You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by Ernie Allen <ea...@redhat.com> on 2014/10/30 20:09:41 UTC
Review Request 27392: QPID-6203 - Prevent broker startup when invalid
directory is passed to --sasl-config
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/
-----------------------------------------------------------
Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
Repository: qpid
Description
-------
The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
That what is passed in is a directory and not a file
That the directory contains a qpidd.conf file
That the broker is able to read the qpidd.conf file
If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
Diffs
-----
trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
Diff: https://reviews.apache.org/r/27392/diff/
Testing
-------
*pass file instead of directory*
>qpidd --sasl-config /home/eallen/qpidd.conf
2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
*pass directory that does not contain qpidd.conf*
>qpidd --sasl-config /etc
2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
*change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
>qpidd --sasl-config /home/eallen
2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
*pass correct directory that contains a good qpidd.conf*
>qpidd --sasl-config /usr/local/etc/qpid/sasl_config
2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
*pass directory that contains a bad qpidd.conf*
>echo "junk" > /tmp/qpidd.conf
>qpidd -sasl-config /tmp
2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
Thanks,
Ernie Allen
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
Posted by Ernie Allen <ea...@redhat.com>.
> On Oct. 31, 2014, 8:12 a.m., Pavel Moravec wrote:
> > trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp, line 160
> > <https://reviews.apache.org/r/27392/diff/1/?file=743511#file743511line160>
> >
> > Due to the test on line 113 (verify the file can be read by the broker), I think this test is further redundant.
> >
> > Otherwise, good catch & patch of various potential issues causing sasl-config option not applied.
While I agree that this case would be caught by the test on line 113 to verify the file can be read, keeping this as a separate test has the advantage that the error message is much more specific.
- Ernie
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/#review59318
-----------------------------------------------------------
On Oct. 31, 2014, 5:33 p.m., Ernie Allen wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/27392/
> -----------------------------------------------------------
>
> (Updated Oct. 31, 2014, 5:33 p.m.)
>
>
> Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
>
>
> Repository: qpid
>
>
> Description
> -------
>
> The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
>
> That what is passed in is a directory and not a file
> That the directory contains a qpidd.conf file
> That the broker is able to read the qpidd.conf file
>
> If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
>
> Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
>
>
> Diffs
> -----
>
> trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
>
> Diff: https://reviews.apache.org/r/27392/diff/
>
>
> Testing
> -------
>
> *pass file instead of directory*
> >qpidd --sasl-config /home/eallen/qpidd.conf
> 2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
> 2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
>
> *pass directory that does not contain qpidd.conf*
> >qpidd --sasl-config /etc
> 2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
> 2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
> 2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
> >qpidd --sasl-config /home/eallen
> 2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
> 2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
> 2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *pass correct directory that contains a good qpidd.conf*
> >qpidd --sasl-config /usr/local/etc/qpid/sasl_config
> 2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
>
> *pass directory that contains a bad qpidd.conf*
> >echo "junk" > /tmp/qpidd.conf
> >qpidd -sasl-config /tmp
> 2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
> 2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
>
> Thanks,
>
> Ernie Allen
>
>
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
Posted by Pavel Moravec <pm...@redhat.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/#review59318
-----------------------------------------------------------
trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
<https://reviews.apache.org/r/27392/#comment100589>
Due to the test on line 113 (verify the file can be read by the broker), I think this test is further redundant.
Otherwise, good catch & patch of various potential issues causing sasl-config option not applied.
- Pavel Moravec
On Oct. 30, 2014, 7:09 p.m., Ernie Allen wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/27392/
> -----------------------------------------------------------
>
> (Updated Oct. 30, 2014, 7:09 p.m.)
>
>
> Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
>
>
> Repository: qpid
>
>
> Description
> -------
>
> The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
>
> That what is passed in is a directory and not a file
> That the directory contains a qpidd.conf file
> That the broker is able to read the qpidd.conf file
>
> If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
>
> Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
>
>
> Diffs
> -----
>
> trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
>
> Diff: https://reviews.apache.org/r/27392/diff/
>
>
> Testing
> -------
>
> *pass file instead of directory*
> >qpidd --sasl-config /home/eallen/qpidd.conf
> 2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
> 2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
>
> *pass directory that does not contain qpidd.conf*
> >qpidd --sasl-config /etc
> 2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
> 2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
> 2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
> >qpidd --sasl-config /home/eallen
> 2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
> 2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
> 2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *pass correct directory that contains a good qpidd.conf*
> >qpidd --sasl-config /usr/local/etc/qpid/sasl_config
> 2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
>
> *pass directory that contains a bad qpidd.conf*
> >echo "junk" > /tmp/qpidd.conf
> >qpidd -sasl-config /tmp
> 2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
> 2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
>
> Thanks,
>
> Ernie Allen
>
>
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
Posted by Alan Conway <ac...@redhat.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/#review59337
-----------------------------------------------------------
Ship it!
