You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by as...@apache.org on 2018/01/22 22:36:09 UTC
[1/2] qpid-proton git commit: PROTON-1749: [C++ binding] Add simple
example to demonstrate use of simple SASL APIs - This only connects and
immediately disconnects
Repository: qpid-proton
Updated Branches:
refs/heads/master 0cae0686c -> 4e00631ab
PROTON-1749: [C++ binding] Add simple example to demonstrate use of simple SASL APIs
- This only connects and immediately disconnects
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/c8069e28
Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/c8069e28
Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/c8069e28
Branch: refs/heads/master
Commit: c8069e289a56275bb8dd11bdf755dd4d71778ace
Parents: 0cae068
Author: Andrew Stitcher <as...@apache.org>
Authored: Mon Jan 22 16:19:15 2018 -0500
Committer: Andrew Stitcher <as...@apache.org>
Committed: Mon Jan 22 16:28:02 2018 -0500
----------------------------------------------------------------------
examples/cpp/simple_connect.cpp | 88 ++++++++++++++++++++++++++++++++++++
1 file changed, 88 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/c8069e28/examples/cpp/simple_connect.cpp
----------------------------------------------------------------------
diff --git a/examples/cpp/simple_connect.cpp b/examples/cpp/simple_connect.cpp
new file mode 100644
index 0000000..499dbd5
--- /dev/null
+++ b/examples/cpp/simple_connect.cpp
@@ -0,0 +1,88 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+#include "options.hpp"
+
+#include <proton/connection.hpp>
+#include <proton/connection_options.hpp>
+#include <proton/container.hpp>
+#include <proton/messaging_handler.hpp>
+
+#include <iostream>
+
+#include "fake_cpp11.hpp"
+
+class simple_connect : public proton::messaging_handler {
+ private:
+ std::string url;
+ std::string user;
+ std::string password;
+ bool sasl;
+ std::string mechs;
+ proton::connection connection;
+
+ public:
+ simple_connect(const std::string &a, const std::string &u, const std::string &p, bool s, const std::string& ms) :
+ url(a), user(u), password(p), sasl(s), mechs(ms) {}
+
+ void on_container_start(proton::container &c) OVERRIDE {
+ proton::connection_options co;
+ if (!user.empty()) co.user(user);
+ if (!password.empty()) co.password(password);
+ if (sasl) co.sasl_enabled(true);
+ if (!mechs.empty()) co.sasl_allowed_mechs(mechs);
+ connection = c.connect(url, co);
+ }
+
+ void on_connection_open(proton::connection &c) OVERRIDE {
+ c.close();
+ }
+};
+
+int main(int argc, char **argv) {
+ std::string address("127.0.0.1:5672/examples");
+ std::string user;
+ std::string password;
+ std::string mechs;
+ bool sasl = false;
+ example::options opts(argc, argv);
+
+ opts.add_value(address, 'a', "address", "connect and send to URL", "URL");
+ opts.add_value(user, 'u', "user", "authenticate as USER", "USER");
+ opts.add_value(password, 'p', "password", "authenticate with PASSWORD", "PASSWORD");
+ opts.add_flag(sasl,'s', "sasl", "force SASL authentication with no user specified (Use for Kerberos/GSSAPI)");
+ opts.add_value(mechs, 'm', "mechs", "allowed SASL mechanisms", "MECHS");
+
+ try {
+ opts.parse();
+
+ simple_connect connect(address, user, password, sasl, mechs);
+ proton::container(connect).run();
+
+ return 0;
+ } catch (const example::bad_option& e) {
+ std::cout << opts << std::endl << e.what() << std::endl;
+ } catch (const std::exception& e) {
+ std::cerr << e.what() << std::endl;
+ }
+
+ return 1;
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
[2/2] qpid-proton git commit: PROTON-1682: [C++ binding] Set SASL
hostname at the correct time so that GSSAPI works
Posted by as...@apache.org.
PROTON-1682: [C++ binding] Set SASL hostname at the correct time so that GSSAPI works
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/4e00631a
Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/4e00631a
Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/4e00631a
Branch: refs/heads/master
Commit: 4e00631ab4799f6c011e415d4e0ec2bd1f3095aa
Parents: c8069e2
Author: Andrew Stitcher <as...@apache.org>
Authored: Fri Jan 19 15:47:01 2018 -0500
Committer: Andrew Stitcher <as...@apache.org>
Committed: Mon Jan 22 16:28:08 2018 -0500
----------------------------------------------------------------------
.../cpp/include/proton/connection_options.hpp | 4 +-
proton-c/bindings/cpp/src/connection_driver.cpp | 8 ++-
.../bindings/cpp/src/connection_options.cpp | 61 +++++++++++---------
.../cpp/src/proactor_container_impl.cpp | 27 ++++-----
4 files changed, 55 insertions(+), 45 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/4e00631a/proton-c/bindings/cpp/include/proton/connection_options.hpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/include/proton/connection_options.hpp b/proton-c/bindings/cpp/include/proton/connection_options.hpp
index 54268e0..ac6a90a 100644
--- a/proton-c/bindings/cpp/include/proton/connection_options.hpp
+++ b/proton-c/bindings/cpp/include/proton/connection_options.hpp
@@ -38,6 +38,7 @@
/// @copybrief proton::connection_options
struct pn_connection_t;
+struct pn_transport_t;
namespace proton {
@@ -158,7 +159,8 @@ class connection_options {
private:
void apply_unbound(connection&) const;
- void apply_bound(connection&) const;
+ void apply_unbound_client(pn_transport_t*) const;
+ void apply_unbound_server(pn_transport_t*) const;
messaging_handler* handler() const;
class impl;
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/4e00631a/proton-c/bindings/cpp/src/connection_driver.cpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/src/connection_driver.cpp b/proton-c/bindings/cpp/src/connection_driver.cpp
index cc83f51..11888be 100644
--- a/proton-c/bindings/cpp/src/connection_driver.cpp
+++ b/proton-c/bindings/cpp/src/connection_driver.cpp
@@ -62,9 +62,13 @@ connection_driver::~connection_driver() {
void connection_driver::configure(const connection_options& opts, bool server) {
proton::connection c(connection());
opts.apply_unbound(c);
- if (server) pn_transport_set_server(driver_.transport);
+ if (server) {
+ pn_transport_set_server(driver_.transport);
+ opts.apply_unbound_server(driver_.transport);
+ } else {
+ opts.apply_unbound_client(driver_.transport);
+ }
pn_connection_driver_bind(&driver_);
- opts.apply_bound(c);
handler_ = opts.handler();
}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/4e00631a/proton-c/bindings/cpp/src/connection_options.cpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/src/connection_options.cpp b/proton-c/bindings/cpp/src/connection_options.cpp
index b522f9a..a531452 100644
--- a/proton-c/bindings/cpp/src/connection_options.cpp
+++ b/proton-c/bindings/cpp/src/connection_options.cpp
@@ -93,30 +93,21 @@ class connection_options::impl {
pn_connection_set_password(pnc, password.value.c_str());
}
- void apply_bound(connection& c) {
+ void apply_transport(pn_transport_t* pnt) {
+ if (max_frame_size.set)
+ pn_transport_set_max_frame(pnt, max_frame_size.value);
+ if (max_sessions.set)
+ pn_transport_set_channel_max(pnt, max_sessions.value);
+ if (idle_timeout.set)
+ pn_transport_set_idle_timeout(pnt, idle_timeout.value.milliseconds());
+ }
+
+ void apply_sasl(pn_transport_t* pnt) {
// Transport options. pnt is NULL between reconnect attempts
// and if there is a pipelined open frame.
- pn_connection_t *pnc = unwrap(c);
- pn_transport_t *pnt = pn_connection_transport(pnc);
if (!pnt) return;
- // SSL
- connection_context& cc = connection_context::get(pnc);
- bool outbound = !cc.listener_context_;
- if (outbound && ssl_client_options.set) {
- // A side effect of pn_ssl() is to set the ssl peer
- // hostname to the connection hostname, which has
- // already been adjusted for the virtual_host option.
- pn_ssl_t *ssl = pn_ssl(pnt);
- if (pn_ssl_init(ssl, ssl_client_options.value.pn_domain(), NULL))
- throw error(MSG("client SSL/TLS initialization error"));
- } else if (!outbound && ssl_server_options.set) {
- pn_ssl_t *ssl = pn_ssl(pnt);
- if (pn_ssl_init(ssl, ssl_server_options.value.pn_domain(), NULL))
- throw error(MSG("server SSL/TLS initialization error"));
- }
-
- // SASL - skip entirely if explicitly disabled
+ // Skip entirely if SASL explicitly disabled
if (!sasl_enabled.set || sasl_enabled.value) {
if (sasl_enabled.set) // Explicitly set, not just default behaviour.
pn_sasl(pnt); // Force a sasl instance. Lazily create one otherwise.
@@ -130,12 +121,26 @@ class connection_options::impl {
pn_sasl_config_path(pn_sasl(pnt), sasl_config_path.value.c_str());
}
- if (max_frame_size.set)
- pn_transport_set_max_frame(pnt, max_frame_size.value);
- if (max_sessions.set)
- pn_transport_set_channel_max(pnt, max_sessions.value);
- if (idle_timeout.set)
- pn_transport_set_idle_timeout(pnt, idle_timeout.value.milliseconds());
+ }
+
+ void apply_ssl(pn_transport_t* pnt, bool client) {
+ // Transport options. pnt is NULL between reconnect attempts
+ // and if there is a pipelined open frame.
