stomp 1.4.4 → 1.4.5

data/examples/ssl/misc/ssl_newparm.rb

@@ -0,0 +1,53 @@
+# -*- encoding: utf-8 -*-
+
+#
+# Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
+#
+if Kernel.respond_to?(:require_relative)
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
+else
+  $LOAD_PATH << File.dirname(__FILE__)
+  require "../ssl_common"
+  require "../../stomp_common"
+end
+include SSLCommon
+include Stomp1xCommon
+#
+# == Demo override of SSLContext.new parameters.
+#
+# Based roughly on example ssl_uc1.rb.
+#
+#
+class ExampleSSLNewParm
+  # Initialize.
+  def initialize
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
+  end
+  # Run example.
+  def run
+    ssl_opts = Stomp::SSLParams.new()
+    hash = { :hosts => [
+        {:login => login(), :passcode => passcode(), :host => host(), :port => @port, :ssl => ssl_opts},
+      ],
+      :reliable => false,         # YMMV, to test this in a sane manner
+      # This parameter is passed by the gem to the new method for ssl context.
+      :sslctx_newparm => :TLSv1,  # An example, try to force TLSv1
+      # If your version of Ruby does not support what you ask for, Ruby openssl code will raise
+      # an exception.  If Ruby accepts your parms, but your broker does not you will get
+      # different errors (depending on broker).
+    }
+    #
+    puts "Connect starts, Demo SSL context new parameters"
+    c = Stomp::Connection.new(hash)
+    puts "Connect completed"
+    puts "SSL Verify Result: #{ssl_opts.verify_result}"
+    puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" if showPeerCert()
+    #
+    c.disconnect()
+  end
+end
+#
+e = ExampleSSLNewParm.new()
+e.run()
+

data/examples/ssl/misc/ssl_ucx_default_ciphers.rb

@@ -0,0 +1,54 @@
+# -*- encoding: utf-8 -*-
+
+#
+# Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
+#
+if Kernel.respond_to?(:require_relative)
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
+else
+  $LOAD_PATH << File.dirname(__FILE__)
+  require "../ssl_common"
+  require "../../stomp_common"
+end
+include SSLCommon
+include Stomp1xCommon
+#
+# == Example: Use Ruby Supplied Ciphers
+#
+# If you use SSLParams, and need the _default_ Ruby ciphers, this is how.
+#
+# NOTE: JRuby users may find that this is a *required* action. YMMV.
+#
+class ExampleRubyCiphers
+  # Initialize.
+  def initialize
+    # It is very likely that you will have to specify your specific port number.
+    # 61611 is currently my AMQ local port number for ssl client auth not required.
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
+  end
+  # Run example.
+  def run()
+		puts "SSLUCXRDF Connect host: #{host()}, port: #{@port}"
+    ssl_opts = Stomp::SSLParams.new(:use_ruby_ciphers => true) # Plus other parameters as needed
+    puts "SSLOPTS: #{ssl_opts.inspect}"
+    #
+    # SSL Use Case: Using default Ruby ciphers
+    #
+    hash = { :hosts => [
+        {:login => login(), :passcode => passcode(), :host => host(),
+        :port => @port, :ssl => ssl_opts},
+      ]
+    }
+    #
+    puts "Connect starts, SSL , Use Default Ruby Ciphers"
+    c = Stomp::Connection.new(hash)
+    puts "Connect completed"
+    #
+    c.disconnect()
+  end
+end
+#
+e = ExampleRubyCiphers.new()
+e.run()
+

