[jira] [Created] (QPID-5062) [C++ client] EXTERNAL authentication using SSL certificates doesn't work with AMQP 1.0

Thu, 08 Aug 2013 09:54:57 -0700 

JAkub Scholz created QPID-5062:
----------------------------------

             Summary: [C++ client] EXTERNAL authentication using SSL 
certificates doesn't work with AMQP 1.0
                 Key: QPID-5062
                 URL: https://issues.apache.org/jira/browse/QPID-5062
             Project: Qpid
          Issue Type: Bug
          Components: C++ Client
    Affects Versions: 0.24
         Environment: CentOS 6.4, Qpid 0.24 RC1, Proton 0.4
            Reporter: JAkub Scholz


A C++ based client using the qpid.messaging API with AMQP 1.0 seems to be 
unable to connect to the broker and authenticate with the SASL EXTERNAL 
authentication / SSL Client Certificates. The client side log is following:

2013-08-08 20:07:01 [Messaging] debug Driver started
2013-08-08 20:07:01 [Messaging] debug localhost:10000 Connecting ...
2013-08-08 20:07:01 [System] info Connecting: 127.0.0.1:10000
2013-08-08 20:07:01 [Security] debug Failed to connect: Connection refused
2013-08-08 20:07:01 [Messaging] debug localhost:10000 Failed to connect
Exception: Could not connect to amqp:ssl:localhost:10000 
(/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp:117)
2013-08-08 20:07:01 [Messaging] debug Driver stopped
[jakub@localhost Messaging-Sandbox]$ ./ReqRespClient 
2013-08-08 20:07:50 [Messaging] debug Driver started
2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connecting ...
2013-08-08 20:07:50 [System] info Connecting: 127.0.0.1:10000
2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connected
2013-08-08 20:07:50 [Messaging] debug wakeupDriver()
2013-08-08 20:07:50 [Messaging] debug localhost:10000 Waiting to be 
authenticated...
2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
2013-08-08 20:07:50 [Protocol] debug localhost:10000 writing protocol header: 
1-0
2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::encode(65535): 8
2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 0 || 0
2013-08-08 20:07:50 [Protocol] debug localhost:10000 read protocol header: 1-0
2013-08-08 20:07:50 [Security] trace Reading SASL frame of size 30
2013-08-08 20:07:50 [Security] trace Reading SASL-MECHANISMS
2013-08-08 20:07:50 [Protocol] debug localhost:10000 Received 
SASL-MECHANISMS(EXTERNAL)
2013-08-08 20:07:50 [Security] debug CyrusSasl::start(EXTERNAL )
2013-08-08 20:07:50 [Security] debug min_ssf: 0, max_ssf: 256
2013-08-08 20:07:50 [System] debug Exception constructed: Sasl error: SASL(-4): 
no mechanism available:  
(/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
2013-08-08 20:07:50 [System] error Caught exception in state: 3 with event: 1: 
internal-error: Sasl error: SASL(-4): no mechanism available:  
(/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] 
SslTransport closing...
2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] Socket 
closed
Exception: Disconnected
2013-08-08 20:07:55 [Messaging] debug Driver stopped

The broker log mentions that the connection is being closed because no protocol 
was received (max-negotiate-timeout expired):

2013-08-08 20:07:50 [Network] info Set TCP_NODELAY on connection to 
127.0.0.1:34905
2013-08-08 20:07:50 [Broker] info Using AMQP 1.0 (with SASL layer)
2013-08-08 20:07:50 [Model] trace Mgmt create connection. 
id:qpid.127.0.0.1:10000-127.0.0.1:34905
2013-08-08 20:07:50 [Security] info SASL: Mechanism list: EXTERNAL
2013-08-08 20:07:55 [System] error Connection 
qpid.127.0.0.1:10000-127.0.0.1:34905 No protocol received closing
2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 
Connection closed prior to authentication completing
2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 
Connection closed prior to authentication completing
2013-08-08 20:07:55 [Model] debug Delete connection. user: 
rhost:qpid.127.0.0.1:10000-127.0.0.1:34905
2013-08-08 20:08:03 [Model] trace Mgmt delete connection. 
id:qpid.127.0.0.1:10000-127.0.0.1:34905 Statistics: {bytesFromClient:0, 
bytesToClient:0, closing:False, framesFromClient:0, framesToClient:0, 
msgsFromClient:0, msgsToClient:0}

With AMQP 0.10 it seems to work fine.


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to