Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono at the same time 
Thanks, Kai,

updated version below.I think we should be finished after you had a final look.
Would prepare a pull request after the java tutorials will be finished...

- - - - - - - - - - - 8< - - - - - - - - - -
1) leverage the IANA defaults if "hono.server.port" is not configured :

"hono.server.keyStorePath" found -> 5671, otherwise no secure port is opened.
Used Port is logged explicitly as INFO.

2) let the user explicitly configure the "hono.server.port":

"hono.server.keyStorePath" found? -> open desired port. If port is not the IANA secure port 5671, print a warning about potential misconfiguration.
"hono.server.keyStorePath" not found? -> no secure port is opened, print a warning about potential misconfiguration.
Used Port is logged explicitly as INFO.

3) additional insecure port available if flag "hono.server.allowInsecure = true":

Port can be determined by "hono.server.insecurePort":
-  set? then use it. If configured to IANA secure port 5671, print a warning about potential misconfiguration.
- not set? then use the IANA default 5672

Used Port is logged explicitly as INFO.

4) Exceptions during startup:

- both ports active and configured equally (port == insecurePort)  -> misconfiguration
- Hono would not open any port by configuration (this cannot be desirable).

- - - - - - - - - - - 8< - - - - - - - - - -

Result: clear separation of ports:
As a result, we have introduced in Hono a clear separation of ports:

"hono.server.port" represents the secure port (never opens an insecure port)

"hono.server.insecurePort" represents the insecure port (as only port or as additional port to the secure one)




Bosch Software Innovations GmbH
Development Core Products (INST/ECS6-Be)
Schöneberger Ufer 89-91
10785 Berlin
GERMANY
www.bosch-si.de
www.blog.bosch-si.com

Tel. +49 30 726112-403
Fax +49 30 726112-100
Karsten.Frank@xxxxxxxxxxxx

Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB 148411 B
Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn


________________________________________
Von: hono-dev-bounces@xxxxxxxxxxx [hono-dev-bounces@xxxxxxxxxxx]&quot; im Auftrag von &quot;Hudalla Kai (INST/ECS4) [Kai.Hudalla@xxxxxxxxxxxx]
Gesendet: Dienstag, 7. März 2017 10:00
An: hono-dev@xxxxxxxxxxx
Betreff: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono at the same time

On Tue, 2017-03-07 at 08:51 +0000, Frank Karsten (INST/ECS4) wrote:
> Thanks Paolo,
> this again makes it clearer, and thus better :-)
>
> I update the summary to the following then:
>
> - - - - - - - - - - - 8< - - - - - - - - - -
> 1) leverage the IANA defaults if "hono.server.port" is not configured :
>
> "hono.server.keyStorePath" found -> 5671, otherwise no secure port is opened.
>
> Used Port is logged explicitly as INFO.

+1

>
> 2) let the user explicitly configure the "hono.server.port":
>
> "hono.server.keyStorePath" found? -> open desired port, but print a warning if
> that violates the IANA defaults from 1)

IMHO we should not call this a "violation" but I agree that we should issue a
warning that clients might be inclined to try to connect using AMQPS instead of
AMQP due to the port number being defined as the default AMQPS port.

>
> "hono.server.keyStorePath" not found? -> no secure port is opened, print a
> warning about potential misconfiguration.
>
> Used Port is logged explicitly as INFO.

+1

>
> 3) additional insecure port available if flag "hono.server.allowInsecure =
> true":
>
> Port can be determined by "hono.server.insecurePort":
>
> -  set? then use it
>
> - not set? then use the IANA default 5672
>
>
> Used Port is logged explicitly as INFO.

+1

>
> 4) Exceptions during startup:
>
> Exception for the insecure port during startup if:
> - port conflicts with 1)  (misconfiguration)
If you mean: user configured insecure port == secure port
then +1

> - configured to secure IANA port 5671 (not necessary or desirable to support
> this configuration).

As indicated above, I think we should log a WARNING but otherwise let users do
this if they want to
>
>
> Exception also thrown if Hono would not open any port by configuration (this
> cannot be desirable).

