[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16205680#comment-16205680 ] Gordon Sim commented on PROTON-1542: The fix for PROTON-1535 allows a sasl plugin to set the hostname, which was my immediate need at the time, and it does not alter default behaviour or public API in anyway. I understood us to have agreed that we should create a new issue for any more general changes, and rename PROTON-1535 to make it clear it was just an enhancement to the new sasl plugin API. As to the choice of the field name, I saw there was a remote_fqdn there already and assumed that was the value for hostname specified by the peer. In general, the 'remote' qualification in proton names is always something received from the peer. As what I was adding was the ability to set the local value, i.e. the value that will be sent to the peer, I used the same basic name with prefix 'local'. The name of the field is an internal detail, I would not have chosen 'fqdn' had it not been there already. More important is the API to it, which in the plugin API is pnx_sasl_set_local_hostname which I think is clear. Arguably the 'local' could be dropped. Looking at the actual use in existing code of the remote_fqdn, I see it is set from transport.c, which suggests it is not intended as the hostname sent by the peer, and as you say it seems that value is never actually decoded. I had again assumed that pnx_sasl_get_remote_fqdn() was the accessor to what the peer set as the hostname. > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-c >Reporter: Gordon Sim >Assignee: Andrew Stitcher > Fix For: proton-c-0.19.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16202041#comment-16202041 ] Justin Ross commented on PROTON-1542: - Moving this out to 0.19.0. > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-c >Reporter: Gordon Sim >Assignee: Andrew Stitcher > Fix For: proton-c-0.18.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16200295#comment-16200295 ] Andrew Stitcher commented on PROTON-1542: - [~gsim] Looking at this some more - it seems this is a simple omission in the proton-c implementation - the remote hostname is not sent in the SASL-INIT frame. How is this related to public api? As far as I can tell this value should always be the vhost. > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-c >Reporter: Gordon Sim >Assignee: Andrew Stitcher > Fix For: proton-c-0.18.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16200281#comment-16200281 ] Andrew Stitcher commented on PROTON-1542: - [~gsim] Can you explain how this is related to PROTON-1535. I may have understood once, but it escapes me now. That JIRA seems to be about the serfer end of the connection setting its idea of the _local_ hostname. However this JIRA seems to be about the client end setting the connected to hostname. Is This correct? > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-c >Reporter: Gordon Sim >Assignee: Andrew Stitcher > Fix For: proton-c-0.18.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16184285#comment-16184285 ] Gordon Sim commented on PROTON-1542: I think this is very much like the SNI. In general the SNI, the sasl-init hostname and the open hostname will all be the same. Defaulting so that they are all the same unless explicitly configured to be different makes sense. > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: cpp-binding, go-binding, proton-c, python-binding, > ruby-binding >Reporter: Gordon Sim > Fix For: proton-c-0.18.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16184274#comment-16184274 ] Justin Ross commented on PROTON-1542: - [~gsim], am I right in thinking that your immediate concern is the defaulting part? As to the API, what's the driving user scenario for very fine-grained control? When would an API user want to set the sasl-init vhost distinct from the amqp vhost? > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Improvement > Components: cpp-binding, go-binding, proton-c, python-binding, > ruby-binding >Reporter: Gordon Sim > Fix For: proton-c-0.18.0 > > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (PROTON-1542) hostname should be set on sasl-init
[ https://issues.apache.org/jira/browse/PROTON-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16130139#comment-16130139 ] Gordon Sim commented on PROTON-1542: https://issues.apache.org/jira/browse/PROTON-1535 allows the hostname to be set by plugins. This issue is covers the public api and default behaviour. > hostname should be set on sasl-init > --- > > Key: PROTON-1542 > URL: https://issues.apache.org/jira/browse/PROTON-1542 > Project: Qpid Proton > Issue Type: Bug > Components: cpp-binding, go-binding, proton-c, python-binding, > ruby-binding >Reporter: Gordon Sim >Assignee: Justin Ross > > For a multi-tenant service/server, where each tenant has its own user base, > the hostname in the sasl-init frame provides a convenient way of determining > the correct tenant to authenticate for. > At present this is not set for any proton-c based client. It is similar to > the SNI information included in the TLS layer initiation (if such a layer is > in use). -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
