Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-855

Add axTLS (embedded SSL) support to proton-c

Agile BoardAttach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments


    • New Feature
    • Status: Open
    • Major
    • Resolution: Unresolved
    • proton-0.9, proton-0.9.1, proton-0.10
    • proton-c-future
    • proton-c
    • Platform independent
    • Patch


      The axTLS embedded SSL project is a highly configurable client/server
      TLSv1 SSL library designed for platforms with small memory requirements.
      It comes with a small HTTP/HTTPS server and additional test tools.
      axTLS It's free! (BSD style licensing)


      axTLS integration with proton is done on socket layer(posix layer). On the other hand OpenSSL integration with proton is done on the transport layer. To use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send (daclared in include/ssl_io.h) which in openssl mode, without crypting, invoke native proton "pn_send" and "pn_receive (io.c)". In axTLS mode, those methods are replaced with proper axtls comunication methods. Those are defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
      Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used in pni_connection_writable(pn_selectable_t *sel), pni_connection_readable(pn_selectable_t *sel) (connection.c).
      Moreover we introduced new file axtls.c located in src/ssl. The file is an equivalent of openssl.c, implementing base ssl methods: PN_EXTERN pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
      PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc

      Example of axTLS integration with ex ActiveMQ atatched(axtls_proton_example.c):
      It's based on


        1. axtls_proton_example.c
          4 kB
          Tomasz Nowicki
        2. axtls.c
          7 kB
          Tomasz Nowicki
        3. qpidproton-AXTLS.patch
          4 kB
          Tomasz Nowicki
        4. ssl_io.h
          0.4 kB
          Tomasz Nowicki


          This comment will be Viewable by All Users Viewable by All Users


            Unassigned Unassigned
            tnowicki Tomasz Nowicki




                Issue deployment