+1

>
>
> - - - - - - - - - - - 8< - - - - - - - - - -
>
>
>
> Result: clear separation of ports:
>
> As a result, we have introduced in Hono a clear separation of ports:
>
> "hono.server.port" represents the secure port (never opens an insecure port)
>
> "hono.server.insecurePort" represents the insecure port (as only port or as
> additional port to the secure one)
>
>
>
>
>
> Should that be the final plan?
>
> Thanks,
> Karsten
>
> Bosch Software Innovations GmbH
> Development Core Products (INST/ECS6-Be)
> Schöneberger Ufer 89-91
> 10785 Berlin
> GERMANY
> www.bosch-si.de
> www.blog.bosch-si.com
>
> Tel. +49 30 726112-403
> Fax +49 30 726112-100
> Karsten.Frank@xxxxxxxxxxxx
>
> Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> 148411 B
> Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
>
> Von: hono-dev-bounces@xxxxxxxxxxx [hono-dev-bounces@xxxxxxxxxxx]" im Auftrag
> von "Paolo Patierno [ppatierno@xxxxxxxx]
> Gesendet: Montag, 6. März 2017 23:05
> An: hono developer discussions
> Betreff: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
> Hi Karsten,
>
> I think we are very closed to the final plan with a very good summary from you
> :)
>
> I just see two different ways for configuring insecure AMQP port (and having
> different ways for doing something simple like this could be misunderstood).
>
> The first one comes from 1) when you say "otherwise 5672" (when keyStorePath is
> null).
> The other one comes from 3) with allowInsecurePort = true.
>
> To avoid this redundant way, I would remove the "otherwise 5672" on point 1).
> It means that ....
>
> If keyStorePath is null ... no secure port is used but even no insecurePort
> (default 5672) is opened.
> If allowInsecurePort isn't specified, it's false by default so no insecurePort
> is opened.
>
> In this scenario an exception should be thrown because it's a real error in the
> configuration; the Hono server should start without listening on any port ? :)
>
> Thanks
> Paolo
>
> From: Frank Karsten (INST/ECS4)
> Sent: Monday, 6 March, 19:20
> Subject: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
> To: hono developer discussions
> Good answer, thank you Paolo!
>
> I try again to summarize (in my words) and merge all the ideas:
>
> 1) leverage the IANA defaults if "hono.server.port" is not configured :
>
> "hono.server.keyStorePath" found -> 5671, otherwise 5672.
>
> Used Port is logged explicitly as INFO.
> 2) let the user explicitly configure the "hono.server.port":
>
> only print a warning if that violates the IANA defaults from 1), but
> nevertheless open the desired port.
>
> Used Port is logged explicitly as INFO.
> 3) additional insecure port available if flag "hono.server.allowInsecure =
> true":
>
> Port determined by "hono.server.insecurePort":
>
> -  set? then use it
>
> - not set? then use the IANA default 5672
>
> Exception for this port during startup if:
> - port conflicts with 1)  (misconfiguration)
> - configured to port 5671 (not necessary or desirable to support this
> configuration).
>
> Personally I think this could be the solution - it is flexible, simple enough
> and enforces IANA defaults.
>
> What do you think?
>
> Karsten
> Bosch Software Innovations GmbH
> Development Core Products (INST/ECS6-Be)
> Schöneberger Ufer 89-91
> 10785 Berlin
> GERMANY
> www.bosch-si.de
> www.blog.bosch-si.com
>
> Tel. +49 30 726112-403
> Fax +49 30 726112-100
> Karsten.Frank@xxxxxxxxxxxx
>
> Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> 148411 B
> Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
>
> Von: hono-dev-bounces@xxxxxxxxxxx [hono-dev-bounces@xxxxxxxxxxx]" im Auftrag
> von "Paolo Patierno [ppatierno@xxxxxxxx]
> Gesendet: Montag, 6. März 2017 18:11
> An: hono developer discussions
> Betreff: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
> I'm a bit confused about that because it seems that in this way the
> "hono.server.port" can have two different meanings ...
> Secure port if keyStorePath is set
>
> Insecure port if keyStorePath is not set
> but then ... if we set the keyStorePath, then the Insecure port is specified
> with another parameter "hono.server.insecurePort".
> Making hono.server.port mandatory we can't leverage on the IANA defaults.
> If it's not mandatory and using the Kai's idea around the "allowInsecure"
> flag we can have :
> 1)
