bug #41616 [Messenger] Remove TLS related options when not using TLS …

…(odolbeau) This PR was merged into the 5.2 branch. Discussion ---------- [Messenger] Remove TLS related options when not using TLS | Q | A | ------------- | --- | Branch? | 5.2 | Bug fix? | not really | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Remove TLS related options when not using TLS to connect to a broker. The goal is to be able to use the same configuration for both `amqp://` & `amqps://` DSN. Currently, when using a configuration containing a `cacert` key with a non-TLS DSN will throw a `AMQPConnectionException` (Socket error: could not connect to host.) Configuration example: ```yaml framework: messenger: transports: async: dsn: '%env(MESSENGER_TRANSPORT_DSN)%' options: cacert: '%kernel.project_dir%/amqp_cacert.pem' ``` Commits ------- 37e602d Remove TLS related options when not using TLS
symfony · Jun 17, 2021 · 9399e2c · 9399e2c
2 parents a026c67 + 37e602d
commit 9399e2c
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php b/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php
@@ -748,6 +748,27 @@ public function testItCanPublishAndWaitForConfirmation()
         $connection = Connection::fromDsn('amqp://localhost?confirm_timeout=0.5', [], $factory);
         $connection->publish('body');
     }
+
+    public function testItCanBeConstructedWithTLSOptionsAndNonTLSDsn()
+    {
+        $this->assertEquals(
+            new Connection([
+                'host' => 'localhost',
+                'port' => 5672,
+                'vhost' => '/',
+            ], [
+                'name' => self::DEFAULT_EXCHANGE_NAME,
+            ], [
+                self::DEFAULT_EXCHANGE_NAME => [],
+            ]),
+            Connection::fromDsn('amqp://', [
+                'cacert' => 'foobar',
+                'cert' => 'foobar',
+                'key' => 'foobar',
+                'verify' => false,
+            ])
+        );
+    }
 }
 
 class TestAmqpFactory extends AmqpFactory

diff --git a/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php b/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php
@@ -219,6 +219,10 @@ public static function fromDsn(string $dsn, array $options = [], AmqpFactory $am
             return $queueOptions;
         }, $queuesOptions);
 
+        if (!$useAmqps) {
+            unset($amqpOptions['cacert'], $amqpOptions['cert'], $amqpOptions['key'], $amqpOptions['verify']);
+        }
+
         if ($useAmqps && !self::hasCaCertConfigured($amqpOptions)) {
             throw new InvalidArgumentException('No CA certificate has been provided. Set "amqp.cacert" in your php.ini or pass the "cacert" parameter in the DSN to use SSL. Alternatively, you can use amqp:// to use without SSL.');
         }