[jira] [Updated] (DISPATCH-1259) delivery->link_work race condition
[
https://issues.apache.org/jira/browse/DISPATCH-1259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ganesh Murthy updated DISPATCH-1259:
Fix Version/s: (was: 1.6.0)
> delivery->link_work race condition
> --
>
> Key: DISPATCH-1259
> URL: https://issues.apache.org/jira/browse/DISPATCH-1259
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Router Node
>Affects Versions: 1.5.0
>Reporter: Ken Giusti
>Assignee: Ken Giusti
>Priority: Major
>
> [~chug] hit the following use-after-free error under valgrind:
> {code:java}
> kind = InvalidRead (count=1)
> Invalid read of size 1
> Stack:
> (qdr_deliver_continue_peers_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1236
> (qdr_deliver_continue_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1269
> (router_core_thread)
> /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> Address 0x143aaa79 is 41 bytes inside a block of size 48 free'd:
> (free)
> /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:540
> (free_qdr_link_work_t)
> /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_connection_process)
> /home/chug/git/qpid-dispatch/src/router_core/connections.c:341
> (AMQP_writable_conn_handler)
> /home/chug/git/qpid-dispatch/src/router_node.c:174
> (writable_handler) /home/chug/git/qpid-dispatch/src/container.c:332
> (qd_container_handle_event) /home/chug/git/qpid-dispatch/src/container.c:640
> (handle) /home/chug/git/qpid-dispatch/src/server.c:985
> (thread_run) /home/chug/git/qpid-dispatch/src/server.c:1010
> (qd_server_run) /home/chug/git/qpid-dispatch/src/server.c:1284
> (main_process) /home/chug/git/qpid-dispatch/router/src/main.c:112
> (main) /home/chug/git/qpid-dispatch/router/src/main.c:367
> Block was alloc'd at:
> (malloc)
> /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:309
> (new_qdr_link_work_t)
> /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_forward_deliver_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:226
> (qdr_forward_multicast_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:474
> (qdr_forward_message_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:995
> (qdr_link_forward_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:918
> (qdr_link_deliver_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1094
> (router_core_thread)
> /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> {code}
> The router core thread is accessing a link_work object after it was deleted
> by the I/O thread.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (DISPATCH-1291) Update console to use router-generated link settlement rates
[ https://issues.apache.org/jira/browse/DISPATCH-1291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ganesh Murthy updated DISPATCH-1291: Fix Version/s: 1.6.0 > Update console to use router-generated link settlement rates > > > Key: DISPATCH-1291 > URL: https://issues.apache.org/jira/browse/DISPATCH-1291 > Project: Qpid Dispatch > Issue Type: Improvement > Components: Console >Affects Versions: 1.5.0 >Reporter: Ernest Allen >Assignee: Ernest Allen >Priority: Major > Fix For: 1.6.0 > > > The console currently computes rates locally based on changes in link > counters. With DISPATCH-1289, these rates are now computed inside the router. > The console should use the router-supplied rate values rather than generate > its own local rates. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (DISPATCH-1260) Closing traffic animation doesn't always work
[ https://issues.apache.org/jira/browse/DISPATCH-1260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ganesh Murthy updated DISPATCH-1260: Fix Version/s: 1.6.0 > Closing traffic animation doesn't always work > - > > Key: DISPATCH-1260 > URL: https://issues.apache.org/jira/browse/DISPATCH-1260 > Project: Qpid Dispatch > Issue Type: Bug > Components: Console >Affects Versions: 1.5.0 >Reporter: Ernest Allen >Assignee: Ernest Allen >Priority: Major > Fix For: 1.6.0 > > > Starting a traffic animation on the console's topology page and then stopping > the animation doesn't always stop the animation. > > If there was a request pending when the animation is stopped, when the > response is received the traffic animation will redraw. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (DISPATCH-1293) Show traffic for stand-alone router
