Github user gemmellr commented on a diff in the pull request:
https://github.com/apache/qpid-jms/pull/10#discussion_r128726699
--- Diff:
qpid-jms-client/src/main/java/org/apache/qpid/jms/provider/amqp/AmqpSaslAuthenticator.java
---
@@ -137,7 +142,9 @@ private void handleSaslStep() throws
JMSSecurityException {
byte[] challenge = new byte[sasl.pending()];
sasl.recv(challenge, 0, challenge.length);
byte[] response =
mechanism.getChallengeResponse(challenge);
- sasl.send(response, 0, response.length);
+ if (response != null) {
--- End diff --
Did you need this null check? The SASL process is likely to hang if there
is no response to a challenge. I think its reasonable to require one be given,
or fail if there isn't and an exception isn't thrown.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
