[ 
https://issues.apache.org/jira/browse/PROTON-1135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robbie Gemmell updated PROTON-1135:
-----------------------------------
    Description: 
Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN 
frames by default when connecting out to other peers using the ANONYMOUS mech, 
as shown in the following trace - 
{code}
[0x7f41f80079c0]:  -> SASL
[0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS, 
initial-response=b"anonymous@localhost.localdomain"]
[0x7f41f80079c0]:  -> AMQP
[0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A", 
max-frame-size=65536, channel-max=32767, idle-time-out=8000, 
offered-capabilities=:"ANONYMOUS-RELAY", 
properties={:product="qpid-dispatch-router", :version="0.6.0"}]
[0x7f41f80079c0]:  <- SASL
[0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
[0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
[0x7f41f80079c0]:  <- AMQP
[0x7f41f80079c0]:0 <- @open(16) 
[container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767, 
idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"], 
properties={:product="qpid-cpp", :version="0.35", :platform="Linux", 
:host="localhost.localdomain"}]
{code}

The AMQP 1.0 spec does not make it clear that this is supported (e.g. see 
diagram below) but in any case various components have shown difficulty with it 
(such as PROTON-1135 just raised, and QPID-6639 which has yet to be included in 
a release but permitted the above protocol trace log).
{code}
TCP Client         TCP Server
=========================================
AMQP%d3.1.0.0 --------->
                          <--------- AMQP%d3.1.0.0
:
:
<SASL negotiation>
:
:
AMQP%d0.1.0.0 --------->
(over SASL secured connection)
                            <--------- AMQP%d0.1.0.0
open --------->
                            <--------- open
{code}

Proton should by default disable sending pipelined OPEN frames for ANONYMOUS 
logins, to aid compatibility with other components that don't expect/handle 
such behaviour.

  was:
Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN 
frames by default when connecting out to other peers using the ANONYMOUS mech, 
as shown in the following trace - 
{code}
[0x7f41f80079c0]:  -> SASL
[0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS, 
initial-response=b"anonymous@localhost.localdomain"]
[0x7f41f80079c0]:  -> AMQP
[0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A", 
max-frame-size=65536, channel-max=32767, idle-time-out=8000, 
offered-capabilities=:"ANONYMOUS-RELAY", 
properties={:product="qpid-dispatch-router", :version="0.6.0"}]
[0x7f41f80079c0]:  <- SASL
[0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
[0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
[0x7f41f80079c0]:  <- AMQP
[0x7f41f80079c0]:0 <- @open(16) 
[container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767, 
idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"], 
properties={:product="qpid-cpp", :version="0.35", :platform="Linux", 
:host="localhost.localdomain"}]
{code}

The AMQP 1.0 spec does not make it clear that this is supported (e.g. see 
diagram below) but in any case various components have shown difficulty with it 
(such as PROTON-1135 just raised, and QPID-6639 which has yet to be included in 
a release but permitted the above protocol trace log).
{code}
TCP Client         TCP Server
=========================================
AMQP%d3.1.0.0 --------->
                          <--------- AMQP%d3.1.0.0
:
:
<SASL negotiation>
:
:
AMQP%d0.1.0.0 --------->
(over SASL secured connection)
                            <--------- AMQP%d0.1.0.0
open --------->
                            <--------- open
{code}

Proton by default enables sending pipelined OPEN frames for ANONYMOUS logins to 
aid compatibility with other components.


> [proton-c] dont pipeline SASL and OPEN frames for ANONYMOUS logins by default
> -----------------------------------------------------------------------------
>
>                 Key: PROTON-1135
>                 URL: https://issues.apache.org/jira/browse/PROTON-1135
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.12.0
>            Reporter: Ganesh Murthy
>
> Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN 
> frames by default when connecting out to other peers using the ANONYMOUS 
> mech, as shown in the following trace - 
> {code}
> [0x7f41f80079c0]:  -> SASL
> [0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS, 
> initial-response=b"anonymous@localhost.localdomain"]
> [0x7f41f80079c0]:  -> AMQP
> [0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A", 
> max-frame-size=65536, channel-max=32767, idle-time-out=8000, 
> offered-capabilities=:"ANONYMOUS-RELAY", 
> properties={:product="qpid-dispatch-router", :version="0.6.0"}]
> [0x7f41f80079c0]:  <- SASL
> [0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
> [0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
> [0x7f41f80079c0]:  <- AMQP
> [0x7f41f80079c0]:0 <- @open(16) 
> [container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767, 
> idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"], 
> properties={:product="qpid-cpp", :version="0.35", :platform="Linux", 
> :host="localhost.localdomain"}]
> {code}
> The AMQP 1.0 spec does not make it clear that this is supported (e.g. see 
> diagram below) but in any case various components have shown difficulty with 
> it (such as PROTON-1135 just raised, and QPID-6639 which has yet to be 
> included in a release but permitted the above protocol trace log).
> {code}
> TCP Client         TCP Server
> =========================================
> AMQP%d3.1.0.0 --------->
>                           <--------- AMQP%d3.1.0.0
> :
> :
> <SASL negotiation>
> :
> :
> AMQP%d0.1.0.0 --------->
> (over SASL secured connection)
>                             <--------- AMQP%d0.1.0.0
> open --------->
>                             <--------- open
> {code}
> Proton should by default disable sending pipelined OPEN frames for ANONYMOUS 
> logins, to aid compatibility with other components that don't expect/handle 
> such behaviour.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to