data/examples/ssl/ssl_common.rb

@@ -0,0 +1,96 @@
+# -*- encoding: utf-8 -*-
+
+#
+# Common Stomp 1.1 code.
+#
+require "rubygems" if RUBY_VERSION < "1.9"
+require "stomp"
+#
+module SSLCommon
+
+	# CA Data.
+
+  # CA cert file location/directory.  Change or specify.
+	# This is the author's default.
+  def ca_loc()
+		ENV['CA_FLOC'] || "/ad3/gma/ad3/sslwork/2017-01" # The CA cert location
+  end
+
+	# CA cert file.  Change or specify.
+	# This is the author's default.
+  def ca_cert()
+		ENV['CA_FILE'] || "ca.crt" # The CA cert File
+  end
+
+	# CA private key file name.  Change or specify.
+	# This is the author's default.
+	# This file should not be exposed to the outside world.
+	# Not currently used/needed in stomp examples.
+  def ca_key()
+		ENV['CA_KEY'] || nil # The CA private key File
+  end
+
+	# Client Data.
+
+  # Client cert file location/directory.  Change or specify.
+	# This is the author's default.
+  def cli_loc()
+		ENV['CLI_FLOC'] || "/ad3/gma/ad3/sslwork/2017-01" # The client cert location
+	end
+
+  # Client cert file name.  Change or specify.
+	# This is the author's default.
+  def cli_cert()
+		ENV['CLI_FILE'] || "client.crt" # The client cert File
+	end
+
+  # Client private key file name.  Change or specify.
+	# This is the author's default.
+	# This file should not be exposed to the outside world.
+  def cli_key()
+		ENV['CLI_KEY'] || pck() # The client private key File
+  end
+
+	# Server Data.
+
+  # Server file location/directory.  Change or specify.
+	# This is the author's default.
+	# Not currently used in stomp examples.
+  def svr_loc()
+		ENV['SVR_FLOC'] || "/ad3/gma/ad3/sslwork/2017-01" # The server cert location
+	end
+
+  # Server cert file.  Change or specify.
+	# This is the author's default.
+	# Not currently used in stomp examples.
+  def svr_cert()
+		ENV['SVR_FILE'] || "server.crt" # The server cert File
+	end
+
+  # Server private keyfile.  Change or specify.
+	# This is the author's default.
+	# This file should not be exposed to the outside world.
+	# Not currently used in stomp examples.
+  def svr_key()
+		ENV['SVR_KEY'] || nil # The server private key File
+  end
+	# Show peer cert or not
+	def showPeerCert()
+		ENV['SHOWPEERCERT'] || false
+	end
+
+	# Ciphers list for the ciphers examples
+	def ciphers_list()
+		[["DHE-RSA-AES256-SHA", "TLSv1/SSLv3", 256, 256], ["DHE-DSS-AES256-SHA", "TLSv1/SSLv3", 256, 256], ["AES256-SHA", "TLSv1/SSLv3", 256, 256], ["EDH-RSA-DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["EDH-DSS-DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["DES-CBC3-SHA", "TLSv1/SSLv3", 168, 168], ["DHE-RSA-AES128-SHA", "TLSv1/SSLv3", 128, 128], ["DHE-DSS-AES128-SHA", "TLSv1/SSLv3", 128, 128], ["AES128-SHA", "TLSv1/SSLv3", 128, 128], ["RC4-SHA", "TLSv1/SSLv3", 128, 128], ["RC4-MD5", "TLSv1/SSLv3", 128, 128], ["EDH-RSA-DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["EDH-DSS-DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["DES-CBC-SHA", "TLSv1/SSLv3", 56, 56], ["EXP-EDH-RSA-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-EDH-DSS-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-DES-CBC-SHA", "TLSv1/SSLv3", 40, 56], ["EXP-RC2-CBC-MD5", "TLSv1/SSLv3", 40, 128], ["EXP-RC4-MD5", "TLSv1/SSLv3", 40, 128]]
+	end
+
+	# Private
+	private
+
+	# Client Key File
+	def pck()
+		"client.key"
+	end
+
+end
+

data/examples/ssl/sslexall.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+ruby -I ../../lib uc1/ssl_uc1.rb
+echo "=============================="
+ruby -I ../../lib uc1/ssl_uc1_ciphers.rb
+echo "=============================="
+ruby -I ../../lib uc2/ssl_uc2.rb
+echo "=============================="
+ruby -I ../../lib uc2/ssl_uc2_ciphers.rb
+echo "=============================="
+ruby -I ../../lib uc3/ssl_uc3.rb
+echo "=============================="
+ruby -I ../../lib uc3/ssl_uc3_ciphers.rb
+echo "=============================="
+ruby -I ../../lib uc4/ssl_uc4.rb
+echo "=============================="
+ruby -I ../../lib uc4/ssl_uc4_ciphers.rb

