date:20150421

2015-04-21 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504472#comment-14504472
 ] 

ASF GitHub Bot commented on PROTON-334:
---

Github user asfgit closed the pull request at:

https://github.com/apache/qpid-proton/pull/17


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (PROTON-334) SASL Implementation for Proton C


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504471#comment-14504471
 ] 

ASF subversion and git services commented on PROTON-334:


Commit b3bf328fda4e815b29dbffe08b6b710959706097 in qpid-proton's branch 
refs/heads/master from [~astitcher]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=b3bf328 ]

Land initial tranch of SASL work for PROTON-334
This closes #17


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (PROTON-334) SASL Implementation for Proton C

2015-04-21 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504469#comment-14504469
 ] 

ASF subversion and git services commented on PROTON-334:


Commit 4a09c6a17f865df10f53fa61c8d2bc88d4627bb0 in qpid-proton's branch 
refs/heads/master from [~astitcher]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=4a09c6a ]

PROTON-334: SASL Implementation for Proton-C using Cyrus SASL

This work Adds some new APIs to the transport and connection
objects to make a higher level abstraction for authentication.
This generally makes it much easier to use authentication.

It also vastly changes the Proton C API for SASL and deprecates
nearly all of the previous interface that allowed reading and
writing individual SASL frames.


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[GitHub] qpid-proton pull request: PROTON-334: SASL Implementation for Prot...

2015-04-21 Thread asfgit

Github user asfgit closed the pull request at:

https://github.com/apache/qpid-proton/pull/17


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (PROTON-334) SASL Implementation for Proton C

2015-04-21 Thread ASF subversion and git services (JIRA)


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504470#comment-14504470
 ] 

ASF subversion and git services commented on PROTON-334:


Commit 7cf0ababd4e59a54a1fb7cb7b535f4a75a2fcd9c in qpid-proton's branch 
refs/heads/master from [~astitcher]
[ https://git-wip-us.apache.org/repos/asf?p=qpid-proton.git;h=7cf0aba ]

PROTON-334: Tidied up Cyrus SASL detection in CMake
- The CMake output messages now make some sense
- Tidied up a few other little CMake annoyances


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (PROTON-334) SASL Implementation for Proton C


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14505468#comment-14505468
 ] 

ASF GitHub Bot commented on PROTON-334:
---

Github user dcristoloveanu commented on the pull request:

https://github.com/apache/qpid-proton/pull/19#issuecomment-94899556
  
I'll take a look at PROTON-334 and see if we need anything extra. If so, 
I'll create another pull request.
Could we merge in this pull request, as I removed the new SASL API from it?

Thanks,
/Dan


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (PROTON-855) Add axTLS (embedded SSL) support to proton-c

Tomasz Nowicki created PROTON-855:
-

Summary: Add axTLS (embedded SSL) support to proton-c
Key: PROTON-855
URL: https://issues.apache.org/jira/browse/PROTON-855
Project: Qpid Proton
Issue Type: New Feature
Components: proton-c
Affects Versions: 0.9
Environment: Platform independent
Reporter: Tomasz Nowicki
Fix For: 0.10

http://axtls.sourceforge.net/

axTLS integration with proton is done on socket layer(posix layer). On the
other hand OpenSSL integration with proton is done on the transport layer. To
use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send
(daclared in include/ssl_io.h) which in openssl mode, without crypting, invoke
native proton pn_send and pn_receive (io.c). In axTLS mode, those methods
are replaced with proper axtls comunication methods. Those are defined in
openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used
in pni_connection_writable(pn_selectable_t *sel),
pni_connection_readable(pn_selectable_t *sel) (connection.c).
Moreover we introduced new file axtls.c located in src/ssl. The file is an
equivalent of openssl.c, implementing base ssl methods: PN_EXTERN
pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc

Example of axTLS integration with ex ActiveMQ:
http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (PROTON-856) idle timeout doesn't work in openssl mode


 [ 
https://issues.apache.org/jira/browse/PROTON-856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Adam Curylo updated PROTON-856:
---
Description: 
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message (PN_TRANSPORT_ERROR 
amqp:resource-limit-exceeded: local-idle-timeout expired ) after timeout but 
connections still remains. It is different (wrong) behaviour than unencrypted 
connection. 
I've used for check it following example code (connection with ActiveMQ message 
broker):


{code}

#include proton/reactor.h
#include proton/handlers.h
#include proton/engine.h
#include proton/message.h
#include proton/ssl.h
#include assert.h
#include stdio.h
#include string.h


typedef pn_handler_t client_t;

typedef struct {
const char *hostname;
const char *queue;
const char *container;
pn_session_t * session;
pn_ssl_domain_t *sslDomain;
} client_state_t;

client_state_t *client_state(client_t *client) {
return (client_state_t *) pn_handler_mem(client);
}

void client_cleanup(client_t *client) {
client_state_t *cs = client_state(client);
(void)cs;
}

void client_dispatch(pn_handler_t *client, pn_event_t *event, pn_event_type_t 
eventType) {
client_state_t *state = client_state(client);

switch (eventType) {
case PN_TRANSPORT:
{
pn_transport_t * transport = pn_event_transport(event);
assert(transport);
pn_transport_set_idle_timeout(transport, 2);
}
break;
case PN_TRANSPORT_ERROR:
{
pn_transport_t * transport = pn_event_transport(event);
pn_error_t * error = pn_transport_error(transport);
printf(PN_TRANSPORT_ERROR %s \n, pn_error_text(error));
}
break;
case PN_SELECTABLE_INIT:
{
//OpenSSL mode
if (state-sslDomain == NULL) {
state-sslDomain = pn_ssl_domain(PN_SSL_MODE_CLIENT);
}
if (pn_ssl_domain_set_credentials(state-sslDomain, 
./device.polyx.crt, ./device.polyx.key, NULL) == 0) {
pn_connection_t * conn = 
pn_session_connection(state-session);
pn_transport_t * transport = 
pn_connection_transport(conn);
assert(transport);
pn_ssl_init(pn_ssl(transport), state-sslDomain, NULL);
}
}
break;
case PN_DELIVERY:
{

pn_link_t *link = pn_event_link(event);
pn_delivery_t *dlv = pn_event_delivery(event);
if (pn_link_is_receiver(link)  !pn_delivery_partial(dlv)) {
char buf[1024];
ssize_t n = pn_link_recv(link, buf, 1024);
if (n  0) {
pn_message_t *msg = pn_message();
pn_message_decode(msg, buf, n);
pn_string_t *str = pn_string(NULL);
pn_inspect(msg, str);
printf(Got: %s\n, pn_string_get(str));
pn_message_free(msg);
pn_free(str);
}
pn_delivery_settle(dlv);
}
}
break;
default:
break;
}
}

client_t *client_handler(const char *hostName, const char * queueName, const 
char * containerName) {
client_t *client = pn_handler_new(client_dispatch, sizeof(client_state_t), 
client_cleanup);
client_state_t *state = client_state(client);
state-hostname = hostName;
state-queue = queueName;
state-container = containerName;
state-sslDomain = NULL;
state-session = NULL;
return client;
}


int main(int argc, const char **argv) {

pn_reactor_t *reactor = pn_reactor();

pn_handler_t *root = pn_reactor_get_handler(reactor);

client_t *client = client_handler(localhost:5671, queue://example, 
example);
pn_handler_add(root, client);
pn_handler_add(root, pn_flowcontroller(1024));
pn_handler_add(root, pn_handshaker());

client_state_t *state = client_state(client);

pn_connection_t *conn = pn_reactor_connection(reactor, client);
pn_connection_set_container(conn, state-container);
pn_connection_set_hostname(conn, state-hostname);

pn_connection_open(conn);

state-session = pn_session(conn);
pn_session_open(state-session);

pn_link_t * link = pn_receiver(state-session, state-container);
pn_terminus_set_address(pn_link_source(link), state-queue);
pn_terminus_set_address(pn_link_target(link), state-queue);
pn_link_set_snd_settle_mode(link, PN_SND_UNSETTLED);
pn_link_set_rcv_settle_mode(link, PN_RCV_SECOND);
pn_link_open(link);
pn_link_flow(link, 1);

pn_reactor_run(reactor);

if (state-sslDomain != NULL) {
pn_ssl_domain_free(state-sslDomain);
}
pn_reactor_free(reactor);
return 0;
}
 
{code}

  was:
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message (PN_TRANSPORT_ERROR

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c

[
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Tomasz Nowicki updated PROTON-855:
--
Description:
The axTLS embedded SSL project is a highly configurable client/server
TLSv1 SSL library designed for platforms with small memory requirements.
It comes with a small HTTP/HTTPS server and additional test tools.
axTLS It's free! (BSD style licensing)

http://axtls.sourceforge.net/

Example of axTLS integration with ex ActiveMQ atatched(axtls_proton_example.c):
It's based on
http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E

was:
The axTLS embedded SSL project is a highly configurable client/server
TLSv1 SSL library designed for platforms with small memory requirements.
It comes with a small HTTP/HTTPS server and additional test tools.
axTLS It's free! (BSD style licensing)

http://axtls.sourceforge.net/

Example of axTLS integration with ex ActiveMQ:
http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E

Add axTLS (embedded SSL) support to proton-c

Key: PROTON-855
URL: https://issues.apache.org/jira/browse/PROTON-855
Project: Qpid Proton
Issue Type: New Feature
Components: proton-c
Affects Versions: 0.9
Environment: Platform independent
Reporter: Tomasz Nowicki
Labels: features
Fix For: 0.10

Attachments: axtls.c, axtls_proton_example.c, qpidproton-AXTLS.patch,
ssl_io.h

Original Estimate: 0h
Remaining Estimate: 0h

The axTLS embedded SSL project is a highly configurable client/server
TLSv1 SSL library designed for platforms with small memory requirements.
It comes with a small HTTP/HTTPS server and additional test tools.
axTLS It's free! (BSD style licensing)
http://axtls.sourceforge.net/
axTLS integration with proton is done on socket layer(posix layer). On the
other hand OpenSSL integration with proton is done on the transport layer. To
use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send
(daclared in include/ssl_io.h) which in openssl mode, without crypting,
invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those
methods are replaced with proper axtls comunication methods. Those are
defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used
in pni_connection_writable(pn_selectable_t *sel),
pni_connection_readable(pn_selectable_t *sel) (connection.c).
Moreover we introduced new file axtls.c located in src/ssl. The file is an
equivalent of openssl.c, implementing base ssl methods: PN_EXTERN
pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
PN_EXTERN void pn_ssl_domain_free(

[GitHub] qpid-proton pull request: PROTON-853: stop erroneous attach being ...

2015-04-21 Thread dnwe

Github user dnwe commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94719493
  
@gemmellr sure, just pulling in this PR now and will run some scenarios 
through it


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (PROTON-853) [proton-j] the transport emitted a new link attach for a link in the process of being detached


[ 
https://issues.apache.org/jira/browse/PROTON-853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504665#comment-14504665
 ] 

ASF GitHub Bot commented on PROTON-853:
---

Github user dnwe commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94719493
  
@gemmellr sure, just pulling in this PR now and will run some scenarios 
through it


 [proton-j] the transport emitted a new link attach for a link in the process 
 of being detached
 --

 Key: PROTON-853
 URL: https://issues.apache.org/jira/browse/PROTON-853
 Project: Qpid Proton
  Issue Type: Bug
  Components: proton-j
Affects Versions: 0.9
Reporter: Robbie Gemmell

 When upgrading to use 0.9 for the JMS client, we see some NPEs on the client 
 as it tries processing the events being emitted by the connection. This was 
 due to multiple link attach and detach frames arriving in the for the same 
 consumer link.
 What appears to be happening is that while closing the consumer, after the 
 client emits its detach frame proton then emits a new attach frame for the 
 link, before the server responds to the original detach, even though the 
 client made no attempt to recreate the consumer. It looks like the clients 
 handling of a flow frame which arrived after it emitted the original detach 
 meant that the link was modified, and the transport reacted by sending out a 
 new attach. This appears to be due to a change made in 0.9 for PROTON-154.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Re: problems with master after sasl changes

2015-04-21 Thread Robbie Gemmell

On 21 April 2015 at 14:48, Robbie Gemmell robbie.gemm...@gmail.com wrote:
 On 21 April 2015 at 12:52, Rafael Schloming r...@alum.mit.edu wrote:
 I'm seeing a couple of issues with the recently landed sasl changes. I'm
 getting four test failures in the python tests (see details at the end).
 I'm also seeing interop issues with the proton.js built prior to these
 changes, and with these changes in place the javascript build seems to be
 messed up (not finding new symbols).

 Is anyone else seeing similar issues?

 --Rafael

 proton_tests.sasl.SaslTest.testPipelined2
  fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 161, in
 testPipelined2
   assert len(out1)  0
   AssertionError
 proton_tests.sasl.SaslTest.testPipelinedClient
 ... fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 68, in
 testPipelinedClient
   assert self.s1.outcome == SASL.OK
   AssertionError
 proton_tests.sasl.SaslTest.testPipelinedClientFail
 ... fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 95, in
 testPipelinedClientFail
   assert self.s1.outcome == SASL.AUTH
   AssertionError
 proton_tests.sasl.SaslTest.testSaslAndAmqpInSingleChunk
 .. fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 140, in
 testSaslAndAmqpInSingleChunk
   assert self.s2.outcome == SASL.OK
   AssertionError

 I dont have the javascript bits building, but the python tests are all
 passing for me. I updated, used git clean to do a clean up, then did a
 fresh build.

 Snippet of the SASL tests from ctest -V -R python-test:

 2: proton_tests.sasl.SaslTest.testFracturedSASL
  pass
 2: proton_tests.sasl.SaslTest.testPipelined2
 ... pass
 2: [0x4e009d0]:Authenticated user: anonymous with mechanism ANONYMOUS
 2: proton_tests.sasl.SaslTest.testPipelinedClient
 .. pass
 2: [0x4e03f10]:sasl error: SASL(-1): generic failure: Client mechanism
 not in mechanism inclusion list.
 2: proton_tests.sasl.SaslTest.testPipelinedClientFail
 .. pass
 2: [0x4e054c0]:Authenticated user: anonymous with mechanism ANONYMOUS
 2: proton_tests.sasl.SaslTest.testSaslAndAmqpInSingleChunk
 . pass
 2: proton_tests.sasl.SaslTest.testSaslSkipped
 .. pass
 2: proton_tests.sasl.SaslTest.testSaslSkippedFail
 .. pass
 2: proton_tests.sasl.SaslTest.test_singleton
 ... pass

 The only bit I wonder about (wihtout bothing to look further) is the
 'generic failure' message in the middle.


Of course, I might have spoke too soon. The Java build fails running a
few of the tests:

proton_tests.sasl.SaslTest.testSaslSkipped .. fail
Error during test:  Traceback (most recent call last):
File /home/gemmellr/workspace/proton-throwaway/tests/python/proton-test,
line 355, in run
  phase()
File 
/home/gemmellr/workspace/proton-throwaway/tests/python/proton_tests/sasl.py,
line 215, in testSaslSkipped
  self.t2.require_auth(False)
File 
/home/gemmellr/workspace/proton-throwaway/tests/../proton-c/bindings/python/proton/__init__.py,
line 3181, in require_auth
  pn_transport_require_auth(self._impl, bool)
  NameError: global name 'pn_transport_require_auth' is not defined
proton_tests.sasl.SaslTest.testSaslSkippedFail .. fail
Error during test:  Traceback (most recent call last):
File /home/gemmellr/workspace/proton-throwaway/tests/python/proton-test,
line 355, in run
  phase()
File 
/home/gemmellr/workspace/proton-throwaway/tests/python/proton_tests/sasl.py,
line 227, in testSaslSkippedFail
  self.t2.require_auth(True)
File 
/home/gemmellr/workspace/proton-throwaway/tests/../proton-c/bindings/python/proton/__init__.py,
line 3181, in require_auth
  pn_transport_require_auth(self._impl, bool)
  NameError: global name 'pn_transport_require_auth' is not defined


proton_tests.transport.TransportTest.testEOSAfterSASL ... fail
Error during test:  Traceback (most recent call last):
File /home/gemmellr/workspace/proton-throwaway/tests/python/proton-test,
line 355, in run
  phase()
File

Re: problems with master after sasl changes

2015-04-21 Thread Robbie Gemmell

On 21 April 2015 at 12:52, Rafael Schloming r...@alum.mit.edu wrote:
 I'm seeing a couple of issues with the recently landed sasl changes. I'm
 getting four test failures in the python tests (see details at the end).
 I'm also seeing interop issues with the proton.js built prior to these
 changes, and with these changes in place the javascript build seems to be
 messed up (not finding new symbols).

 Is anyone else seeing similar issues?

 --Rafael

 proton_tests.sasl.SaslTest.testPipelined2
  fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 161, in
 testPipelined2
   assert len(out1)  0
   AssertionError
 proton_tests.sasl.SaslTest.testPipelinedClient
 ... fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 68, in
 testPipelinedClient
   assert self.s1.outcome == SASL.OK
   AssertionError
 proton_tests.sasl.SaslTest.testPipelinedClientFail
 ... fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 95, in
 testPipelinedClientFail
   assert self.s1.outcome == SASL.AUTH
   AssertionError
 proton_tests.sasl.SaslTest.testSaslAndAmqpInSingleChunk
 .. fail
 Error during test:  Traceback (most recent call last):
 File /home/rhs/proton/tests/python/proton-test, line 355, in run
   phase()
 File /home/rhs/proton/tests/python/proton_tests/sasl.py, line 140, in
 testSaslAndAmqpInSingleChunk
   assert self.s2.outcome == SASL.OK
   AssertionError

I dont have the javascript bits building, but the python tests are all
passing for me. I updated, used git clean to do a clean up, then did a
fresh build.

Snippet of the SASL tests from ctest -V -R python-test:

2: proton_tests.sasl.SaslTest.testFracturedSASL
 pass
2: proton_tests.sasl.SaslTest.testPipelined2
... pass
2: [0x4e009d0]:Authenticated user: anonymous with mechanism ANONYMOUS
2: proton_tests.sasl.SaslTest.testPipelinedClient
.. pass
2: [0x4e03f10]:sasl error: SASL(-1): generic failure: Client mechanism
not in mechanism inclusion list.
2: proton_tests.sasl.SaslTest.testPipelinedClientFail
.. pass
2: [0x4e054c0]:Authenticated user: anonymous with mechanism ANONYMOUS
2: proton_tests.sasl.SaslTest.testSaslAndAmqpInSingleChunk
. pass
2: proton_tests.sasl.SaslTest.testSaslSkipped
.. pass
2: proton_tests.sasl.SaslTest.testSaslSkippedFail
.. pass
2: proton_tests.sasl.SaslTest.test_singleton
... pass

The only bit I wonder about (wihtout bothing to look further) is the
'generic failure' message in the middle.

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: qpidproton-AXTLS.patch

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, axtls_proton_example.c, qpidproton-AXTLS.patch, 
 ssl_io.h

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ 
 atatched(axtls_proton_example.c):
 It's based on
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: (was: qpidproton-AXTLS.patch)

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, axtls_proton_example.c, qpidproton-AXTLS.patch, 
 ssl_io.h

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ 
 atatched(axtls_proton_example.c):
 It's based on
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: axtls.c
qpidproton-AXTLS.patch

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, qpidproton-AXTLS.patch

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ:
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (PROTON-856) idle timeout doesn't work in openssl mode


 [ 
https://issues.apache.org/jira/browse/PROTON-856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Adam Curylo updated PROTON-856:
---
Description: 
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message (PN_TRANSPORT_ERROR 
amqp:resource-limit-exceeded: local-idle-timeout expired ) after timeout but 
connections still remains. It is different (wrong) behaviour than for 
unencrypted connection. 
I've used for check it following example code (connection with ActiveMQ message 
broker):

#include proton/reactor.h
#include proton/handlers.h
#include proton/engine.h
#include proton/message.h
#include proton/ssl.h
#include proton/ssl_io.h
#include assert.h
#include stdio.h
#include string.h


typedef pn_handler_t client_t;

typedef struct {
const char *hostname;
const char *queue;
const char *container;
pn_session_t * session;
pn_ssl_domain_t *sslDomain;
} client_state_t;

client_state_t *client_state(client_t *client) {
return (client_state_t *) pn_handler_mem(client);
}

void client_cleanup(client_t *client) {
client_state_t *cs = client_state(client);
(void)cs;
}

void client_dispatch(pn_handler_t *client, pn_event_t *event, pn_event_type_t 
eventType) {
client_state_t *state = client_state(client);

switch (eventType) {
case PN_TRANSPORT:
{
pn_transport_t * transport = pn_event_transport(event);
assert(transport);
pn_transport_set_idle_timeout(transport, 2);
}
break;
case PN_TRANSPORT_ERROR:
{
pn_transport_t * transport = pn_event_transport(event);
pn_error_t * error = pn_transport_error(transport);
printf(PN_TRANSPORT_ERROR %s \n, pn_error_text(error));
}
break;
case PN_SELECTABLE_INIT:
{
//OpenSSL mode
if (state-sslDomain == NULL) {
state-sslDomain = pn_ssl_domain(PN_SSL_MODE_CLIENT);
}
if (pn_ssl_domain_set_credentials(state-sslDomain, 
./device.polyx.crt, ./device.polyx.key, NULL) == 0) {
pn_connection_t * conn = 
pn_session_connection(state-session);
pn_transport_t * transport = 
pn_connection_transport(conn);
assert(transport);
pn_ssl_init(pn_ssl(transport), state-sslDomain, NULL);
}
}
break;
case PN_DELIVERY:
{

pn_link_t *link = pn_event_link(event);
pn_delivery_t *dlv = pn_event_delivery(event);
if (pn_link_is_receiver(link)  !pn_delivery_partial(dlv)) {
char buf[1024];
ssize_t n = pn_link_recv(link, buf, 1024);
if (n  0) {
pn_message_t *msg = pn_message();
pn_message_decode(msg, buf, n);
pn_string_t *str = pn_string(NULL);
pn_inspect(msg, str);
printf(Got: %s\n, pn_string_get(str));
pn_message_free(msg);
pn_free(str);
}
pn_delivery_settle(dlv);
}
}
break;
default:
break;
}
}

client_t *client_handler(const char *hostName, const char * queueName, const 
char * containerName) {
client_t *client = pn_handler_new(client_dispatch, sizeof(client_state_t), 
client_cleanup);
client_state_t *state = client_state(client);
state-hostname = hostName;
state-queue = queueName;
state-container = containerName;
state-sslDomain = NULL;
state-session = NULL;
return client;
}


int main(int argc, const char **argv) {

pn_reactor_t *reactor = pn_reactor();

pn_handler_t *root = pn_reactor_get_handler(reactor);

client_t *client = client_handler(localhost:5671, queue://example, 
example);
pn_handler_add(root, client);
pn_handler_add(root, pn_flowcontroller(1024));
pn_handler_add(root, pn_handshaker());

client_state_t *state = client_state(client);

pn_connection_t *conn = pn_reactor_connection(reactor, client);
pn_connection_set_container(conn, state-container);
pn_connection_set_hostname(conn, state-hostname);

pn_connection_open(conn);

state-session = pn_session(conn);
pn_session_open(state-session);

pn_link_t * link = pn_receiver(state-session, state-container);
pn_terminus_set_address(pn_link_source(link), state-queue);
pn_terminus_set_address(pn_link_target(link), state-queue);
pn_link_set_snd_settle_mode(link, PN_SND_UNSETTLED);
pn_link_set_rcv_settle_mode(link, PN_RCV_SECOND);
pn_link_open(link);
pn_link_flow(link, 1);

pn_reactor_run(reactor);

if (state-sslDomain != NULL) {
pn_ssl_domain_free(state-sslDomain);
}
pn_reactor_free(reactor);
return 0;
}
 


  was:
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: ssl_io.h

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, qpidproton-AXTLS.patch, ssl_io.h

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ:
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[GitHub] qpid-proton pull request: PROTON-853: stop erroneous attach being ...

2015-04-21 Thread rhs

Github user rhs commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94755563
  
+1 from me

Initially I thought this wouldn't account for detach properly, but looking 
at the code I managed to convince myself that it will. If you have time, 
however, it would be nice to augment/add a test of the detach scenario.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (PROTON-853) [proton-j] the transport emitted a new link attach for a link in the process of being detached


[ 
https://issues.apache.org/jira/browse/PROTON-853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504801#comment-14504801
 ] 

ASF GitHub Bot commented on PROTON-853:
---

Github user rhs commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94755563
  
+1 from me

Initially I thought this wouldn't account for detach properly, but looking 
at the code I managed to convince myself that it will. If you have time, 
however, it would be nice to augment/add a test of the detach scenario.


 [proton-j] the transport emitted a new link attach for a link in the process 
 of being detached
 --

 Key: PROTON-853
 URL: https://issues.apache.org/jira/browse/PROTON-853
 Project: Qpid Proton
  Issue Type: Bug
  Components: proton-j
Affects Versions: 0.9
Reporter: Robbie Gemmell

 When upgrading to use 0.9 for the JMS client, we see some NPEs on the client 
 as it tries processing the events being emitted by the connection. This was 
 due to multiple link attach and detach frames arriving in the for the same 
 consumer link.
 What appears to be happening is that while closing the consumer, after the 
 client emits its detach frame proton then emits a new attach frame for the 
 link, before the server responds to the original detach, even though the 
 client made no attempt to recreate the consumer. It looks like the clients 
 handling of a flow frame which arrived after it emitted the original detach 
 meant that the link was modified, and the transport reacted by sending out a 
 new attach. This appears to be due to a change made in 0.9 for PROTON-154.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (PROTON-334) SASL Implementation for Proton C


[ 
https://issues.apache.org/jira/browse/PROTON-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14505176#comment-14505176
 ] 

ASF GitHub Bot commented on PROTON-334:
---

Github user astitcher commented on the pull request:

https://github.com/apache/qpid-proton/pull/19#issuecomment-94854481
  
@dcristoloveanu I've landed PROTON-334 now, so you should check that trunk 
now does what you want.


 SASL Implementation for Proton C
 

 Key: PROTON-334
 URL: https://issues.apache.org/jira/browse/PROTON-334
 Project: Qpid Proton
  Issue Type: Wish
  Components: proton-c
Reporter: Ted Ross
Assignee: Andrew Stitcher

 It would be desirable to have the ability to use a plug-in module for SASL in 
 Proton.  The following implementations could then be developed:
 1) A portable stand-alone plugin that does ANONYMOUS, PLAIN, and EXTERNAL
 2) A Cyrus-Sasl based plugin for Linux
 3) A Windows plugin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Re: problems with master after sasl changes

2015-04-21 Thread Andrew Stitcher

On Tue, 2015-04-21 at 14:56 +0100, Robbie Gemmell wrote:
 On 21 April 2015 at 14:48, Robbie Gemmell robbie.gemm...@gmail.com wrote:
  On 21 April 2015 at 12:52, Rafael Schloming r...@alum.mit.edu wrote:
  I'm seeing a couple of issues with the recently landed sasl changes. I'm
  getting four test failures in the python tests (see details at the end).
  I'm also seeing interop issues with the proton.js built prior to these
  changes, and with these changes in place the javascript build seems to be
  messed up (not finding new symbols).
 
  Is anyone else seeing similar issues?

Those failures *were* certainly there along the development process, in
my builds they're gone.

I have to admit that I don't have the emscripten environment so I have
tested the javascript work, so let me know if this is the result from
javascript tests, and I guess I'll have to put some effort into getting
that environment.

 ...
 Of course, I might have spoke too soon. The Java build fails running a
 few of the tests:

This is usually caused by out of date jython bits, the maven rules don't
seem to clean enough, try removing all the target directories from the
source tree, then failing that all the py$class files.

My java tests are running.

Andrew

[GitHub] qpid-proton pull request: Mbed minor changes and sasl mech

2015-04-21 Thread astitcher

Github user astitcher commented on the pull request:

https://github.com/apache/qpid-proton/pull/19#issuecomment-94854481
  
@dcristoloveanu I've landed PROTON-334 now, so you should check that trunk 
now does what you want.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Created] (PROTON-856) idle timeout doesn't work in openssl mode

Adam Curylo created PROTON-856:
--

 Summary: idle timeout doesn't work in openssl mode
 Key: PROTON-856
 URL: https://issues.apache.org/jira/browse/PROTON-856
 Project: Qpid Proton
  Issue Type: Bug
  Components: proton-c
Affects Versions: 0.9
 Environment: Kubuntu 12.04 LTS (64 bit), Intel Core i5, 2 Gb of RAM on 
VMware Player. ActiveMQ broker on localhost machine.
Reporter: Adam Curylo


pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message (PN_TRANSPORT_ERROR 
amqp:resource-limit-exceeded: local-idle-timeout expired ) after timeout but 
connections still remains. It is different (wrong) behaviour than unencrypted 
connection. 
I've used for check it following example code (connection with ActiveMQ message 
broker):

#include proton/reactor.h
#include proton/handlers.h
#include proton/engine.h
#include proton/message.h
#include proton/ssl.h
#include proton/ssl_io.h
#include assert.h
#include stdio.h
#include string.h


typedef pn_handler_t client_t;

typedef struct {
const char *hostname;
const char *queue;
const char *container;
pn_session_t * session;
pn_ssl_domain_t *sslDomain;
} client_state_t;

client_state_t *client_state(client_t *client) {
return (client_state_t *) pn_handler_mem(client);
}

void client_cleanup(client_t *client) {
client_state_t *cs = client_state(client);
(void)cs;
}

void client_dispatch(pn_handler_t *client, pn_event_t *event, pn_event_type_t 
eventType) {
client_state_t *state = client_state(client);

switch (eventType) {
case PN_TRANSPORT:
{
pn_transport_t * transport = pn_event_transport(event);
assert(transport);
pn_transport_set_idle_timeout(transport, 2);
}
break;
case PN_TRANSPORT_ERROR:
{
pn_transport_t * transport = pn_event_transport(event);
pn_error_t * error = pn_transport_error(transport);
printf(PN_TRANSPORT_ERROR %s \n, pn_error_text(error));
}
break;
case PN_SELECTABLE_INIT:
{
//OpenSSL mode
if (state-sslDomain == NULL) {
state-sslDomain = pn_ssl_domain(PN_SSL_MODE_CLIENT);
}
if (pn_ssl_domain_set_credentials(state-sslDomain, 
./device.polyx.crt, ./device.polyx.key, NULL) == 0) {
pn_connection_t * conn = 
pn_session_connection(state-session);
pn_transport_t * transport = 
pn_connection_transport(conn);
assert(transport);
pn_ssl_init(pn_ssl(transport), state-sslDomain, NULL);
}
}
break;
case PN_DELIVERY:
{

pn_link_t *link = pn_event_link(event);
pn_delivery_t *dlv = pn_event_delivery(event);
if (pn_link_is_receiver(link)  !pn_delivery_partial(dlv)) {
char buf[1024];
ssize_t n = pn_link_recv(link, buf, 1024);
if (n  0) {
pn_message_t *msg = pn_message();
pn_message_decode(msg, buf, n);
pn_string_t *str = pn_string(NULL);
pn_inspect(msg, str);
printf(Got: %s\n, pn_string_get(str));
pn_message_free(msg);
pn_free(str);
}
pn_delivery_settle(dlv);
}
}
break;
default:
break;
}
}

client_t *client_handler(const char *hostName, const char * queueName, const 
char * containerName) {
client_t *client = pn_handler_new(client_dispatch, sizeof(client_state_t), 
client_cleanup);
client_state_t *state = client_state(client);
state-hostname = hostName;
state-queue = queueName;
state-container = containerName;
state-sslDomain = NULL;
state-session = NULL;
return client;
}


int main(int argc, const char **argv) {

pn_reactor_t *reactor = pn_reactor();

pn_handler_t *root = pn_reactor_get_handler(reactor);

client_t *client = client_handler(localhost:5671, queue://example, 
example);
pn_handler_add(root, client);
pn_handler_add(root, pn_flowcontroller(1024));
pn_handler_add(root, pn_handshaker());

client_state_t *state = client_state(client);

pn_connection_t *conn = pn_reactor_connection(reactor, client);
pn_connection_set_container(conn, state-container);
pn_connection_set_hostname(conn, state-hostname);

pn_connection_open(conn);

state-session = pn_session(conn);
pn_session_open(state-session);

pn_link_t * link = pn_receiver(state-session, state-container);
pn_terminus_set_address(pn_link_source(link), state-queue);
pn_terminus_set_address(pn_link_target(link), state-queue);
pn_link_set_snd_settle_mode(link, PN_SND_UNSETTLED);
pn_link_set_rcv_settle_mode(link, PN_RCV_SECOND);
pn_link_open(link);
pn_link_flow(link, 1);

[jira] [Updated] (PROTON-856) idle timeout doesn't work in openssl mode


 [ 
https://issues.apache.org/jira/browse/PROTON-856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Adam Curylo updated PROTON-856:
---
Description: 
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message (PN_TRANSPORT_ERROR 
amqp:resource-limit-exceeded: local-idle-timeout expired ) after timeout but 
connections still remains. It is different (wrong) behaviour than unencrypted 
connection. 
I've used for check it following example code (connection with ActiveMQ message 
broker):


{code}

#include proton/reactor.h
#include proton/handlers.h
#include proton/engine.h
#include proton/message.h
#include proton/ssl.h
#include proton/ssl_io.h
#include assert.h
#include stdio.h
#include string.h


typedef pn_handler_t client_t;

typedef struct {
const char *hostname;
const char *queue;
const char *container;
pn_session_t * session;
pn_ssl_domain_t *sslDomain;
} client_state_t;

client_state_t *client_state(client_t *client) {
return (client_state_t *) pn_handler_mem(client);
}

void client_cleanup(client_t *client) {
client_state_t *cs = client_state(client);
(void)cs;
}

void client_dispatch(pn_handler_t *client, pn_event_t *event, pn_event_type_t 
eventType) {
client_state_t *state = client_state(client);

switch (eventType) {
case PN_TRANSPORT:
{
pn_transport_t * transport = pn_event_transport(event);
assert(transport);
pn_transport_set_idle_timeout(transport, 2);
}
break;
case PN_TRANSPORT_ERROR:
{
pn_transport_t * transport = pn_event_transport(event);
pn_error_t * error = pn_transport_error(transport);
printf(PN_TRANSPORT_ERROR %s \n, pn_error_text(error));
}
break;
case PN_SELECTABLE_INIT:
{
//OpenSSL mode
if (state-sslDomain == NULL) {
state-sslDomain = pn_ssl_domain(PN_SSL_MODE_CLIENT);
}
if (pn_ssl_domain_set_credentials(state-sslDomain, 
./device.polyx.crt, ./device.polyx.key, NULL) == 0) {
pn_connection_t * conn = 
pn_session_connection(state-session);
pn_transport_t * transport = 
pn_connection_transport(conn);
assert(transport);
pn_ssl_init(pn_ssl(transport), state-sslDomain, NULL);
}
}
break;
case PN_DELIVERY:
{

pn_link_t *link = pn_event_link(event);
pn_delivery_t *dlv = pn_event_delivery(event);
if (pn_link_is_receiver(link)  !pn_delivery_partial(dlv)) {
char buf[1024];
ssize_t n = pn_link_recv(link, buf, 1024);
if (n  0) {
pn_message_t *msg = pn_message();
pn_message_decode(msg, buf, n);
pn_string_t *str = pn_string(NULL);
pn_inspect(msg, str);
printf(Got: %s\n, pn_string_get(str));
pn_message_free(msg);
pn_free(str);
}
pn_delivery_settle(dlv);
}
}
break;
default:
break;
}
}

client_t *client_handler(const char *hostName, const char * queueName, const 
char * containerName) {
client_t *client = pn_handler_new(client_dispatch, sizeof(client_state_t), 
client_cleanup);
client_state_t *state = client_state(client);
state-hostname = hostName;
state-queue = queueName;
state-container = containerName;
state-sslDomain = NULL;
state-session = NULL;
return client;
}


int main(int argc, const char **argv) {

pn_reactor_t *reactor = pn_reactor();

pn_handler_t *root = pn_reactor_get_handler(reactor);

client_t *client = client_handler(localhost:5671, queue://example, 
example);
pn_handler_add(root, client);
pn_handler_add(root, pn_flowcontroller(1024));
pn_handler_add(root, pn_handshaker());

client_state_t *state = client_state(client);