+ if (!pnt) return;
+
+ if (client && ssl_client_options.set) {
+ // A side effect of pn_ssl() is to set the ssl peer
+ // hostname to the connection hostname, which has
+ // already been adjusted for the virtual_host option.
+ pn_ssl_t *ssl = pn_ssl(pnt);
+ if (pn_ssl_init(ssl, ssl_client_options.value.pn_domain(), NULL))
+ throw error(MSG("client SSL/TLS initialization error"));
+ } else if (!client && ssl_server_options.set) {
+ pn_ssl_t *ssl = pn_ssl(pnt);
+ if (pn_ssl_init(ssl, ssl_server_options.value.pn_domain(), NULL))
+ throw error(MSG("server SSL/TLS initialization error"));
+ }
+
}
void update(const impl& x) {
@@ -197,6 +202,8 @@ connection_options& connection_options::sasl_config_name(const std::string &n) {
connection_options& connection_options::sasl_config_path(const std::string &p) { impl_->sasl_config_path = p; return *this; }
void connection_options::apply_unbound(connection& c) const { impl_->apply_unbound(c); }
-void connection_options::apply_bound(connection& c) const { impl_->apply_bound(c); }
+void connection_options::apply_unbound_client(pn_transport_t *t) const { impl_->apply_sasl(t); impl_->apply_ssl(t, true); impl_->apply_transport(t); }
+void connection_options::apply_unbound_server(pn_transport_t *t) const { impl_->apply_sasl(t); impl_->apply_ssl(t, false); impl_->apply_transport(t); }
+
messaging_handler* connection_options::handler() const { return impl_->handler.value; }
} // namespace proton
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/4e00631a/proton-c/bindings/cpp/src/proactor_container_impl.cpp
----------------------------------------------------------------------
diff --git a/proton-c/bindings/cpp/src/proactor_container_impl.cpp b/proton-c/bindings/cpp/src/proactor_container_impl.cpp
index 57327f6..f38cf2c 100644
--- a/proton-c/bindings/cpp/src/proactor_container_impl.cpp
+++ b/proton-c/bindings/cpp/src/proactor_container_impl.cpp
@@ -209,7 +209,11 @@ pn_connection_t* container::impl::make_connection_lh(
void container::impl::start_connection(const url& url, pn_connection_t *pnc) {
char caddr[PN_MAX_ADDR];
pn_proactor_addr(caddr, sizeof(caddr), url.host().c_str(), url.port().c_str());
- pn_proactor_connect2(proactor_, pnc, NULL, caddr); // Takes ownership of pnc
+ pn_transport_t* pnt = pn_transport();
+ connection_context& cc = connection_context::get(pnc);
+ connection_options& co = *cc.connection_options_;
+ co.apply_unbound_client(pnt);
+ pn_proactor_connect2(proactor_, pnc, pnt, caddr); // Takes ownership of pnc, pnt
}
void container::impl::reconnect(pn_connection_t* pnc) {
@@ -527,14 +531,16 @@ bool container::impl::handle(pn_event_t* event) {
opts.update(lc.listen_handler_->on_accept(lstr));
}
else if (!!lc.connection_options_) opts.update(*lc.connection_options_);
- lc.connection_options_.reset(new connection_options(opts));
// Handler applied separately
connection_context& cc = connection_context::get(c);
cc.container = &container_;
cc.listener_context_ = &lc;
cc.handler = opts.handler();
cc.work_queue_ = new container::impl::connection_work_queue(*container_.impl_, c);
- pn_listener_accept2(l, c, NULL);
+ pn_transport_t* pnt = pn_transport();
+ pn_transport_set_server(pnt);
+ opts.apply_unbound_server(pnt);
+ pn_listener_accept2(l, c, pnt);
return false;
}
case PN_LISTENER_CLOSE: {
@@ -554,19 +560,10 @@ bool container::impl::handle(pn_event_t* event) {
case PN_CONNECTION_INIT:
return false;
- case PN_CONNECTION_BOUND: {
- // Need to apply post bind connection options
- pn_connection_t* c = pn_event_connection(event);
- connection conn = make_wrapper(c);
- connection_context& cc = connection_context::get(c);
- if (cc.listener_context_) {
- cc.listener_context_->connection_options_->apply_bound(conn);
- } else {
- cc.connection_options_->apply_bound(conn);
- }
-
+ // We've already applied options, so don't need to do it here
+ case PN_CONNECTION_BOUND:
return false;
- }
+
case PN_CONNECTION_REMOTE_OPEN: {
// This is the only event that we get indicating that the connection succeeded so
// it's the only place to reset the reconnection logic.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org