You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ch...@apache.org on 2016/04/29 23:21:37 UTC
qpid-dispatch git commit: DISPATCH-287: Allow blank application name.
A blank application name is treated like any other.
Repository: qpid-dispatch
Updated Branches:
refs/heads/master 4a23706ed -> 375c3edcd
DISPATCH-287: Allow blank application name.
A blank application name is treated like any other.
Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/375c3edc
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/375c3edc
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/375c3edc
Branch: refs/heads/master
Commit: 375c3edcda07c04ba24070037a415a455804404a
Parents: 4a23706
Author: Chuck Rolke <cr...@redhat.com>
Authored: Fri Apr 29 17:19:09 2016 -0400
Committer: Chuck Rolke <cr...@redhat.com>
Committed: Fri Apr 29 17:19:09 2016 -0400
----------------------------------------------------------------------
src/policy.c | 45 +++++++++-----------
tests/policy-1/management-access.json | 2 +-
tests/policy-2/test-router-with-policy.json.in | 2 +-
tests/policy-3/test-sender-receiver-limits.json | 2 +-
4 files changed, 22 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/src/policy.c
----------------------------------------------------------------------
diff --git a/src/policy.c b/src/policy.c
index 9f98315..48723d0 100644
--- a/src/policy.c
+++ b/src/policy.c
@@ -711,35 +711,28 @@ void qd_policy_amqp_open(void *context, bool discard)
// Open connection or not based on policy.
pn_transport_t *pn_trans = pn_connection_transport(conn);
const char *hostip = qdpn_connector_hostip(qd_conn->pn_cxtr);
- const char *app = pn_connection_remote_hostname(conn);
- if (app && *app) {
- const char *conn_name = qdpn_connector_name(qd_conn->pn_cxtr);
+ const char *pcrh = pn_connection_remote_hostname(conn);
+ const char *app = (pcrh ? pcrh : "");
+ const char *conn_name = qdpn_connector_name(qd_conn->pn_cxtr);
#define SETTINGS_NAME_SIZE 256
- char settings_name[SETTINGS_NAME_SIZE];
- uint32_t conn_id = qd_conn->connection_id;
- qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO: memory pool for settings
- memset(qd_conn->policy_settings, 0, sizeof(qd_policy_settings_t));
-
- if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip, app, conn_name,
- settings_name, SETTINGS_NAME_SIZE, conn_id,
- qd_conn->policy_settings) &&
- settings_name[0]) {
- // This connection is allowed by policy.
- // Apply transport policy settings
- if (qd_conn->policy_settings->maxFrameSize > 0)
- pn_transport_set_max_frame(pn_trans, qd_conn->policy_settings->maxFrameSize);
- if (qd_conn->policy_settings->maxSessions > 0)
- pn_transport_set_channel_max(pn_trans, qd_conn->policy_settings->maxSessions - 1);
- } else {
- // This connection is denied by policy.
- connection_allowed = false;
- }
+ char settings_name[SETTINGS_NAME_SIZE];
+ uint32_t conn_id = qd_conn->connection_id;
+ qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO: memory pool for settings
+ memset(qd_conn->policy_settings, 0, sizeof(qd_policy_settings_t));
+
+ if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip, app, conn_name,
+ settings_name, SETTINGS_NAME_SIZE, conn_id,
+ qd_conn->policy_settings) &&
+ settings_name[0]) {
+ // This connection is allowed by policy.
+ // Apply transport policy settings
+ if (qd_conn->policy_settings->maxFrameSize > 0)
+ pn_transport_set_max_frame(pn_trans, qd_conn->policy_settings->maxFrameSize);
+ if (qd_conn->policy_settings->maxSessions > 0)
+ pn_transport_set_channel_max(pn_trans, qd_conn->policy_settings->maxSessions - 1);
} else {
- // No application name implies automatic policy denial
+ // This connection is denied by policy.
connection_allowed = false;
- qd_log(qd_conn->server->qd->policy->log_source, QD_LOG_INFO,
- "DENY AMQP Open for user '%s', host '%s', application '': "
- "No application specified", qd_conn->user_id, hostip);
}
} else {
// No policy implies automatic policy allow
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-1/management-access.json
----------------------------------------------------------------------
diff --git a/tests/policy-1/management-access.json b/tests/policy-1/management-access.json
index 960c4a1..9071d22 100644
--- a/tests/policy-1/management-access.json
+++ b/tests/policy-1/management-access.json
@@ -21,7 +21,7 @@
# from host 0.0.0.0
[
["policyRuleset", {
- "applicationName": "0.0.0.0",
+ "applicationName": "",
"maxConnections": 50,
"maxConnPerUser": 5,
"maxConnPerHost": 20,
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-2/test-router-with-policy.json.in
----------------------------------------------------------------------
diff --git a/tests/policy-2/test-router-with-policy.json.in b/tests/policy-2/test-router-with-policy.json.in
index 5f96fdf..13e04c9 100644
--- a/tests/policy-2/test-router-with-policy.json.in
+++ b/tests/policy-2/test-router-with-policy.json.in
@@ -146,7 +146,7 @@
}
}],
["policyRuleset", {
- "applicationName": "0.0.0.0",
+ "applicationName": "",
"maxConnections": 50,
"maxConnPerUser": 5,
"maxConnPerHost": 20,
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-3/test-sender-receiver-limits.json
----------------------------------------------------------------------
diff --git a/tests/policy-3/test-sender-receiver-limits.json b/tests/policy-3/test-sender-receiver-limits.json
index 2a5b367..33286a7 100644
--- a/tests/policy-3/test-sender-receiver-limits.json
+++ b/tests/policy-3/test-sender-receiver-limits.json
@@ -2,7 +2,7 @@
# Ruleset with differing number of senders and receivers
# so tests can determine that correct limit is matched.
["policyRuleset", {
- "applicationName": "0.0.0.0",
+ "applicationName": "",
"maxConnections": 50,
"maxConnPerUser": 2,
"maxConnPerHost": 4,
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org