>
> keyStorePath = <keyStorePath>
>
> port = not configured or <port>
> Only secure default 5671 (or <port>)
> 2)
>
> keyStorePath = <keyStorePath>
>
> port = not configured or <port>
>
> allowInsecure = true
>
> insecurePort = not configured or <insecurePort>
> both secure default 5671 (or <port>) and insecure (or <insecurePort>)
> Agree about warnings if default ports are used in the "wrong" way.
> Paolo Patierno
>
> Senior Software Engineer (IoT) @ Red Hat
> Microsoft MVP on Windows Embedded & IoT
>
> Microsoft Azure Advisor
> Twitter : @ppatierno
> Linkedin : paolopatierno
> Blog : DevExperience
>
> From: hono-dev-bounces@xxxxxxxxxxx <hono-dev-bounces@xxxxxxxxxxx> on behalf of
> Frank Karsten (INST/ECS4) <Karsten.Frank@xxxxxxxxxxxx>
> Sent: Monday, March 06, 2017 4:57 PM
> To: hono developer discussions
> Subject: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
>
>
> Thanks for all comments, I like to refine my proposal with the goal to keep
> things simple to the following:
>
> 1.) "hono.server.port" :
>
> Is mandatory.
>
> We stick to the strategy that Hono decides if the port is secure only by trying
> to find a "keyStorePath" configured.
>
> We then reflect the standard port behaviour for AMQP (5671 secure, 5672
> insecure) by printing a WARNING to the log files if it is violated.
>
> Warnings are printed for:
> - 5671 but no keyStorePath found
> - 5672 but keyStorePath found
>
> Why that?
> I would prefer warnings instead of exceptions only for flexibility: to start
> several Hono instances on the same machine (without using docker) sometimes
> could be very
> handy, and this would not be possible anymore if Hono refuses to start.
>
>
> 2.) "hono.server.insecurePort":
>
> Is optional, and always insecure, so no keyStorePath for that port.
>
> Must never be set to 5671 (exception thrown) - the secure port can only be
> configured for the "hono.server.port".
>
> This would be still rather simple, still flexible and to a certain amount
> reflect the standard port behaviour for AMQP.
>
> What do you think?
>
> Bosch Software Innovations GmbH
> Development Core Products (INST/ECS6-Be)
> Schöneberger Ufer 89-91
> 10785 Berlin
> GERMANY
> www.bosch-si.de
> www.blog.bosch-si.com
>
> Tel. +49 30 726112-403
> Fax +49 30 726112-100
> Karsten.Frank@xxxxxxxxxxxx
>
> Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> 148411 B
> Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
>
> Von: hono-dev-bounces@xxxxxxxxxxx [hono-dev-bounces@xxxxxxxxxxx]" im Auftrag
> von "Paolo Patierno [ppatierno@xxxxxxxx]
> Gesendet: Montag, 6. März 2017 17:07
> An: hono developer discussions
> Betreff: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
> Some scenarios ... because I have a little confusion on the possibilities ...
> 1)
>
> hono.server.keyStorePath = null
>
> hono.server.port not configured
>
> hono.server.unsecurePort not configured (or hono.server.unsecurePort =
> <unsecure_port>)
> Hono server opens only the default "unsecure" 5672 (or <unsecure_port>) port or
> throws an exception because we want AT LEAST the secured one ? So "unsecure
> port" not configured means ... no open this port
> 2)
>
> hono.server.keyStorePath = <keyStorePath>
>
> hono.server.port not configured (or hono.server.port not configured = <port>)
>
> hono.server.unsecurePort not configured
> Hono server opens only the default "secure" 5671 port (or <port>)
> 3)
> hono.server.keyStorePath = <keyStorePath>
>
> hono.server.port not configured (or hono.server.port not configured = <port>)
>
> hono.server.unsecurePort = <unsecure_port>
> Hono server opens both default "secure" 5671 (or <port>) and <unsecure_port>
> What is the way to open both default ports ?
> It seems to me that setting or not hono.server.keyStorePath --> open or not a
> "secure" port
> But what about opening the "unsecure" one ? Not configured --> open the default
> 5672 or not open it ?
> Thanks,
>
> Paolo
>
>
> Paolo Patierno
>
> Senior Software Engineer (IoT) @ Red Hat
> Microsoft MVP on Windows Embedded & IoT
>
> Microsoft Azure Advisor
> Twitter : @ppatierno
> Linkedin : paolopatierno
> Blog : DevExperience
>
> From: hono-dev-bounces@xxxxxxxxxxx <hono-dev-bounces@xxxxxxxxxxx> on behalf of
> Maas Ingo (INST/ECS4) <Ingo.Maas@xxxxxxxxxxxx>
> Sent: Monday, March 06, 2017 3:48 PM
> To: hono developer discussions