[ https://issues.apache.org/jira/browse/DISPATCH-1293?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ganesh Murthy updated DISPATCH-1293: Fix Version/s: 1.6.0 > Show traffic for stand-alone router > --- > > Key: DISPATCH-1293 > URL: https://issues.apache.org/jira/browse/DISPATCH-1293 > Project: Qpid Dispatch > Issue Type: Bug > Components: Console >Affects Versions: 1.5.0 >Reporter: Ernest Allen >Assignee: Ernest Allen >Priority: Major > Fix For: 1.6.0 > > > If a router is in stand-alone mode, the chord diagram and the traffic > animation do not show messaging traffic. > This is due to the fact that a stand-alone router does not list itself in the > data returned from the request to get router.nodes. If the router is > configured as an interior router then it will report (self) in the > router.nodes list, but stand-alone routers do not. This is by design. > The console does not take this into account and traffic animations and does > not show any traffic. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (DISPATCH-1244) New senders/receivers/edge routers first appear too close to router in console
[ https://issues.apache.org/jira/browse/DISPATCH-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ganesh Murthy updated DISPATCH-1244: Fix Version/s: 1.6.0 > New senders/receivers/edge routers first appear too close to router in > console > --- > > Key: DISPATCH-1244 > URL: https://issues.apache.org/jira/browse/DISPATCH-1244 > Project: Qpid Dispatch > Issue Type: Bug > Components: Console >Affects Versions: 1.5.0 >Reporter: Ernest Allen >Assignee: Ernest Allen >Priority: Major > Fix For: 1.6.0 > > > When a new object is added to the topology graph, it appears right next to > the router to which it is associated. The router and the new object should be > separated by a small space with a line connecting them. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Updated] (DISPATCH-1263) Symbol for sender/receiver is incorrect on console's topology page
[ https://issues.apache.org/jira/browse/DISPATCH-1263?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ganesh Murthy updated DISPATCH-1263: Fix Version/s: 1.6.0 > Symbol for sender/receiver is incorrect on console's topology page > -- > > Key: DISPATCH-1263 > URL: https://issues.apache.org/jira/browse/DISPATCH-1263 > Project: Qpid Dispatch > Issue Type: Bug > Components: Console >Affects Versions: 1.5.0 >Reporter: Ernest Allen >Assignee: Ernest Allen >Priority: Minor > Fix For: 1.6.0 > > > The symbol for a client that has both inbound and outbound links to a router > is incorrect. > That symbol should have both green and yellow halves. Instead, it is solid > white. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] codecov-io commented on issue #475: Remove /stand-alone from console install dir.
codecov-io commented on issue #475: Remove /stand-alone from console install dir. URL: https://github.com/apache/qpid-dispatch/pull/475#issuecomment-475355004 # [Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=h1) Report > Merging [#475](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=desc) into [master](https://codecov.io/gh/apache/qpid-dispatch/commit/136940b55a6c0d269726f27e3c0087deafa492e5?src=pr&el=desc) will **increase** coverage by `0.03%`. > The diff coverage is `100%`. [](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=tree) ```diff @@Coverage Diff @@ ## master #475 +/- ## == + Coverage 86.69% 86.72% +0.03% == Files 86 86 Lines 1908619085 -1 == + Hits1654616552 +6 + Misses 2540 2533 -7 ``` | [Impacted Files](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=tree) | Coverage Δ | | |---|---|---| | [src/connection\_manager.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL2Nvbm5lY3Rpb25fbWFuYWdlci5j) | `89.48% <100%> (+0.16%)` | :arrow_up: | | [...re/modules/edge\_addr\_tracking/edge\_addr\_tracking.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL21vZHVsZXMvZWRnZV9hZGRyX3RyYWNraW5nL2VkZ2VfYWRkcl90cmFja2luZy5j) | `83.87% <0%> (-1.08%)` | :arrow_down: | | [src/router\_core/route\_tables.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL3JvdXRlX3RhYmxlcy5j) | `76.67% <0%> (-0.25%)` | :arrow_down: | | [src/router\_node.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9ub2RlLmM=) | `94.19% <0%> (ø)` | :arrow_up: | | [src/router\_core/router\_core.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL3JvdXRlcl9jb3JlLmM=) | `87.09% <0%> (+0.21%)` | :arrow_up: | | [src/remote\_sasl.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JlbW90ZV9zYXNsLmM=) | `83.88% <0%> (+1.11%)` | :arrow_up: | | [...c/router\_core/modules/test\_hooks/core\_test\_hooks.c](https://codecov.io/gh/apache/qpid-dispatch/pull/475/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL21vZHVsZXMvdGVzdF9ob29rcy9jb3JlX3Rlc3RfaG9va3MuYw==) | `93.94% <0%> (+1.27%)` | :arrow_up: | -- [Continue to review full report at Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=continue). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=footer). Last update [136940b...788f88c](https://codecov.io/gh/apache/qpid-dispatch/pull/475?src=pr&el=lastupdated). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments). This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ErnieAllen opened a new pull request #475: Remove /stand-alone from console install dir.
ErnieAllen opened a new pull request #475: Remove /stand-alone from console install dir. URL: https://github.com/apache/qpid-dispatch/pull/475 This patch removes the last part of the console install directory: /stand-alone. In addition, the httpRoot config file entry for a listener is now optional. The router will attempt to serve the console from the new install dir. To disable serving the console on an http enabled listener, set the httpRoot attribute to 'None'. This PR also updated the readme files for the console and the httpRoot attribute description in the schema. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267894583
##
File path: src/policy.c
##
@@ -425,34 +459,39 @@ bool qd_policy_open_lookup_user(
(PyObject
*)policy->py_policy_manager,
vhost, name_buf,
upolicy);
if (result2) {
-settings->maxFrameSize =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxFrameSize", 0);
-settings->maxSessionWindow =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSessionWindow", 0);
-settings->maxSessions =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSessions", 0);
-settings->maxSenders =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSenders", 0);
-settings->maxReceivers =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxReceivers", 0);
-if (!settings->allowAnonymousSender) { //don't override if
enabled by authz plugin
-settings->allowAnonymousSender =
qd_entity_opt_bool((qd_entity_t*)upolicy, "allowAnonymousSender", false);
-}
-if (!settings->allowDynamicSource) { //don't override if
enabled by authz plugin
-settings->allowDynamicSource =
qd_entity_opt_bool((qd_entity_t*)upolicy, "allowDynamicSource", false);
+int truthy = PyObject_IsTrue(result2);
+if (truthy) {
+settings->maxFrameSize =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxFrameSize", 0);
Review comment:
This function is shared by the incoming connection and outgoing connection
handlers. The incoming connection handler needs it.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267893514
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
+qd_policy_settings_t *settings)
+{
+bool res = false;
+qd_python_lock_state_t lock_state = qd_python_lock();
Review comment:
[DISPATCH-1298](https://issues.apache.org/jira/browse/DISPATCH-1298)
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Created] (DISPATCH-1298) Policy settings in vhostUserGroupSettings could be cached in C code
Chuck Rolke created DISPATCH-1298: - Summary: Policy settings in vhostUserGroupSettings could be cached in C code Key: DISPATCH-1298 URL: https://issues.apache.org/jira/browse/DISPATCH-1298 Project: Qpid Dispatch Issue Type: Improvement Components: Policy Engine Affects Versions: 1.5.0 Reporter: Chuck Rolke Assignee: Chuck Rolke As of release 0.5 when policy checking is in effect every incoming connection performs a policy lookup and then a policy settings fetch. The settings could be brought into C code space once to be cached and reused for the lifetime of the associated vhost policy object. The result would be a savings in time and space as the settings fetch is a relatively expensive call through python, and the fetched settings are immutable and could be shared by all connections that use them. The down side would be managing the cached settings to be sure they are updated and cleaned up when the associated vhost object is replaced through management access. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Comment Edited] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16798302#comment-16798302 ] michael goulish edited comment on DISPATCH-1280 at 3/21/19 5:53 PM: Well, kinda. I saw one crash using LWS latest master, and then I tried 20 more times and all I got was this error message: NOTICE: lws_server_socket_service_ssl: client did not send a valid tls hello (default vhost default) ( On LWS version 3.0.1 the crash hapens every time. ) But! The one crash I did see had basically identical backtrace as in version 3.0.1. (See previous comment.) I raised an issue with LWS: [https://github.com/warmcat/libwebsockets/issues/1527] was (Author: mgoulish): Well, kinda. I saw one crash using LWS latest master, and then I tried 20 more times and all I got was this error message: NOTICE: lws_server_socket_service_ssl: client did not send a valid tls hello (default vhost default) But! The one crash I did see had basically identical backtrace as in version 3.0.1. (See previous comment.) I raised an issue with LWS: https://github.com/warmcat/libwebsockets/issues/1527 > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16798302#comment-16798302 ] michael goulish commented on DISPATCH-1280: --- Well, kinda. I saw one crash using LWS latest master, and then I tried 20 more times and all I got was this error message: NOTICE: lws_server_socket_service_ssl: client did not send a valid tls hello (default vhost default) But! The one crash I did see had basically identical backtrace as in version 3.0.1. (See previous comment.) I raised an issue with LWS: https://github.com/warmcat/libwebsockets/issues/1527 > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267883009
##
File path: src/policy.c
##
@@ -1083,15 +1119,21 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip,
vhost, conn_name,
- settings_name, SETTINGS_NAME_SIZE,
conn_id,
- qd_conn->policy_settings) &&
+ settings_name, SETTINGS_NAME_SIZE,
conn_id) &&
settings_name[0]) {
// This connection is allowed by policy.
