Repository: activemq Updated Branches: refs/heads/master 06bc2840d -> c530b69e1
https://issues.apache.org/jira/browse/AMQ-5881 Fail the connect if the password is set but the username bit is not as per the V3.1.1 spec requirements. Project: http://git-wip-us.apache.org/repos/asf/activemq/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/c530b69e Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/c530b69e Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/c530b69e Branch: refs/heads/master Commit: c530b69e16372232bef19dcd353cbe91e4a511d2 Parents: 06bc284 Author: Timothy Bish <tabish...@gmail.com> Authored: Thu Feb 25 19:08:22 2016 -0500 Committer: Timothy Bish <tabish...@gmail.com> Committed: Thu Feb 25 19:08:22 2016 -0500 ---------------------------------------------------------------------- .../transport/mqtt/MQTTProtocolConverter.java | 9 +++++++ .../activemq/transport/mqtt/MQTTTest.java | 28 ++++++++++++++++++++ 2 files changed, 37 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq/blob/c530b69e/activemq-mqtt/src/main/java/org/apache/activemq/transport/mqtt/MQTTProtocolConverter.java ---------------------------------------------------------------------- diff --git a/activemq-mqtt/src/main/java/org/apache/activemq/transport/mqtt/MQTTProtocolConverter.java b/activemq-mqtt/src/main/java/org/apache/activemq/transport/mqtt/MQTTProtocolConverter.java index 2b384e1..8e83ed2 100644 --- a/activemq-mqtt/src/main/java/org/apache/activemq/transport/mqtt/MQTTProtocolConverter.java +++ b/activemq-mqtt/src/main/java/org/apache/activemq/transport/mqtt/MQTTProtocolConverter.java @@ -248,6 +248,15 @@ public class MQTTProtocolConverter { } String passswd = null; if (connect.password() != null) { + + if (userName == null && connect.version() != V3_1) { + // [MQTT-3.1.2-22]: If the user name is not present then the + // password must also be absent. + // [MQTT-3.1.4-1]: would seem to imply we don't send a CONNACK here. + getMQTTTransport().onException(IOExceptionSupport.create("Password given without a user name", null)); + return; + } + passswd = connect.password().toString(); } http://git-wip-us.apache.org/repos/asf/activemq/blob/c530b69e/activemq-mqtt/src/test/java/org/apache/activemq/transport/mqtt/MQTTTest.java ---------------------------------------------------------------------- diff --git a/activemq-mqtt/src/test/java/org/apache/activemq/transport/mqtt/MQTTTest.java b/activemq-mqtt/src/test/java/org/apache/activemq/transport/mqtt/MQTTTest.java index 7dbf9c7..3dd3348 100644 --- a/activemq-mqtt/src/test/java/org/apache/activemq/transport/mqtt/MQTTTest.java +++ b/activemq-mqtt/src/test/java/org/apache/activemq/transport/mqtt/MQTTTest.java @@ -331,6 +331,34 @@ public class MQTTTest extends MQTTTestSupport { connection.disconnect(); } + @Test(timeout = 30 * 1000) + public void testConnectWithUserButNoPassword() throws Exception { + MQTT mqtt = createMQTTConnection(); + mqtt.setClientId("test"); + mqtt.setUserName("foo"); + + BlockingConnection connection = mqtt.blockingConnection(); + connection.connect(); + connection.disconnect(); + } + + @Test(timeout = 30 * 1000) + public void testConnectWithPasswordButNoUsername() throws Exception { + MQTT mqtt = createMQTTConnection(); + mqtt.setVersion("3.1.1"); // The V3.1 spec doesn't make the same assertion + mqtt.setClientId("test"); + mqtt.setPassword("bar"); + + BlockingConnection connection = mqtt.blockingConnection(); + + try { + connection.connect(); + fail("Should not be able to connect in this case."); + } catch (Exception ex) { + LOG.info("Exception expected on connect with password but no username"); + } + } + @Test(timeout = 2 * 60 * 1000) public void testMQTTWildcard() throws Exception { MQTT mqtt = createMQTTConnection();
