Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-7894

SSL client auth with multiple connections does not properly use ssl_cert_name connection property

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not A Bug
    • Affects Version/s: qpid-cpp-1.36.0
    • Fix Version/s: None
    • Component/s: C++ Broker
    • Labels:
      None
    • Environment:

      Ubuntu

      Description

      When 2 connections are made using ssl-client-auth within the same process using the ssl-cert-name property to specify the user (via their cert), the second connection uses the same cert as the first one.

      This means that ACL rules will not be applied as expected.

      The expected behaviour is that connections should be authorised using the cert specified in the ssl-cert-name connection property.

      The attached archive contains a script and example c++ program which set up this scenario from scratch and demonstrate the error (NB: script recursively deletes certain subdirectories of the current directory when run).

        Attachments

        1. qpid-multiuser-test.tar.gz
          2 kB
          Chris Richardson

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              chris.richardson Chris Richardson
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: