PROTON-1053: sasl support for C++ binding
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/0ebf1d40 Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/0ebf1d40 Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/0ebf1d40 Branch: refs/heads/go1 Commit: 0ebf1d40e49ac95915c47ffc7901e29febb4c739 Parents: eb63824 Author: Clifford Jansen <[email protected]> Authored: Tue Dec 1 23:55:10 2015 -0800 Committer: Clifford Jansen <[email protected]> Committed: Tue Dec 1 23:55:49 2015 -0800 ---------------------------------------------------------------------- examples/cpp/CMakeLists.txt | 1 + examples/cpp/ssl.cpp | 4 - examples/cpp/ssl_client_cert.cpp | 176 +++++++++++++++++++ proton-c/bindings/cpp/CMakeLists.txt | 1 + .../bindings/cpp/include/proton/connection.hpp | 5 + .../cpp/include/proton/connection_options.hpp | 10 +- proton-c/bindings/cpp/include/proton/sasl.hpp | 60 +++++++ .../bindings/cpp/include/proton/transport.hpp | 4 +- proton-c/bindings/cpp/src/connection.cpp | 4 + .../bindings/cpp/src/connection_options.cpp | 33 +++- proton-c/bindings/cpp/src/connector.cpp | 5 + proton-c/bindings/cpp/src/container_impl.cpp | 14 +- proton-c/bindings/cpp/src/sasl.cpp | 47 +++++ proton-c/bindings/cpp/src/transport.cpp | 6 +- 14 files changed, 345 insertions(+), 25 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/examples/cpp/CMakeLists.txt ---------------------------------------------------------------------- diff --git a/examples/cpp/CMakeLists.txt b/examples/cpp/CMakeLists.txt index 3858df3..903294c 100644 --- a/examples/cpp/CMakeLists.txt +++ b/examples/cpp/CMakeLists.txt @@ -37,6 +37,7 @@ set(examples recurring_timer connection_options ssl + ssl_client_cert encode_decode) if (NOT WIN32) http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/examples/cpp/ssl.cpp ---------------------------------------------------------------------- diff --git a/examples/cpp/ssl.cpp b/examples/cpp/ssl.cpp index f81eb62..13ad76f 100644 --- a/examples/cpp/ssl.cpp +++ b/examples/cpp/ssl.cpp @@ -76,10 +76,6 @@ class hello_world_direct : public proton::messaging_handler { client_opts.client_domain(platform_CA("tserver")); // Validate the server certificate against the known name in the certificate. client_opts.peer_hostname("test_server"); -#ifdef PN_COMING_SOON - // Turn off unnecessary SASL processing. - client_opts.sasl_enabled(false); -#endif e.container().client_connection_options(client_opts); s_handler.acceptor = e.container().listen(url); http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/examples/cpp/ssl_client_cert.cpp ---------------------------------------------------------------------- diff --git a/examples/cpp/ssl_client_cert.cpp b/examples/cpp/ssl_client_cert.cpp new file mode 100644 index 0000000..412162a --- /dev/null +++ b/examples/cpp/ssl_client_cert.cpp @@ -0,0 +1,176 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +#include "proton/acceptor.hpp" +#include "proton/container.hpp" +#include "proton/messaging_handler.hpp" +#include "proton/connection_options.hpp" +#include "proton/transport.hpp" +#include "proton/ssl.hpp" +#include "proton/sasl.hpp" + +#include <iostream> + +using proton::connection_options; +using proton::client_domain; +using proton::server_domain; +using proton::ssl_certificate; +using proton::sasl; + +// Helper functions defined below. +bool using_OpenSSL(); +std::string platform_CA(const std::string &base_name); +ssl_certificate platform_certificate(const std::string &base_name, const std::string &passwd); +std::string cert_directory; + + +struct server_handler : public proton::messaging_handler { + proton::acceptor inbound_listener; + + void on_connection_opened(proton::event &e) { + std::cout << "Inbound server connection connected via SSL. Protocol: " << + e.connection().transport().ssl().protocol() << std::endl; + if (e.connection().transport().sasl().outcome() == sasl::OK) + std::cout << "Inbound client certificate subject is " << + e.connection().transport().ssl().remote_subject() << std::endl; + else { + std::cout << "Inbound client authentication failed" <<std::endl; + e.connection().close(); + } + inbound_listener.close(); + } + + void on_message(proton::event &e) { + std::cout << e.message().body() << std::endl; + } +}; + + +class hello_world_direct : public proton::messaging_handler { + private: + proton::url url; + server_handler s_handler; + + public: + hello_world_direct(const proton::url& u) : url(u) {} + + void on_start(proton::event &e) { + // Configure listener. Details vary by platform. + ssl_certificate server_cert = platform_certificate("tserver", "tserverpw"); + std::string client_CA = platform_CA("tclient"); + // Specify an SSL domain with CA's for client certificate verification. + server_domain sdomain(server_cert, client_CA); + connection_options server_opts; + server_opts.server_domain(sdomain).handler(&s_handler); + server_opts.allowed_mechs("EXTERNAL"); + e.container().server_connection_options(server_opts); + + // Configure client. + ssl_certificate client_cert = platform_certificate("tclient", "tclientpw"); + std::string server_CA = platform_CA("tserver"); + client_domain cdomain(client_cert, server_CA); + connection_options client_opts; + client_opts.client_domain(cdomain).allowed_mechs("EXTERNAL"); + // Validate the server certificate against this name: + client_opts.peer_hostname("test_server"); + e.container().client_connection_options(client_opts); + + s_handler.inbound_listener = e.container().listen(url); + e.container().open_sender(url); + } + + void on_connection_opened(proton::event &e) { + std::cout << "Outgoing client connection connected via SSL. Server certificate has subject " << + e.connection().transport().ssl().remote_subject() << std::endl; + } + + void on_sendable(proton::event &e) { + proton::message m; + m.body("Hello World!"); + e.sender().send(m); + e.sender().close(); + } + + void on_accepted(proton::event &e) { + // All done. + e.connection().close(); + } +}; + +int main(int argc, char **argv) { + try { + // Pick an "unusual" port since we are going to be talking to ourselves, not a broker. + // Note the use of "amqps" as the URL scheme to denote a TLS/SSL connection. + std::string url = argc > 1 ? argv[1] : "amqps://127.0.0.1:8888/examples"; + // Location of certificates and private key information: + if (argc > 2) { + cert_directory = argv[2]; + size_t sz = cert_directory.size(); + if (sz && cert_directory[sz -1] != '/') + cert_directory.append("/"); + } + else cert_directory = "ssl_certs/"; + + hello_world_direct hwd(url); + proton::container(hwd).run(); + return 0; + } catch (const std::exception& e) { + std::cerr << e.what() << std::endl; + } + return 1; +} + + +bool using_OpenSSL() { + // Current defaults. +#if defined(WIN32) + return false; +#else + return true; +#endif +} + +ssl_certificate platform_certificate(const std::string &base_name, const std::string &passwd) { + if (using_OpenSSL()) { + // The first argument will be the name of the file containing the public certificate, the + // second argument will be the name of the file containing the private key. + return ssl_certificate(cert_directory + base_name + "-certificate.pem", + cert_directory + base_name + "-private-key.pem", passwd); + } + else { + // Windows SChannel + // The first argument will be the database or store that contains one or more complete certificates + // (public and private data). The second will be an optional name of the certificate in the store + // (not used in this example with one certificate per store). + return ssl_certificate(cert_directory + base_name + "-full.p12", "", passwd); + } +} + +std::string platform_CA(const std::string &base_name) { + if (using_OpenSSL()) { + // In this simple example with self-signed certificates, the peer's certificate is the CA database. + return cert_directory + base_name + "-certificate.pem"; + } + else { + // Windows SChannel. Use a pkcs#12 file with just the peer's public certificate information. + return cert_directory + base_name + "-certificate.p12"; + } +} http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/CMakeLists.txt ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/CMakeLists.txt b/proton-c/bindings/cpp/CMakeLists.txt index 6bc6445..bcdc61b 100644 --- a/proton-c/bindings/cpp/CMakeLists.txt +++ b/proton-c/bindings/cpp/CMakeLists.txt @@ -62,6 +62,7 @@ set(qpid-proton-cpp-source src/receiver.cpp src/reconnect_timer.cpp src/request_response.cpp + src/sasl.cpp src/sender.cpp src/session.cpp src/ssl.cpp http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/include/proton/connection.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/connection.hpp b/proton-c/bindings/cpp/include/proton/connection.hpp index cc8c5ba..338e542 100644 --- a/proton-c/bindings/cpp/include/proton/connection.hpp +++ b/proton-c/bindings/cpp/include/proton/connection.hpp @@ -107,6 +107,11 @@ class connection : public object<pn_connection_t>, endpoint /** Get the endpoint state */ PN_CPP_EXTERN endpoint::state state() const; + private: + PN_CPP_EXTERN void user(const std::string &); + PN_CPP_EXTERN void password(const std::string &); + + friend class connection_options; friend class connector; friend class transport; http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/include/proton/connection_options.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/connection_options.hpp b/proton-c/bindings/cpp/include/proton/connection_options.hpp index c9701c9..6c78f54 100644 --- a/proton-c/bindings/cpp/include/proton/connection_options.hpp +++ b/proton-c/bindings/cpp/include/proton/connection_options.hpp @@ -75,20 +75,16 @@ class connection_options { PN_CPP_EXTERN connection_options& server_domain(const class server_domain &); PN_CPP_EXTERN connection_options& peer_hostname(const std::string &name); PN_CPP_EXTERN connection_options& resume_id(const std::string &id); -#ifdef PN_CPP_SOON PN_CPP_EXTERN connection_options& sasl_enabled(bool); PN_CPP_EXTERN connection_options& allow_insecure_mechs(bool); PN_CPP_EXTERN connection_options& allowed_mechs(const std::string &); -#endif + PN_CPP_EXTERN connection_options& sasl_config_name(const std::string &); + PN_CPP_EXTERN connection_options& sasl_config_path(const std::string &); + private: void apply(connection&) const; class handler* handler() const; static pn_connection_t *pn_connection(connection &); -#ifdef PN_CPP_SOON - bool sasl_enabled() const; - bool allow_insecure_mechs() const; - std::string *allowed_mechs() const; -#endif class client_domain &client_domain(); class server_domain &server_domain(); http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/include/proton/sasl.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/sasl.hpp b/proton-c/bindings/cpp/include/proton/sasl.hpp new file mode 100644 index 0000000..4432d8d --- /dev/null +++ b/proton-c/bindings/cpp/include/proton/sasl.hpp @@ -0,0 +1,60 @@ +#ifndef PROTON_CPP_SASL_H +#define PROTON_CPP_SASL_H + +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +#include "proton/export.hpp" +#include "proton/sasl.h" +#include <string> + +namespace proton { + +class sasl { + public: + /** The result of the SASL negotiation */ + enum outcome_t { + NONE = PN_SASL_NONE, /** negotiation not completed */ + OK = PN_SASL_OK, /** authentication succeeded */ + AUTH = PN_SASL_AUTH, /** failed due to bad credentials */ + SYS = PN_SASL_SYS, /** failed due to a system error */ + PERM = PN_SASL_PERM, /** failed due to unrecoverable