Comments (5)
@ktdreyer: Did you install twisted[tls]
?
@cjrh: Please advise.
from stompest.
My first thought would be that there should be no difference between the sync and async versions, since for both, the ssl context object wraps the underlying socket. However, I see the Twisted code samples that @ktdreyer linked, and it looks a lot more involved than what I was expecting. I don't have any experience with client cert validation, unfortunately.
To be absolutely clear, does it fail if
twisted[tls]
is installed- an ssl context is created and passed into
StompConfig()
, exactly like for the sync case?
I realise that in the stompest docs we don't have an explicit TLS example in the async case, but the idea was that it would be configured exactly the same as for the sync case, so I decided not to add one.
If the answer to both of those bullets above is "yes", and it is still failing, then I'm not sure how to proceed without spending a lot more time investigating.
from stompest.
Also SSLv3 is regarded as insecure and I'm pretty sure it's disabled by default, at least in Python 3.6.
from stompest.
Thanks guys! twisted[tls]
is installed in my tests.
You're right, I'm passing an ssl
context to StompConfig()
, in the exact same way that I do in the synchronous case.
The "ssl3" thing is odd because I've tried specifically disabling it, to no avail:
context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 | ssl.OP_NO_SSLv3
My guess is that error message is a generic OpenSSL error message and it's hiding the client cert auth failure.
I was able to get this to work by hacking util.py
's endpointFactory()
method. When I append privateKey=kdreyer.key:certKey=kdreyer.pem
to the large string we pass to clientFromString()
, it works.
I guess I could pass my own custom endpointFactory
to the main Stomp
class, but it would be awesome to make this more built-in (or at least documented.) What do you think? I'm happy to write a PR, just let me know your thoughts on the design.
I can write a PR if you like.
from stompest.
After messing around with this today, I was able to get it to work using a custom endpointFactory
, and then I came up with this patch that adds the key/cert file args to connect()
: #42
from stompest.
Related Issues (20)
- ipv6 support HOT 1
- stompest consumer is slow for activemq HOT 4
- How to config exclusive=true ? HOT 4
- Messages not recieving after queue is idle for some time HOT 1
- failover option 'startupMaxReconnectAttempts' default value should be -1
- Support for asyncio HOT 2
- Asynch examples on ActiveMQ - Artemis HOT 1
- Exception <class 'select.error'>: (4, 'Interrupted system call') after upgrading stompest HOT 4
- stompest.async will be unusable on python 3.7+ HOT 10
- receiveFrame does not accept a timeout parameter HOT 3
- Thread-unsafe issue if we set ack=True in SubscriptionListener HOT 3
- How to dynamically increase the number of consumers HOT 1
- Invalid SUBSCRIBE format HOT 2
- StompFrame and StompHeartBeat __str__ method returns bytes in Python 3
- failover doesn't seem to be working HOT 1
- how to get JMSXDeliveryCount in the stomp frame HOT 1
- When use version=1.2, the consumer stop to connect on topic
- collections.MutableMapping is not available in Python 3.10 HOT 7
- STOMP over websocket
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from stompest.