User zech <[email protected]> sends the following message to the
owners of Package 'Apache.NMS.ActiveMQ 1.7.2
(https://www.nuget.org/packages/Apache.NMS.ActiveMQ/1.7.2)'.
Hello,
I have found a problem using this library with TLS1.2 to connect to ActiveMQ
(our server only supports TLS 1.2).
The current library implementation only supports Tls or Ssl3 because of (see
file SslTransport.cs)
private SslProtocols GetAllowedProtocol()
{
if (!String.IsNullOrEmpty(SslProtocol))
{
return (SslProtocols)Enum.Parse(typeof(SslProtocols),
SslProtocol, true);
}
return SslProtocols.Default;
}
Return should be SslProtocols.None ! (see remark in decompiled
System.Security.Authentication.SslProtocols)
/ Decompiled with JetBrains decompiler
// Type: System.Security.Authentication.SslProtocols
// Assembly: System, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089
// MVID: 862B9365-843C-4BF1-BA93-210C124BB523
// Assembly location: C:\Windows\Microsoft.NET\Framework\v4.0.30319\System.dll
namespace System.Security.Authentication
{
/// <summary>Defines the possible versions of <see
cref="T:System.Security.Authentication.SslProtocols"
/>.</summary>
[Flags]
[__DynamicallyInvokable]
public enum SslProtocols
{
/// <summary>Allows the operating system to choose the best protocol to
use, and to block protocols that are not secure. Unless your app has a specific
reason not to, you should use this field.</summary>
[__DynamicallyInvokable] None = 0,
/// <summary>Specifies the SSL 2.0 protocol. SSL 2.0 has been superseded
by the TLS protocol and is provided for backward compatibility
only.</summary>
[__DynamicallyInvokable] Ssl2 = 12, // 0x0000000C
/// <summary>Specifies the SSL 3.0 protocol. SSL 3.0 has been superseded
by the TLS protocol and is provided for backward compatibility
only.</summary>
[__DynamicallyInvokable] Ssl3 = 48, // 0x00000030
/// <summary>Specifies the TLS 1.0 security protocol. The TLS protocol is
defined in IETF RFC 2246.</summary>
[__DynamicallyInvokable] Tls = 192, // 0x000000C0
/// <summary>Specifies the TLS 1.1 security protocol. The TLS protocol is
defined in IETF RFC 4346.</summary>
[__DynamicallyInvokable] Tls11 = 768, // 0x00000300
/// <summary>Specifies the TLS 1.2 security protocol. The TLS protocol is
defined in IETF RFC 5246.</summary>
[__DynamicallyInvokable] Tls12 = 3072, // 0x00000C00
/// <summary>Specifies the TLS 1.3 security protocol. The TLS protocol is
defined in IETF RFC 8446.</summary>
Tls13 = 12288, // 0x00003000
/// <summary>Use None instead of Default. Default permits only the Secure
Sockets Layer (SSL) 3.0 or Transport Layer Security (TLS) 1.0 protocols to be
negotiated, and those options are now considered obsolete. Consequently,
Default is not allowed in many organizations. Despite the name of this field,
<see cref="T:System.Net.Security.SslStream" /> does not use it
as a default except under special circumstances.</summary>
Default = Tls | Ssl3, // 0x000000F0
}
Best regards
Hansjoerg
-----------------------------------------------
To stop receiving contact emails as an owner of this package, sign in to
the NuGet Gallery and
change your email notification settings (https://www.nuget.org/account).
Privacy Statement (https://go.microsoft.com/fwlink/?LinkId=521839)
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052 USA
