Repository: qpid-dispatch Updated Branches: refs/heads/master 4a23706ed -> 375c3edcd
DISPATCH-287: Allow blank application name. A blank application name is treated like any other. Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/375c3edc Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/375c3edc Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/375c3edc Branch: refs/heads/master Commit: 375c3edcda07c04ba24070037a415a455804404a Parents: 4a23706 Author: Chuck Rolke <[email protected]> Authored: Fri Apr 29 17:19:09 2016 -0400 Committer: Chuck Rolke <[email protected]> Committed: Fri Apr 29 17:19:09 2016 -0400 ---------------------------------------------------------------------- src/policy.c | 45 +++++++++----------- tests/policy-1/management-access.json | 2 +- tests/policy-2/test-router-with-policy.json.in | 2 +- tests/policy-3/test-sender-receiver-limits.json | 2 +- 4 files changed, 22 insertions(+), 29 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/src/policy.c ---------------------------------------------------------------------- diff --git a/src/policy.c b/src/policy.c index 9f98315..48723d0 100644 --- a/src/policy.c +++ b/src/policy.c @@ -711,35 +711,28 @@ void qd_policy_amqp_open(void *context, bool discard) // Open connection or not based on policy. pn_transport_t *pn_trans = pn_connection_transport(conn); const char *hostip = qdpn_connector_hostip(qd_conn->pn_cxtr); - const char *app = pn_connection_remote_hostname(conn); - if (app && *app) { - const char *conn_name = qdpn_connector_name(qd_conn->pn_cxtr); + const char *pcrh = pn_connection_remote_hostname(conn); + const char *app = (pcrh ? pcrh : ""); + const char *conn_name = qdpn_connector_name(qd_conn->pn_cxtr); #define SETTINGS_NAME_SIZE 256 - char settings_name[SETTINGS_NAME_SIZE]; - uint32_t conn_id = qd_conn->connection_id; - qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO: memory pool for settings - memset(qd_conn->policy_settings, 0, sizeof(qd_policy_settings_t)); - - if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip, app, conn_name, - settings_name, SETTINGS_NAME_SIZE, conn_id, - qd_conn->policy_settings) && - settings_name[0]) { - // This connection is allowed by policy. - // Apply transport policy settings - if (qd_conn->policy_settings->maxFrameSize > 0) - pn_transport_set_max_frame(pn_trans, qd_conn->policy_settings->maxFrameSize); - if (qd_conn->policy_settings->maxSessions > 0) - pn_transport_set_channel_max(pn_trans, qd_conn->policy_settings->maxSessions - 1); - } else { - // This connection is denied by policy. - connection_allowed = false; - } + char settings_name[SETTINGS_NAME_SIZE]; + uint32_t conn_id = qd_conn->connection_id; + qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO: memory pool for settings + memset(qd_conn->policy_settings, 0, sizeof(qd_policy_settings_t)); + + if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip, app, conn_name, + settings_name, SETTINGS_NAME_SIZE, conn_id, + qd_conn->policy_settings) && + settings_name[0]) { + // This connection is allowed by policy. + // Apply transport policy settings + if (qd_conn->policy_settings->maxFrameSize > 0) + pn_transport_set_max_frame(pn_trans, qd_conn->policy_settings->maxFrameSize); + if (qd_conn->policy_settings->maxSessions > 0) + pn_transport_set_channel_max(pn_trans, qd_conn->policy_settings->maxSessions - 1); } else { - // No application name implies automatic policy denial + // This connection is denied by policy. connection_allowed = false; - qd_log(qd_conn->server->qd->policy->log_source, QD_LOG_INFO, - "DENY AMQP Open for user '%s', host '%s', application '': " - "No application specified", qd_conn->user_id, hostip); } } else { // No policy implies automatic policy allow http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-1/management-access.json ---------------------------------------------------------------------- diff --git a/tests/policy-1/management-access.json b/tests/policy-1/management-access.json index 960c4a1..9071d22 100644 --- a/tests/policy-1/management-access.json +++ b/tests/policy-1/management-access.json @@ -21,7 +21,7 @@ # from host 0.0.0.0 [ ["policyRuleset", { - "applicationName": "0.0.0.0", + "applicationName": "", "maxConnections": 50, "maxConnPerUser": 5, "maxConnPerHost": 20, http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-2/test-router-with-policy.json.in ---------------------------------------------------------------------- diff --git a/tests/policy-2/test-router-with-policy.json.in b/tests/policy-2/test-router-with-policy.json.in index 5f96fdf..13e04c9 100644 --- a/tests/policy-2/test-router-with-policy.json.in +++ b/tests/policy-2/test-router-with-policy.json.in @@ -146,7 +146,7 @@ } }], ["policyRuleset", { - "applicationName": "0.0.0.0", + "applicationName": "", "maxConnections": 50, "maxConnPerUser": 5, "maxConnPerHost": 20, http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/375c3edc/tests/policy-3/test-sender-receiver-limits.json ---------------------------------------------------------------------- diff --git a/tests/policy-3/test-sender-receiver-limits.json b/tests/policy-3/test-sender-receiver-limits.json index 2a5b367..33286a7 100644 --- a/tests/policy-3/test-sender-receiver-limits.json +++ b/tests/policy-3/test-sender-receiver-limits.json @@ -2,7 +2,7 @@ # Ruleset with differing number of senders and receivers # so tests can determine that correct limit is matched. ["policyRuleset", { - "applicationName": "0.0.0.0", + "applicationName": "", "maxConnections": 50, "maxConnPerUser": 2, "maxConnPerHost": 4, --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
