You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ac...@apache.org on 2014/07/15 18:30:24 UTC

svn commit: r1610744 - in /qpid/dispatch/trunk: include/qpid/dispatch/error.h python/qpid_dispatch_internal/management/node.py src/error.c src/server.c tests/CMakeLists.txt tests/system_tests_two_routers.py tests/system_tests_two_routers_ssl.py

Author: aconway
Date: Tue Jul 15 16:30:23 2014
New Revision: 1610744

URL: http://svn.apache.org/r1610744
Log:
NO-JIRA: Detect lack of proton SSL support

- Dispatch: log an error and don't complete SSL connection if no SSL support.
- System tests: Skip SSL tests if SSL support is not available.

Note: the error handling for SSL connections in dispatch still needs work.

Removed:
    qpid/dispatch/trunk/tests/system_tests_two_routers_ssl.py
Modified:
    qpid/dispatch/trunk/include/qpid/dispatch/error.h
    qpid/dispatch/trunk/python/qpid_dispatch_internal/management/node.py
    qpid/dispatch/trunk/src/error.c
    qpid/dispatch/trunk/src/server.c
    qpid/dispatch/trunk/tests/CMakeLists.txt
    qpid/dispatch/trunk/tests/system_tests_two_routers.py

Modified: qpid/dispatch/trunk/include/qpid/dispatch/error.h
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/include/qpid/dispatch/error.h?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/include/qpid/dispatch/error.h (original)
+++ qpid/dispatch/trunk/include/qpid/dispatch/error.h Tue Jul 15 16:30:23 2014
@@ -42,9 +42,10 @@ typedef enum {
     QD_ERROR_MESSAGE,           ///< Error parsing a message.
     QD_ERROR_PYTHON,            ///< Error from python code.
     QD_ERROR_CONFIG,            ///< Error in configuration
-    QD_ERROR_TYPE,              ///< Value of inappropriate type
-    QD_ERROR_VALUE,             ///< Invalid value
-    QD_ERROR_ENUM_COUNT         ///< Not an error, marks the end of the enum
+    QD_ERROR_TYPE,              ///< Value of inappropriate type.
+    QD_ERROR_VALUE,             ///< Invalid value.
+    QD_ERROR_RUNTIME,           ///< Run-time failure.
+    QD_ERROR_ENUM_COUNT         ///< Not an error, marks the end of the enum.
 } qd_error_t;
 
 /**

Modified: qpid/dispatch/trunk/python/qpid_dispatch_internal/management/node.py
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/python/qpid_dispatch_internal/management/node.py?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/python/qpid_dispatch_internal/management/node.py (original)
+++ qpid/dispatch/trunk/python/qpid_dispatch_internal/management/node.py Tue Jul 15 16:30:23 2014
@@ -170,7 +170,8 @@ class Node(object):
 
     def __del__(self):
         if hasattr(self, 'messenger'):
-            self.stop()
+            try: self.stop()
+            except: pass
 
     def _flush(self):
         """Call self.messenger.work() till there is no work left."""

Modified: qpid/dispatch/trunk/src/error.c
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/src/error.c?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/src/error.c (original)
+++ qpid/dispatch/trunk/src/error.c Tue Jul 15 16:30:23 2014
@@ -34,7 +34,8 @@ static const char *error_names[] = {
  "Python",
  "Configuration",
  "Type",
- "Value"
+ "Value",
+ "Run Time"
 };
 
 STATIC_ASSERT(sizeof(error_names)/sizeof(error_names[0]) == QD_ERROR_ENUM_COUNT,

Modified: qpid/dispatch/trunk/src/server.c
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/src/server.c?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/src/server.c (original)
+++ qpid/dispatch/trunk/src/server.c Tue Jul 15 16:30:23 2014
@@ -107,6 +107,14 @@ static void thread_process_listeners(qd_
         //
         if (config->ssl_enabled) {
             pn_ssl_domain_t *domain = pn_ssl_domain(PN_SSL_MODE_SERVER);
+            if (!domain) {
+                qd_error(QD_ERROR_RUNTIME, "SSL domain failed for connection from %s",
+                         pn_connector_name(cxtr));
+                /* FIXME aconway 2014-07-15: Close the connection */
+                continue;
+            }
+
+            /* FIXME aconway 2014-07-15: error handling on all calls. */
             pn_ssl_domain_set_credentials(domain,
                                           config->ssl_certificate_file,
                                           config->ssl_private_key_file,
@@ -614,6 +622,13 @@ static void cxtr_try_open(void *context)
     //
     if (config->ssl_enabled) {
         pn_ssl_domain_t *domain = pn_ssl_domain(PN_SSL_MODE_CLIENT);
+        if (!domain) {
+            qd_error(QD_ERROR_RUNTIME, "SSL domain failed for connection to %s:%s",
+                     ct->config->host, ct->config->port);
+            /* FIXME aconway 2014-07-15: Close the connection, clean up. */
+            return;
+        }
+        /* FIXME aconway 2014-07-15: error handling on all SSL calls. */
         pn_ssl_domain_set_credentials(domain,
                                       config->ssl_certificate_file,
                                       config->ssl_private_key_file,

