proton server (azure SB) limit the incoming_window=5000
I am trying to extract bulk messages from azure SB. As per their documentation the azure SDK doesn't support bulk read message and recommends using the native amqp for the Azure Service Bus. White trying to negotiate a session with the azure SB, i noticed that independent of what client is requesting, the SB dials down the incoming_window=5000. This limits a max of 5000B send per bulk read, thus my consumer runs dry till the RTT (which is large for inter cloud) to fetch a new packet. Is this a restriction of the azure SB or am i not setting any/some of the parameters correctly from the client side to achieve the negotiated window size > 5000B. I am using python proton MessagingHandler Class and clearly see that on_message is called for few pkts composing of buffer size ~5000B and then have to wait for the RTT delay to get the next batch. Any suggestion to work around this problem and get larger bulked message ? I can't reduce the RTT between the server and consumer. have some workaround for parallel consumers but would like to solve the bulk problem as that is most efficient way of achieving the high throughput. class Recv(MessagingHandler): def __init__(self): super(Recv, self).__init__(prefetch=100, auto_accept=True, auto_settle=True, peer_close_is_error=False) def on_start(self, event): conn = event.container.connect(connString) event.container.create_receiver(conn, subscription) def on_message(self, event): print(event.message.body) print datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S.%f')[:-3], self.count, event.receiver.queued [0xace380]: -> SASL [0xace380]: <- SASL [0xace380]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=@PN_SYMBOL[:MSSBCBS, :PLAIN, :ANONYMOUS, :EXTERNAL]] [0xace380]:0 -> @sasl-init(65) [mechanism=:PLAIN, initial-response=b"\x00iothubroutes_X\X="] [0xace380]:0 <- @sasl-outcome(68) [code=0, additional-data=b"Welcome!"] [0xace380]: -> AMQP [0xace380]:0 -> @open(16) [container-id="0ad171ca-cefa-4a27-a7dc-0520e5393fa5", hostname=" nebhubsb.servicebus.windows.net", channel-max=32767] [0xace380]:0 -> @begin(17) [next-outgoing-id=0, incoming-window=2147483647, outgoing-window=2147483647] [0xace380]:0 -> @attach(18) [name="0ad171ca-cefa-4a27-a7dc-0520e5393fa5-kukatopic/Subscriptions/kukasub", handle=0, role=true, snd-settle-mode=2, rcv-settle-mode=0, source=@source(40) [address="kukatopic/Subscriptions/kukasub", durable=0, timeout=0, dynamic=false], target=@target(41) [durable=0, timeout=0, dynamic=false], initial-delivery-count=0, max-message-size=0] [0xace380]:0 -> @flow(19) [incoming-window=2147483647, next-outgoing-id=0, outgoing-window=2147483647, handle=0, delivery-count=0, link-credit=100, drain=false] [0xace380]: <- AMQP [0xace380]:0 <- @open(16) [container-id="b970f07881334c658eb80ff336f2a683_G16", max-frame-size=65536, channel-max=4999, idle-time-out=24] [0xace380]:0 <- @begin(17) [remote-channel=0, next-outgoing-id=1, incoming-window=5000, outgoing-window=2147483647, handle-max=255] [0xace380]:0 <- @attach(18) [name="0ad171ca-cefa-4a27-a7dc-0520e5393fa5-kukatopic/Subscriptions/kukasub", handle=0, role=false, rcv-settle-mode=1, source=@source(40) [address="topic/Subscriptions/sub", durable=0, timeout=0, dynamic=false], target=@target(41) [durable=0, timeout=0, dynamic=false], initial-delivery-count=0, max-message-size=266240]
[jira] [Commented] (QPID-7434) Mature the AMQP message conversion layer (headers and content)