error */ + TEMP = PN_SASL_TEMP /** failed due to transient error */ + }; + + sasl(pn_sasl_t* s) : object_(s) {} + PN_CPP_EXTERN static bool extended(); + PN_CPP_EXTERN void done(outcome_t); + PN_CPP_EXTERN outcome_t outcome() const; + PN_CPP_EXTERN std::string user() const; + PN_CPP_EXTERN std::string mech() const; + + PN_CPP_EXTERN void allow_insecure_mechs(bool); + PN_CPP_EXTERN bool allow_insecure_mechs(); + PN_CPP_EXTERN void allowed_mechs(const std::string &); + PN_CPP_EXTERN void config_name(const std::string&); + PN_CPP_EXTERN void config_path(const std::string&); +private: + pn_sasl_t* object_; +}; + +} + +#endif /*!PROTON_CPP_SASL_H*/ http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/include/proton/transport.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/transport.hpp b/proton-c/bindings/cpp/include/proton/transport.hpp index 3f664bc..971913b 100644 --- a/proton-c/bindings/cpp/include/proton/transport.hpp +++ b/proton-c/bindings/cpp/include/proton/transport.hpp @@ -31,6 +31,7 @@ struct pn_transport_t; namespace proton { class connection; +class sasl; /** Represents a connection transport */ class transport : public object<pn_transport_t> @@ -39,6 +40,8 @@ class transport : public object<pn_transport_t> transport(pn_transport_t* t) : object<pn_transport_t>(t) {} PN_CPP_EXTERN class connection connection() const; + PN_CPP_EXTERN class ssl ssl() const; + PN_CPP_EXTERN class sasl sasl() const; PN_CPP_EXTERN void unbind(); PN_CPP_EXTERN void bind(class connection &); PN_CPP_EXTERN uint32_t max_frame_size() const; @@ -47,7 +50,6 @@ class transport : public object<pn_transport_t> PN_CPP_EXTERN uint16_t remote_max_channels() const; PN_CPP_EXTERN uint32_t idle_timeout() const; PN_CPP_EXTERN uint32_t remote_idle_timeout() const; - PN_CPP_EXTERN class ssl ssl() const; friend class connection_options; }; http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/connection.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/connection.cpp b/proton-c/bindings/cpp/src/connection.cpp index 733face..508a013 100644 --- a/proton-c/bindings/cpp/src/connection.cpp +++ b/proton-c/bindings/cpp/src/connection.cpp @@ -110,4 +110,8 @@ receiver connection::open_receiver(const std::string &addr, bool dynamic, handle endpoint::state connection::state() const { return pn_connection_state(pn_object()); } +void connection::user(const std::string &name) { pn_connection_set_user(pn_object(), name.c_str()); } + +void connection::password(const std::string &pass) { pn_connection_set_password(pn_object(), pass.c_str()); } + } http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/connection_options.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/connection_options.cpp b/proton-c/bindings/cpp/src/connection_options.cpp index 5097e42..141ffc9 100644 --- a/proton-c/bindings/cpp/src/connection_options.cpp +++ b/proton-c/bindings/cpp/src/connection_options.cpp @@ -22,6 +22,7 @@ #include "proton/reconnect_timer.hpp" #include "proton/transport.hpp" #include "proton/ssl.hpp" +#include "proton/sasl.hpp" #include "contexts.hpp" #include "connector.hpp" #include "msg.hpp" @@ -52,11 +53,11 @@ class connection_options::impl { option<class server_domain> server_domain; option<std::string> peer_hostname; option<std::string> resume_id; -#ifdef PN_CCP_SOON option<bool> sasl_enabled; option<std::string> allowed_mechs; option<bool> allow_insecure_mechs; -#endif + option<std::string> sasl_config_name; + option<std::string> sasl_config_path; void apply(connection& c) { pn_connection_t *pnc = connection_options::pn_connection(c); @@ -69,6 +70,7 @@ class connection_options::impl { // transport not yet configured. if (pnt && (uninit || (outbound && !outbound->transport_configured()))) { + // SSL if (outbound && outbound->address().scheme() == url::AMQPS) { // Configure