[ARTEMIS-1299] Unable to configure comma delimited enabledProtocols - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.5.5
Fix Version/s: 2.3.0
Component/s: Broker
Labels:
None

Description

When I want to configure enabled SSL protocols, Netty requires to use comma delimited list to be passed into enabledProtocols param:

TLSv1,TLSv1.1,TLSv1.2

(see https://activemq.apache.org/artemis/docs/1.0.0/configuring-transports.html#configuring-netty-ssl )

But when comma is used in value in configuration string passed into ActiveMQResourceAdapter.setConnectionParameters, parsing fails:

java.lang.IllegalArgumentException: Invalid expression TLSv1.1 at enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor;activemqServerName=default;httpUpgradeEnabled=true;port=8080;host=localhost
	at org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
	at org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:344)
	... 15 more

This is because parser use comma to deliminate individual configurations, so configuration

enabledProtocols=TLSv1,TLSv1.1,TLSv1.2;httpUpgradeEndpoint=http-acceptor

is parsed as

["enabledProtocols=TLSv1","TLSv1.1","TLSv1.2;httpUpgradeEndpoint=http-acceptor"]

This is design issue - comma required by netty cannot be passed into ActiveMQ configuration value.

I set this as critical as it prevent setting more then one allowed SSLContext protocol. (Problem especialy for IBM Java, where "TLS" does not work as alias for other TLSv*)

Attachments

Issue Links

links to

GitHub Pull Request #1423

JMS client fails to connect with SSL on IBM JDK 8

Activity

People

Assignee:: Unassigned

Reporter:: Jan Kalina

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 19/Jul/17 10:58

Updated:: 31/Aug/17 19:09

Resolved:: 28/Jul/17 22:41