[
https://issues.apache.org/jira/browse/PROTON-1135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robbie Gemmell updated PROTON-1135:
-----------------------------------
Description:
Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN
frames by default when connecting out to other peers using the ANONYMOUS mech,
as shown in the following trace -
{code}
[0x7f41f80079c0]: -> SASL
[0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS,
initial-response=b"anonymous@localhost.localdomain"]
[0x7f41f80079c0]: -> AMQP
[0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A",
max-frame-size=65536, channel-max=32767, idle-time-out=8000,
offered-capabilities=:"ANONYMOUS-RELAY",
properties={:product="qpid-dispatch-router", :version="0.6.0"}]
[0x7f41f80079c0]: <- SASL
[0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
[0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
[0x7f41f80079c0]: <- AMQP
[0x7f41f80079c0]:0 <- @open(16)
[container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767,
idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"],
properties={:product="qpid-cpp", :version="0.35", :platform="Linux",
:host="localhost.localdomain"}]
{code}
The AMQP 1.0 spec does not make it clear that this is supported (e.g. see
diagram below) but in any case various components have shown difficulty with it
(such as PROTON-1135 just raised, and QPID-6639 which has yet to be included in
a release but permitted the above protocol trace log).
{code}
TCP Client TCP Server
=========================================
AMQP%d3.1.0.0 --------->
<--------- AMQP%d3.1.0.0
:
:
<SASL negotiation>
:
:
AMQP%d0.1.0.0 --------->
(over SASL secured connection)
<--------- AMQP%d0.1.0.0
open --------->
<--------- open
{code}
Proton should by default stop enables sending pipelined OPEN frames for
ANONYMOUS logins to aid compatibility with other components.
was:
Dispatch router (which uses Proton-c) sends pipelined SASL and OPEN frames by
default like shown in the following trace -
{code}
[0x7f41f80079c0]: -> SASL
[0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS,
initial-response=b"anonymous@localhost.localdomain"]
[0x7f41f80079c0]: -> AMQP
[0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A",
max-frame-size=65536, channel-max=32767, idle-time-out=8000,
offered-capabilities=:"ANONYMOUS-RELAY",
properties={:product="qpid-dispatch-router", :version="0.6.0"}]
[0x7f41f80079c0]: <- SASL
[0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
[0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
[0x7f41f80079c0]: <- AMQP
[0x7f41f80079c0]:0 <- @open(16)
[container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767,
idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"],
properties={:product="qpid-cpp", :version="0.35", :platform="Linux",
:host="localhost.localdomain"}]
{code}
As per the AMQP 1.0 spec - the OPEN frame is sent after the SASL exchange is
complete as shown below -
{code}
TCP Client TCP Server
=========================================
AMQP%d3.1.0.0 --------->
<--------- AMQP%d3.1.0.0
:
:
<SASL negotiation>
:
:
AMQP%d0.1.0.0 --------->
(over SASL secured connection)
<--------- AMQP%d0.1.0.0
open --------->
<--------- open
{code}
Proton should by default turn off the flag that enables sending pipelined OPEN
frames.
Summary: [proton-c] dont pipeline SASL and OPEN frames for ANONYMOUS
logins by default (was: By default the flag that allows AMQP SASL and OPEN
frames to be pipelined must be turned off )
Tweaked description for clarity.
> [proton-c] dont pipeline SASL and OPEN frames for ANONYMOUS logins by default
> -----------------------------------------------------------------------------
>
> Key: PROTON-1135
> URL: https://issues.apache.org/jira/browse/PROTON-1135
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Affects Versions: 0.12.0
> Reporter: Ganesh Murthy
>
> Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN
> frames by default when connecting out to other peers using the ANONYMOUS
> mech, as shown in the following trace -
> {code}
> [0x7f41f80079c0]: -> SASL
> [0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS,
> initial-response=b"anonymous@localhost.localdomain"]
> [0x7f41f80079c0]: -> AMQP
> [0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A",
> max-frame-size=65536, channel-max=32767, idle-time-out=8000,
> offered-capabilities=:"ANONYMOUS-RELAY",
> properties={:product="qpid-dispatch-router", :version="0.6.0"}]
> [0x7f41f80079c0]: <- SASL
> [0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
> [0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
> [0x7f41f80079c0]: <- AMQP
> [0x7f41f80079c0]:0 <- @open(16)
> [container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767,
> idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"],
> properties={:product="qpid-cpp", :version="0.35", :platform="Linux",
> :host="localhost.localdomain"}]
> {code}
> The AMQP 1.0 spec does not make it clear that this is supported (e.g. see
> diagram below) but in any case various components have shown difficulty with
> it (such as PROTON-1135 just raised, and QPID-6639 which has yet to be
> included in a release but permitted the above protocol trace log).
> {code}
> TCP Client TCP Server
> =========================================
> AMQP%d3.1.0.0 --------->
> <--------- AMQP%d3.1.0.0
> :
> :
> <SASL negotiation>
> :
> :
> AMQP%d0.1.0.0 --------->
> (over SASL secured connection)
> <--------- AMQP%d0.1.0.0
> open --------->
> <--------- open
> {code}
> Proton should by default stop enables sending pipelined OPEN frames for
> ANONYMOUS logins to aid compatibility with other components.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
