qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gordon Sim (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (QPID-5062) [C++ client] EXTERNAL authentication using SSL certificates doesn't work with AMQP 1.0
Date Thu, 08 Aug 2013 16:57:52 GMT

     [ https://issues.apache.org/jira/browse/QPID-5062?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Gordon Sim reassigned QPID-5062:
--------------------------------

    Assignee: Gordon Sim
    
> [C++ client] EXTERNAL authentication using SSL certificates doesn't work with AMQP 1.0
> --------------------------------------------------------------------------------------
>
>                 Key: QPID-5062
>                 URL: https://issues.apache.org/jira/browse/QPID-5062
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Client
>    Affects Versions: 0.24
>         Environment: CentOS 6.4, Qpid 0.24 RC1, Proton 0.4
>            Reporter: JAkub Scholz
>            Assignee: Gordon Sim
>
> A C++ based client using the qpid.messaging API with AMQP 1.0 seems to be unable to connect
to the broker and authenticate with the SASL EXTERNAL authentication / SSL Client Certificates.
The client side log is following:
> 2013-08-08 20:07:01 [Messaging] debug Driver started
> 2013-08-08 20:07:01 [Messaging] debug localhost:10000 Connecting ...
> 2013-08-08 20:07:01 [System] info Connecting: 127.0.0.1:10000
> 2013-08-08 20:07:01 [Security] debug Failed to connect: Connection refused
> 2013-08-08 20:07:01 [Messaging] debug localhost:10000 Failed to connect
> Exception: Could not connect to amqp:ssl:localhost:10000 (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp:117)
> 2013-08-08 20:07:01 [Messaging] debug Driver stopped
> [jakub@localhost Messaging-Sandbox]$ ./ReqRespClient 
> 2013-08-08 20:07:50 [Messaging] debug Driver started
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connecting ...
> 2013-08-08 20:07:50 [System] info Connecting: 127.0.0.1:10000
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connected
> 2013-08-08 20:07:50 [Messaging] debug wakeupDriver()
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Waiting to be authenticated...
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 writing protocol header: 1-0
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::encode(65535): 8
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 0 || 0
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 read protocol header: 1-0
> 2013-08-08 20:07:50 [Security] trace Reading SASL frame of size 30
> 2013-08-08 20:07:50 [Security] trace Reading SASL-MECHANISMS
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 Received SASL-MECHANISMS(EXTERNAL)
> 2013-08-08 20:07:50 [Security] debug CyrusSasl::start(EXTERNAL )
> 2013-08-08 20:07:50 [Security] debug min_ssf: 0, max_ssf: 256
> 2013-08-08 20:07:50 [System] debug Exception constructed: Sasl error: SASL(-4): no mechanism
available:  (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
> 2013-08-08 20:07:50 [System] error Caught exception in state: 3 with event: 1: internal-error:
Sasl error: SASL(-4): no mechanism available:  (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
> 2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] SslTransport closing...
> 2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] Socket closed
> Exception: Disconnected
> 2013-08-08 20:07:55 [Messaging] debug Driver stopped
> The broker log mentions that the connection is being closed because no protocol was received
(max-negotiate-timeout expired):
> 2013-08-08 20:07:50 [Network] info Set TCP_NODELAY on connection to 127.0.0.1:34905
> 2013-08-08 20:07:50 [Broker] info Using AMQP 1.0 (with SASL layer)
> 2013-08-08 20:07:50 [Model] trace Mgmt create connection. id:qpid.127.0.0.1:10000-127.0.0.1:34905
> 2013-08-08 20:07:50 [Security] info SASL: Mechanism list: EXTERNAL
> 2013-08-08 20:07:55 [System] error Connection qpid.127.0.0.1:10000-127.0.0.1:34905 No
protocol received closing
> 2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 Connection closed
prior to authentication completing
> 2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 Connection closed
prior to authentication completing
> 2013-08-08 20:07:55 [Model] debug Delete connection. user: rhost:qpid.127.0.0.1:10000-127.0.0.1:34905
> 2013-08-08 20:08:03 [Model] trace Mgmt delete connection. id:qpid.127.0.0.1:10000-127.0.0.1:34905
Statistics: {bytesFromClient:0, bytesToClient:0, closing:False, framesFromClient:0, framesToClient:0,
msgsFromClient:0, msgsToClient:0}
> With AMQP 0.10 it seems to work fine.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message