ARTEMIS-1538: Allow trustAll to apply from a connection URI

Previously when configuring a connectionFactory by URI this property was
ignored
This commit is contained in:
Christopher L. Shannon (cshannon) 2017-12-07 16:48:11 -05:00
parent d9acc649ac
commit 3d2e24d429
2 changed files with 30 additions and 2 deletions

View File

@ -342,6 +342,7 @@ public class TransportConstants {
allowableConnectorKeys.add(TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME); allowableConnectorKeys.add(TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.ENABLED_PROTOCOLS_PROP_NAME); allowableConnectorKeys.add(TransportConstants.ENABLED_PROTOCOLS_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.VERIFY_HOST_PROP_NAME); allowableConnectorKeys.add(TransportConstants.VERIFY_HOST_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.TRUST_ALL_PROP_NAME);
allowableConnectorKeys.add(TransportConstants.TCP_NODELAY_PROPNAME); allowableConnectorKeys.add(TransportConstants.TCP_NODELAY_PROPNAME);
allowableConnectorKeys.add(TransportConstants.TCP_SENDBUFFER_SIZE_PROPNAME); allowableConnectorKeys.add(TransportConstants.TCP_SENDBUFFER_SIZE_PROPNAME);
allowableConnectorKeys.add(TransportConstants.TCP_RECEIVEBUFFER_SIZE_PROPNAME); allowableConnectorKeys.add(TransportConstants.TCP_RECEIVEBUFFER_SIZE_PROPNAME);

View File

@ -16,13 +16,13 @@
*/ */
package org.apache.activemq.artemis.tests.integration.ssl; package org.apache.activemq.artemis.tests.integration.ssl;
import javax.net.ssl.SSLPeerUnverifiedException;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import io.netty.handler.ssl.SslHandler; import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.activemq.artemis.api.core.ActiveMQException; import org.apache.activemq.artemis.api.core.ActiveMQException;
import org.apache.activemq.artemis.api.core.ActiveMQNotConnectedException; import org.apache.activemq.artemis.api.core.ActiveMQNotConnectedException;
import org.apache.activemq.artemis.api.core.Interceptor; import org.apache.activemq.artemis.api.core.Interceptor;
@ -51,6 +51,8 @@ import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.junit.runners.Parameterized; import org.junit.runners.Parameterized;
import io.netty.handler.ssl.SslHandler;
@RunWith(value = Parameterized.class) @RunWith(value = Parameterized.class)
public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase { public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase {
@ -242,6 +244,31 @@ public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase {
sf.close(); sf.close();
} }
@Test
public void testTwoWaySSLVerifyClientTrustAllTrueByURI() throws Exception {
NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor("nettySSL");
acceptor.getConfiguration().put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
server.getRemotingService().stop(false);
server.getRemotingService().start();
server.getRemotingService().startAcceptors();
//Set trust all so this should work even with no trust store set
StringBuilder uri = new StringBuilder("tcp://" + tc.getParams().get(TransportConstants.HOST_PROP_NAME).toString()
+ ":" + tc.getParams().get(TransportConstants.PORT_PROP_NAME).toString());
uri.append("?").append(TransportConstants.SSL_ENABLED_PROP_NAME).append("=true");
uri.append("&").append(TransportConstants.TRUST_ALL_PROP_NAME).append("=true");
uri.append("&").append(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME).append("=").append(storeType);
uri.append("&").append(TransportConstants.KEYSTORE_PATH_PROP_NAME).append("=").append(CLIENT_SIDE_KEYSTORE);
uri.append("&").append(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME).append("=").append(PASSWORD);
server.getRemotingService().addIncomingInterceptor(new MyInterceptor());
ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocator(uri.toString()));
ClientSessionFactory sf = createSessionFactory(locator);
sf.close();
}
@Test @Test
public void testTwoWaySSLVerifyClientTrustAllFalse() throws Exception { public void testTwoWaySSLVerifyClientTrustAllFalse() throws Exception {
NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor("nettySSL"); NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor("nettySSL");