You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ac...@apache.org on 2010/05/27 22:02:41 UTC

svn commit: r948969 - in /qpid/trunk/qpid: cpp/src/qpid/cluster/Connection.cpp cpp/src/tests/Makefile.am cpp/src/tests/cluster_tests.py cpp/src/tests/sasl_test_setup.sh python/qpid/brokertest.py

Author: aconway
Date: Thu May 27 20:02:41 2010
New Revision: 948969

URL: http://svn.apache.org/viewvc?rev=948969&view=rev
Log:
Fixed: authentication with bad credentials causes cluster broker to exit.

Modified:
    qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp
    qpid/trunk/qpid/cpp/src/tests/Makefile.am
    qpid/trunk/qpid/cpp/src/tests/cluster_tests.py
    qpid/trunk/qpid/cpp/src/tests/sasl_test_setup.sh
    qpid/trunk/qpid/python/qpid/brokertest.py

Modified: qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp?rev=948969&r1=948968&r2=948969&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp Thu May 27 20:02:41 2010
@@ -573,12 +573,22 @@ void Connection::queue(const std::string
 }
 
 void Connection::sessionError(uint16_t , const std::string& msg) {
-    cluster.flagError(*this, ERROR_TYPE_SESSION, msg);
+    // If we are negotiating the connection when it fails just close the connectoin.
+    // If it fails after that then we have to flag the error to the cluster.
+    if (inConnectionNegotiation)
+        cluster.getMulticast().mcastControl(ClusterConnectionDeliverCloseBody(), self);
+    else
+        cluster.flagError(*this, ERROR_TYPE_SESSION, msg);
     
 }
 
 void Connection::connectionError(const std::string& msg) {
-    cluster.flagError(*this, ERROR_TYPE_CONNECTION, msg);
+    // If we are negotiating the connection when it fails just close the connectoin.
+    // If it fails after that then we have to flag the error to the cluster.
+    if (inConnectionNegotiation)
+        cluster.getMulticast().mcastControl(ClusterConnectionDeliverCloseBody(), self);
+    else
+        cluster.flagError(*this, ERROR_TYPE_CONNECTION, msg);
 }
 
 void Connection::addQueueListener(const std::string& q, uint32_t listener) {

Modified: qpid/trunk/qpid/cpp/src/tests/Makefile.am
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/tests/Makefile.am?rev=948969&r1=948968&r2=948969&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/tests/Makefile.am (original)
+++ qpid/trunk/qpid/cpp/src/tests/Makefile.am Thu May 27 20:02:41 2010
@@ -376,7 +376,7 @@ EXTRA_DIST+=						\
 check-long:
 	$(MAKE) check TESTS="$(LONG_TESTS)" VALGRIND=
 
-check: python_prep test_env.sh
+check: python_prep test_env.sh sasl_config
 
 PYTHON_SRC_DIR=$(abs_srcdir)/../../../python
 PYTHON_BLD_DIR=$(abs_builddir)/python
@@ -391,4 +391,8 @@ python_prep:
 		--install-scripts=$(PYTHON_BLD_DIR)/commands; \
 	else echo "WARNING: python client not built, missing $(PYTHON_SRC_DIR)"; fi
 
+sasl_config: sasl_test_setup.sh
+	sh $(srcdir)/sasl_test_setup.sh
+	touch sasl_config
+
 include testagent.mk

Modified: qpid/trunk/qpid/cpp/src/tests/cluster_tests.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/tests/cluster_tests.py?rev=948969&r1=948968&r2=948969&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/tests/cluster_tests.py (original)
+++ qpid/trunk/qpid/cpp/src/tests/cluster_tests.py Thu May 27 20:02:41 2010
@@ -101,6 +101,18 @@ class ShortTests(BrokerTest):
         assert readfile("direct.dump") == readfile("updatee.dump")
         os.remove("direct.dump")
         os.remove("updatee.dump")
+
+    def test_sasl(self):
+        """Test SASL authentication and encryption in a cluster"""
+        sasl_config=os.path.join(self.rootdir, "sasl_config")
+        cluster = self.cluster(3, ["--auth", "yes", "--sasl-config", sasl_config])
+        # Try a bad user ID
+        try:
+            c = messaging.Connection.establish("nosuch/user@%s"%(cluster[0].host_port()))
+            self.fail("Expected exception")
+        except messaging.exceptions.ConnectionError: pass
+        for b in cluster: b.ready()     # Make sure all brokers still running.
+
         
 class LongTests(BrokerTest):
     """Tests that can run for a long time if -DDURATION=<minutes> is set"""

