Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-1256

Proton-c is very lax about allowing amqp and ssl protocol layers

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • proton-0.13.1
    • proton-0.14.0
    • proton-c
    • None

    Description

      The protocol auto detection code which is used when the proton-c transport is in server mode does not verify that the sequence of protocol layers it allows makes sense.

      For instance it would recognise an AMQP_SASL header and process the layer and then allow any other layer to follow that even another AMQP_SASL layer.

      As far as I know there are only a few legal sequences of protocol layers:

      SSL; SASL; AMQP
      SSL; AMQP
      SASL; AMQP
      SASL; AMQP_SSL; AMQP [Not sure if this is legal, seems to be]
      AMQP_SSL; SASL; AMQP
      AMQP_SSL; AMQP
      AMQP

      Any other sequence is non-sensical at best,

      Attachments

        Activity

          People

            astitcher Andrew Stitcher
            astitcher Andrew Stitcher
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: