You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by Pavel Moravec <pm...@redhat.com> on 2014/11/03 08:01:45 UTC
Re: Review Request 27392: QPID-6203 - Prevent broker startup when
invalid directory is passed to --sasl-config
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27392/#review59563
-----------------------------------------------------------
Ship it!
Ship It!
- Pavel Moravec
On Oct. 31, 2014, 5:33 p.m., Ernie Allen wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/27392/
> -----------------------------------------------------------
>
> (Updated Oct. 31, 2014, 5:33 p.m.)
>
>
> Review request for qpid, Alan Conway, Cliff Jansen, and Pavel Moravec.
>
>
> Repository: qpid
>
>
> Description
> -------
>
> The broker should make the following additional tests on the directory that is specified with the --sasl-config option:
>
> That what is passed in is a directory and not a file
> That the directory contains a qpidd.conf file
> That the broker is able to read the qpidd.conf file
>
> If any of the new tests fail, the broker should fail to start and an appropriate error message should be displayed.
>
> Cliff: Currently, there are no checks on the --sasl-config option for windows. Should there be?
>
>
> Diffs
> -----
>
> trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp 1635522
>
> Diff: https://reviews.apache.org/r/27392/diff/
>
>
> Testing
> -------
>
> *pass file instead of directory*
> >qpidd --sasl-config /home/eallen/qpidd.conf
> 2014-10-30 14:50:52 [Broker] notice Broker (pid=25724) shut-down
> 2014-10-30 14:50:52 [Broker] critical Unexpected error: SASL: not a directory: /home/eallen/qpidd.conf (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:157)
>
> *pass directory that does not contain qpidd.conf*
> >qpidd --sasl-config /etc
> 2014-10-30 14:51:58 [Security] error SASL: config file doesn't exist: /etc/qpidd.conf
> 2014-10-30 14:51:58 [Broker] critical Broker (pid=25734) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:51:58 [Broker] notice Broker (pid=25734) shut-down
> 2014-10-30 14:51:58 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *change permissions on existing file /home/eallen/qpidd.conf to not allow read permissions*
> >qpidd --sasl-config /home/eallen
> 2014-10-30 14:55:15 [Security] error SASL: broker unable to read the config file. Check file permissions: /home/eallen/qpidd.conf
> 2014-10-30 14:55:15 [Broker] critical Broker (pid=25750) start-up failed: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 14:55:15 [Broker] notice Broker (pid=25750) shut-down
> 2014-10-30 14:55:15 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: generic failure (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
> *pass correct directory that contains a good qpidd.conf*
> >qpidd --sasl-config /usr/local/etc/qpid/sasl_config
> 2014-10-30 14:56:27 [Network] notice Listening on TCP/TCP6 port 5672
>
> *pass directory that contains a bad qpidd.conf*
> >echo "junk" > /tmp/qpidd.conf
> >qpidd -sasl-config /tmp
> 2014-10-30 15:00:56 [Broker] critical Broker (pid=25819) start-up failed: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
> 2014-10-30 15:00:56 [Broker] notice Broker (pid=25819) shut-down
> 2014-10-30 15:00:56 [Broker] critical Unexpected error: SASL: failed to parse SASL configuration file, error: error when parsing configuration file (/home/ernie/workspace/rh-qpid/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp:178)
>
>
> Thanks,
>
> Ernie Allen
>
>