Re: Qpid C++ 1.36 issues an invalid AMQP 1.0 frame after successful DIGEST-MD5 authentication

[Gordon Sim]

On 05/01/17 08:39, drasil wrote:
Hello,
I believe that I found a bug in the Qpid C++ broker (I tried versions 1.35
and 1.36 and both are affected). When the broker is configured to use the
DIGEST-MD5 SASL mechanism, the authentication passes successfully, but just
after that the broker issues a completely invalid AMQP 1.0 frame.

By default, DIGEST-MD5 installs an encryption layer after successful 
authentication. So from wireshark's perspective, subsequent frames will 
not be decodable.

As a
result, the client complains about a framing error and disconnects.

That shouldn't happen if the client and server are aligned on the 
establishment of the encryption layer.

I am
using a client based on python-qpid-proton 0.16.0 but that should not be
important I guess.

The client (and version) is I think relevant here. Were you using one of 
the standard examples in testing?

I've tried connecting using DIGEST-MD5 and the 0.16 proton python client 
and it works for me (viewing with wireshark, all the frames after the 
sasl layer is established are reported as invalid due to the encryption):

$ PN_TRACE_FRM=1 python ./share/proton-0.16.0/examples/python/simple_send.py -a 
guest:guest@localhost/amq.fanout -m 1
[0x5634d72a2c50]:  -> SASL
[0x5634d72a2c50]:  <- SASL
[0x5634d72a2c50]:0 <- @sasl-mechanisms(64) 
[sasl-server-mechanisms=@PN_SYMBOL[:"DIGEST-MD5", :PLAIN]]
[0x5634d72a2c50]:0 -> @sasl-init(65) [mechanism=:"DIGEST-MD5"]
[0x5634d72a2c50]:0 <- @sasl-challenge(66) 
[challenge=b"nonce="XiDROFG5dWVBVyih71+KSuBvSNawZr3g9SrnjRj3LLY=",realm="QPID",qop="auth,auth-int,auth-conf",cipher="rc4-40,rc4-56,rc4,des,3des",maxbuf=65535,charset=utf-8,algorithm=md5-sess"]
[0x5634d72a2c50]:0 -> @sasl-response(67) 
[response=b"username="guest",realm="QPID",nonce="XiDROFG5dWVBVyih71+KSuBvSNawZr3g9SrnjRj3LLY=",cnonce="LwH1PutrtfaR5kzmXy3MnO6VDAsApszmkvcbCQek9vk=",nc=00000001,qop=auth-conf,cipher=rc4,maxbuf=32768,digest-uri="amqp/localhost",response=3488392792124469fa3e1acfdb2cbc85"]
[0x5634d72a2c50]:0 <- @sasl-challenge(66) 
[challenge=b"rspauth=e79db70777debb33d3b179272f13e462"]
[0x5634d72a2c50]:0 -> @sasl-response(67) [response=b""]
[0x5634d72a2c50]:0 <- @sasl-outcome(68) [code=0]
[0x5634d72a2c50]:  -> AMQP
[0x5634d72a2c50]:0 -> @open(16) [container-id="8bb0482d-2eb2-4f97-a749-22e8ea2dec4f", 
hostname="localhost", channel-max=32767]
[0x5634d72a2c50]:0 -> @begin(17) [next-outgoing-id=0, 
incoming-window=2147483647, outgoing-window=2147483647]
[0x5634d72a2c50]:0 -> @attach(18) 
[name="8bb0482d-2eb2-4f97-a749-22e8ea2dec4f-amq.fanout", handle=0, role=false, 
snd-settle-mode=2, rcv-settle-mode=0, source=@source(40) [durable=0, timeout=0, dynamic=false], 
target=@target(41) [address="amq.fanout", durable=0, timeout=0, dynamic=false], 
initial-delivery-count=0, max-message-size=0]
[0x5634d72a2c50]:  <- AMQP
[0x5634d72a2c50]:0 <- @open(16) [container-id="a6022696-2483-49f5-8ea6-a6f50db0e7ae", channel-max=32767, 
offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"], properties={:product="qpid-cpp", :version="1.36.0", 
:platform="Linux", :host="localhost.localdomain"}]
[0x5634d72a2c50]:0 <- @begin(17) [remote-channel=0, next-outgoing-id=0, 
incoming-window=2147483647, outgoing-window=2147483647]
[0x5634d72a2c50]:0 <- @attach(18) 
[name="8bb0482d-2eb2-4f97-a749-22e8ea2dec4f-amq.fanout", handle=0, role=true, 
snd-settle-mode=2, rcv-settle-mode=0, source=@source(40) [durable=0, timeout=0, dynamic=false], 
target=@target(41) [address="amq.fanout", durable=0, timeout=0, dynamic=false], 
initial-delivery-count=0]
[0x5634d72a2c50]:0 <- @flow(19) [next-incoming-id=0, 
incoming-window=2147483647, next-outgoing-id=0, outgoing-window=2147483647, 
handle=0, delivery-count=0, link-credit=500, drain=false]
[0x5634d72a2c50]:0 -> @transfer(20) [handle=0, delivery-id=0, delivery-tag=b"1", 
message-format=0, settled=false, more=false] (86) 
"\x00Sp\xd0\x00\x00\x00\x0b\x00\x00\x00\x05BP\x04@BR\x00\x00Ss\xd0\x00\x00\x00#\x00\x00\x00\x0dS\x01@@@@@@@\x83\x00\x00\x00\x00\x00\x00\x00\x00\x83\x00\x00\x00\x00\x00\x00\x00\x00@R\x00@\x00Sw\xd1\x00\x00\x00\x10\x00\x00\x00\x02\xa1\x08sequenceT\x01"
[0x5634d72a2c50]:0 <- @flow(19) [next-incoming-id=1, 
incoming-window=2147483647, next-outgoing-id=0, outgoing-window=2147483647, 
handle=0, delivery-count=1, link-credit=500, drain=false]
[0x5634d72a2c50]:0 <- @disposition(21) [role=true, first=0, last=0, 
settled=true, state=@accepted(36) []]
all messages confirmed
[0x5634d72a2c50]:0 -> @close(24) []
[0x5634d72a2c50]:  -> EOS
[0x5634d72a2c50]:0 <- @close(24) []
[0x5634d72a2c50]:  <- EOS


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org
For additional commands, e-mail: users-h...@qpid.apache.org