Author: gsim
Date: Wed May 6 21:11:45 2015
New Revision: 1678094
URL: http://svn.apache.org/r1678094
Log:
QPID-6532: make sasl service name configurable
Modified:
qpid/trunk/qpid/cpp/src/qpid/SaslFactory.cpp
qpid/trunk/qpid/cpp/src/qpid/SaslFactory.h
qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h
qpid/trunk/qpid/cpp/src/qpid/broker/BrokerOptions.h
qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
qpid/trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp
Modified: qpid/trunk/qpid/cpp/src/qpid/SaslFactory.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/SaslFactory.cpp?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/SaslFactory.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/SaslFactory.cpp Wed May 6 21:11:45 2015
@@ -53,7 +53,7 @@ std::auto_ptr<Sasl> SaslFactory::create(
return client;
}
-std::auto_ptr<SaslServer> SaslFactory::createServer(const std::string& realm,
bool /*encryptionRequired*/, const qpid::sys::SecuritySettings&)
+std::auto_ptr<SaslServer> SaslFactory::createServer(const std::string& realm,
const std::string& /*service*/, bool /*encryptionRequired*/, const
qpid::sys::SecuritySettings&)
{
std::auto_ptr<SaslServer> server(new NullSaslServer(realm));
return server;
@@ -152,7 +152,7 @@ std::auto_ptr<SaslFactory> SaslFactory::
class CyrusSaslServer : public SaslServer
{
public:
- CyrusSaslServer(const std::string& realm, bool encryptionRequired, const
qpid::sys::SecuritySettings& external);
+ CyrusSaslServer(const std::string& realm, const std::string& service, bool
encryptionRequired, const qpid::sys::SecuritySettings& external);
~CyrusSaslServer();
Status start(const std::string& mechanism, const std::string* response,
std::string& challenge);
Status step(const std::string* response, std::string& challenge);
@@ -161,6 +161,7 @@ class CyrusSaslServer : public SaslServe
std::auto_ptr<qpid::sys::SecurityLayer> getSecurityLayer(size_t);
private:
std::string realm;
+ std::string service;
std::string userid;
sasl_conn_t *sasl_conn;
};
@@ -194,9 +195,9 @@ std::auto_ptr<Sasl> SaslFactory::create(
return sasl;
}
-std::auto_ptr<SaslServer> SaslFactory::createServer(const std::string& realm,
bool encryptionRequired, const qpid::sys::SecuritySettings& external)
+std::auto_ptr<SaslServer> SaslFactory::createServer(const std::string& realm,
const std::string& service, bool encryptionRequired, const
qpid::sys::SecuritySettings& external)
{
- std::auto_ptr<SaslServer> server(new CyrusSaslServer(realm,
encryptionRequired, external));
+ std::auto_ptr<SaslServer> server(new CyrusSaslServer(realm, service,
encryptionRequired, external));
return server;
}
@@ -419,9 +420,9 @@ std::auto_ptr<SecurityLayer> CyrusSasl::
return securityLayer;
}
-CyrusSaslServer::CyrusSaslServer(const std::string& r, bool
encryptionRequired, const qpid::sys::SecuritySettings& external) : realm(r),
sasl_conn(0)
+CyrusSaslServer::CyrusSaslServer(const std::string& r, const std::string& s,
bool encryptionRequired, const qpid::sys::SecuritySettings& external) :
realm(r), service(s), sasl_conn(0)
{
- int code = sasl_server_new(BROKER_SASL_NAME, /* Service name */
+ int code = sasl_server_new(service.c_str(), /* Service name */
NULL, /* Server FQDN, gethostname() */
realm.c_str(), /* Authentication realm */
NULL, /* Local IP, needed for some mechanism */
Modified: qpid/trunk/qpid/cpp/src/qpid/SaslFactory.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/SaslFactory.h?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/SaslFactory.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/SaslFactory.h Wed May 6 21:11:45 2015
@@ -36,7 +36,7 @@ class SaslFactory
{
public:
QPID_COMMON_EXTERN std::auto_ptr<Sasl> create(const std::string &
userName, const std::string & password, const std::string & serviceName, const
std::string & hostName, int minSsf, int maxSsf, bool allowInteraction=true );
- QPID_COMMON_EXTERN std::auto_ptr<SaslServer> createServer(const
std::string& realm, bool encryptionRequired, const
qpid::sys::SecuritySettings&);
+ QPID_COMMON_EXTERN std::auto_ptr<SaslServer> createServer(const
std::string& realm, const std::string& service, bool encryptionRequired, const
qpid::sys::SecuritySettings&);
QPID_COMMON_EXTERN static SaslFactory& getInstance();
QPID_COMMON_EXTERN ~SaslFactory();
private:
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp Wed May 6 21:11:45 2015
@@ -83,6 +83,7 @@
#include "qpid/StringUtils.h"
#include "qpid/Url.h"
#include "qpid/Version.h"
+#include "config.h"
#include <boost/bind.hpp>
#include <boost/format.hpp>
@@ -132,6 +133,7 @@ BrokerOptions::BrokerOptions(const std::
queueCleanInterval(60*sys::TIME_SEC*10),//10 minutes
auth(SaslAuthenticator::available()),
realm("QPID"),
+ saslServiceName(BROKER_SASL_NAME),
replayFlushLimit(0),
replayHardLimit(0),
queueLimit(100*1048576/*100M default limit*/),
@@ -180,6 +182,7 @@ BrokerOptions::BrokerOptions(const std::
"Interval between attempts to purge any expired messages from queues")
("auth", optValue(auth, "yes|no"), "Enable authentication, if disabled
all incoming connections will be trusted")
("realm", optValue(realm, "REALM"), "Use the given realm when
performing authentication")
+ ("sasl-service-name", optValue(saslServiceName, "NAME"), "The service
name to specify for SASL")
("default-queue-limit", optValue(queueLimit, "BYTES"), "Default
maximum size for queues (in bytes)")
("tcp-nodelay", optValue(tcpNoDelay), "Set TCP_NODELAY on TCP
connections")
("require-encryption", optValue(requireEncrypted), "Only accept
connections that are encrypted")
@@ -427,6 +430,11 @@ std::string Broker::getRealm() const
return config.realm;
}
+std::string Broker::getSaslServiceName() const
+{
+ return config.saslServiceName;
+}
+
bool Broker::getTcpNoDelay() const
{
return config.tcpNoDelay;
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h Wed May 6 21:11:45 2015
@@ -329,6 +329,7 @@ class Broker : public sys::Runnable, pub
QPID_BROKER_EXTERN bool isAuthenticating() const;
QPID_BROKER_EXTERN bool requireEncrypted() const;
QPID_BROKER_EXTERN std::string getRealm() const;
+ QPID_BROKER_EXTERN std::string getSaslServiceName() const;
QPID_BROKER_EXTERN bool getTcpNoDelay() const;
QPID_BROKER_EXTERN uint16_t getPortOption() const;
QPID_BROKER_EXTERN const std::vector<std::string>& getListenInterfaces()
const;
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/BrokerOptions.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/BrokerOptions.h?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/BrokerOptions.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/BrokerOptions.h Wed May 6 21:11:45 2015
@@ -57,6 +57,7 @@ struct BrokerOptions : public qpid::Opti
sys::Duration queueCleanInterval;
bool auth;
std::string realm;
+ std::string saslServiceName;
size_t replayFlushLimit;
size_t replayHardLimit;
uint queueLimit;
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/SaslAuthenticator.cpp Wed May 6
21:11:45 2015
@@ -310,7 +310,8 @@ void CyrusAuthenticator::init()
int code;
std::string realm = connection.getBroker().getRealm();
- code = sasl_server_new(BROKER_SASL_NAME, /* Service name */
+ std::string service = connection.getBroker().getSaslServiceName();
+ code = sasl_server_new(service.c_str(), /* Service name */
NULL, /* Server FQDN, gethostname() */
realm.c_str(), /* Authentication realm */
NULL, /* Local IP, needed for some mechanism */
Modified: qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/broker/amqp/ProtocolPlugin.cpp Wed May 6
21:11:45 2015
@@ -119,7 +119,7 @@ qpid::sys::ConnectionCodec* ProtocolImpl
if (getBroker().isAuthenticating()) {
QPID_LOG(info, "Using AMQP 1.0 (with SASL layer)");
return new qpid::broker::amqp::Sasl(out, id, *this,
-
qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),getBroker().requireEncrypted(),
external));
+
qpid::SaslFactory::getInstance().createServer(getBroker().getRealm(),getBroker().getSaslServiceName(),getBroker().requireEncrypted(),
external));
} else {
std::auto_ptr<SaslServer> authenticator(new
qpid::NullSaslServer(getBroker().getRealm()));
QPID_LOG(info, "Using AMQP 1.0 (with dummy SASL layer)");
Modified: qpid/trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp?rev=1678094&r1=1678093&r2=1678094&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/client/windows/SaslFactory.cpp Wed May 6
21:11:45 2015
@@ -109,7 +109,7 @@ std::auto_ptr<Sasl> SaslFactory::create(
return sasl;
}
-std::auto_ptr<SaslServer> SaslFactory::createServer( const std::string& realm,
bool /*encryptionRequired*/, const qpid::sys::SecuritySettings& )
+std::auto_ptr<SaslServer> SaslFactory::createServer( const std::string& realm,
const std::string& /*service*/, bool /*encryptionRequired*/, const
qpid::sys::SecuritySettings& )
{
std::auto_ptr<SaslServer> server(new NullSaslServer(realm));
return server;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
