[
https://issues.apache.org/jira/browse/PROTON-1135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15217804#comment-15217804
]
Gordon Sim commented on PROTON-1135:
------------------------------------
My 2 cents: servers SHOULD handle the pipelined case (in the case of qpidd, I
consider it a bug in the io handling rather than a concious choice, and I would
guess the same is true of others). That said I do also think that proton is
doing the wrong thing with sasl on the client and should wait for the server to
offer mechanisms before choosing them. It MUST do this when a specific
mechanism isn't chosen anyway (at least when integrated with cyrus), and even
where it is I think it would provide clearer error information. Less of a
concern (to me anyway) is pipelining the open before receiving a successful
outcome.
> [proton-c] dont pipeline SASL and OPEN frames for ANONYMOUS logins by default
> -----------------------------------------------------------------------------
>
> Key: PROTON-1135
> URL: https://issues.apache.org/jira/browse/PROTON-1135
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Affects Versions: 0.12.0
> Reporter: Ganesh Murthy
>
> Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN
> frames by default when connecting out to other peers using the ANONYMOUS
> mech, as shown in the following trace -
> {code}
> [0x7f41f80079c0]: -> SASL
> [0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS,
> initial-response=b"anonymous@localhost.localdomain"]
> [0x7f41f80079c0]: -> AMQP
> [0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A",
> max-frame-size=65536, channel-max=32767, idle-time-out=8000,
> offered-capabilities=:"ANONYMOUS-RELAY",
> properties={:product="qpid-dispatch-router", :version="0.6.0"}]
> [0x7f41f80079c0]: <- SASL
> [0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
> [0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
> [0x7f41f80079c0]: <- AMQP
> [0x7f41f80079c0]:0 <- @open(16)
> [container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767,
> idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"],
> properties={:product="qpid-cpp", :version="0.35", :platform="Linux",
> :host="localhost.localdomain"}]
> {code}
> The AMQP 1.0 spec does not make it clear that this is supported (e.g. see
> diagram below) but in any case various components have shown difficulty with
> it (such as PROTON-1135 just raised, and QPID-6639 which has yet to be
> included in a release but permitted the above protocol trace log).
> {code}
> TCP Client TCP Server
> =========================================
> AMQP%d3.1.0.0 --------->
> <--------- AMQP%d3.1.0.0
> :
> :
> <SASL negotiation>
> :
> :
> AMQP%d0.1.0.0 --------->
> (over SASL secured connection)
> <--------- AMQP%d0.1.0.0
> open --------->
> <--------- open
> {code}
> Proton should by default disable sending pipelined OPEN frames for ANONYMOUS
> logins, to aid compatibility with other components that don't expect/handle
> such behaviour.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