Modified: qpid/dispatch/trunk/tests/CMakeLists.txt
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/tests/CMakeLists.txt?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/tests/CMakeLists.txt (original)
+++ qpid/dispatch/trunk/tests/CMakeLists.txt Tue Jul 15 16:30:23 2014
@@ -68,7 +68,7 @@ add_test(management_tests      ${TEST_WR
 add_test(system_tests          ${TEST_WRAP} -m run_system_tests -v)
 
 set(SYSTEM_TEST_FILES ${CMAKE_CURRENT_BINARY_DIR}/run.py run_system_tests.py system_test.py
-  system_tests_one_router.py system_tests_two_routers.py system_tests_two_routers_ssl.py
+  system_tests_one_router.py system_tests_two_routers.py
   system_tests_broker.py system_tests_management.py system_tests_qdstat.py)
 
 configure_file(${CMAKE_CURRENT_SOURCE_DIR}/config-2/A-ssl.conf.in ${CMAKE_CURRENT_BINARY_DIR}/config-2/A-ssl.conf)

Modified: qpid/dispatch/trunk/tests/system_tests_two_routers.py
URL: http://svn.apache.org/viewvc/qpid/dispatch/trunk/tests/system_tests_two_routers.py?rev=1610744&r1=1610743&r2=1610744&view=diff
==============================================================================
--- qpid/dispatch/trunk/tests/system_tests_two_routers.py (original)
+++ qpid/dispatch/trunk/tests/system_tests_two_routers.py Tue Jul 15 16:30:23 2014
@@ -18,34 +18,20 @@
 #
 
 import unittest, os
-from proton import Message, PENDING, ACCEPTED, REJECTED, RELEASED
+from proton import Message, PENDING, ACCEPTED, REJECTED, RELEASED, SSLDomain, SSLUnavailable
 from system_test import TestCase, Qdrouterd, retry_exception
 from qpid_dispatch_internal.management import Node
 
 class RouterTest(TestCase):
-    ssl_option = False
-
     @classmethod
     def setUpClass(cls):
         """Start a router and a messenger"""
         super(RouterTest, cls).setUpClass()
 
-        def ssl_config(client_server):
-            if not cls.ssl_option: return []
-            def ssl_file(name):
-                return os.path.join(os.path.dirname(__file__), 'config-2', name)
-            return [
-                ('ssl-profile', {
-                    'name': 'ssl-profile-name',
-                    'cert-db': ssl_file('ca-certificate.pem'),
-                    'cert-file': ssl_file(client_server+'-certificate.pem'),
-                    'key-file': ssl_file(client_server+'-private-key.pem'),
-                    'password': client_server+'-password'})]
+        def ssl_config(client_server, connection): return [] # Over-ridden by RouterTestSsl
 
         def router(name, client_server, connection):
-            if cls.ssl_option:
-                connection[1]['ssl-profile'] = 'ssl-profile-name'
-            config = Qdrouterd.Config(ssl_config(client_server) + [
+            config = Qdrouterd.Config(ssl_config(client_server, connection) + [
                 ('log', {'module':'DEFAULT', 'level':'trace', 'output':name+".log"}),
                 ('container', {'worker-threads': 4, 'container-name': 'Qpid.Dispatch.Router.%s'%name}),
                 ('router', {'mode': 'interior', 'router-id': 'QDR.%s'%name}),
@@ -798,5 +784,26 @@ class RouterTest(TestCase):
         M2.stop()
 
 
+
+try:
+    SSLDomain(SSLDomain.MODE_CLIENT)
+    class RouterTestSsl(RouterTest):
+        def ssl_config(self, client_server, connection):
+            connection[1]['ssl-profile'] = 'ssl-profile-name'
+            def ssl_file(name):
+                return os.path.join(os.path.dirname(__file__), 'config-2', name)
+            return [
+                ('ssl-profile', {
+                    'name': 'ssl-profile-name',
+                    'cert-db': ssl_file('ca-certificate.pem'),
+                    'cert-file': ssl_file(client_server+'-certificate.pem'),
+                    'key-file': ssl_file(client_server+'-private-key.pem'),
+                    'password': client_server+'-password'})]
+
+except SSLUnavailable:
+    class RouterTestSsl(TestCase):
+        def test_skip(self):
+            self.skipTest("Proton SSL support unavailable.")
+
 if __name__ == '__main__':
     unittest.main()



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org