[jira] [Commented] (PROTON-2663) class ssl_client_options does not have a constructor for a custom client certificate, and default certificate trust database

Sat, 17 Aug 2024 18:43:35 -0700 


    [ 
https://issues.apache.org/jira/browse/PROTON-2663?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17874598#comment-17874598
 ] 

ASF GitHub Bot commented on PROTON-2663:
----------------------------------------

codecov-commenter commented on PR #384:
URL: https://github.com/apache/qpid-proton/pull/384#issuecomment-2295056741

   ## 
[Codecov](https://app.codecov.io/gh/apache/qpid-proton/pull/384?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
 Report
   Attention: Patch coverage is `0%` with `4 lines` in your changes missing 
coverage. Please review.
   > Project coverage is 69.68%. Comparing base 
[(`2eab5c0`)](https://app.codecov.io/gh/apache/qpid-proton/commit/2eab5c0f3be03412600d3682803cca19bf658159?dropdown=coverage&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
 to head 
[(`250a0c8`)](https://app.codecov.io/gh/apache/qpid-proton/commit/250a0c8efc96e28c5f9ed2bc463d84bd06262f87?dropdown=coverage&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache).
   > Report is 158 commits behind head on main.
   
   | 
[Files](https://app.codecov.io/gh/apache/qpid-proton/pull/384?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
 | Patch % | Lines |
   |---|---|---|
   | 
[cpp/src/ssl\_options.cpp](https://app.codecov.io/gh/apache/qpid-proton/pull/384?src=pr&el=tree&filepath=cpp%2Fsrc%2Fssl_options.cpp&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-Y3BwL3NyYy9zc2xfb3B0aW9ucy5jcHA=)
 | 0.00% | [4 Missing :warning: 
](https://app.codecov.io/gh/apache/qpid-proton/pull/384?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
 |
   
   <details><summary>Additional details and impacted files</summary>
   
   
   ```diff
   @@            Coverage Diff             @@
   ##             main     #384      +/-   ##
   ==========================================
   - Coverage   69.69%   69.68%   -0.01%     
   ==========================================
     Files         370      371       +1     
     Lines       69868    71609    +1741     
   ==========================================
   + Hits        48694    49904    +1210     
   - Misses      21174    21705     +531     
   ```
   
   </details>
   
   [:umbrella: View full report in Codecov by 
Sentry](https://app.codecov.io/gh/apache/qpid-proton/pull/384?dropdown=coverage&src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache).
   
   :loudspeaker: Have feedback on the report? [Share it 
here](https://about.codecov.io/codecov-pr-comment-feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache).
   




> class ssl_client_options does not have a constructor for a custom client 
> certificate, and default certificate trust database 
> -----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: PROTON-2663
>                 URL: https://issues.apache.org/jira/browse/PROTON-2663
>             Project: Qpid Proton
>          Issue Type: Improvement
>          Components: cpp-binding
>    Affects Versions: proton-c-0.37.0, proton-c-0.38.0
>         Environment: Linux 64bit
> Ubuntu 22.04: libqpid-proton-cpp12 0.22.0-5 (used for testing, not intended 
> for production)
> Redhat, Oracle: qpid-proton-cpp-0.37.0-1.el8.x86_64
>            Reporter: Marko Hrastovec
>            Assignee: Andrew Stitcher
>            Priority: Major
>              Labels: ssl
>             Fix For: proton-c-0.39.0
>
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Class ssl_client_options does not have a constructor for a custom client 
> certificate, and default certificate trust database.
> Out application has to present a custom certificate to the server, but the 
> server uses a certificate signed by a certificate authority (CA) that is 
> present in the systems default certificate trust database.
> Curently, our only option to connect is to supply a dummy certificate trust 
> database, and use proton::ssl::ANONYMOUS_PEER which disables server check. In 
> that way, we skip an important check for a secure connection. That is 
> unacceptable for a production version of our application. Until we come to a 
> production version we must resolve that issue. That is why I marked it as a 
> blocker.
> I have a patch, but I am not sure how to contribute it. I guess reporting is 
> a first step?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to