[jira] [Commented] (QPID-5062) [C++ client] EXTERNAL authentication using SSL certificates doesn't work with AMQP 1.0

Fri, 09 Aug 2013 09:41:27 -0700 

    [ 
https://issues.apache.org/jira/browse/QPID-5062?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13734975#comment-13734975
 ] 

Chuck Rolke commented on QPID-5062:
-----------------------------------

approved for 0.24
                
> [C++ client] EXTERNAL authentication using SSL certificates doesn't work with 
> AMQP 1.0
> --------------------------------------------------------------------------------------
>
>                 Key: QPID-5062
>                 URL: https://issues.apache.org/jira/browse/QPID-5062
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Client
>    Affects Versions: 0.24
>         Environment: CentOS 6.4, Qpid 0.24 RC1, Proton 0.4
>            Reporter: JAkub Scholz
>            Assignee: Gordon Sim
>
> A C++ based client using the qpid.messaging API with AMQP 1.0 seems to be 
> unable to connect to the broker and authenticate with the SASL EXTERNAL 
> authentication / SSL Client Certificates. The client side log is following:
> 2013-08-08 20:07:01 [Messaging] debug Driver started
> 2013-08-08 20:07:01 [Messaging] debug localhost:10000 Connecting ...
> 2013-08-08 20:07:01 [System] info Connecting: 127.0.0.1:10000
> 2013-08-08 20:07:01 [Security] debug Failed to connect: Connection refused
> 2013-08-08 20:07:01 [Messaging] debug localhost:10000 Failed to connect
> Exception: Could not connect to amqp:ssl:localhost:10000 
> (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp:117)
> 2013-08-08 20:07:01 [Messaging] debug Driver stopped
> [jakub@localhost Messaging-Sandbox]$ ./ReqRespClient 
> 2013-08-08 20:07:50 [Messaging] debug Driver started
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connecting ...
> 2013-08-08 20:07:50 [System] info Connecting: 127.0.0.1:10000
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Connected
> 2013-08-08 20:07:50 [Messaging] debug wakeupDriver()
> 2013-08-08 20:07:50 [Messaging] debug localhost:10000 Waiting to be 
> authenticated...
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 1 || 0
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 writing protocol header: 
> 1-0
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::encode(65535): 8
> 2013-08-08 20:07:50 [Security] trace localhost:10000 Sasl::canEncode(): 0 || 0
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 read protocol header: 1-0
> 2013-08-08 20:07:50 [Security] trace Reading SASL frame of size 30
> 2013-08-08 20:07:50 [Security] trace Reading SASL-MECHANISMS
> 2013-08-08 20:07:50 [Protocol] debug localhost:10000 Received 
> SASL-MECHANISMS(EXTERNAL)
> 2013-08-08 20:07:50 [Security] debug CyrusSasl::start(EXTERNAL )
> 2013-08-08 20:07:50 [Security] debug min_ssf: 0, max_ssf: 256
> 2013-08-08 20:07:50 [System] debug Exception constructed: Sasl error: 
> SASL(-4): no mechanism available:  
> (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
> 2013-08-08 20:07:50 [System] error Caught exception in state: 3 with event: 
> 1: internal-error: Sasl error: SASL(-4): no mechanism available:  
> (/home/jakub/qpid/qpid-0.24-rc1/cpp/src/qpid/SaslFactory.cpp:309)
> 2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] 
> SslTransport closing...
> 2013-08-08 20:07:55 [Security] debug [127.0.0.1:34905-localhost:10000] Socket 
> closed
> Exception: Disconnected
> 2013-08-08 20:07:55 [Messaging] debug Driver stopped
> The broker log mentions that the connection is being closed because no 
> protocol was received (max-negotiate-timeout expired):
> 2013-08-08 20:07:50 [Network] info Set TCP_NODELAY on connection to 
> 127.0.0.1:34905
> 2013-08-08 20:07:50 [Broker] info Using AMQP 1.0 (with SASL layer)
> 2013-08-08 20:07:50 [Model] trace Mgmt create connection. 
> id:qpid.127.0.0.1:10000-127.0.0.1:34905
> 2013-08-08 20:07:50 [Security] info SASL: Mechanism list: EXTERNAL
> 2013-08-08 20:07:55 [System] error Connection 
> qpid.127.0.0.1:10000-127.0.0.1:34905 No protocol received closing
> 2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 
> Connection closed prior to authentication completing
> 2013-08-08 20:07:55 [Security] info qpid.127.0.0.1:10000-127.0.0.1:34905 
> Connection closed prior to authentication completing
> 2013-08-08 20:07:55 [Model] debug Delete connection. user: 
> rhost:qpid.127.0.0.1:10000-127.0.0.1:34905
> 2013-08-08 20:08:03 [Model] trace Mgmt delete connection. 
> id:qpid.127.0.0.1:10000-127.0.0.1:34905 Statistics: {bytesFromClient:0, 
> bytesToClient:0, closing:False, framesFromClient:0, framesToClient:0, 
> msgsFromClient:0, msgsToClient:0}
> With AMQP 0.10 it seems to work fine.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to