Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
proton-0.8
Description
Using the current SASL api, an application has to poll the pn_sasl_t object's state (pn_sasl_state()) until a terminal state is reached (STATE_PASS/FAIL).
Once the terminal state is reached, the outcome can be queried via pn_sasl_outcome.
Unfortunately, when the sasl client receives an authentication failure outcome from the sasl server, the sasl layer returns PN_ERR from its input processing code. This causes the pn_transport_push() to return a generic error.
From the application's point of view, this effectively results in the transport failing before the sasl terminal state has been reached. The application will interpret this event as a generic input failure on the transport - not the authentication failure it actually was.
Attachments
Issue Links
- is related to
-
PROTON-574 proton-c: Messenger doesn't indicate when connection is aborted for a SASL negotation failure
- Closed