ARTEMIS-3367 Set verifyHost true by default

[brusdev]

No description provided.

[jbertram]

Why not reference the resources in tests/security-resources like the comment at the beginning of the class suggests? Are the example resources unique in some way?

[brusdev]

@jbertram thanks, it was due a refactoring issue of my IDE. I have just pushed a commit to fix.

[gemmellr]

This is a bit verbose for an example readme, where creating these files either isnt the interesting bit and can be 'hidden away', or is the interesting bit and then having it on its own would be good to isolate it out.

I would create another file or script and reference it, indicate how to run the bits. Can be easier to run later if needing to regenerate things. E.g see https://github.com/apache/activemq-artemis/blob/2.17.0/examples/features/broker-connection/amqp-sending-overssl/readme.md

Same would apply to other examples that follow (even if they had a smaller number of such commands in the readme already, but now have more).

[gemmellr]

Not sure there need to be 900 years difference between these two validities hehe. Validity is in days, so smaller values would seem doable and closer to 'representative use'. I use 9999 when I want to mean 'so long these wont expire before they are definitely not going to be used anymore'. For any such long value the algorithms will still be disabled and make us replace them before they expire.

Using such a massive value, based around multiple of 365, kind of suggests it isnt in days but something else.

[brusdev]

I used a multiple of 365 because it is the number of days in a year, this was supposed to make it easier to evaluate how many years is the validity of the certificates.

[gemmellr]

I did get that, but I think the value is just unnecessarily large. So much so that people who dont know (and dont spot there is a 0 difference at the end, which I didnt initially) are likely to believe its something else.

[gemmellr]

I'm not the biggest fan of the naming reversal that happened here.

For the keystores, the 'client' and 'server' bits of the name still somewhat denotes where it is being used (as the old 'server side' desginator did before), and additionally what it contains. For the trust stores however, the 'client CA' and 'server CA' bits now denote only what it contains rather than where it is used (which the old 'client-side' designator did), with it then used in the 'opposite' place. This is a bit awkward, you get a bit of cognitive dissonance where it seems wrong to use the 'server keystore' and the 'client...truststore' files together on the server, and the 'client keystore' and 'server...truststore' files together on the client.

[brusdev]

I used names for security resources that denote their content and not the purpose to avoid confusion if they were to be used in different contexts.

[gemmellr]

The problem is one of them still reads like it mainly conveys the purpose rather than the content, which makes the other one seem like it does too, leading to the combination being confusing, more so when historically the name was historically where it was being used.

I didnt particularly see need for the '-side' expansion in the old names, but together the old names were far clearer to me than the replacements. I fully expect people not copying an existing test to mess up using these, I know I likely will.

[gemmellr]

Related to earlier comment, you then get somewhat less obvious things like this seemingly (but not actually) contradictory constant definition.

[brusdev]

I see, this could not be obvious but it should clarify what the test is doing:
The SERVER_SIDE_KEYSTORE points to a keystore with the server key.
The CLIENT_SIDE_TRUSTSTORE points to a truststore with the server ca certificate.

[gemmellr]

I would hope the comments showed that I actually do understand what it is doing. I'm the one who argued that the tests should use CAs. I just think the different naming chosen adds scope for confusion, and is likely to trip people up who are used to the previous (and I would say more typical) naming format where the file name pointed to where it is used.

[gemmellr]

Not really convinced 'other client' (EDIT and now that I look, 'other server', 'unknown-client' and 'unknown-server') really needs to have a keystore and truststore of every type. Makes sense that the main set have the various different types to verify they all work (even though that has very little to do with the broker code in the end) but having them all for the various others seems like needless complexity.

[brusdev]

The CoreClientOverOneWaySSLTest and CoreClientOverTwoWaySSLTest tests use most of them because they are parameterized tests. ATM only 2 truststores for the other-client and 2 truststores for the unknown-client are not used but we might need them in the future if they are used in a parametric test.

[gemmellr]

I would actually change the tests then, theres basically no need to run all those combinations. If the full suite wasted a little less time where easily possible (like here), it might not take so ridiculously long to run that important changes are made without running them (as clearly just happened on another PR).

Files can be added later when they are actually needed, no need to keep around unused files. Though again, I see no reason the fully-unused ones would ever actually be needed, using them implies time wasting. However, being able to easily regenerate things when needed is part of the argument to use a script to create them (Though this case is so trivial you wouldnt even need to regenerate the rest, you could import the same keys to the new store with the command being added to the script)