delta/python-packages/qpid-python.git/cpp/src/qpid/sys/SecuritySettings.h, branch QPID-6125-ProtocolRefactoring git.apache.org: qpid.git QPID-4272: Large amounts of code are duplicated between the SSL and TCP transports 2012-10-24T05:51:38+00:00 Andrew Stitcher astitcher@apache.org 2012-10-24T05:51:38+00:00 b2775f851a287e2bcb8ff1190eebd39df4a6a703 Add the security related functions to the Socket/Asynch interfaces git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1401560 13f79535-47bb-0310-9956-ffa450edef68 
Add the security related functions to the Socket/Asynch interfaces

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1401560 13f79535-47bb-0310-9956-ffa450edef68
QPID-2412: Support for EXTERNAL mechanism on client-authenticated SSL connections. 2010-03-05T16:51:22+00:00 Gordon Sim gsim@apache.org 2010-03-05T16:51:22+00:00 94442dd8f676ac1ab7508e76620a76e891f4711e On SSL connection where the clients certificate is authenticated (requires the --ssl-require-client-authentication option at present), the clients identity will be taken from that certificate (it will be the CN with any DCs present appended as the domain, e.g. CN=bob,DC=acme,DC=com would result in an identity of bob@acme.com). This will enable the EXTERNAL mechanism when cyrus sasl is in use. The client can still negotiate their desired mechanism. There is a new option on the ssl module (--ssl-sasl-no-dict) that allows the options on ssl connections to be restricted to those that are not vulnerable to dictionary attacks (EXTERNAL being the primary example). git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@919487 13f79535-47bb-0310-9956-ffa450edef68 
On SSL connection where the clients certificate is authenticated (requires the --ssl-require-client-authentication option at present), the clients identity will be taken from that certificate (it will be the CN with any DCs present appended as the domain, e.g. CN=bob,DC=acme,DC=com would result in an identity of bob@acme.com). This will enable the EXTERNAL mechanism when cyrus sasl is in use.

The client can still negotiate their desired mechanism. There is a new option on the ssl module (--ssl-sasl-no-dict) that allows the options on ssl connections to be restricted to those that are not vulnerable to dictionary attacks (EXTERNAL being the primary example).



git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@919487 13f79535-47bb-0310-9956-ffa450edef68