Repository: qpid-proton Updated Branches: refs/heads/master 252451f0a -> adefd01f3
PROTON-1884: [c] example broker does not configure SASL correctly To configure server-side SASL the application must call pn_transport_set_server() before pn_sasl(). The pn_proactor_accept2() function calls set_server automatically but it is too late for SASL config. Fixed example broker and clarified the API docs. Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/adefd01f Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/adefd01f Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/adefd01f Branch: refs/heads/master Commit: adefd01f394b33be056dc822c60439ef5d775c6c Parents: 252451f Author: Alan Conway <acon...@redhat.com> Authored: Wed Jul 11 13:32:20 2018 -0400 Committer: Alan Conway <acon...@redhat.com> Committed: Wed Jul 11 13:32:20 2018 -0400 ---------------------------------------------------------------------- c/examples/broker.c | 2 +- c/include/proton/listener.h | 5 +++++ c/include/proton/sasl.h | 3 +++ 3 files changed, 9 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/adefd01f/c/examples/broker.c ---------------------------------------------------------------------- diff --git a/c/examples/broker.c b/c/examples/broker.c index d2591df..69dc536 100644 --- a/c/examples/broker.c +++ b/c/examples/broker.c @@ -298,7 +298,7 @@ static void handle(broker_t* b, pn_event_t* e) { case PN_LISTENER_ACCEPT: { /* Configure a transport to allow SSL and SASL connections. See ssl_domain setup in main() */ pn_transport_t *t = pn_transport(); - pn_transport_require_auth(t, false); + pn_transport_set_server(t); /* Must call before pn_sasl() */ pn_sasl_allowed_mechs(pn_sasl(t), "ANONYMOUS"); if (b->ssl_domain) { pn_ssl_init(pn_ssl(t), b->ssl_domain, NULL); http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/adefd01f/c/include/proton/listener.h ---------------------------------------------------------------------- diff --git a/c/include/proton/listener.h b/c/include/proton/listener.h index 72f62c3..bcac451 100644 --- a/c/include/proton/listener.h +++ b/c/include/proton/listener.h @@ -63,6 +63,11 @@ PNP_EXTERN void pn_listener_free(pn_listener_t *l); * * Errors are returned as @ref PN_TRANSPORT_CLOSED events by pn_proactor_wait(). * + * @note If you provide a transport, pn_listener_accept2() will call + * pn_transport_set_server() to mark it as a server. However if you use + * pn_sasl() you *must* call call pn_transport_set_server() yourself *before* + * calling pn_sasl() to set up a server SASL configuration. + * * @param[in] listener the listener * @param[in] connection If NULL a new connection is created. * Memory management is the same as for pn_proactor_connect2() http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/adefd01f/c/include/proton/sasl.h ---------------------------------------------------------------------- diff --git a/c/include/proton/sasl.h b/c/include/proton/sasl.h index 3cd00d9..a058ded 100644 --- a/c/include/proton/sasl.h +++ b/c/include/proton/sasl.h @@ -69,6 +69,9 @@ typedef enum { * On the client side of an AMQP connection this will have the effect * of ensuring that the AMQP SASL layer is used for that connection. * + * @note For incoming connections you must call pn_transport_set_server() + * before pn_sasl() in order to set up a server SASL configuration. + * * @return an object representing the SASL layer. */ PN_EXTERN pn_sasl_t *pn_sasl(pn_transport_t *transport); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org