> Subject: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
>
>
> Improving Kai's proposal, I would prefer "insecure" instead of "unsecure".
>
> Kind regards,
>
> Ingo Maas
>
> Bosch Software Innovations GmbH
> INST/ECS4
> Schöneberger Ufer 89 - 91
> 10785 Berlin
> GERMANY
> www.bosch-si.de
>
> Tel. +49 30 726112-156
> Fax +49 30 726112-100
> ingo.maas@xxxxxxxxxxxx
>
> Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> 148411 B
> Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
>
> ________________________________________
> Von: hono-dev-bounces@xxxxxxxxxxx [hono-dev-bounces@xxxxxxxxxxx]&quot; im
> Auftrag von &quot;Hudalla Kai (INST/ECS4) [Kai.Hudalla@xxxxxxxxxxxx]
> Gesendet: Montag, 6. März 2017 14:33
> An: hono-dev@xxxxxxxxxxx
> Betreff: Re: [hono-dev] Support for encrypted and unencrypted AMQP port in Hono
> at the same time
>
> Hi Karsten,
>
> thanks for the proposal. I have added some comments below...
>
> Kai
>
> On Mon, 2017-03-06 at 12:09 +0000, Frank Karsten (INST/ECS4) wrote:
> > Hello,
> >
> > while writing a HelloWorld tutorial for Hono to produce a Java client that is
> > as simple as possible,
> > I found out that:
> >
> > - the Hono client is written for both variants (encrypted/unencrypted) and
> > switches to "amqps" resp. "amqp" as protocol designator
> >
> > - the Hono server though currently can be configured to EITHER encrypted
> (based
> > on hono.server.keyStorePath) OR unencrypted (if hono.server.keyStorePath is
> > null, i.e. not configured) communication
> >
> >
> > -> I propose to make the Hono server more flexible, so that both variants can
> > be supported at the same time.
> >
> >
> > Following I have in mind:
> >
> > 1.) default should remain "only one port configured for SSL"
> >
> agreed, we should always bind a "secure" port if keys are configured
>
> > Hono server will always insist on finding this already available port and
> > behaves like implemented: opens it for EITHER encrypted OR unencrypted
> > communication.
> >
> > Configuration:
> >
> > hono:
> >    server:
> >       port: 5672
> >
> >
> if keys are configured the secure port should better be 5671 which is the IANA
> registered port for AMQPS (aka AMQP over TLS)
>
> > 2.) optionally a second port can be opened
> >
> > Configuration:
> >
> > hono:
> >    server:
> >       unEncryptedPort: 5671
> >
> I'd rather call the ports "secure" and "unsecure" and the default for
> "unsecure"
> should be 5672 (as defined by the spec)
>
> >
> > If Hono server additionally finds the port "unEncryptedPort" configured, it
> > will open this as well and always opens it for unencrypted communication.
> >
> > 3.) Hono client remains unchanged - it already works with both variants of
> > server ports.
> >
> IMHO we should adapt its behavior based on the default ports for secure and
> unsecure communication, i.e. if no port is specified but a trust store is
> configured, we should assume 5671 as the port, otherwise 5672
>
> >
> > What do you think?
> >
> > Looking forward to feedback...
> >
> > Karsten (sysexcontrol)
> >
> > Bosch Software Innovations GmbH
> > Development Core Products (INST/ECS6-Be)
> > Schöneberger Ufer 89-91
> > 10785 Berlin
> > GERMANY
> > www.bosch-si.de
> > www.blog.bosch-si.com
> >
> > Tel. +49 30 726112-403
> > Fax +49 30 726112-100
> > Karsten.Frank@xxxxxxxxxxxx
> >
> > Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> > 148411 B
> > Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
> >
> > _______________________________________________
> > hono-dev mailing list
> > hono-dev@xxxxxxxxxxx
> > To change your delivery options, retrieve your password, or unsubscribe from
> > this list, visit
> > https://dev.eclipse.org/mailman/listinfo/hono-dev
> _______________________________________________
> hono-dev mailing list
> hono-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/hono-dev
> _______________________________________________
> hono-dev mailing list
> hono-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/hono-dev
>
> _______________________________________________
> hono-dev mailing list
> hono-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/hono-dev
_______________________________________________
hono-dev mailing list
hono-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/hono-dev

Back to the top