// Apply transport policy settings
-if (qd_conn->policy_settings->maxFrameSize > 0)
-pn_transport_set_max_frame(pn_trans,
qd_conn->policy_settings->maxFrameSize);
-if (qd_conn->policy_settings->maxSessions > 0)
-pn_transport_set_channel_max(pn_trans,
qd_conn->policy_settings->maxSessions - 1);
+if (qd_policy_open_fetch_settings(policy, qd_conn->user_id,
hostip, vhost, conn_name,
+settings_name, conn_id,
+qd_conn->policy_settings)) {
+if (qd_conn->policy_settings->maxFrameSize > 0)
+pn_transport_set_max_frame(pn_trans,
qd_conn->policy_settings->maxFrameSize);
+if (qd_conn->policy_settings->maxSessions > 0)
+pn_transport_set_channel_max(pn_trans,
qd_conn->policy_settings->maxSessions - 1);
+} else {
+// failed to fetch settings
+connection_allowed = false;
Review comment:
The common pattern in dispatch C code is if any qd_entity_get call fails
then the entity in question is failed. Same goes for connector connection
policy: if the policy does not load then that connection is denied. Pre-loading
the policy is a separate issue. Suppose there was a preload that failed then
all the connections using that failed preload must fail as well.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267843710
##
File path: src/policy.c
##
@@ -1083,15 +1119,21 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
if (qd_policy_open_lookup_user(policy, qd_conn->user_id, hostip,
vhost, conn_name,
- settings_name, SETTINGS_NAME_SIZE,
conn_id,
- qd_conn->policy_settings) &&
+ settings_name, SETTINGS_NAME_SIZE,
conn_id) &&
settings_name[0]) {
// This connection is allowed by policy.
// Apply transport policy settings
-if (qd_conn->policy_settings->maxFrameSize > 0)
-pn_transport_set_max_frame(pn_trans,
qd_conn->policy_settings->maxFrameSize);
-if (qd_conn->policy_settings->maxSessions > 0)
-pn_transport_set_channel_max(pn_trans,
qd_conn->policy_settings->maxSessions - 1);
+if (qd_policy_open_fetch_settings(policy, qd_conn->user_id,
hostip, vhost, conn_name,
+settings_name, conn_id,
+qd_conn->policy_settings)) {
+if (qd_conn->policy_settings->maxFrameSize > 0)
+pn_transport_set_max_frame(pn_trans,
qd_conn->policy_settings->maxFrameSize);
+if (qd_conn->policy_settings->maxSessions > 0)
+pn_transport_set_channel_max(pn_trans,
qd_conn->policy_settings->maxSessions - 1);
+} else {
+// failed to fetch settings
+connection_allowed = false;
Review comment:
so if there was some issue fetching the policy settings from the python
side, the connection will be closed ? Is there a way we can try to pre load the
policy settings and warn if that fails? Please ignore this comment if this is
already happening.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267843341
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
+qd_policy_settings_t *settings)
+{
+bool res = false;
+qd_python_lock_state_t lock_state = qd_python_lock();
+PyObject *module =
PyImport_ImportModule("qpid_dispatch_internal.policy.policy_manager");
+if (module) {
res = false;
Review comment:
true. it's a wasted line of code as it gets optimized away.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267842419
##
File path: src/policy.c
##
@@ -1110,6 +1152,62 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
+void qd_policy_amqp_open_connector(qd_connection_t *qd_conn) {
+pn_connection_t *conn = qd_connection_pn(qd_conn);
+qd_dispatch_t *qd = qd_server_dispatch(qd_conn->server);
+qd_policy_t *policy = qd->policy;
+bool connection_allowed = true;
+
+if (policy->enableVhostPolicy &&
+(!qd_conn->role || !strcmp(qd_conn->role, "normal") ||
!strcmp(qd_conn->role, "route-container"))) {
+// Open connection or not based on policy.
