[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [paho-dev] Using m2m.eclipse.org for running Paho tests
|
Hi Ian,
That's great, it makes a lot of sense. Having a separate broker
instance for testing is definitely a good idea as well! We should
probably move the ports the tests use so that they don't use 8883 to
avoid potential future problems if we allow TLS connections on
m2m.eclipse.org.
Mosquitto uses the default ciphers that openssl makes available. You
can see this list with "openssl ciphers -v", or "openssl ciphers -v
'DEFAULT:!aNULL:!eNULL", which is confusingly the set of options that
are used by default.
ADH-DES-CBC-SHA is part of the aNULL (null authentication, as you say)
cipher group so it isn't available by default. You can configure the
available ciphers with the "ciphers" option in the config file, but
you'd also have to argue quite hard to convince me that providing
support for weak anonymous ciphers was a good idea. I'm inclined to
disable more weak ciphers by default, as discussed in this Python bug
report: http://bugs.python.org/issue13636
Cheers,
Roger
On Fri, Aug 9, 2013 at 4:51 PM, Ian Craggs
<icraggs@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Hi Roger,
>
> Benjamin is happy for us to use m2m.eclipse.org to run an MQTT server to run
> Paho tests against. The tests use a variety of SSL configuration on four
> ports (currently 8883 to 8886) in addition to 1883.
>
> We could use the same instance of Mosquitto as is running now, or a separate
> instance for added stability. I just imagined that random use of the
> sandbox server could interfere with the Paho tests, and that a separate
> instance would give us more reliable tests.
>
> What do you think?
>
> Ian
>
> P.S. My SSL C client tests are working against Mosquitto with the exception
> of anonymous ciphers (attempting to use ADH-DES-CBC-SHA). Anything special
> to consider?