[ https://issues.apache.org/jira/browse/QPID-7434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116765#comment-16116765 ] ASF subversion and git services commented on QPID-7434: --- Commit a4a17517312350831b797fa817ebbc2bbe1ee735 in qpid-broker-j's branch refs/heads/master from [~lorenz.quack] [ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=a4a1751 ] QPID-7434: [Java Broker] improve AMQP 1.0 to 0-8 content conversion and add unit tests > Mature the AMQP message conversion layer (headers and content) > -- > > Key: QPID-7434 > URL: https://issues.apache.org/jira/browse/QPID-7434 > Project: Qpid > Issue Type: Improvement > Components: Java Broker >Reporter: Keith Wall >Assignee: Lorenz Quack > Fix For: qpid-java-broker-7.0.0 > > > There are a number of gaps in our message converters that mean some message > are not converted with complete fidelity (particularly in the treatment of > application headers), and where complete fidelity cannot be acheived we need > sensible rules, uniformly implemented to decide how aspects degrade. > For instance, for AMQP 0-8..0-10 allow application headers whose values were > complex types (e.g. map). AMQP 1.0 disallows this. What should the > behaviour be? Should the header be dropped? > Another instance is the length and constituency of the keys of application > headers. AMQP 0-8..0-10 have a protocol restriction of 255 UTF8 bytes. AMQP > has supports longer strings. Also AMQP 0-9 says further restricts the key to > be formed like a Java identifier. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Resolved] (QPIDJMS-311) Enable building and testing on JDK 9
[ https://issues.apache.org/jira/browse/QPIDJMS-311?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Timothy Bish resolved QPIDJMS-311. -- Resolution: Fixed > Enable building and testing on JDK 9 > > > Key: QPIDJMS-311 > URL: https://issues.apache.org/jira/browse/QPIDJMS-311 > Project: Qpid JMS > Issue Type: Task > Components: qpid-jms-client >Affects Versions: 0.24.0 >Reporter: Timothy Bish >Assignee: Timothy Bish > Fix For: 0.25.0 > > > Tasks needed to get JDK 9 builds going. > * several dependencies need to be updated such as Mockito and Jacoco. > * Fixes to tests that break as a result of Mockito update are needed. > * Many new warnings appear as a result of deprecated methods in use. > * The Scram-SHA SASL mechanism code needs to use the Base64 encoder / decoder > instead of the EE DataTypeConverter that's in use now. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPIDJMS-311) Enable building and testing on JDK 9
[ https://issues.apache.org/jira/browse/QPIDJMS-311?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116713#comment-16116713 ] ASF subversion and git services commented on QPIDJMS-311: - Commit 96e20d076d543c83ebbcdb0976ddeb94eea78430 in qpid-jms's branch refs/heads/master from [~tabish121] [ https://git-wip-us.apache.org/repos/asf?p=qpid-jms.git;h=96e20d0 ] QPIDJMS-311 Fixes to enable build and test on JDK9 * Update Mockito to 2.8.47+ * Update Jacoco to 0.7.9+ * Use Base64 in Scram-SHA mechanism * Fix failing Mockito based tests * Fix deprecation warnings > Enable building and testing on JDK 9 > > > Key: QPIDJMS-311 > URL: https://issues.apache.org/jira/browse/QPIDJMS-311 > Project: Qpid JMS > Issue Type: Task > Components: qpid-jms-client >Affects Versions: 0.24.0 >Reporter: Timothy Bish >Assignee: Timothy Bish > Fix For: 0.25.0 > > > Tasks needed to get JDK 9 builds going. > * several dependencies need to be updated such as Mockito and Jacoco. > * Fixes to tests that break as a result of Mockito update are needed. > * Many new warnings appear as a result of deprecated methods in use. > * The Scram-SHA SASL mechanism code needs to use the Base64 encoder / decoder > instead of the EE DataTypeConverter that's in use now. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116690#comment-16116690 ] Rob Godfrey commented on QPID-7867: --- D'oh - apologies, I misread the patch in concert with reading your comment on needing to enable {{trustAnchorValidityEnforced}} which made me think that you MUST set on a per truststore basis. (For Martin I guess setting the context variable would be the better approach than modifying the individual truststore.) > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116682#comment-16116682 ] Keith Wall commented on QPID-7867: -- Rob, didn't I do that already? The new managed attribute is