+const char *hostip = qd_connection_remote_ip(qd_conn);
+const char *conn_name = qd_connection_name(qd_conn);
+uint32_t conn_id = qd_conn->connection_id;
+
+qd_connector_t *connector = qd_connection_connector(qd_conn);
+const char *policy_vhost = qd_connector_policy_vhost(connector);
+
+if (!qd_conn->policy_settings) {
+qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO:
memory pool for settings
+ZERO(qd_conn->policy_settings);
+}
+
+if (strlen(policy_vhost) > 0) {
+// This connector connection is controlled by policy.
+if (qd_policy_open_fetch_settings(policy, qd_conn->user_id,
hostip, policy_vhost, conn_name,
+POLICY_VHOST_GROUP, conn_id,
+qd_conn->policy_settings)) {
+// It's too late to apply transport policy settings as the
local
+// AMQP Open has already been sent.
+// TODO: Apply transport max_frame and channel_max to outgoing
Review comment:
There are duplicate settings for the same AMQP values in connector and in
vhostUserGroupSettings. At the point of this comment it is too late to for the
vhostUserGroupSettings value to be applied. This sounds like a need to document
which settings from the user group get applied.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267841149
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
+qd_policy_settings_t *settings)
+{
+bool res = false;
+qd_python_lock_state_t lock_state = qd_python_lock();
+PyObject *module =
PyImport_ImportModule("qpid_dispatch_internal.policy.policy_manager");
+if (module) {
res = false;
Review comment:
res is already false ? (initialized to false)
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267838761
##
File path: src/policy.c
##
@@ -1110,6 +1152,62 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
+void qd_policy_amqp_open_connector(qd_connection_t *qd_conn) {
Review comment:
The connector connection hasn't really opened yet. In this function policy
is approving or denying the connection. Sure, the second Open has arrived but
policy may slam the connection closed for some reason. The name is similar to
the peer function that handles the remote open for incoming connections.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267832314
##
File path: src/policy.c
##
@@ -425,34 +459,39 @@ bool qd_policy_open_lookup_user(
(PyObject
*)policy->py_policy_manager,
vhost, name_buf,
upolicy);
if (result2) {
-settings->maxFrameSize =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxFrameSize", 0);
-settings->maxSessionWindow =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSessionWindow", 0);
-settings->maxSessions =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSessions", 0);
-settings->maxSenders =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxSenders", 0);
-settings->maxReceivers =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxReceivers", 0);
-if (!settings->allowAnonymousSender) { //don't override if
enabled by authz plugin
-settings->allowAnonymousSender =
qd_entity_opt_bool((qd_entity_t*)upolicy, "allowAnonymousSender", false);
-}
-if (!settings->allowDynamicSource) { //don't override if
enabled by authz plugin
-settings->allowDynamicSource =
qd_entity_opt_bool((qd_entity_t*)upolicy, "allowDynamicSource", false);
+int truthy = PyObject_IsTrue(result2);
+if (truthy) {
+settings->maxFrameSize =
qd_entity_opt_long((qd_entity_t*)upolicy, "maxFrameSize", 0);
Review comment:
Since we are not sending the max-frame-size in the first outgoing open
frame, should we populate settings->maxFrameSize which will start enforcing it
when the frames start coming in.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ChugR commented on a change in pull request #472: Dispatch 1288 1 - policy for
outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267829682
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
Review comment:
Well spotted. These are left over from when there was a log message that
used them.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267827725
##
File path: src/policy.c
##
@@ -1110,6 +1152,62 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
+void qd_policy_amqp_open_connector(qd_connection_t *qd_conn) {
+pn_connection_t *conn = qd_connection_pn(qd_conn);
+qd_dispatch_t *qd = qd_server_dispatch(qd_conn->server);
+qd_policy_t *policy = qd->policy;
+bool connection_allowed = true;
+
+if (policy->enableVhostPolicy &&
+(!qd_conn->role || !strcmp(qd_conn->role, "normal") ||
!strcmp(qd_conn->role, "route-container"))) {
+// Open connection or not based on policy.
+const char *hostip = qd_connection_remote_ip(qd_conn);
+const char *conn_name = qd_connection_name(qd_conn);
+uint32_t conn_id = qd_conn->connection_id;
+
+qd_connector_t *connector = qd_connection_connector(qd_conn);
+const char *policy_vhost = qd_connector_policy_vhost(connector);
+
+if (!qd_conn->policy_settings) {
+qd_conn->policy_settings = NEW(qd_policy_settings_t); // TODO:
memory pool for settings
+ZERO(qd_conn->policy_settings);
+}
+
+if (strlen(policy_vhost) > 0) {
+// This connector connection is controlled by policy.
+if (qd_policy_open_fetch_settings(policy, qd_conn->user_id,
hostip, policy_vhost, conn_name,
+POLICY_VHOST_GROUP, conn_id,
+qd_conn->policy_settings)) {
+// It's too late to apply transport policy settings as the
local
+// AMQP Open has already been sent.
+// TODO: Apply transport max_frame and channel_max to outgoing
Review comment:
This TODO is going to be done as a part 2 of this functionality ?
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267824031
##
File path: src/policy.c
##
@@ -1110,6 +1152,62 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
}
+void qd_policy_amqp_open_connector(qd_connection_t *qd_conn) {
Review comment:
Should this function be called something like
qd_policy_populate_conn_policy_settings or something like that. The connector
has already been "opened"
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267816361
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
Review comment:
username, conn_id, vhost, conn_name is not used in this function ?
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 - policy for outbound connectors
ganeshmurthy commented on a change in pull request #472: Dispatch 1288 1 -
policy for outbound connectors
URL: https://github.com/apache/qpid-dispatch/pull/472#discussion_r267814517
##
File path: src/policy.c
##
@@ -404,18 +409,47 @@ bool qd_policy_open_lookup_user(
} else {
qd_log(policy->log_source, QD_LOG_DEBUG, "Internal: lookup_user:
lookup_user");
}
+Py_XDECREF(module);
}
-if (!res) {
-if (module) {
-Py_XDECREF(module);
-}
-qd_python_unlock(lock_state);
-return false;
-}
+qd_python_unlock(lock_state);
-//
if (name_buf[0]) {
-// Go get the named settings
+qd_log(policy->log_source,
+ QD_LOG_TRACE,
+ "[%"PRIu64"]: ALLOW AMQP Open lookup_user: %s, rhost: %s, vhost:
%s, connection: %s. Usergroup: '%s'%s",
+ conn_id, username, hostip, vhost, conn_name, name_buf, (res ? "" :
" Internal error."));
+}
+return res;
+}
+
+
+/** Fetch policy settings for a vhost/group
+ * A vhost database user group name has been returned by
qd_policy_open_lookup_user
+ * or by some configuration value. Access the vhost database for that group and
+ * extract the run-time settings.
+ * @param[in] policy pointer to policy
+ * @param[in] username authenticated user name (for logging)
+ * @param[in] hostip numeric host ip address (for logging)
+ * @param[in] vhost vhost name
+ * @param[in] conn_name connection name for tracking (for logging)
+ * @param[in] name_buf group name that holds the settings of interest
+ * @param[in] conn_id connection id for log tracking (for logging)
+ * @param[out] settings pointer to settings object to be filled with policy
values
+ **/
+bool qd_policy_open_fetch_settings(
+qd_policy_t *policy,
+const char *username,
+const char *hostip,
+const char *vhost,
+const char *conn_name,
+const char *name_buf,
+uint64_tconn_id,
+qd_policy_settings_t *settings)
+{
+bool res = false;
+qd_python_lock_state_t lock_state = qd_python_lock();
Review comment:
Is it possible to pre-populate the settings into a linked list and just
search thru the list instead of taking out this global python lock every time
during response open processing ?
