From 2542290a11e89d982b8825c9114da009b7bd2c07 Mon Sep 17 00:00:00 2001 From: Seb Date: Fri, 14 Jul 2023 10:07:42 -0700 Subject: [PATCH 01/12] Allow SSL Connections with no peer verification --- src/Queue/Connection/ConfigFactory.php | 3 +- src/Queue/Connection/ConnectionFactory.php | 6 +-- tests/Feature/ConnectorTest.php | 45 ++++++++++++++++++++++ tests/Mocks/TestSSLConnection.php | 14 +++++++ 4 files changed, 64 insertions(+), 4 deletions(-) create mode 100644 tests/Mocks/TestSSLConnection.php diff --git a/src/Queue/Connection/ConfigFactory.php b/src/Queue/Connection/ConfigFactory.php index 859a7850..7783b9cd 100644 --- a/src/Queue/Connection/ConfigFactory.php +++ b/src/Queue/Connection/ConfigFactory.php @@ -75,7 +75,8 @@ protected static function getSLLOptionsFromConfig(AMQPConnectionConfig $connecti if ($key = Arr::get($sslConfig, 'local_key')) { $connectionConfig->setSslKey($key); } - if ($verifyPeer = Arr::get($sslConfig, 'verify_peer')) { + if (Arr::has($sslConfig, 'verify_peer')) { + $verifyPeer = Arr::get($sslConfig, 'verify_peer'); $connectionConfig->setSslVerify($verifyPeer); } if ($passphrase = Arr::get($sslConfig, 'passphrase')) { diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index df19f223..1d6a46e8 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -200,10 +200,10 @@ protected static function assertSSLConnection($connection): void self::assertExtendedOf($connection, self::CONNECTION_SUB_TYPE_SSL); } - protected static function assertExtendedOf($connection, string $abstract): void + protected static function assertExtendedOf($connection, string $parent): void { - if (! is_subclass_of($connection, $abstract)) { - throw new AMQPLogicException(sprintf('The connection must extend: %s', class_basename($abstract))); + if (! is_subclass_of($connection, $parent) && $connection !== $parent) { + throw new AMQPLogicException(sprintf('The connection must extend: %s', class_basename($parent))); } } diff --git a/tests/Feature/ConnectorTest.php b/tests/Feature/ConnectorTest.php index 3ecede98..d4f62258 100644 --- a/tests/Feature/ConnectorTest.php +++ b/tests/Feature/ConnectorTest.php @@ -3,10 +3,12 @@ namespace VladimirYuldashev\LaravelQueueRabbitMQ\Tests\Feature; use Illuminate\Queue\QueueManager; +use PhpAmqpLib\Connection\AMQPConnectionConfig; use PhpAmqpLib\Connection\AMQPLazyConnection; use PhpAmqpLib\Connection\AMQPSSLConnection; use PhpAmqpLib\Connection\AMQPStreamConnection; use VladimirYuldashev\LaravelQueueRabbitMQ\Queue\RabbitMQQueue; +use VladimirYuldashev\LaravelQueueRabbitMQ\Tests\Mocks\TestSSLConnection; class ConnectorTest extends \VladimirYuldashev\LaravelQueueRabbitMQ\Tests\TestCase { @@ -138,4 +140,47 @@ public function testSslConnection(): void $this->assertTrue($connection->getConnection()->isConnected()); $this->assertTrue($connection->getChannel()->is_open()); } + + public function testNoVerificationSslConnection(): void + { + $this->app['config']->set('queue.connections.rabbitmq', [ + 'driver' => 'rabbitmq', + 'queue' => env('RABBITMQ_QUEUE', 'default'), + 'connection' => TestSSLConnection::class, + 'secure' => true, + + 'hosts' => [ + [ + 'host' => getenv('HOST'), + 'port' => getenv('PORT_SSL'), + 'user' => 'guest', + 'password' => 'guest', + 'vhost' => '/', + ], + ], + + 'options' => [ + 'ssl_options' => [ + 'cafile' => getenv('RABBITMQ_SSL_CAFILE'), + 'local_cert' => null, + 'local_key' => null, + 'verify_peer' => false, + 'passphrase' => null, + ], + ], + + 'worker' => env('RABBITMQ_WORKER', 'default'), + ]); + + /** @var QueueManager $queue */ + $queue = $this->app['queue']; + + /** @var RabbitMQQueue $connection */ + $connection = $queue->connection('rabbitmq'); + $this->assertInstanceOf(RabbitMQQueue::class, $connection); + $this->assertInstanceOf(AMQPSSLConnection::class, $connection->getConnection()); + /** @var AMQPConnectionConfig */ + $config = $connection->getConnection()->getConfig(); + $this->assertFalse($config->getSslVerify()); + } } diff --git a/tests/Mocks/TestSSLConnection.php b/tests/Mocks/TestSSLConnection.php new file mode 100644 index 00000000..c1586475 --- /dev/null +++ b/tests/Mocks/TestSSLConnection.php @@ -0,0 +1,14 @@ +config; + } +} From 9ae8cd62d247a1598c1a7eff0924c7d8816f9fbe Mon Sep 17 00:00:00 2001 From: Seb Date: Thu, 28 Sep 2023 09:23:02 -0700 Subject: [PATCH 02/12] explain --- tests/Feature/ConnectorTest.php | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/Feature/ConnectorTest.php b/tests/Feature/ConnectorTest.php index d4f62258..91660ad2 100644 --- a/tests/Feature/ConnectorTest.php +++ b/tests/Feature/ConnectorTest.php @@ -141,6 +141,7 @@ public function testSslConnection(): void $this->assertTrue($connection->getChannel()->is_open()); } + // Test to validate ssl connection params public function testNoVerificationSslConnection(): void { $this->app['config']->set('queue.connections.rabbitmq', [ From 9e4f32e0b62d38714fe0473adb92d08afc2ac91c Mon Sep 17 00:00:00 2001 From: Seb Date: Thu, 28 Sep 2023 09:26:36 -0700 Subject: [PATCH 03/12] pint --- src/Queue/Connection/ConnectionFactory.php | 2 +- src/Queue/RabbitMQQueue.php | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index 1d6a46e8..f5ccad0e 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -170,7 +170,7 @@ protected static function getSslOptions(AMQPConnectionConfig $config): array 'ciphers' => $config->getSslCiphers(), 'security_level' => $config->getSslSecurityLevel(), ], static function ($value) { - return null !== $value; + return $value !== null; }); } diff --git a/src/Queue/RabbitMQQueue.php b/src/Queue/RabbitMQQueue.php index f477f7c5..0bf2e608 100644 --- a/src/Queue/RabbitMQQueue.php +++ b/src/Queue/RabbitMQQueue.php @@ -303,8 +303,6 @@ public function getJobClass(): string /** * Gets a queue/destination, by default the queue option set on the connection. - * - * @param null $queue */ public function getQueue($queue = null): string { From d6903405cf1bfa52436e9184777f5d6eb4fc32f1 Mon Sep 17 00:00:00 2001 From: Seb Date: Fri, 29 Sep 2023 16:34:47 -0700 Subject: [PATCH 04/12] fix test --- src/Queue/Connection/ConnectionFactory.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index f5ccad0e..e6641b95 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -159,9 +159,14 @@ protected static function getReadWriteTimeout(AMQPConnectionConfig $config): flo protected static function getSslOptions(AMQPConnectionConfig $config): array { + $path = null; + if (method_exists($config, 'getSslCaPath')) { + $path = $config->getSslCaPath(); + } + return array_filter([ 'cafile' => $config->getSslCaCert(), - 'capath' => $config->getSslCaPath(), + 'capath' => $path, 'local_cert' => $config->getSslCert(), 'local_pk' => $config->getSslKey(), 'verify_peer' => $config->getSslVerify(), From 2b42641f85283bc42c76c8596e16a201f82ab342 Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 08:33:41 -0700 Subject: [PATCH 05/12] compatibilities --- src/Queue/Connection/ConnectionFactory.