data/examples/{ssl_uc1.rb → ssl/uc1/ssl_uc1.rb}

@@ -5,12 +5,15 @@
 #
 #
 if Kernel.respond_to?(:require_relative)
-  require_relative("./ssl_common")
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
 else
   $LOAD_PATH << File.dirname(__FILE__)
-  require "ssl_common"
+  require "../ssl_common"
+  require "../../stomp_common"
 end
 include SSLCommon
+include Stomp1xCommon
 #
 # == SSL Use Case 1 - server does *not* authenticate client, client does *not* authenticate server
 #
@@ -27,18 +30,19 @@ include SSLCommon
 class ExampleSSL1
   # Initialize.
   def initialize		# Change the following as needed.
-		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
-		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
+    @host = host()
+    # It is very likely that you will have to specify your specific port number.
+    # 61611 is currently my AMQ local port number for ssl client auth not required.
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
   end
   # Run example.
   def run
-		puts "Connect host: #{@host}, port: #{@port}"
+		puts "SSLUC1 Connect host: #{@host}, port: #{@port}"
 
     ssl_opts = Stomp::SSLParams.new # or ssl_opts = true (for this use case)
-    #### ssl_opts = false # for testing HandShakeDetectedError exception
-    
+    puts "SSLOPTS: #{ssl_opts.inspect}"    
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
+        {:login => login(), :passcode => passcode(), :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }
@@ -47,11 +51,11 @@ class ExampleSSL1
     c = Stomp::Connection.new(hash)
     puts "Connect completed"
     puts "SSL Verify Result: #{ssl_opts.verify_result}"
-    # puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}"
+    puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" if showPeerCert()
     #
-    c.disconnect
+    c.disconnect()
   end
 end
 #
-e = ExampleSSL1.new
+e = ExampleSSL1.new()
 e.run

data/examples/ssl/uc1/ssl_uc1_ciphers.rb

@@ -0,0 +1,60 @@
+# -*- encoding: utf-8 -*-
+
+#
+# Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
+#
+if Kernel.respond_to?(:require_relative)
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
+else
+  $LOAD_PATH << File.dirname(__FILE__)
+  require "../ssl_common"
+  require "../../stomp_common"
+end
+include SSLCommon
+include Stomp1xCommon
+#
+# == SSL Use Case 1 - User Supplied Ciphers
+#
+# If you need your own ciphers list, this is how.
+# Stomp's default list will work in many cases.  If you need to use this, you
+# will know it because SSL connect will fail.  In that case, determining
+# _what_ should be in the list is your responsibility.
+#
+class ExampleSSL1C
+  # Initialize.
+  def initialize		# Change the following as needed.
+    @host = host()
+    # It is very likely that you will have to specify your specific port number.
+    # 61611 is currently my AMQ local port number for ssl client auth not required.
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
+  end
+  # Run example.
+  def run
+    puts "SSLUC1C Connect host: #{@host}, port: #{@port}"
+
+    ssl_opts = Stomp::SSLParams.new(:ciphers => ciphers_list())
+    puts "SSLOPTS: #{ssl_opts.inspect}"    
+
+    #
+    # SSL Use Case 1
+    #
+    hash = { :hosts => [
+        {:login => login(), :passcode => passcode(), :host => @host, :port => @port, :ssl => ssl_opts},
+      ],
+      :reliable => false, # YMMV, to test this in a sane manner
+    }
+    #
+    puts "Connect starts, SSL Use Case 1"
+    c = Stomp::Connection.new(hash)
+    puts "Connect completed"
+    puts "SSL Verify Result: #{ssl_opts.verify_result}"
+    puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" if showPeerCert()
+    #
+    c.disconnect()
+  end
+end
+#
+e = ExampleSSL1C.new()
+e.run
+