pn_connection_t *conn = pn_reactor_connection(reactor, client);
pn_connection_set_container(conn, state-container);
pn_connection_set_hostname(conn, state-hostname);

pn_connection_open(conn);

state-session = pn_session(conn);
pn_session_open(state-session);

pn_link_t * link = pn_receiver(state-session, state-container);
pn_terminus_set_address(pn_link_source(link), state-queue);
pn_terminus_set_address(pn_link_target(link), state-queue);
pn_link_set_snd_settle_mode(link, PN_SND_UNSETTLED);
pn_link_set_rcv_settle_mode(link, PN_RCV_SECOND);
pn_link_open(link);
pn_link_flow(link, 1);

pn_reactor_run(reactor);

if (state-sslDomain != NULL) {
pn_ssl_domain_free(state-sslDomain);
}
pn_reactor_free(reactor);
return 0;
}
 
{code}

  was:
pn_transport_set_idle_timeout doesn't  work properly for ssl connection. 
There is a proper transport-error message

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: axtls_proton_example.c

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, axtls_proton_example.c, qpidproton-AXTLS.patch, 
 ssl_io.h

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ:
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (PROTON-853) [proton-j] the transport emitted a new link attach for a link in the process of being detached


[ 
https://issues.apache.org/jira/browse/PROTON-853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14504726#comment-14504726
 ] 

ASF GitHub Bot commented on PROTON-853:
---

Github user gemmellr commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94736378
  
Just a note to say, the new test will currently fail against proton-c just 
now, but Gordons fix from PROTON-850 resolves that. I mentioned this to him and 
he will push it in at some point.


 [proton-j] the transport emitted a new link attach for a link in the process 
 of being detached
 --

 Key: PROTON-853
 URL: https://issues.apache.org/jira/browse/PROTON-853
 Project: Qpid Proton
  Issue Type: Bug
  Components: proton-j
Affects Versions: 0.9
Reporter: Robbie Gemmell

 When upgrading to use 0.9 for the JMS client, we see some NPEs on the client 
 as it tries processing the events being emitted by the connection. This was 
 due to multiple link attach and detach frames arriving in the for the same 
 consumer link.
 What appears to be happening is that while closing the consumer, after the 
 client emits its detach frame proton then emits a new attach frame for the 
 link, before the server responds to the original detach, even though the 
 client made no attempt to recreate the consumer. It looks like the clients 
 handling of a flow frame which arrived after it emitted the original detach 
 meant that the link was modified, and the transport reacted by sending out a 
 new attach. This appears to be due to a change made in 0.9 for PROTON-154.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[GitHub] qpid-proton pull request: PROTON-853: stop erroneous attach being ...

2015-04-21 Thread gemmellr

Github user gemmellr commented on the pull request:

https://github.com/apache/qpid-proton/pull/21#issuecomment-94736378
  
Just a note to say, the new test will currently fail against proton-c just 
now, but Gordons fix from PROTON-850 resolves that. I mentioned this to him and 
he will push it in at some point.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c


 [ 
https://issues.apache.org/jira/browse/PROTON-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tomasz Nowicki updated PROTON-855:
--
Attachment: qpidproton-AXTLS.patch

 Add axTLS (embedded SSL) support to proton-c
 

 Key: PROTON-855
 URL: https://issues.apache.org/jira/browse/PROTON-855
 Project: Qpid Proton
  Issue Type: New Feature
  Components: proton-c
Affects Versions: 0.9
 Environment: Platform independent
Reporter: Tomasz Nowicki
  Labels: features
 Fix For: 0.10

 Attachments: axtls.c, qpidproton-AXTLS.patch, ssl_io.h

   Original Estimate: 0h
  Remaining Estimate: 0h

 The axTLS embedded SSL project is a highly configurable client/server 
 TLSv1 SSL library designed for platforms with small memory requirements. 
 It comes with a small HTTP/HTTPS server and additional test tools. 
 axTLS It's free! (BSD style licensing)
 http://axtls.sourceforge.net/
 axTLS integration with proton is done on socket layer(posix layer). On the 
 other hand OpenSSL integration with proton is done on the transport layer. To 
 use both solutions we had to add two methods pn_ssl_recv i pn_ssl_send 
 (daclared in include/ssl_io.h) which in openssl mode, without crypting, 
 invoke native proton pn_send and pn_receive (io.c). In axTLS mode, those 
 methods are replaced with proper axtls comunication methods. Those are 
 defined in openssl.c, ssl_stub.c, axtls.c and located in src/ssl.
 Methods pn_ssl_recv and pn_ssl_send replace original pn_send and pn_recv used 
 in pni_connection_writable(pn_selectable_t *sel), 
 pni_connection_readable(pn_selectable_t *sel) (connection.c).
 Moreover we introduced new file axtls.c located in src/ssl. The file is an 
 equivalent of openssl.c, implementing base ssl methods:  PN_EXTERN 
 pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode);
 PN_EXTERN void pn_ssl_domain_free( pn_ssl_domain_t *domain ); etc
 Example of axTLS integration with ex ActiveMQ:
 http://mail-archives.us.apache.org/mod_mbox/qpid-proton/201501.mbox/%3ccacl1bnc5jerbnikd_4fgkjqh13h5nl_2z-sszp3jg2t+ywa...@mail.gmail.com%3E



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (PROTON-855) Add axTLS (embedded SSL) support to proton-c