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index e6641b95..97d7c1a6 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -163,6 +163,10 @@ protected static function getSslOptions(AMQPConnectionConfig $config): array if (method_exists($config, 'getSslCaPath')) { $path = $config->getSslCaPath(); } + $securityLevel = null; + if (method_exists($config, 'getSslSecurityLevel')) { + $securityLevel = $config->getSslSecurityLevel(); + } return array_filter([ 'cafile' => $config->getSslCaCert(), @@ -173,7 +177,7 @@ protected static function getSslOptions(AMQPConnectionConfig $config): array 'verify_peer_name' => $config->getSslVerifyName(), 'passphrase' => $config->getSslPassPhrase(), 'ciphers' => $config->getSslCiphers(), - 'security_level' => $config->getSslSecurityLevel(), + 'security_level' => $securityLevel, ], static function ($value) { return $value !== null; }); From 47ef31e7e77a6d1b65b57423890830ba6518da8d Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 08:43:11 -0700 Subject: [PATCH 06/12] fix --- src/Queue/Connection/ConnectionFactory.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index 97d7c1a6..00447332 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -91,7 +91,7 @@ protected static function createSocketConnection($connection, AMQPConnectionConf $config->getVhost(), $config->isInsist(), $config->getLoginMethod(), - $config->getLoginResponse(), + $config->getLoginResponse() ?? null, $config->getLocale(), $config->getReadTimeout(), $config->isKeepalive(), From 07cab330f9caa5667464149dcee05c98f2b00cee Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 08:46:30 -0700 Subject: [PATCH 07/12] compatibility --- composer.json | 2 +- src/Queue/Connection/ConnectionFactory.php | 15 +++------------ 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/composer.json b/composer.json index 20cf5310..2897c08e 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "php": "^8.0", "ext-json": "*", "illuminate/queue": "^9.0|^10.0", - "php-amqplib/php-amqplib": "^v3.2" + "php-amqplib/php-amqplib": "^v3.3" }, "require-dev": { "phpunit/phpunit": "^9.3", diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index 00447332..f5ccad0e 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -91,7 +91,7 @@ protected static function createSocketConnection($connection, AMQPConnectionConf $config->getVhost(), $config->isInsist(), $config->getLoginMethod(), - $config->getLoginResponse() ?? null, + $config->getLoginResponse(), $config->getLocale(), $config->getReadTimeout(), $config->isKeepalive(), @@ -159,25 +159,16 @@ protected static function getReadWriteTimeout(AMQPConnectionConfig $config): flo protected static function getSslOptions(AMQPConnectionConfig $config): array { - $path = null; - if (method_exists($config, 'getSslCaPath')) { - $path = $config->getSslCaPath(); - } - $securityLevel = null; - if (method_exists($config, 'getSslSecurityLevel')) { - $securityLevel = $config->getSslSecurityLevel(); - } - return array_filter([ 'cafile' => $config->getSslCaCert(), - 'capath' => $path, + 'capath' => $config->getSslCaPath(), 'local_cert' => $config->getSslCert(), 'local_pk' => $config->getSslKey(), 'verify_peer' => $config->getSslVerify(), 'verify_peer_name' => $config->getSslVerifyName(), 'passphrase' => $config->getSslPassPhrase(), 'ciphers' => $config->getSslCiphers(), - 'security_level' => $securityLevel, + 'security_level' => $config->getSslSecurityLevel(), ], static function ($value) { return $value !== null; }); From d80c00e9a5e991cf96b979d179ec843476cd8371 Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 08:51:31 -0700 Subject: [PATCH 08/12] will we get there --- src/Queue/Connection/ConnectionFactory.