One minor suggestion, otherwise looks good.
trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
<https://reviews.apache.org/r/27392/#comment100607>
Suggest including saslConfigPath in the error message.
throw Exception(QPID_MSG("SASL: cannot load SASL configuration from " << saslConfigPath << ", error: " << sasl_errstring(code, NULL, NULL)));
- Alan Conway
On Oct. 30, 2014, 7:09 p.m., Ernie Allen wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/27392/
> -----------------------------------------------------------
>
> (Updated Oct. 30, 2014, 7:09 p.m.)
>
>
> Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
>
>
> Repository: qpid
>
>
> Description
> -------
>
> The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
>
> That what is passed in is a directory and not a file
> That the directory contains a qpidd.conf file
> That the broker is able to read the qpidd.conf file
>
> If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
>
> Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
>
>
> Diffs
> -----
>
> trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
>
> Diff: https://reviews.apache.org/r/27392/diff/
>
>
> Testing
> -------
>
> *pass file instead of directory*
> >qpidd --sasl-config /home/eallen/qpidd.conf
> 2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
> 2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
>
> *pass directory that does not contain qpidd.conf*
> >qpidd --sasl-config /etc
> 2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
> 2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
> 2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
> >qpidd --sasl-config /home/eallen
> 2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
> 2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
> 2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *pass correct directory that contains a good qpidd.conf*
> >qpidd --sasl-config /usr/local/etc/qpid/sasl_config
> 2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
>
> *pass directory that contains a bad qpidd.conf*
> >echo "junk" > /tmp/qpidd.conf
> >qpidd -sasl-config /tmp
> 2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
> 2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
>
> Thanks,
>
> Ernie Allen
>
>
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
Posted by Pavel Moravec <pm...@redhat.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/#review59563
-----------------------------------------------------------
Ship it!
Ship It!
- Pavel Moravec
On Oct. 31, 2014, 5:33 p.m., Ernie Allen wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/27392/
> -----------------------------------------------------------
>
> (Updated Oct. 31, 2014, 5:33 p.m.)
>
>
> Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
>
>
> Repository: qpid
>
>
> Description
> -------
>
> The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
>
> That what is passed in is a directory and not a file
> That the directory contains a qpidd.conf file
> That the broker is able to read the qpidd.conf file
>
> If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
>
> Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
>
>
> Diffs
> -----
>
> trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
>
> Diff: https://reviews.apache.org/r/27392/diff/
>
>
> Testing
> -------
>
> *pass file instead of directory*
> >qpidd --sasl-config /home/eallen/qpidd.conf
> 2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
> 2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
>
> *pass directory that does not contain qpidd.conf*
> >qpidd --sasl-config /etc
> 2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
> 2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
> 2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
> >qpidd --sasl-config /home/eallen
> 2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
> 2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
> 2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *pass correct directory that contains a good qpidd.conf*
> >qpidd --sasl-config /usr/local/etc/qpid/sasl_config
> 2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
>
> *pass directory that contains a bad qpidd.conf*
> >echo "junk" > /tmp/qpidd.conf
> >qpidd -sasl-config /tmp
> 2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
> 2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
>
> Thanks,
>
> Ernie Allen
>
>
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
Posted by Ernie Allen <ea...@redhat.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/
-----------------------------------------------------------
(Updated Oct. 31, 2014, 5:33 p.m.)
Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
Changes
-------
Added saslConfigPath to error message
Repository: qpid
Description
-------
The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
That what is passed in is a directory and not a file
That the directory contains a qpidd.conf file
That the broker is able to read the qpidd.conf file
If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
Diffs (updated)
-----
trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
Diff: https://reviews.apache.org/r/27392/diff/
Testing
-------
*pass file instead of directory*
>qpidd --sasl-config /home/eallen/qpidd.conf
2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
*pass directory that does not contain qpidd.conf*
>qpidd --sasl-config /etc
2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
*change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
>qpidd --sasl-config /home/eallen
2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
*pass correct directory that contains a good qpidd.conf*
>qpidd --sasl-config /usr/local/etc/qpid/sasl_config
2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
*pass directory that contains a bad qpidd.conf*
>echo "junk" > /tmp/qpidd.conf
>qpidd -sasl-config /tmp
2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
Thanks,
Ernie Allen