Hi, I'm trying to fix QPID-1899, and I am trying to determine the best approach to implement for the cluster case. Opinions requested!
The way I'm trying to fix this bug is by indicating to the broker when a connection is on a secure link. Specifically, if a connection uses SSL, then I want the SASL authenticator to be aware of this. In SASL, this is done by by setting the "external security strength factor" for a connection. This prevents SASL from trying to encrypt over an already encrypted connection. The patch I've posted for QPID-1899 seems to work in the non-cluster case. I can determine the security strength (key length) for an SSL connection trivially, since the connection is local. The problem I've hit is with shadow connections on clustered brokers: since the SSL link doesn't exist locally, I can't get the key length. I noticed that the cluster code creates the shadow connection on receipt of an "announce" message. One approach to solving this problem would be to put the security strength factor into the announce message when a link that is encrypted is shadowed. This would require me to add the security strength factor to the cluster announce message. I'm not sure of the ramifications of this, since it will change the existing protocol. Is this a reasonable approach? Is there a better alternative? thanks! https://issues.apache.org/jira/browse/QPID-1899 -K --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:[email protected]
