|
1 | 1 | # type: ignore |
2 | | - |
| 2 | +import sys |
| 3 | +from traceback import print_exception |
3 | 4 |
|
4 | 5 | from rabbitmq_amqp_python_client import ( |
5 | 6 | AddressHelper, |
|
12 | 13 | Message, |
13 | 14 | PosixClientCert, |
14 | 15 | PosixSslConfigurationContext, |
15 | | - QuorumQueueSpecification, |
| 16 | + QuorumQueueSpecification, WinSslConfigurationContext, PKCS12Store, LocalMachineStore, CurrentUserStore, |
| 17 | + WinClientCert, |
16 | 18 | ) |
| 19 | +from rabbitmq_amqp_python_client.ssl_configuration import FriendlyName |
17 | 20 |
|
18 | 21 | messages_to_publish = 100 |
19 | 22 |
|
@@ -74,20 +77,76 @@ def main() -> None: |
74 | 77 | exchange_name = "test-exchange" |
75 | 78 | queue_name = "example-queue" |
76 | 79 | routing_key = "routing-key" |
| 80 | + ca_p12_store = ".ci/certs/ca.p12" |
77 | 81 | ca_cert_file = ".ci/certs/ca_certificate.pem" |
78 | 82 | client_cert = ".ci/certs/client_certificate.pem" |
79 | 83 | client_key = ".ci/certs/client_key.pem" |
| 84 | + client_p12_store = ".ci/certs/client.p12" |
| 85 | + uri = "amqps://guest:guest@localhost:5671/" |
| 86 | + |
| 87 | + if sys.platform == "win32": |
| 88 | + ca_stores = [ |
| 89 | + # names for the current user and local machine are not |
| 90 | + # case-sensitive |
| 91 | + CurrentUserStore(name="Root"), |
| 92 | + LocalMachineStore(name="Root"), |
| 93 | + PKCS12Store(path=ca_p12_store), |
| 94 | + ] |
| 95 | + client_stores = [ |
| 96 | + # `personal` is treated as an alias for `my` by qpid proton |
| 97 | + # Recommended read: |
| 98 | + # https://github.com/apache/qpid-proton/blob/2847000fbb3732e80537e3c3ff5e097bb95bfae0/c/src/ssl/PLATFORM_NOTES.md |
| 99 | + CurrentUserStore(name="Personal"), |
| 100 | + LocalMachineStore(name="my"), |
| 101 | + PKCS12Store(path=client_p12_store), |
| 102 | + ] |
| 103 | + |
| 104 | + for ca_store, client_store in zip(ca_stores, client_stores): |
| 105 | + ssl_context = WinSslConfigurationContext( |
| 106 | + ca_store=ca_store, |
| 107 | + client_cert=WinClientCert( |
| 108 | + store=client_store, |
| 109 | + # qpid proton uses Windows constant CERT_NAME_FRIENDLY_DISPLAY_TYPE |
| 110 | + # to retrieve the value which is compare to the one we provide |
| 111 | + # If certificates have no friendly name Windows falls back to |
| 112 | + # CERT_NAME_SIMPLE_DISPLAY_TYPE which has further fallbacks |
| 113 | + # https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetnamestringa |
| 114 | + disambiguation_method=FriendlyName("1"), |
| 115 | + password=None, |
| 116 | + ) |
| 117 | + ) |
| 118 | + environment = Environment( |
| 119 | + uri, |
| 120 | + ssl_context=ssl_context, |
| 121 | + ) |
| 122 | + |
| 123 | + try: |
| 124 | + print("connection to amqp server") |
| 125 | + connection = create_connection(environment) |
| 126 | + break |
| 127 | + except Exception as e: |
| 128 | + print_exception(e) |
| 129 | + continue |
| 130 | + else: |
| 131 | + raise RuntimeError( |
| 132 | + "connection failed. " |
| 133 | + "working directory should be project root" |
| 134 | + ) |
| 135 | + else: |
| 136 | + environment = Environment( |
| 137 | + uri, |
| 138 | + ssl_context=PosixSslConfigurationContext( |
| 139 | + ca_cert=ca_cert_file, |
| 140 | + client_cert=PosixClientCert( |
| 141 | + client_cert=client_cert, |
| 142 | + client_key=client_key, |
| 143 | + password=None, |
| 144 | + ), |
| 145 | + ), |
| 146 | + ) |
80 | 147 |
|
81 | | - environment = Environment( |
82 | | - "amqps://guest:guest@localhost:5671/", |
83 | | - ssl_context=PosixSslConfigurationContext( |
84 | | - ca_cert=ca_cert_file, |
85 | | - client_cert=PosixClientCert(client_cert=client_cert, client_key=client_key), |
86 | | - ), |
87 | | - ) |
88 | | - |
89 | | - print("connection to amqp server") |
90 | | - connection = create_connection(environment) |
| 148 | + print("connection to amqp server") |
| 149 | + connection = create_connection(environment) |
91 | 150 |
|
92 | 151 | management = connection.management() |
93 | 152 |
|
|
0 commit comments