backed by {{qpid.truststore.trustAnchorValidityEnforced}}. > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116554#comment-16116554 ] Rob Godfrey commented on QPID-7867: --- Why not use a context value for the default rather than a literal false; in that way one could easily change the default for a all trust stores (including new trust stores) to enforce this behaviour? > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116549#comment-16116549 ] Keith Wall commented on QPID-7867: -- Martin, the feature has been added. Can you retest? You'll need to enable {{trustAnchorValidityEnforced}} for the truststore. You can do this through the UI or from REST. Comments welcomed. > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Keith Wall updated QPID-7867: - Status: Reviewable (was: In Progress) > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116545#comment-16116545 ] ASF subversion and git services commented on QPID-7867: --- Commit d55b08e89e2d0755b392bfe291a5e9698a782e4f in qpid-broker-j's branch refs/heads/master from [~k-wall] [ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=d55b08e ] QPID-7867: [Java Broker] Extend UI to allow "Trust Anchor Validity Enforced" to be mutated Added documentation. > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Keith Wall updated QPID-7867: - Fix Version/s: qpid-java-broker-7.0.0 > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Assigned] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Keith Wall reassigned QPID-7867: Assignee: Keith Wall > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa >Assignee: Keith Wall > Fix For: qpid-java-broker-7.0.0 > > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Keith Wall updated QPID-7867: - Issue Type: New Feature (was: Bug) > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: New Feature > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-7867) Authentication using expired certificate
[ https://issues.apache.org/jira/browse/QPID-7867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116467#comment-16116467 ] ASF subversion and git services commented on QPID-7867: --- Commit 93d95fdc2e6ced1377092e9e616a49a37a15 in qpid-broker-j's branch refs/heads/master from [~k-wall] [ https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=93d ] QPID-7867: [Java Broker] Add truststore feature that insists trust anchors are within validity period. > Authentication using expired certificate > > > Key: QPID-7867 > URL: https://issues.apache.org/jira/browse/QPID-7867 > Project: Qpid > Issue Type: Bug > Components: Java Broker >Affects Versions: qpid-java-broker-7.0.0 > Environment: * qpid-jms-client version 0.23.0 > * java qpid broker 7.0.0 >Reporter: Martin Krasa > > Using qpid-jms-client version 0.23.0 and (as of July 17 2017) expired > self-signed certificate (Valid until: Sat Dec 17 10:46:56 CET 2016) user can > _successfully authenticate_ against the java qpid broker 7.0.0 > {code:title=extract from Java broker log file|borderStyle=solid} 2017-07-14 > 16:34:58,022 INFO [Broker-Config] (q.m.c.open) - [con:0(/XXX.XX.XX.XX:54268)] > CON-1001 : Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version > : 1.0 : SSL 2017-07-14 16:34:58,093 INFO [IO-/172.23.38.21:54268] > (q.m.c.open) - [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)] CON-1001 : > Open : Destination : amqps(XXX.XX.XX.XXX:10202) : Protocol Version : 1.0 : > SSL : Client ID : ID:6303ba8b-2055-49e5-9bf8-80336865a672:1 : Client Version > : 0.23.0 : Client Product : QpidJMS 2017-07-14 16:34:58,124 INFO > [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:0] CHN-1001 : Create > 2017-07-14 16:34:58,155 INFO [IO-/XXX.XX.XX.XX:54268] (q.m.c.create) - > [con:0(ACCOUNT_NAME@/XXX.XX.XX.XX:54268/default)/ch:1] CHN-1001 : Create > {code} {color:blue}*NOTE:* The same behaviour rings true with expired node > certificate{color} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (QPID-6960) BDB HA limits message size to je.rep.maxMessageSize (which was inadvertently lowered in qpid-java-6.0)
[ https://issues.apache.org/jira/browse/QPID-6960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16116407#comment-16116407 ] Lorenz Quack commented on QPID-6960: As long as the chunking is not in place I think we should change our documentation to advise users to set the je.rep.maxMessageSize explicitly to match their use-case and to set qpid.max_message_size to the same value to prevent this issue. > BDB HA limits message size to je.rep.maxMessageSize (which was inadvertently > lowered in qpid-java-6.0) > -- > > Key: QPID-6960 > URL: https://issues.apache.org/jira/browse/QPID-6960 > Project: Qpid > Issue Type: Bug > Components: Java Broker >Affects Versions: 0.30, 0.32, qpid-java-6.0 >Reporter: Keith Wall > > If I create a Java Broker BDB HA group and publish a message whose payload + > overhead exceeds {{je.rep.maxMessageSize}}, the replicas log the following > exception. On qpid-java-v6.0, the replica doesn't fail but instead slowly > spins, seemingly continually retrying repeating the same log message. > {{je.rep.maxMessageSize}} is not overridden by Qpid, so it takes its default > value 0. 0 is interpreted by JE to mean {{je.maxMemory /2}}. QPID-6751 > reduced the size of {{je.maxMemory}} from 5% of JVM's heap to 2%. This means > that in qpid-java-v6.0, the default maximum message size will be 2% of > default JVM heap size (0.5GB) = 10MB. For comparison, in 0.32 with default > heap of 2GB gave a maximum message size of 50MB. > Users can work around this issue by raising {{je.rep.maxMessageSize}}. This > can be done from the Java Broker command line (-prop), or from QPID_OPTS > environment variable. > {noformat} > com.sleepycat.je.EnvironmentFailureException: (JE 5.0.104) Message op: Entry > Body size: 32557779 is too large. maxSizeAllowed: 21126184 > If a larger value is needed, set the 'je.rep.maxMessageSize' parameter. > UNEXPECTED_STATE: Unexpected internal state, may have side effects. > at > com.sleepycat.je.EnvironmentFailureException.unexpectedState(EnvironmentFailureException.java:426) > at > com.sleepycat.je.rep.utilint.BinaryProtocol.read(BinaryProtocol.java:469) > at > com.sleepycat.je.rep.impl.node.Replica.doRunReplicaLoopInternalWork(Replica.java:466) > at > com.sleepycat.je.rep.impl.node.Replica.runReplicaLoopInternal(Replica.java:397) > at > com.sleepycat.je.rep.impl.node.Replica.runReplicaLoop(Replica.java:332) > at > com.sleepycat.je.rep.impl.node.RepNode.run(RepNode.java:1506) > {noformat} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Resolved] (QPID-7876) qpid-route does not properly consider src-local when matching bridges
[ https://issues.apache.org/jira/browse/QPID-7876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gordon Sim resolved QPID-7876. -- Resolution: Fixed > qpid-route does not properly consider src-local when matching bridges > - > > Key: QPID-7876 > URL: https://issues.apache.org/jira/browse/QPID-7876 > Project: Qpid > Issue Type: Bug > Components: C++ Broker >Affects Versions: qpid-cpp-1.36.0 >Reporter: Chris Richardson > Attachments: test-routes.sh > > Original Estimate: 4h > Remaining Estimate: 4h > > qpid-route does not properly consider src-local when matching bridges. The > practical upshot of this is that it may consider routes to be duplicates when > they are in fact not. > Take the following (slightly contrived) scenario: > Brokers A and B both have queues named "test.queue" and default exchanges > named "amq.direct". > We would like a queue route to pull messages from B:test.queue to > A:amq.direct and a src_local route to push messages from A:test.queue to > B:amq.direct. Since qpid-route does not consider the src-local flag, it will > regard the second route to be a duplicate and will not allow it to be added. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Created] (QPID-7880) Can't start Java Broker with QPID_WORK set to a Windows path.