Modified: qpid/trunk/qpid/cpp/src/tests/sasl_test_setup.sh
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/tests/sasl_test_setup.sh?rev=948969&r1=948968&r2=948969&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/tests/sasl_test_setup.sh (original)
+++ qpid/trunk/qpid/cpp/src/tests/sasl_test_setup.sh Thu May 27 20:02:41 2010
@@ -9,13 +9,14 @@ mkdir -p sasl_config
 cat > sasl_config/qpidd.conf <<EOF
 pwcheck_method: auxprop
 auxprop_plugin: sasldb
-sasldb_path: ./sasl_config/qpidd.sasldb
+sasldb_path: $PWD/sasl_config/qpidd.sasldb
 sql_select: dummy select
 EOF
 
 # Populate temporary sasl db.
 SASLTEST_DB=./sasl_config/qpidd.sasldb
 rm -f $SASLTEST_DB
+echo guest | $SASL_PW -c -p -f $SASLTEST_DB -u QPID guest
 echo zig | $SASL_PW -c -p -f $SASLTEST_DB -u QPID zig
 echo zag | $SASL_PW -c -p -f $SASLTEST_DB -u QPID zag
 

Modified: qpid/trunk/qpid/python/qpid/brokertest.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/python/qpid/brokertest.py?rev=948969&r1=948968&r2=948969&view=diff
==============================================================================
--- qpid/trunk/qpid/python/qpid/brokertest.py (original)
+++ qpid/trunk/qpid/python/qpid/brokertest.py Thu May 27 20:02:41 2010
@@ -272,7 +272,8 @@ class Broker(Popen):
 
         self.test = test
         self._port=port
-        cmd = [BrokerTest.qpidd_exec, "--port", port, "--no-module-dir", "--auth=no"] + args
+        cmd = [BrokerTest.qpidd_exec, "--port", port, "--no-module-dir"] + args
+        if not "--auth" in args: cmd.append("--auth=no")
         if name: self.name = name
         else:
             self.name = "broker%d" % Broker._broker_count
@@ -304,10 +305,9 @@ class Broker(Popen):
     def unexpected(self,msg):
         raise BadProcessStatus("%s: %s (%s)" % (msg, self.name, self.pname))
 
-    def connect(self):
+    def connect(self, **kwargs):
         """New API connection to the broker."""
-        return messaging.Connection.establish(host=self.host(),
-                                              port=self.port())
+        return messaging.Connection.establish(self.host_port(), **kwargs)
 
     def connect_old(self):
         """Old API connection to the broker."""
@@ -376,13 +376,13 @@ class Broker(Popen):
             return False
         finally: f.close()
 
-    def ready(self):
+    def ready(self, **kwargs):
         """Wait till broker is ready to serve clients"""
         # First make sure the broker is listening by checking the log.
         if not retry(self.log_ready):
             raise Exception("Timed out waiting for broker %s" % self.name)
         # Make a connection, this will wait for extended cluster init to finish.
-        try: self.connect().close()
+        try: self.connect(**kwargs).close()
         except: raise RethrownException("Broker %s failed ready test"%self.name)
 
     def store_state(self):
@@ -485,10 +485,6 @@ class BrokerTest(TestCase):
         cluster = Cluster(self, count, args, expect=expect, wait=wait)
         return cluster
 
-#    def wait(self):
-#        """Wait for all brokers in the cluster to be ready"""
-#        for b in _brokers: b.connect().close()
-
 class RethrownException(Exception):
     """Captures the stack trace of the current exception to be thrown later"""
     def __init__(self, msg=""):



---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org