You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kg...@apache.org on 2015/10/12 22:09:37 UTC

svn commit: r1708221 - in /qpid/trunk/qpid/cpp/src/qpid: broker/Broker.cpp broker/SaslAuthenticator.cpp broker/amqp/Domain.cpp broker/amqp/ProtocolPlugin.cpp messaging/ConnectionOptions.cpp

Author: kgiusti
Date: Mon Oct 12 20:09:37 2015
New Revision: 1708221

URL: http://svn.apache.org/viewvc?rev=1708221&view=rev
Log:
QPID-6783: dynamically determine SASL service name based on protocol

Modified:
    qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
    qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
    qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp
    qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
    qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp Mon Oct 12 20:09:37 2015
@@ -133,7 +133,6 @@ BrokerOptions::BrokerOptions(const std::
     queueCleanInterval(60*sys::TIME_SEC*10),//10 minutes
     auth(SaslAuthenticator::available()),
     realm("QPID"),
-    saslServiceName(BROKER_SASL_NAME),
     replayFlushLimit(0),
     replayHardLimit(0),
     queueLimit(100*1048576/*100M default limit*/),

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp Mon Oct 12 20:09:37 2015
@@ -295,8 +295,7 @@ CyrusAuthenticator::CyrusAuthenticator(a
 
 void CyrusAuthenticator::init()
 {
-        /* Next to the service name, which specifies the
-          * /etc/sasl2/<service name>.conf file to read, the realm is
+        /*  The realm is
           * currently the most important argument below. When
           * performing authentication the user that is authenticating
           * will be looked up in a specific realm. If none is given
@@ -311,7 +310,7 @@ void CyrusAuthenticator::init()
 
     std::string realm = connection.getBroker().getRealm();
     std::string service = connection.getBroker().getSaslServiceName();
-    code = sasl_server_new(service.c_str(), /* Service name */
+    code = sasl_server_new(service.empty() ? BROKER_SASL_NAME : service.c_str(), /* Service name */
                            NULL, /* Server FQDN, gethostname() */
                            realm.c_str(), /* Authentication realm */
                            NULL, /* Local IP, needed for some mechanism */

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp Mon Oct 12 20:09:37 2015
@@ -51,6 +51,8 @@ const std::string SASL_SERVICE("sasl_ser
 const std::string MIN_SSF("min_ssf");
 const std::string MAX_SSF("max_ssf");
 const std::string DURABLE("durable");
+const std::string AMQP_SASL_SERVICENAME("amqp");
+
 class Wrapper : public qpid::sys::ConnectionCodec
 {
   public:
@@ -219,7 +221,9 @@ void InterconnectFactory::failed(int, st
 }
 
 Domain::Domain(const std::string& n, const qpid::types::Variant::Map& properties, Broker& b)
-    : PersistableObject(n, "domain", properties), name(n), durable(get(DURABLE, properties)), broker(b), mechanisms("ANONYMOUS"), service(qpid::saslName), minSsf(0), maxSsf(0), agent(b.getManagementAgent())
+    : PersistableObject(n, "domain", properties), name(n), durable(get(DURABLE, properties)),
+      broker(b), mechanisms("ANONYMOUS"), service(AMQP_SASL_SERVICENAME), minSsf(0), maxSsf(0),
+      agent(b.getManagementAgent())
 {
     if (!get(url, URL, properties)) {
         QPID_LOG(error, "No URL specified for domain " << name << "!");

Modified: qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp Mon Oct 12 20:09:37 2015
@@ -46,6 +46,8 @@ namespace qpid {
 namespace broker {
 namespace amqp {
 
+const std::string AMQP_SASL_SERVICENAME("amqp");
+
 struct Options : public qpid::Options {
     std::string domain;
     std::vector<std::string> queuePatterns;
@@ -118,8 +120,9 @@ qpid::sys::ConnectionCodec* ProtocolImpl
         if (v.getProtocol() == qpid::framing::ProtocolVersion::SASL) {
             if (getBroker().isAuthenticating()) {
                 QPID_LOG(info, "Using AMQP 1.0 (with SASL layer)");
+                std::string serviceName = getBroker().getSaslServiceName().empty() ? AMQP_SASL_SERVICENAME : getBroker().getSaslServiceName();
                 return new qpid::broker::amqp::Sasl(out, id, *this,
-                                                    qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),getBroker().getSaslServiceName(),getBroker().requireEncrypted(), external));
+                                                    qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),serviceName,getBroker().requireEncrypted(), external));
             } else {
                 std::auto_ptr<SaslServer> authenticator(new qpid::NullSaslServer(getBroker().getRealm()));
                 QPID_LOG(info, "Using AMQP 1.0 (with dummy SASL layer)");

Modified: qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp Mon Oct 12 20:09:37 2015
@@ -54,6 +54,10 @@ ConnectionOptions::ConnectionOptions(con
     : replaceUrls(false), reconnect(false), timeout(FOREVER), limit(-1), minReconnectInterval(0.001), maxReconnectInterval(2),
       retries(0), reconnectOnLimitExceeded(true), nestAnnotations(false), setToOnSend(false)
 {
+    // By default we want the sasl service name to be "amqp" for 1.0
+    // this will be overridden by a parsed "sasl-service" option
+    service = "amqp";
+
     for (qpid::types::Variant::Map::const_iterator i = options.begin(); i != options.end(); ++i) {
         set(i->first, i->second);
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org