You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Andrew Stitcher (JIRA)" <ji...@apache.org> on 2016/07/14 19:47:20 UTC
[jira] [Resolved] (PROTON-1256) Proton-c is very lax about allowing
amqp and ssl protocol layers
[ https://issues.apache.org/jira/browse/PROTON-1256?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Stitcher resolved PROTON-1256.
-------------------------------------
Resolution: Fixed
Fix Version/s: 0.14.0
> Proton-c is very lax about allowing amqp and ssl protocol layers
> ----------------------------------------------------------------
>
> Key: PROTON-1256
> URL: https://issues.apache.org/jira/browse/PROTON-1256
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Affects Versions: 0.13.1
> Reporter: Andrew Stitcher
> Assignee: Andrew Stitcher
> Fix For: 0.14.0
>
>
> The protocol auto detection code which is used when the proton-c transport is in server mode does not verify that the sequence of protocol layers it allows makes sense.
> For instance it would recognise an AMQP_SASL header and process the layer and then allow any other layer to follow that even another AMQP_SASL layer.
> As far as I know there are only a few legal sequences of protocol layers:
> SSL; SASL; AMQP
> SSL; AMQP
> SASL; AMQP
> SASL; AMQP_SSL; AMQP [Not sure if this is legal, seems to be]
> AMQP_SSL; SASL; AMQP
> AMQP_SSL; AMQP
> AMQP
> Any other sequence is non-sensical at best,
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org