++ qpid/proton/branches/driver_abstraction/examples/mailbox/fetch Tue Aug 14 15:55:12 2012 @@ -35,12 +35,23 @@ class Options(object): parser.add_option("-v", "--verbose", action="store_true", help="Turn on extra trace messages.") + # SSL configuration + parser.add_option("--ssl-cert-db", type="str", metavar="<dir>", + help="database of trusted certificates") + + # if server wants authentication: + #parser.add_option("--ssl-cert-file") + #parser.add_option("--ssl-key-file") + #parser.add_option("--ssl-key-pw") + opts, mailboxes = parser.parse_args() # uses sys.argv[1:] self.mailbox = None if len(mailboxes) == 1: self.mailbox = str(mailboxes[0]) self.server = opts.server + self.ca_database = opts.ssl_cert_db + addr = opts.server.rsplit(":", 1) self.host = addr[0] if len(addr) == 2: @@ -52,7 +63,7 @@ class Options(object): class FetchClient(object): - def __init__(self, host, port, mailbox): + def __init__(self, host, port, mailbox, ca_database=None): """ Initialize the client by supplying the address of the server, and the name of the mailbox to fetch from. """ @@ -60,6 +71,7 @@ class FetchClient(object): self.port = port self.mailbox = mailbox self.logging = False + self.ca_database = ca_database def setup(self): """ Setup and configure the connection to the server. @@ -70,6 +82,11 @@ class FetchClient(object): self.driver = pn_driver(); self.cxtr = pn_connector(self.driver, self.host, self.port, None) + # configure database of trusted CA's + if self.ca_database: + rc = pn_connector_ssl_client_init(self.cxtr, self.ca_database); + assert(rc == 0) + # configure SASL self.sasl = pn_connector_sasl(self.cxtr) pn_sasl_mechanisms(self.sasl, "ANONYMOUS") @@ -91,6 +108,25 @@ class FetchClient(object): pn_link_open(self.link) + def teardown(self): + """ Perform a clean disconnect from the server, and release the + resources created in setup() + """ + self.log("Shutting down the connection cleanly...") + pn_connection_close(self.conn) + + # now wait for the connector to close + while not (pn_connector_closed(self.cxtr)): + self.wait() + + #pn_sasl_free(self.sasl); + pn_link_free(self.link); + pn_session_free(self.ssn); + pn_connection_free(self.conn); + pn_connector_free(self.cxtr); + self.log("...Shutdown complete!") + + def wait(self): """ Wait for an event to process. """ @@ -150,7 +186,8 @@ def main(): receiver = FetchClient(options.host, options.port, - options.mailbox) + options.mailbox, + options.ca_database) if options.verbose: receiver.enableLogging() @@ -212,10 +249,9 @@ def main(): receiver.wait() receiver.settle() - # we're done, close and wait for the remote to close also - pn_connection_close(receiver.conn) - while not (pn_connection_state(receiver.conn) & PN_REMOTE_CLOSED): - receiver.wait() + # we're done, now clean up the connection: + receiver.teardown() + return 0 --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org