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] kgiusti commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir…
kgiusti commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir… URL: https://github.com/apache/qpid-dispatch/pull/474#issuecomment-475260960 Yay - fixed and ready to merge! This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] codecov-io commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir…
codecov-io commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir… URL: https://github.com/apache/qpid-dispatch/pull/474#issuecomment-475248830 # [Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=h1) Report > Merging [#474](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=desc) into [master](https://codecov.io/gh/apache/qpid-dispatch/commit/136940b55a6c0d269726f27e3c0087deafa492e5?src=pr&el=desc) will **increase** coverage by `0.18%`. > The diff coverage is `n/a`. [](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=tree) ```diff @@Coverage Diff @@ ## master #474 +/- ## == + Coverage 86.69% 86.88% +0.18% == Files 86 86 Lines 1908619087 +1 == + Hits1654616583 +37 + Misses 2540 2504 -36 ``` | [Impacted Files](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=tree) | Coverage Δ | | |---|---|---| | [src/router\_core/modules/edge\_router/addr\_proxy.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL21vZHVsZXMvZWRnZV9yb3V0ZXIvYWRkcl9wcm94eS5j) | `94.04% <0%> (-0.6%)` | :arrow_down: | | [src/container.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL2NvbnRhaW5lci5j) | `79.43% <0%> (-0.19%)` | :arrow_down: | | [src/router\_core/transfer.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL3RyYW5zZmVyLmM=) | `91.39% <0%> (-0.15%)` | :arrow_down: | | [src/router\_node.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9ub2RlLmM=) | `94.06% <0%> (-0.12%)` | :arrow_down: | | [src/router\_core/connections.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL2Nvbm5lY3Rpb25zLmM=) | `94.67% <0%> (+0.12%)` | :arrow_up: | | [src/router\_core/router\_core.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL3JvdXRlcl9jb3JlLmM=) | `87.09% <0%> (+0.21%)` | :arrow_up: | | [src/parse.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3BhcnNlLmM=) | `88.54% <0%> (+0.25%)` | :arrow_up: | | [src/router\_core/agent\_link.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL2FnZW50X2xpbmsuYw==) | `67.52% <0%> (+0.51%)` | :arrow_up: | | [src/remote\_sasl.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JlbW90ZV9zYXNsLmM=) | `83.88% <0%> (+1.11%)` | :arrow_up: | | [...c/router\_core/modules/test\_hooks/core\_test\_hooks.c](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree#diff-c3JjL3JvdXRlcl9jb3JlL21vZHVsZXMvdGVzdF9ob29rcy9jb3JlX3Rlc3RfaG9va3MuYw==) | `93.94% <0%> (+1.27%)` | :arrow_up: | | ... and [2 more](https://codecov.io/gh/apache/qpid-dispatch/pull/474/diff?src=pr&el=tree-more) | | -- [Continue to review full report at Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=continue). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=footer). Last update [136940b...83b4fc9](https://codecov.io/gh/apache/qpid-dispatch/pull/474?src=pr&el=lastupdated). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments). This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Reopened] (DISPATCH-1283) Router crash when link gets freed before its deliveries are freed
[
https://issues.apache.org/jira/browse/DISPATCH-1283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ganesh Murthy reopened DISPATCH-1283:
-
> Router crash when link gets freed before its deliveries are freed
> -
>
> Key: DISPATCH-1283
> URL: https://issues.apache.org/jira/browse/DISPATCH-1283
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Container
>Affects Versions: 1.5.0
>Reporter: Ganesh Murthy
>Assignee: Ganesh Murthy
>Priority: Major
> Fix For: 1.6.0
>
>
> {noformat}
> (gdb) bt
> #0 0x7ff1db20d060 in qdr_delete_delivery_internal_CT (core=0x1416180,
> delivery=0x7ff1c80d2fe8) at
> /home/gmurthy/opensource/qpid-dispatch/src/router_core/transfer.c:613
> #1 0x7ff1db20e9b6 in qdr_delete_delivery_CT (core=0x1416180,
> action=0x7ff1bc33d828, discard=false) at
> /home/gmurthy/opensource/qpid-dispatch/src/router_core/transfer.c:1221
> #2 0x7ff1db206ec0 in router_core_thread (arg=0x1416180) at
> /home/gmurthy/opensource/qpid-dispatch/src/router_core/router_core_thread.c:148
> #3 0x7ff1db11858e in start_thread () from /lib64/libpthread.so.0
> #4 0x7ff1dabc06a3 in clone () from /lib64/libc.so.6
> (gdb){noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[GitHub] [qpid-dispatch] kgiusti commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir…
kgiusti commented on issue #474: NO-JIRA: prevent python system paths from leaking into the test envir… URL: https://github.com/apache/qpid-dispatch/pull/474#issuecomment-475214388 Do Not Merge! Breaks the travis-ci build This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
