delta/python-packages/qpid-python.git/cpp/src/qpid/Sasl.h, branch QPID-3799-acl git.apache.org: qpid.git QPID-3522: Distinguish between null and empty string for sasl response 2011-10-12T06:16:44+00:00 Gordon Sim gsim@apache.org 2011-10-12T06:16:44+00:00 a0d60bbbbb6cac518bafc7e0f68c731bdc047ee1 git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1182212 13f79535-47bb-0310-9956-ffa450edef68 
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1182212 13f79535-47bb-0310-9956-ffa450edef68
SASLizing Interbroker Links 2010-10-20T08:03:36+00:00 Michael Goulish mgoulish@apache.org 2010-10-20T08:03:36+00:00 bcb149706cdace4a333a811969e473451d9ab331 ------------------------------------------------------------- 1. Brokers already knew how to handle the server side of SASLized links, but not the client side. So we promoted the client-side SASL code from the client library to the common library so that the broker could also use it. This affected SaslFactory.{h,cpp} and Sasl.h TODO -- can the server-side and client-side code be unified here? 2. Some of the SASL verbs in broker/ConnectionHandler.cpp are expanded: start, secure, tune. 3. broker/SecureConnection is altered to get the client-broker and the server-broker to agree on when the security layer should be inserted. 4. the python tool qpid-route is modified so that, in the "route add" command, you can specify the security mechanism for SASL to use. TODO -- should we also pass in {min,max}SSF ? 5. Changes in broker/LinkRegistry to allow the information input by qpid-route to be passed up to where it is needed. 6. A bash script test run by "make check" that creates a SASLized federation link and sends some messages down it. TODO - write a python unit test instead of a bash script. I think I uncovered a bug in the python code when I tried. 7. NOTE - testing for this feature does not work with versions of SASL earlier than 2.1.22, becuase I can't tell SASL to use a SASL database file in a nonstandard location. The test is disabled for earlier versions. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1024541 13f79535-47bb-0310-9956-ffa450edef68 
-------------------------------------------------------------

1. Brokers already knew how to handle the server side of SASLized
   links, but not the client side.  So we promoted the client-side
   SASL code from the client library to the common library so that
   the broker could also use it.  This affected SaslFactory.{h,cpp}
   and Sasl.h
   TODO -- can the server-side and client-side code be unified here?

2. Some of the SASL verbs in broker/ConnectionHandler.cpp are
   expanded: start, secure, tune.

3. broker/SecureConnection is altered to get the client-broker and
   the server-broker to agree on when the security layer should be
   inserted.

4. the python tool qpid-route is modified so that, in the "route add"
   command, you can specify the security mechanism for SASL to use.
   TODO -- should we also pass in {min,max}SSF ?

5. Changes in broker/LinkRegistry to allow the information input by
   qpid-route to be passed up to where it is needed.

6. A bash script test run by "make check" that creates a SASLized
   federation link and sends some messages down it.
   TODO - write a python unit test instead of a bash script.  I
          think I uncovered a bug in the python code when I tried.

7. NOTE - testing for this feature does not work with versions of
   SASL earlier than 2.1.22, becuase I can't tell SASL to use a
   SASL database file in a nonstandard location.  The test is
   disabled for earlier versions.




git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1024541 13f79535-47bb-0310-9956-ffa450edef68