Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-1135

[proton-c] dont pipeline SASL and OPEN frames for ANONYMOUS logins by default

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: proton-0.12.0
    • Fix Version/s: proton-0.13.0
    • Component/s: proton-c
    • Labels:
      None

      Description

      Dispatch router (which uses Proton-c) currently sends pipelined SASL and OPEN frames by default when connecting out to other peers using the ANONYMOUS mech, as shown in the following trace -

      [0x7f41f80079c0]:  -> SASL
      [0x7f41f80079c0]:0 -> @sasl-init(65) [mechanism=:ANONYMOUS, initial-response=b"anonymous@localhost.localdomain"]
      [0x7f41f80079c0]:  -> AMQP
      [0x7f41f80079c0]:0 -> @open(16) [container-id="Qpid.Dispatch.Router.A", max-frame-size=65536, channel-max=32767, idle-time-out=8000, offered-capabilities=:"ANONYMOUS-RELAY", properties={:product="qpid-dispatch-router", :version="0.6.0"}]
      [0x7f41f80079c0]:  <- SASL
      [0x7f41f80079c0]:0 <- @sasl-mechanisms(64) [sasl-server-mechanisms=:ANONYMOUS]
      [0x7f41f80079c0]:0 <- @sasl-outcome(68) [code=0]
      [0x7f41f80079c0]:  <- AMQP
      [0x7f41f80079c0]:0 <- @open(16) [container-id="ce103199-af03-4d37-bb35-24ad4e55653e", channel-max=32767, idle-time-out=8000, offered-capabilities=@PN_SYMBOL[:"ANONYMOUS-RELAY"], properties={:product="qpid-cpp", :version="0.35", :platform="Linux", :host="localhost.localdomain"}]
      

      The AMQP 1.0 spec does not make it clear that this is supported (e.g. see diagram below) but in any case various components have shown difficulty with it (such as PROTON-1135 just raised, and QPID-6639 which has yet to be included in a release but permitted the above protocol trace log).

      TCP Client         TCP Server
      =========================================
      AMQP%d3.1.0.0 --------->
                                <--------- AMQP%d3.1.0.0
      :
      :
      <SASL negotiation>
      :
      :
      AMQP%d0.1.0.0 --------->
      (over SASL secured connection)
                                  <--------- AMQP%d0.1.0.0
      open --------->
                                  <--------- open
      

      Proton should by default disable sending pipelined OPEN frames for ANONYMOUS logins, to aid compatibility with other components that don't expect/handle such behaviour.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                astitcher Andrew Stitcher
                Reporter:
                gmurthy Ganesh Murthy
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: