Now it seems to work but with a little bit change inside Qpid Proton C library
...
As I said the in "pni_process_mechanisms" function, the SASL mechanisms list
received from server is parsed and if the EXTERNAL value is found then it is
selected (the function return "true") even if we set the flag
PN_FLAGS_ALLOW_INSECURE_MECHS (but I see that it is set by default in the
messenger constructor).
One solution could be to add another check on EXTERNAL found ...
// Check whether offered EXTERNAL, PLAIN or ANONYMOUS
// Look for "EXTERNAL" in mechs
const char *found = strstr(mechs, EXTERNAL);
// Make sure that string is separated and terminated and allowed
if (found && (found==mechs || found[-1]==' ') && (found[8]==0 || found[8]=='
') &&
pni_included_mech(transport->sasl->included_mechanisms, pn_bytes(8,
found))
&& !transport->sasl->allow_insecure_mechs)
I added the !transport->sasl->allow_insecure_mechs so that even if the EXTERNAL
is found but I want PLAIN, the parser goes forward to the next parsing on PLAIN
text.
Another solution could be to invert order between EXTERNAL check and PLAIN
check.
What do you think about that ?
Thanks,Paolo.
Paolo PatiernoSenior Software Engineer
Windows Embedded & IoTMicrosoft Azure Insider
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperienceBlog : Embedded101
> From: ppatie...@live.com
> To: users@qpid.apache.org
> Subject: RE: SASL mechanism different between 0.9.1 and 0.10
> Date: Wed, 2 Sep 2015 13:48:31 +0000
>
> I tried to set following ...
> pn_messenger_set_flags(messenger, PN_FLAGS_ALLOW_INSECURE_MECHS);
>
> without any good result.
> However in the pni_process_mechanisms function I see that if client receives
> EXTERNAL from server in the SASL mechanisms list, this is the first to be
> used even if I set the above flag.
> Paolo.
> Paolo PatiernoSenior Software Engineer
>
>
> Windows Embedded & IoTMicrosoft Azure Insider
> Twitter : @ppatierno
> Linkedin : paolopatierno
> Blog : DevExperienceBlog : Embedded101
>
>
> To: users@qpid.apache.org
> From: ppatie...@live.com
> Subject: RE: SASL mechanism different between 0.9.1 and 0.10
> Date: Tue, 1 Sep 2015 20:52:50 +0200
>
>
>
>
>
>
>
> Yes Gordon ... You are right I'm speaking about messenger APIs
>
>
>
> Sent from my Windows Phone
>
>
>
> From:
> Gordon Sim
>
> Sent:
> 01/09/2015 20:39
>
> To:
> users@qpid.apache.org
>
> Subject:
> Re: SASL mechanism different between 0.9.1 and 0.10
>
>
>
>
>
> On 09/01/2015 07:29 PM, Andrew Stitcher wrote:
>
> > You may have to modify the send example
>
>
>
> I suspect this is the send example using the messenger API. Is there a
>
> way to control the mechanisms used with that API?
>
>
>
>
>
> ---------------------------------------------------------------------
>
> To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org
>
> For additional commands, e-mail: users-h...@qpid.apache.org
>
>
>
>
>
