qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gordon Sim" <g...@redhat.com>
Subject Re: Review Request 22890: Allow SSL hostname verification to be disabled in c++ client
Date Tue, 24 Jun 2014 15:58:05 GMT


> On June 24, 2014, 1:05 p.m., Kenneth Giusti wrote:
> > Just FYI: the pure python client has a similar feature.  Its configuration parameter
is a boolean called "ssl_skip_hostname_check":
> > 
> > self.ssl_skip_hostname_check = options.get("ssl_skip_hostname_check", False)

The reason I chose 'ignore hostname verification failure' is that with NSS you can't actually
skip the check, you can just choose to ignore it. The difference is perhaps irrelevant to
users. However on the other hand none of the ssl options between c++ and python are aligned
anyway.


- Gordon


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/22890/#review46521
-----------------------------------------------------------


On June 24, 2014, 7:33 a.m., Gordon Sim wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/22890/
> -----------------------------------------------------------
> 
> (Updated June 24, 2014, 7:33 a.m.)
> 
> 
> Review request for qpid, Andrew Stitcher and Pavel Moravec.
> 
> 
> Repository: qpid
> 
> 
> Description
> -------
> 
> Adds a connection option ignore_ssl_hostname_verification_failure, which if set to true
will cause a connect attempt to proceed even if the hostname connecting to does not match
the peers certificate.
> 
> 
> Diffs
> -----
> 
>   /trunk/qpid/cpp/src/qpid/client/ConnectionSettings.h 1604917 
>   /trunk/qpid/cpp/src/qpid/client/ConnectionSettings.cpp 1604917 
>   /trunk/qpid/cpp/src/qpid/client/SslConnector.cpp 1604917 
>   /trunk/qpid/cpp/src/qpid/client/amqp0_10/ConnectionImpl.cpp 1604917 
>   /trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp 1604917 
>   /trunk/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp 1604917 
>   /trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h 1604917 
>   /trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp 1604917 
> 
> Diff: https://reviews.apache.org/r/22890/diff/
> 
> 
> Testing
> -------
> 
> make test passes
> 
> 
> Thanks,
> 
> Gordon Sim
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message