[
https://issues.apache.org/jira/browse/ARTEMIS-1746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16471679#comment-16471679
]
ASF GitHub Bot commented on ARTEMIS-1746:
-----------------------------------------
GitHub user blsemo opened a pull request:
https://github.com/apache/activemq-artemis/pull/2083
ARTEMIS-1746: Fix client side OpenSSL
- Added a client side open ssl context as the open ssl context does not
support switching, so needs to be created correctly right away.
- Sorted out passing in of trusted keys to the open ssl wrapper - just
passing in the first key does not work in cases where trust has to be
established via a chain
- Added integration tests for using tc-native boring ssl wrapper.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/corda/activemq-artemis ARTEMIS-1746
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/activemq-artemis/pull/2083.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2083
----
commit f56ae82ff35d005c0511b6a5c423902f72396ba8
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-05T10:19:04Z
Add netty client context for use of OpenSSL on Artemis client sessions
commit 02028cc430f1a79379c995c3c61bcbb0e5714f6b
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-13T09:52:00Z
OpenSSL integration test (broken)
commit b4d855cfbe8d0a1b3032eb9e6de501762e4871ad
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-14T10:38:53Z
Add test keystores compatible with OpenSSL
Add working test for OpenSSL server side
commit 07cb9146638e313572fd28103ca6f6956b280ef5
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-14T10:56:32Z
Fix missing private key/cert for netty client context.
commit 7ffdbbc8caa909f121fc66978fd98ceceb568c71
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-14T11:01:34Z
Add support for client to trust all servers in OpenSSL mode
commit 67989cde5d5409ac75eaa7a9b0b3142a4331ebea
Author: Christian Sailer <christian.sailer@...>
Date: 2018-03-19T10:31:20Z
Use KeyManagerFactory rather than just picking the first key in the key
store as identity
commit d16be781221c5a1a97eede17b75e89ff0b3b1adc
Author: Christian Sailer <christian.sailer@...>
Date: 2018-05-11T08:54:29Z
Fix comments and narrow exception types accepted in tests
commit 9efb4a50054e490f3d58d75939742097af79f5d3
Author: Christian Sailer <christian.sailer@...>
Date: 2018-05-11T09:04:28Z
Merge pull request #1 from corda/blsemo/openssl-client
ARTEMIS-1746 client side openSSL
- added client side open ssl context
- fixed keystore/keychain issue
- added tests for open ssl
commit c7ee6f3e9c6f1fff7a7031be7540b2c99b97d628
Author: Christian Sailer <christian.sailer@...>
Date: 2018-05-11T09:10:24Z
Removed superfluous blank line
----
> Client-side openSSH support is broken
> -------------------------------------
>
> Key: ARTEMIS-1746
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1746
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 2.5.0
> Reporter: Christian Sailer
> Priority: Major
>
> The new feature to use openSSH via the netty-tcnative library in Artemis
> 2.5.0 only works for enabling on the server side.
> When enabling it on the client side, there are several issue, the first of
> which is that it tries to use a server ssl context on the client side and
> then fails due to a client/server mismatch.
> Also, I could not find any integration tests actually using openSSL.
> I am working on a patch to fix these issues including tests.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
