You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by as...@apache.org on 2015/07/01 23:18:57 UTC
qpid-proton git commit: PROTON-929: Fix for ANONYMOUS cut through -
Previously client wasn't reading anything after the SASL interchange
Repository: qpid-proton
Updated Branches:
refs/heads/master 395b23f5f -> f99337f1a
PROTON-929: Fix for ANONYMOUS cut through
- Previously client wasn't reading anything after the SASL interchange
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/f99337f1
Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/f99337f1
Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/f99337f1
Branch: refs/heads/master
Commit: f99337f1abf95fb1a2002d93b111a25b8f8f98d1
Parents: 395b23f
Author: Andrew Stitcher <as...@apache.org>
Authored: Wed Jul 1 17:14:10 2015 -0400
Committer: Andrew Stitcher <as...@apache.org>
Committed: Wed Jul 1 17:18:38 2015 -0400
----------------------------------------------------------------------
proton-c/src/sasl/sasl.c | 5 +++++
tests/python/proton_tests/sasl.py | 20 ++++++++++++++++----
2 files changed, 21 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/f99337f1/proton-c/src/sasl/sasl.c
----------------------------------------------------------------------
diff --git a/proton-c/src/sasl/sasl.c b/proton-c/src/sasl/sasl.c
index a7e02e8..f054e8f 100644
--- a/proton-c/src/sasl/sasl.c
+++ b/proton-c/src/sasl/sasl.c
@@ -147,6 +147,11 @@ void pni_sasl_set_desired_state(pn_transport_t *transport, enum pni_sasl_state d
if (sasl->last_state==desired_state && desired_state==SASL_POSTED_CHALLENGE) {
sasl->last_state = SASL_POSTED_MECHANISMS;
}
+ // If we already pretended to receive outcome and we actually received outcome
+ // we must set last_state here as we'vwe already stoped outputting from this layer
+ if (sasl->last_state==SASL_PRETEND_OUTCOME && desired_state==SASL_RECVED_OUTCOME ) {
+ sasl->last_state = SASL_RECVED_OUTCOME;
+ }
sasl->desired_state = desired_state;
pni_emit(transport);
}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/f99337f1/tests/python/proton_tests/sasl.py
----------------------------------------------------------------------
diff --git a/tests/python/proton_tests/sasl.py b/tests/python/proton_tests/sasl.py
index b5d30ab..a072150 100644
--- a/tests/python/proton_tests/sasl.py
+++ b/tests/python/proton_tests/sasl.py
@@ -34,6 +34,7 @@ def _sslCertpath(file):
def _testSaslMech(self, mech, clientUser='user@proton', authUser='user@proton', encrypted=False, authenticated=True):
self.s1.allowed_mechs(mech)
self.c1.open()
+ self.c2.open()
pump(self.t1, self.t2, 1024)
@@ -48,11 +49,15 @@ def _testSaslMech(self, mech, clientUser='user@proton', authUser='user@proton',
assert self.s2.user == authUser
assert self.s2.mech == mech.strip()
assert self.s2.outcome == SASL.OK
+ assert self.c2.state & Endpoint.LOCAL_ACTIVE and self.c2.state & Endpoint.REMOTE_ACTIVE,\
+ "local_active=%s, remote_active=%s" % (self.c1.state & Endpoint.LOCAL_ACTIVE, self.c1.state & Endpoint.REMOTE_ACTIVE)
# Client
assert self.t1.user == clientUser
assert self.s1.user == clientUser
assert self.s1.mech == mech.strip()
assert self.s1.outcome == SASL.OK
+ assert self.c1.state & Endpoint.LOCAL_ACTIVE and self.c1.state & Endpoint.REMOTE_ACTIVE,\
+ "local_active=%s, remote_active=%s" % (self.c1.state & Endpoint.LOCAL_ACTIVE, self.c1.state & Endpoint.REMOTE_ACTIVE)
else:
# Server
assert self.t2.user == None
@@ -300,8 +305,11 @@ class CyrusSASLTest(Test):
self.c1.password = 'password'
self.c1.hostname = 'localhost'
+ self.c2 = Connection()
+
def testMechANON(self):
self.t1.bind(self.c1)
+ self.t2.bind(self.c2)
_testSaslMech(self, 'ANONYMOUS', authUser='anonymous')
def testMechCRAMMD5(self):
@@ -309,6 +317,7 @@ class CyrusSASLTest(Test):
raise Skipped('Extended SASL not supported')
self.t1.bind(self.c1)
+ self.t2.bind(self.c2)
_testSaslMech(self, 'CRAM-MD5')
def testMechDIGESTMD5(self):
@@ -316,6 +325,7 @@ class CyrusSASLTest(Test):
raise Skipped('Extended SASL not supported')
self.t1.bind(self.c1)
+ self.t2.bind(self.c2)
_testSaslMech(self, 'DIGEST-MD5')
# SCRAM not supported before Cyrus SASL 2.1.26
@@ -326,6 +336,7 @@ class CyrusSASLTest(Test):
# raise Skipped('Extended SASL not supported')
#
# self.t1.bind(self.c1)
+# self.t2.bind(self.c2)
# _testSaslMech(self, 'SCRAM-SHA-1')
def _sslConnection(domain, transport, connection):
@@ -347,6 +358,7 @@ class SSLSASLTest(Test):
self.s2 = SASL(self.t2)
self.c1 = Connection()
+ self.c2 = Connection()
def testSSLPlainSimple(self):
if "java" in sys.platform:
@@ -362,7 +374,7 @@ class SSLSASLTest(Test):
self.c1.hostname = 'localhost'
ssl1 = _sslConnection(self.client_domain, self.t1, self.c1)
- ssl2 = _sslConnection(self.server_domain, self.t2, Connection())
+ ssl2 = _sslConnection(self.server_domain, self.t2, self.c2)
_testSaslMech(self, mech, encrypted=True)
@@ -380,7 +392,7 @@ class SSLSASLTest(Test):
self.c1.hostname = 'localhost'
ssl1 = _sslConnection(self.client_domain, self.t1, self.c1)
- ssl2 = _sslConnection(self.server_domain, self.t2, Connection())
+ ssl2 = _sslConnection(self.server_domain, self.t2, self.c2)
_testSaslMech(self, mech, clientUser='usr@proton', encrypted=True, authenticated=False)
@@ -404,7 +416,7 @@ class SSLSASLTest(Test):
self.client_domain.set_peer_authentication(SSLDomain.VERIFY_PEER)
ssl1 = _sslConnection(self.client_domain, self.t1, self.c1)
- ssl2 = _sslConnection(self.server_domain, self.t2, Connection())
+ ssl2 = _sslConnection(self.server_domain, self.t2, self.c2)
_testSaslMech(self, mech, clientUser=None, authUser=extUser, encrypted=True)
@@ -424,6 +436,6 @@ class SSLSASLTest(Test):
self.client_domain.set_peer_authentication(SSLDomain.VERIFY_PEER)
ssl1 = _sslConnection(self.client_domain, self.t1, self.c1)
- ssl2 = _sslConnection(self.server_domain, self.t2, Connection())
+ ssl2 = _sslConnection(self.server_domain, self.t2, self.c2)
_testSaslMech(self, mech, clientUser=None, authUser=None, encrypted=None, authenticated=False)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org