Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-1486

no mechanism to get or set the additional-data field on sasl-outcome

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • proton-j-0.19.0
    • proton-j-0.20.0
    • proton-j
    • None

    Description

      The Proton Engine API provides no mechanism for getting or setting the additional-data field on sasl-outcome.

      Some SASL mechanisms (e.g. SCRAM-SHA-*) send additional data along with the outcome (in the case of SCRAM-SHA-* the additional data is a proof that the server is also aware of the credentials and is not simply just accepting any credential data as part of some sort of attack).

      One approach for the API would be to expose the additional-data field using the send/recv/pending methods used for exchanging the challenge/response in the earlier phases of the sasl exchange.

      Attachments

        1. PROTON_1486.patch
          1 kB
          Robert Godfrey

        Issue Links

          is cloned by

          Improvement - An improvement or enhancement to an existing feature or task. PROTON-1518 [proton-c] Proton provides no mechanism to get or set the additional-data field on sasl-outcome

          • Major - Major loss of function.
          • Open
          is required by

          Bug - A problem which impairs or prevents the functions of the product. QPIDJMS-294 The SCRAM-SHA-* SASL mechanisms should verify the server final message if it is sent in the additional-data field of sasl-outcome

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #9

          Activity

            People

              kwall Keith Wall
              rgodfrey Robert Godfrey
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: