[jira] [Commented] (PROTON-1486) Proton(-J) provides no mechanism to get or set the additional-data field on sasl-outcome

Tue, 18 Jul 2017 04:41:34 -0700 

    [ 
https://issues.apache.org/jira/browse/PROTON-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16091447#comment-16091447
 ] 

Robbie Gemmell commented on PROTON-1486:
----------------------------------------

[~k-wall]: PR looks good, merged.

[~alex.rufous]: can you raise a new JIRA against proton-c for your findings, 
changes for the two are handled seperately now. Perhaps also clarify if you 
tried things out? My comments on the mailing list around proton-c and QPID-7787 
were mainly just to check if proton-c based clients (and so also servers such 
as Dispatch, acting as a network client of the broker) that want to connect to 
the broker using SCRAM-SHA will still be able to after QPID-7787, as it would 
seem nice to wait on that until they can if they wouldn't, given the main 
benefit of the change is seemingly just removal of one of several round trips.

> Proton(-J) provides no mechanism to get or set the additional-data field on 
> sasl-outcome
> ----------------------------------------------------------------------------------------
>
>                 Key: PROTON-1486
>                 URL: https://issues.apache.org/jira/browse/PROTON-1486
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-j
>    Affects Versions: proton-j-0.19.0
>            Reporter: Rob Godfrey
>            Assignee: Keith Wall
>             Fix For: proton-j-0.20.0
>
>         Attachments: PROTON_1486.patch
>
>
> The Proton Engine API provides no mechanism for getting or setting the 
> additional-data field on sasl-outcome.
> Some SASL mechanisms (e.g. SCRAM-SHA-\*) send additional data along with the 
> outcome (in the case of SCRAM-SHA-\* the additional data is a proof that the 
> server is also aware of the credentials and is not simply just accepting any 
> credential data as part of some sort of attack).
> One approach for the API would be to expose the additional-data field using 
> the send/recv/pending methods used for exchanging the challenge/response in 
> the earlier phases of the sasl exchange.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to