Re: SASL / proton-c questions
Andreas, are you planning to fix the bug in the future version? It is fixed now: http://www.swiftmq.com/products/releasenotes/v942/index.html -- Andreas Mueller IIT Software GmbH, Bremen/Germany http://www.swiftmq.com IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912
Re: SASL / proton-c questions
Hi, Messenger will simply use anonymous if you don't specify a username and password, e.g. amqp://broker/node will result in the client forcing ANONYMOUS. If you do specify a username and password, e.g. amqp://user:pass@broker/node, then messenger will force PLAIN. There is no way to disable SASL entirely. If you're interested in stronger security than PLAIN offers, your best bet is probably to use SSL with client side certificates. --Rafael On Tue, Jan 14, 2014 at 9:05 AM, Andreas Mueller a...@iit.de wrote: Hi, I've looked through the proton-c Messenger API docs but can't find it. Can someone please tell me: 1) How to disable SASL at all to start direct with AMQP? 2) How to force a specific SASL mechanism like PLAIN? Thanks, Andreas -- Andreas Mueller IIT Software GmbH, Bremen/Germany http://www.swiftmq.com IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912
Re: SASL / proton-c questions
Disabling SASL should be an option in proton to connect to simple services that do not provide SASL or just to skip this additional step if SASL is not requires. The other problem was already reported from Sergey. I receive a SASL protocol header and a SASL Init message with mechanism PLAIN from proton. [ProtocolHeader, name=AMQP, id=3, major=1, minor=0, revision=0] [SaslInit mechanism=PLAIN, initialResponse=006775657374006775657374] Then occasionally this error is thrown: ./send -a amqp://guest:guest@127.0.0.1:5672/testqueue Test [0xbe1030:0] ERROR[-2] SASL header mismatch: '\x00\x00\x00\x17\x02\x01\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00D\xc0\x03\x01P\x00AMQP\x03\x01\x00\x00\x00\x00\x00=\x02\x01\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00@\xc0)\x01\xe0\x04\xa3\x05PLAIN\x09ANONYMOUS\x0aDIGEST-MD5\x08CRAM-MD5' My first thought was that this might be caused by using an unsupported mechanisnm but this is not the case as PLAIN is used. I'm getting this with ANONYMOUS too. -- Andreas Mueller IIT Software GmbH, Bremen/Germany http://www.swiftmq.com Am 14.01.2014 um 15:24 schrieb Rafael Schloming r...@alum.mit.edu: Hi, Messenger will simply use anonymous if you don't specify a username and password, e.g. amqp://broker/node will result in the client forcing ANONYMOUS. If you do specify a username and password, e.g. amqp://user:pass@broker/node, then messenger will force PLAIN. There is no way to disable SASL entirely. If you're interested in stronger security than PLAIN offers, your best bet is probably to use SSL with client side certificates. --Rafael On Tue, Jan 14, 2014 at 9:05 AM, Andreas Mueller a...@iit.de wrote: Hi, I've looked through the proton-c Messenger API docs but can't find it. Can someone please tell me: 1) How to disable SASL at all to start direct with AMQP? 2) How to force a specific SASL mechanism like PLAIN? Thanks, Andreas -- Andreas Mueller IIT Software GmbH, Bremen/Germany http://www.swiftmq.com IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912 IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912
Re: SASL / proton-c questions
Am 14.01.2014 um 16:00 schrieb Rafael Schloming r...@alum.mit.edu: The SASL header looks to start where you see the sequence ...AMQP\x03\x01 This either means that proton's internal buffers are getting messed up somehow, or there actually is garbage on the wire. Just checked with iAmqpDecode. It seems the SASL outcome message outruns the protocol header! ;-) That's a bug on my side! Threading issue ... -- Andreas Mueller IIT Software GmbH, Bremen/Germany http://www.swiftmq.com IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912
Re: SASL / proton-c questions
Andreas, are you planning to fix the bug in the future version? Thanks, Sergejs. -- View this message in context: http://qpid.2158936.n2.nabble.com/SASL-proton-c-questions-tp7602690p7602711.html Sent from the Apache Qpid Proton mailing list archive at Nabble.com.
Re: SASL / proton-c questions
Yes, very soon. Andreas Am 14.01.2014 um 18:34 schrieb serega sergejs.melde...@sap.com: Andreas, are you planning to fix the bug in the future version? Thanks, Sergejs. -- View this message in context: http://qpid.2158936.n2.nabble.com/SASL-proton-c-questions-tp7602690p7602711.html Sent from the Apache Qpid Proton mailing list archive at Nabble.com. IIT Software GmbH Fahrenheitstr. 13, D28359 Bremen, Germany Tel: +49 421 330 46 088, Fax: +49 421 330 46 090 Amtsgericht Bremen, HRB 18624, Geschaeftsfuehrer: Andreas Mueller Steuernummer: 460/118/06404 VAT: DE199945912