Keith Wall created QPID-7880: Summary: Can't start Java Broker with QPID_WORK set to a Windows path. Key: QPID-7880 URL: https://issues.apache.org/jira/browse/QPID-7880 Project: Qpid Issue Type: Bug Components: Java Broker Affects Versions: qpid-java-broker-7.0.0 Environment: Windows Reporter: Keith Wall Fix For: qpid-java-broker-7.0.0 Trying to start the Java Broker with QPID_WORK environment variable set to a Windows style path fails with the following exception. I can work around by reexpressing the path using UNIX style stashes. Qpid Broker 6.1 is not affected. {code} java.lang.IllegalArgumentException: Cannot convert '${qpid.broker.defaultPreferenceStoreAttributes}' into a PreferenceStoreAttributes for attribute preferenceStoreAttributes (Cannot convert type class java.lang.String to a org.apache.qpid.server.store.preferences.PreferenceStoreAttributes) at org.apache.qpid.server.model.ConfiguredAutomatedAttribute.convert(ConfiguredAutomatedAttribute.java:261) at org.apache.qpid.server.model.AbstractConfiguredObject.automatedSetValue(AbstractConfiguredObject.java:490) at org.apache.qpid.server.model.AbstractConfiguredObject.resolveAutomatedAttribute(AbstractConfiguredObject.java:1479) at org.apache.qpid.server.model.AbstractConfiguredObject.onResolve(AbstractConfiguredObject.java:1429) at org.apache.qpid.server.model.AbstractConfiguredObject.doResolution(AbstractConfiguredObject.java:1211) at org.apache.qpid.server.model.AbstractConfiguredObject$1.execute(AbstractConfiguredObject.java:586) at org.apache.qpid.server.model.AbstractConfiguredObject$1.execute(AbstractConfiguredObject.java:576) at org.apache.qpid.server.model.AbstractConfiguredObject$2.execute(AbstractConfiguredObject.java:637) at org.apache.qpid.server.model.AbstractConfiguredObject$2.execute(AbstractConfiguredObject.java:630) at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$TaskLoggingWrapper.execute(TaskExecutorImpl.java:245) at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper$1.run(TaskExecutorImpl.java:317) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper.call(TaskExecutorImpl.java:310) at com.google.common.util.concurrent.TrustedListenableFutureTask$TrustedFutureInterruptibleTask.runInterruptibly(TrustedListenableFutureTask.java:111) at com.google.common.util.concurrent.InterruptibleTask.run(InterruptibleTask.java:58) at com.google.common.util.concurrent.TrustedListenableFutureTask.run(TrustedListenableFutureTask.java:75) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.IllegalArgumentException: Cannot convert type class java.lang.String to a org.apache.qpid.server.store.preferences.PreferenceStoreAttribute s at org.apache.qpid.server.model.AttributeValueConverter$ManageableAttributeTypeConverter.convert(AttributeValueConverter.java:1368) at org.apache.qpid.server.model.AttributeValueConverter$ManageableAttrib uteTypeConverter.convert(AttributeValueConverter.java:1200) at org.apache.qpid.server.model.ConfiguredAutomatedAttribute.convert(Con figuredAutomatedAttribute.java:251) ... 19 more 09:25:20.197 [main] ERROR o.apache.qpid.server.SystemLauncher - Exception during startup java.lang.IllegalArgumentException: Cannot convert '${qpid.broker.defaultPreferenceStoreAttributes}' into a PreferenceStoreAttributes for attribute preferenceStoreAttributes (Cannot convert type class java.lang.String to a org.apache.qpid.s erver.store.preferences.PreferenceStoreAttributes) at org.apache.qpid.server.model.ConfiguredAutomatedAttribute.convert(ConfiguredAutomatedAttribute.java:261) at org.apache.qpid.server.model.AbstractConfiguredObject.automatedSetValue(AbstractConfiguredObject.java:490) at org.apache.qpid.server.model.AbstractConfiguredObject.resolveAutomatedAttribute(AbstractConfiguredObject.java:1479) at org.apache.qpid.server.model.AbstractConfiguredObject.onResolve(AbstractConfiguredObject.java:1429) at org.apache.qpid.server.model.AbstractConfiguredObject.doResolution(AbstractConfiguredObject.java:1211) at org.apache.qpid.server.model.AbstractConfiguredObject$1.execute(AbstractConfiguredObject.java:586) at org.apache.qpid.server.model.AbstractConfiguredObject$1.execute(AbstractConfiguredObject.java:576) at