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index f5ccad0e..7dd95e99 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -159,6 +159,11 @@ protected static function getReadWriteTimeout(AMQPConnectionConfig $config): flo protected static function getSslOptions(AMQPConnectionConfig $config): array { + $securityLevel = null; + if (method_exists($config, 'getSslSecurityLevel')) { + $securityLevel = $config->getSslSecurityLevel(); + } + return array_filter([ 'cafile' => $config->getSslCaCert(), 'capath' => $config->getSslCaPath(), @@ -168,7 +173,7 @@ protected static function getSslOptions(AMQPConnectionConfig $config): array 'verify_peer_name' => $config->getSslVerifyName(), 'passphrase' => $config->getSslPassPhrase(), 'ciphers' => $config->getSslCiphers(), - 'security_level' => $config->getSslSecurityLevel(), + 'security_level' => $securityLevel, ], static function ($value) { return $value !== null; }); From 1a7339bef56f95731e923e11c5e0f34308310950 Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 09:36:37 -0700 Subject: [PATCH 09/12] compat --- composer.json | 2 +- src/Queue/Connection/ConnectionFactory.php | 7 +------ 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/composer.json b/composer.json index 2897c08e..7c0cfe9c 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "php": "^8.0", "ext-json": "*", "illuminate/queue": "^9.0|^10.0", - "php-amqplib/php-amqplib": "^v3.3" + "php-amqplib/php-amqplib": "^v3.4" }, "require-dev": { "phpunit/phpunit": "^9.3", diff --git a/src/Queue/Connection/ConnectionFactory.php b/src/Queue/Connection/ConnectionFactory.php index 7dd95e99..f5ccad0e 100644 --- a/src/Queue/Connection/ConnectionFactory.php +++ b/src/Queue/Connection/ConnectionFactory.php @@ -159,11 +159,6 @@ protected static function getReadWriteTimeout(AMQPConnectionConfig $config): flo protected static function getSslOptions(AMQPConnectionConfig $config): array { - $securityLevel = null; - if (method_exists($config, 'getSslSecurityLevel')) { - $securityLevel = $config->getSslSecurityLevel(); - } - return array_filter([ 'cafile' => $config->getSslCaCert(), 'capath' => $config->getSslCaPath(), @@ -173,7 +168,7 @@ protected static function getSslOptions(AMQPConnectionConfig $config): array 'verify_peer_name' => $config->getSslVerifyName(), 'passphrase' => $config->getSslPassPhrase(), 'ciphers' => $config->getSslCiphers(), - 'security_level' => $securityLevel, + 'security_level' => $config->getSslSecurityLevel(), ], static function ($value) { return $value !== null; }); From 128b0d4620f44b188ff517d6b26d3d8b0f7c1405 Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 09:39:05 -0700 Subject: [PATCH 10/12] compat --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 7c0cfe9c..83767040 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "php": "^8.0", "ext-json": "*", "illuminate/queue": "^9.0|^10.0", - "php-amqplib/php-amqplib": "^v3.4" + "php-amqplib/php-amqplib": "^v3.5" }, "require-dev": { "phpunit/phpunit": "^9.3", From 83a089e02b9d5de5b5545a235994938bde9600bd Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 09:41:36 -0700 Subject: [PATCH 11/12] higher --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 83767040..f487d4e9 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "php": "^8.0", "ext-json": "*", "illuminate/queue": "^9.0|^10.0", - "php-amqplib/php-amqplib": "^v3.5" + "php-amqplib/php-amqplib": "^v3.5.1" }, "require-dev": { "phpunit/phpunit": "^9.3", From 3669445c8def3554b552bf3659ad8833c481666e Mon Sep 17 00:00:00 2001 From: Seb Date: Mon, 2 Oct 2023 09:50:36 -0700 Subject: [PATCH 12/12] higher --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index f487d4e9..e7167c1a 100644 --- a/composer.json +++ b/composer.json @@ -12,7 +12,7 @@ "php": "^8.0", "ext-json": "*", "illuminate/queue": "^9.0|^10.0", - "php-amqplib/php-amqplib": "^v3.5.1" + "php-amqplib/php-amqplib": "^v3.5.2" }, "require-dev": { "phpunit/phpunit": "^9.3",