diff options
| author | Michael Goulish <mgoulish@apache.org> | 2010-10-20 08:03:36 +0000 |
|---|---|---|
| committer | Michael Goulish <mgoulish@apache.org> | 2010-10-20 08:03:36 +0000 |
| commit | bcb149706cdace4a333a811969e473451d9ab331 (patch) | |
| tree | 6ad1e5797a8696968b91bdcf511eeac4bf4cb54f /cpp/src/qpid/broker/SecureConnection.h | |
| parent | 346e5a55b9152ab603bf8b15bd7718beb9d6ff76 (diff) | |
| download | qpid-python-bcb149706cdace4a333a811969e473451d9ab331.tar.gz | |
SASLizing Interbroker Links
-------------------------------------------------------------
1. Brokers already knew how to handle the server side of SASLized
links, but not the client side. So we promoted the client-side
SASL code from the client library to the common library so that
the broker could also use it. This affected SaslFactory.{h,cpp}
and Sasl.h
TODO -- can the server-side and client-side code be unified here?
2. Some of the SASL verbs in broker/ConnectionHandler.cpp are
expanded: start, secure, tune.
3. broker/SecureConnection is altered to get the client-broker and
the server-broker to agree on when the security layer should be
inserted.
4. the python tool qpid-route is modified so that, in the "route add"
command, you can specify the security mechanism for SASL to use.
TODO -- should we also pass in {min,max}SSF ?
5. Changes in broker/LinkRegistry to allow the information input by
qpid-route to be passed up to where it is needed.
6. A bash script test run by "make check" that creates a SASLized
federation link and sends some messages down it.
TODO - write a python unit test instead of a bash script. I
think I uncovered a bug in the python code when I tried.
7. NOTE - testing for this feature does not work with versions of
SASL earlier than 2.1.22, becuase I can't tell SASL to use a
SASL database file in a nonstandard location. The test is
disabled for earlier versions.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1024541 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src/qpid/broker/SecureConnection.h')
| -rw-r--r-- | cpp/src/qpid/broker/SecureConnection.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/cpp/src/qpid/broker/SecureConnection.h b/cpp/src/qpid/broker/SecureConnection.h index 4a0cc50e34..1547faae1e 100644 --- a/cpp/src/qpid/broker/SecureConnection.h +++ b/cpp/src/qpid/broker/SecureConnection.h @@ -49,7 +49,7 @@ class SecureConnection : public qpid::sys::ConnectionCodec bool isClosed() const; framing::ProtocolVersion getVersion() const; void setCodec(std::auto_ptr<ConnectionCodec>); - void activateSecurityLayer(std::auto_ptr<qpid::sys::SecurityLayer>); + void activateSecurityLayer(std::auto_ptr<qpid::sys::SecurityLayer>, bool secureImmediately=false); private: std::auto_ptr<ConnectionCodec> codec; std::auto_ptr<qpid::sys::SecurityLayer> securityLayer; |