Author: mgoulish
Date: Fri Dec 16 13:40:58 2011
New Revision: 1215127
URL: http://svn.apache.org/viewvc?rev=1215127&view=rev
Log:
QPID-3438
fix cluster causing cnx leak when bad credentials are given in login attempt.
Modified:
qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/Connection.h
qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.cpp
qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.h
qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Connection.cpp Fri Dec 16 13:40:58 2011
@@ -100,7 +100,8 @@ Connection::Connection(ConnectionOutputH
errorListener(0),
objectId(objectId_),
shadow(shadow_),
- outboundTracker(*this)
+ outboundTracker(*this),
+ securityFailed(false)
{
outboundTracker.wrap(out);
if (isLink)
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Connection.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Connection.h?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Connection.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Connection.h Fri Dec 16 13:40:58 2011
@@ -205,9 +205,15 @@ class Connection : public sys::Connectio
};
OutboundFrameTracker outboundTracker;
-
void sent(const framing::AMQFrame& f);
+
+ bool securityFailed;
+
public:
+
+ bool securityFailure ( ) const { return securityFailed; }
+ void securityFailure ( bool failed ) { securityFailed = failed; }
+
qmf::org::apache::qpid::broker::Connection* getMgmtObject() { return
mgmtObject; }
};
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp Fri Dec 16
13:40:58 2011
@@ -450,6 +450,7 @@ void CyrusAuthenticator::processAuthenti
client.secure(challenge_str);
} else {
+ connection.securityFailure ( true );
std::string uid;
//save error detail before trying to retrieve username as error in
doing so will overwrite it
std::string errordetail = sasl_errdetail(sasl_conn);
Modified: qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.cpp?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.cpp Fri Dec 16 13:40:58 2011
@@ -383,12 +383,21 @@ void Cluster::erase(const ConnectionId&
erase(id,l);
}
+void Cluster::eraseLocal(const ConnectionId& id) {
+ Lock l(lock);
+ eraseLocal(id,l);
+}
+
// Called by Connection::deliverClose() in deliverFrameQueue thread.
void Cluster::erase(const ConnectionId& id, Lock&) {
connections.erase(id);
decoder.erase(id);
}
+void Cluster::eraseLocal(const ConnectionId& id, Lock&) {
+ localConnections.getErase(id);
+}
+
std::vector<string> Cluster::getIds() const {
Lock l(lock);
return getIds(l);
Modified: qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.h?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/cluster/Cluster.h Fri Dec 16 13:40:58 2011
@@ -101,6 +101,7 @@ class Cluster : private Cpg::Handler, pu
void addLocalConnection(const ConnectionPtr&);
void addShadowConnection(const ConnectionPtr&);
void erase(const ConnectionId&);
+ void eraseLocal(const ConnectionId&);
// URLs of current cluster members.
std::vector<std::string> getIds() const;
@@ -212,6 +213,7 @@ class Cluster : private Cpg::Handler, pu
void memberUpdate(Lock&);
void setClusterId(const framing::Uuid&, Lock&);
void erase(const ConnectionId&, Lock&);
+ void eraseLocal(const ConnectionId&, Lock&);
void requestUpdate(Lock& );
void initMapCompleted(Lock&);
void becomeElder(Lock&);
Modified: qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp?rev=1215127&r1=1215126&r2=1215127&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/cluster/Connection.cpp Fri Dec 16 13:40:58 2011
@@ -738,8 +738,13 @@ void Connection::sessionError(uint16_t ,
void Connection::connectionError(const std::string& msg) {
// Ignore errors before isOpen(), we're not multicasting yet.
- if (connection->isOpen())
+ if (connection->isOpen()) {
cluster.flagError(*this, ERROR_TYPE_CONNECTION, msg);
+ }
+ else
+ if ( connection->securityFailure() ) {
+ cluster.eraseLocal(self);
+ }
}
void Connection::addQueueListener(const std::string& q, uint32_t listener) {
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscr...@qpid.apache.org
