You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kg...@apache.org on 2015/10/12 22:09:37 UTC
svn commit: r1708221 - in /qpid/trunk/qpid/cpp/src/qpid: broker/Broker.cpp
broker/SaslAuthenticator.cpp broker/amqp/Domain.cpp
broker/amqp/ProtocolPlugin.cpp messaging/ConnectionOptions.cpp
Author: kgiusti
Date: Mon Oct 12 20:09:37 2015
New Revision: 1708221
URL: http://svn.apache.org/viewvc?rev=1708221&view=rev
Log:
QPID-6783: dynamically determine SASL service name based on protocol
Modified:
qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp Mon Oct 12 20:09:37 2015
@@ -133,7 +133,6 @@ BrokerOptions::BrokerOptions(const std::
queueCleanInterval(60*sys::TIME_SEC*10),//10 minutes
auth(SaslAuthenticator::available()),
realm("QPID"),
- saslServiceName(BROKER_SASL_NAME),
replayFlushLimit(0),
replayHardLimit(0),
queueLimit(100*1048576/*100M default limit*/),
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp Mon Oct 12 20:09:37 2015
@@ -295,8 +295,7 @@ CyrusAuthenticator::CyrusAuthenticator(a
void CyrusAuthenticator::init()
{
- /* Next to the service name, which specifies the
- * /etc/sasl2/<service name>.conf file to read, the realm is
+ /* The realm is
* currently the most important argument below. When
* performing authentication the user that is authenticating
* will be looked up in a specific realm. If none is given
@@ -311,7 +310,7 @@ void CyrusAuthenticator::init()
std::string realm = connection.getBroker().getRealm();
std::string service = connection.getBroker().getSaslServiceName();
- code = sasl_server_new(service.c_str(), /* Service name */
+ code = sasl_server_new(service.empty() ? BROKER_SASL_NAME : service.c_str(), /* Service name */
NULL, /* Server FQDN, gethostname() */
realm.c_str(), /* Authentication realm */
NULL, /* Local IP, needed for some mechanism */
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/amqp/Domain.cpp Mon Oct 12 20:09:37 2015
@@ -51,6 +51,8 @@ const std::string SASL_SERVICE("sasl_ser
const std::string MIN_SSF("min_ssf");
const std::string MAX_SSF("max_ssf");
const std::string DURABLE("durable");
+const std::string AMQP_SASL_SERVICENAME("amqp");
+
class Wrapper : public qpid::sys::ConnectionCodec
{
public:
@@ -219,7 +221,9 @@ void InterconnectFactory::failed(int, st
}
Domain::Domain(const std::string& n, const qpid::types::Variant::Map& properties, Broker& b)
- : PersistableObject(n, "domain", properties), name(n), durable(get(DURABLE, properties)), broker(b), mechanisms("ANONYMOUS"), service(qpid::saslName), minSsf(0), maxSsf(0), agent(b.getManagementAgent())
+ : PersistableObject(n, "domain", properties), name(n), durable(get(DURABLE, properties)),
+ broker(b), mechanisms("ANONYMOUS"), service(AMQP_SASL_SERVICENAME), minSsf(0), maxSsf(0),
+ agent(b.getManagementAgent())
{
if (!get(url, URL, properties)) {
QPID_LOG(error, "No URL specified for domain " << name << "!");
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp Mon Oct 12 20:09:37 2015
@@ -46,6 +46,8 @@ namespace qpid {
namespace broker {
namespace amqp {
+const std::string AMQP_SASL_SERVICENAME("amqp");
+
struct Options : public qpid::Options {
std::string domain;
std::vector<std::string> queuePatterns;
@@ -118,8 +120,9 @@ qpid::sys::ConnectionCodec* ProtocolImpl
if (v.getProtocol() == qpid::framing::ProtocolVersion::SASL) {
if (getBroker().isAuthenticating()) {
QPID_LOG(info, "Using AMQP 1.0 (with SASL layer)");
+ std::string serviceName = getBroker().getSaslServiceName().empty() ? AMQP_SASL_SERVICENAME : getBroker().getSaslServiceName();
return new qpid::broker::amqp::Sasl(out, id, *this,
- qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),getBroker().getSaslServiceName(),getBroker().requireEncrypted(), external));
+ qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),serviceName,getBroker().requireEncrypted(), external));
} else {
std::auto_ptr<SaslServer> authenticator(new qpid::NullSaslServer(getBroker().getRealm()));
QPID_LOG(info, "Using AMQP 1.0 (with dummy SASL layer)");
Modified: qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp?rev=1708221&r1=1708220&r2=1708221&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/messaging/ConnectionOptions.cpp Mon Oct 12 20:09:37 2015
@@ -54,6 +54,10 @@ ConnectionOptions::ConnectionOptions(con
: replaceUrls(false), reconnect(false), timeout(FOREVER), limit(-1), minReconnectInterval(0.001), maxReconnectInterval(2),
retries(0), reconnectOnLimitExceeded(true), nestAnnotations(false), setToOnSend(false)
{
+ // By default we want the sasl service name to be "amqp" for 1.0
+ // this will be overridden by a parsed "sasl-service" option
+ service = "amqp";
+
for (qpid::types::Variant::Map::const_iterator i = options.begin(); i != options.end(); ++i) {
set(i->first, i->second);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org