qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jiraposter@reviews.apache.org (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-3522) SASL EXTERNAL mechanism no longer works
Date Mon, 10 Oct 2011 14:57:31 GMT

    [ https://issues.apache.org/jira/browse/QPID-3522?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13124151#comment-13124151
] 

jiraposter@reviews.apache.org commented on QPID-3522:
-----------------------------------------------------


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2271/#review2480
-----------------------------------------------------------


I think this all makes sense -- I just have one question inspired by a comment in SaslAuthenticator.cpp


/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
<https://reviews.apache.org/r/2271/#comment5616>

    What do you think about the question in this comment?  Should we indeed throw an error
here if this is not a valid PLAIN response?


- mick


On 2011-10-10 06:32:28, Gordon Sim wrote:
bq.  
bq.  -----------------------------------------------------------
bq.  This is an automatically generated e-mail. To reply, visit:
bq.  https://reviews.apache.org/r/2271/
bq.  -----------------------------------------------------------
bq.  
bq.  (Updated 2011-10-10 06:32:28)
bq.  
bq.  
bq.  Review request for Alan Conway, michael goulish and Chug Rolke.
bq.  
bq.  
bq.  Summary
bq.  -------
bq.  
bq.  The stubs and skeletons used to invoke and handle AMQP 0-10 commands/controls at present
does not distinguish between null and an empty string. It turns out this distinction is critical
for Cyrus SASL integration.
bq.  
bq.  Rather than altering the general approach - which I fear would mean a large patch and
the potential for lots of irritating bugs to creep in - I've restricted the change to the
specific control of relevance here. By operating on the command body directly rather than
using the parameter list to- and from- which it is converted, the appropriate check can be
made.
bq.  
bq.  I have also had to alter the SASL interfaces to make the same distinction with regard
to the initial response.
bq.  
bq.  
bq.  This addresses bug QPID-3522.
bq.      https://issues.apache.org/jira/browse/QPID-3522
bq.  
bq.  
bq.  Diffs
bq.  -----
bq.  
bq.    /trunk/qpid/cpp/src/qpid/Sasl.h 1179157 
bq.    /trunk/qpid/cpp/src/qpid/SaslFactory.cpp 1179157 
bq.    /trunk/qpid/cpp/src/qpid/broker/ConnectionHandler.h 1179157 
bq.    /trunk/qpid/cpp/src/qpid/broker/ConnectionHandler.cpp 1179157 
bq.    /trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.h 1179157 
bq.    /trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1179157 
bq.    /trunk/qpid/cpp/src/qpid/broker/windows/SaslAuthenticator.cpp 1179157 
bq.    /trunk/qpid/cpp/src/qpid/client/ConnectionHandler.cpp 1179157 
bq.    /trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp 1179157 
bq.    /trunk/qpid/cpp/src/tests/ssl_test 1179157 
bq.  
bq.  Diff: https://reviews.apache.org/r/2271/diff
bq.  
bq.  
bq.  Testing
bq.  -------
bq.  
bq.  Tested both CRAM-MD5 and EXTERNAL work. Added automated test for EXTERNAL which was previously
missing. I haven't tested at all on windows however.
bq.  
bq.  
bq.  Thanks,
bq.  
bq.  Gordon
bq.  
bq.


                
> SASL EXTERNAL mechanism no longer works
> ---------------------------------------
>
>                 Key: QPID-3522
>                 URL: https://issues.apache.org/jira/browse/QPID-3522
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>    Affects Versions: 0.13
>            Reporter: Gordon Sim
>            Assignee: Gordon Sim
>            Priority: Blocker
>             Fix For: 0.13
>
>
> Seems to be as a result of QPID-3393 (i.e. regression since 0.12) which was a fix for
CRAM-MD5. From a simplistic point of view it seems like the CRAM-MD5 mechanism requires an
empty response string to be treated as null, whereas for the EXTERNAL mechanism  an empty
response should be treated as a zero length string. It may be though that there is more to
this than that.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org


Mime
View raw message