outbound ssl options. pni_acceptor_readable handles the inbound case. const char* id = resume_id.value.empty() ? NULL : resume_id.value.c_str(); @@ -89,6 +91,22 @@ class connection_options::impl { } #endif } + + // SASL + transport t = c.transport(); + if (!sasl_enabled.set || sasl_enabled.value) { + if (sasl_enabled.set) // Explicitly set, not just default behaviour. + t.sasl(); // Force a sasl instance. Lazily create one otherwise. + if (allow_insecure_mechs.set) + t.sasl().allow_insecure_mechs(allow_insecure_mechs.value); + if (allowed_mechs.set) + t.sasl().allowed_mechs(allowed_mechs.value); + if (sasl_config_name.set) + t.sasl().config_name(sasl_config_name.value); + if (sasl_config_path.set) + t.sasl().config_path(sasl_config_path.value); + } + if (max_frame_size.set) pn_transport_set_max_frame(pnt, max_frame_size.value); if (max_channels.set) @@ -117,6 +135,11 @@ class connection_options::impl { server_domain.override(x.server_domain); resume_id.override(x.resume_id); peer_hostname.override(x.peer_hostname); + sasl_enabled.override(x.sasl_enabled); + allow_insecure_mechs.override(x.allow_insecure_mechs); + allowed_mechs.override(x.allowed_mechs); + sasl_config_name.override(x.sasl_config_name); + sasl_config_path.override(x.sasl_config_path); } }; @@ -145,11 +168,15 @@ connection_options& connection_options::client_domain(const class client_domain connection_options& connection_options::server_domain(const class server_domain &c) { impl_->server_domain = c; return *this; } connection_options& connection_options::resume_id(const std::string &id) { impl_->resume_id = id; return *this; } connection_options& connection_options::peer_hostname(const std::string &name) { impl_->peer_hostname = name; return *this; } +connection_options& connection_options::sasl_enabled(bool b) { impl_->sasl_enabled = b; return *this; } +connection_options& connection_options::allow_insecure_mechs(bool b) { impl_->allow_insecure_mechs = b; return *this; } +connection_options& connection_options::allowed_mechs(const std::string &s) { impl_->allowed_mechs = s; return *this; } +connection_options& connection_options::sasl_config_name(const std::string &n) { impl_->sasl_config_name = n; return *this; } +connection_options& connection_options::sasl_config_path(const std::string &p) { impl_->sasl_config_path = p; return *this; } void connection_options::apply(connection& c) const { impl_->apply(c); } class client_domain &connection_options::client_domain() { return impl_->client_domain.value; } class server_domain &connection_options::server_domain() { return impl_->server_domain.value; } handler* connection_options::handler() const { return impl_->handler.value; } - pn_connection_t* connection_options::pn_connection(connection &c) { return c.pn_object(); } } // namespace proton http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/connector.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/connector.cpp b/proton-c/bindings/cpp/src/connector.cpp index 90a16e6..e2bb802 100644 --- a/proton-c/bindings/cpp/src/connector.cpp +++ b/proton-c/bindings/cpp/src/connector.cpp @@ -27,6 +27,7 @@ #include "proton/url.hpp" #include "proton/reconnect_timer.hpp" #include "proton/task.hpp" +#include "proton/sasl.hpp" #include "container_impl.hpp" #include "proton/connection.h" @@ -62,6 +63,10 @@ void connector::connect() { connection_.host(address_.host_port()); pn_transport_t *pnt = pn_transport(); transport t(pnt); + if (!address_.username().empty()) + connection_.user(address_.username()); + if (!address_.password().empty()) + connection_.password(address_.password()); t.bind(connection_); pn_decref((void *)pnt); // Apply options to the new transport. http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/container_impl.