data/examples/{ssl_uc2.rb → ssl/uc2/ssl_uc2.rb}

@@ -4,12 +4,15 @@
 # Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
 #
 if Kernel.respond_to?(:require_relative)
-  require_relative("./ssl_common")
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
 else
   $LOAD_PATH << File.dirname(__FILE__)
-  require "ssl_common"
+  require "../ssl_common"
+  require("../../stomp_common")
 end
 include SSLCommon
+include Stomp1xCommon
 #
 # == SSL Use Case 2 - server does *not* authenticate client, client *does* authenticate server
 #
@@ -27,23 +30,27 @@ class ExampleSSL2
   # Initialize.
   def initialize
 		# Change the following as needed.
-		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
-		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
+    @host = host()
+    # It is very likely that you will have to specify your specific port number.
+    # 61611 is currently my AMQ local port number for ssl client auth is not required.    
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
   end
   # Run example.
   def run
-		puts "Connect host: #{@host}, port: #{@port}"
+		puts "SSLUC2 Connect host: #{@host}, port: #{@port}"
 
     ts_flist = []
 
     # Possibly change/override the cert data here.
-		ts_flist << "#{ca_loc()}/#{ca_cert()}"
+    ts_flist << "#{ca_loc()}/#{ca_cert()}"
+    puts "TSFLIST: #{ts_flist.inspect}"
 
     ssl_opts = Stomp::SSLParams.new(:ts_files => ts_flist.join(","), 
       :fsck => true)
+    puts "SSLOPTS: #{ssl_opts.inspect}"
     #
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
+        {:login => login(), :passcode => passcode(), :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }
@@ -52,11 +59,11 @@ class ExampleSSL2
     c = Stomp::Connection.new(hash)
     puts "Connect completed"
     puts "SSL Verify Result: #{ssl_opts.verify_result}"
-    # puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}"
-    c.disconnect
+    puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" if showPeerCert()
+    c.disconnect()
   end
 end
 #
-e = ExampleSSL2.new
+e = ExampleSSL2.new()
 e.run
 

data/examples/ssl/uc2/ssl_uc2_ciphers.rb

@@ -0,0 +1,67 @@
+# -*- encoding: utf-8 -*-
+
+#
+# Reference: https://github.com/stompgem/stomp/wiki/extended-ssl-overview
+#
+if Kernel.respond_to?(:require_relative)
+  require_relative("../ssl_common")
+  require_relative("../../stomp_common")
+else
+  $LOAD_PATH << File.dirname(__FILE__)
+  require "../ssl_common"
+  require("../../stomp_common")
+end
+include SSLCommon
+include Stomp1xCommon
+#
+# == SSL Use Case 2 - User Supplied Ciphers
+#
+# If you need your own ciphers list, this is how.
+# Stomp's default list will work in many cases.  If you need to use this, you
+# will know it because SSL connect will fail.  In that case, determining
+# _what_ should be in the list is your responsibility.
+#
+class ExampleSSL2C
+  # Initialize.
+  def initialize		# Change the following as needed.
+    @host = host()
+   # It is very likely that you will have to specify your specific port number.
+  # 61611 is currently my AMQ local port number for ssl client auth is not required.        
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61611
+  end
+  # Run example.
+  def run
+    puts "SSLUC2C Connect host: #{@host}, port: #{@port}"
+    #
+    # SSL Use Case 2
+    #
+    ts_flist = []
+
+    # Possibly change/override the cert data here.
+    ts_flist << "#{ca_loc()}/#{ca_cert()}"
+    puts "TSFLIST: #{ts_flist.inspect}"    
+
+    ssl_opts = Stomp::SSLParams.new(:ts_files => ts_flist.join(","), 
+      :ciphers => ciphers_list(), # The cipher list
+      :fsck => true
+    )
+    puts "SSLOPTS: #{ssl_opts.inspect}"    
+    #
+    hash = { :hosts => [
+        {:login => login(), :passcode => passcode(), :host => @host, :port => @port, :ssl => ssl_opts},
+      ],
+      :reliable => false, # YMMV, to test this in a sane manner
+    }
+    #
+    puts "Connect starts, SSL Use Case 2"
+    c = Stomp::Connection.new(hash)
+    puts "Connect completed"
+    puts "SSL Verify Result: #{ssl_opts.verify_result}"
+    puts "SSL Peer Certificate:\n#{ssl_opts.peer_cert}" if showPeerCert()
+    c.disconnect()
+  end
+end
+#
+e = ExampleSSL2C.new()
+e.run
+