[jira] [Commented] (DISPATCH-737) qdstat and qdmanage always force sasl exchange

Mon, 17 Jul 2017 13:35:42 -0700 

    [ 
https://issues.apache.org/jira/browse/DISPATCH-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16090509#comment-16090509
 ] 

ASF GitHub Bot commented on DISPATCH-737:
-----------------------------------------

GitHub user scholzj opened a pull request:

    https://github.com/apache/qpid-dispatch/pull/178

    DISPATCH-737: Fix qdstat problems when only username and password are 
specified

    Tis fixes two issues:
    - when username and password are specified in the URL they are ignored when 
evaluating whether SASL should be used
    - When no SASL mechanism is specified the empty string passed to Proton is 
interpreted as "no mechs enabled". When None is used instead, Proton will 
select the suitable mechs automatically

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/scholzj/qpid-dispatch DISPATCH-737

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/qpid-dispatch/pull/178.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #178
    
----
commit e0bbd3e2b739f8f813f7cd57a0482d8da9b94be1
Author: Jakub Scholz <[email protected]>
Date:   2017-07-17T20:26:30Z

    DISPATCH-737: Take username and password also from the URL

commit 40f1005c4aa0b4c9b74fbde0d9ad65050b8328d7
Author: Jakub Scholz <[email protected]>
Date:   2017-07-17T20:27:29Z

    DISPATCH-737: Empty string as allowed_mechs is interpreted as no mechs 
allowed. Use None instead and Proton will select the best appropriatte mechanism

----


> qdstat and qdmanage always force sasl exchange
> ----------------------------------------------
>
>                 Key: DISPATCH-737
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-737
>             Project: Qpid Dispatch
>          Issue Type: Bug
>          Components: Management Agent
>    Affects Versions: 0.7.0
>            Reporter: Ganesh Murthy
>            Assignee: Ganesh Murthy
>             Fix For: 1.0.0
>
>
> qdmanage and qdstat use the Proton Python blocking API to do its work. The 
> Python API offers a flag called sasl_enabled and it is always set to true 
> which always initiates a SASL exchange. SASL should only be invoked when 
> mechanisms are explicitly provided by qdstat and qdmanage via its 
> sasl-mechanisms or sasl-username or sasl-password or ssl parameters



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to