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/container_impl.cpp b/proton-c/bindings/cpp/src/container_impl.cpp index 1ff734b..7d64ebc 100644 --- a/proton-c/bindings/cpp/src/container_impl.cpp +++ b/proton-c/bindings/cpp/src/container_impl.cpp @@ -32,6 +32,8 @@ #include "proton/receiver.hpp" #include "proton/task.hpp" #include "proton/ssl.hpp" +#include "proton/sasl.hpp" +#include "proton/transport.hpp" #include "msg.hpp" #include "container_impl.hpp" @@ -234,21 +236,15 @@ void container_impl::server_connection_options(const connection_options &opts) { } void container_impl::configure_server_connection(connection &c) { -#ifdef PN_COMING_SOON +#ifdef PN_1054_FIXED pn_acceptor_t *pnp = pn_connection_acceptor(pn_cast(&c)); listener_context &lc(listener_context::get(pnp)); class connection_options &opts(lc.connection_options); - if (opts.sasl_enabled()) { - sasl &s(c.transport().sasl()); - s.allow_insecure_mechs(opts.allow_insecure_mechs()); - if (opts.allowed_mechs()) - s.allowed_mechs(*opts.allowed_mechs()); - } - opts.apply(c); #else // Can't distinguish between multiple listeners yet. See PROTON-1054 - server_connection_options_.apply(c); + class connection_options &opts(server_connection_options_); #endif + opts.apply(c); } } http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/sasl.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/sasl.cpp b/proton-c/bindings/cpp/src/sasl.cpp new file mode 100644 index 0000000..9638a52 --- /dev/null +++ b/proton-c/bindings/cpp/src/sasl.cpp @@ -0,0 +1,47 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +#include "proton/sasl.hpp" + +namespace proton { + +bool sasl::extended() { return pn_sasl_extended(); } +void sasl::done(outcome_t outcome) { pn_sasl_done(object_, static_cast<pn_sasl_outcome_t>(outcome)); } +sasl::outcome_t sasl::outcome() const { return static_cast<outcome_t>(pn_sasl_outcome(object_)); } + +std::string sasl::user() const { + const char *name = pn_sasl_get_user(object_); + return name ? std::string(name) : std::string(); +} + +std::string sasl::mech() const { + const char *m = pn_sasl_get_mech(object_); + return m ? std::string(m) : std::string(); +} + +void sasl::allow_insecure_mechs(bool allowed) { pn_sasl_set_allow_insecure_mechs(object_, allowed); } +bool sasl::allow_insecure_mechs() { return pn_sasl_get_allow_insecure_mechs(object_); } +void sasl::allowed_mechs(const std::string &mechs) { pn_sasl_allowed_mechs(object_, mechs.c_str()); } +void sasl::config_name(const std::string &name) { pn_sasl_config_name(object_, name.c_str()); } +void sasl::config_path(const std::string &path) { pn_sasl_config_path(object_, path.c_str()); } + + +} // namespace http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/0ebf1d40/proton-c/bindings/cpp/src/transport.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/transport.cpp b/proton-c/bindings/cpp/src/transport.cpp index f6ccfa0..4db78d0 100644 --- a/proton-c/bindings/cpp/src/transport.cpp +++ b/proton-c/bindings/cpp/src/transport.cpp @@ -21,6 +21,7 @@ #include "proton/transport.hpp" #include "proton/connection.hpp" #include "proton/ssl.hpp" +#include "proton/sasl.hpp" #include "msg.hpp" #include "proton/transport.h" @@ -34,13 +35,16 @@ class ssl transport::ssl() const { return proton::ssl(pn_ssl(pn_object())); } +class sasl transport::sasl() const { + return proton::sasl(pn_sasl(pn_object())); +} + void transport::unbind() { if (pn_transport_unbind(pn_object())) throw error(MSG("transport::unbind failed " << pn_error_text(pn_transport_error(pn_object())))); } void transport::bind(class connection &conn) { -// pn_connection_t *c = static_cast<pn_connection_t*>(conn.object_); if (pn_transport_bind(pn_object(), conn.pn_object())) throw error(MSG("transport::bind failed " << pn_error_text(pn_transport_error(pn_object())))); } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
