QPID-5062: pass through security details from SSL transport to enable EXTERNAL authentication

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1512346 13f79535-47bb-0310-9956-ffa450edef68

8 files changed, 27 insertions, 1 deletions

diff --git a/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp b/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp
index 72bba608d1..c9b7c1a1c4 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp
+++ b/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.cpp
@@ -763,4 +763,9 @@ void ConnectionContext::setProperties()
     **/
 }
 
+const qpid::sys::SecuritySettings* ConnectionContext::getTransportSecuritySettings()
+{
+    return transport ?  transport->getSecuritySettings() : 0;
+}
+
 }}} // namespace qpid::messaging::amqp
diff --git a/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.h b/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.h
index 37d73ea456..d8a00ea147 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.h
+++ b/qpid/cpp/src/qpid/messaging/amqp/ConnectionContext.h
@@ -44,6 +44,9 @@ namespace qpid {
 namespace framing {
 class ProtocolVersion;
 }
+namespace sys {
+struct SecuritySettings;
+}
 namespace messaging {
 class Duration;
 class Message;
@@ -101,6 +104,7 @@ class ConnectionContext : public qpid::sys::ConnectionCodec, public qpid::messag
     framing::ProtocolVersion getVersion() const;
     //additionally, Transport needs:
     void opened();//signal successful connection
+    const qpid::sys::SecuritySettings* getTransportSecuritySettings();
 
   private:
     typedef std::map<std::string, boost::shared_ptr<SessionContext> > SessionMap;
diff --git a/qpid/cpp/src/qpid/messaging/amqp/Sasl.cpp b/qpid/cpp/src/qpid/messaging/amqp/Sasl.cpp
index 40f469cdcf..4b21f7b0d2 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/Sasl.cpp
+++ b/qpid/cpp/src/qpid/messaging/amqp/Sasl.cpp
@@ -93,7 +93,7 @@ void Sasl::mechanisms(const std::string& offered)
         mechanisms = offered;
     }
 
-    if (sasl->start(mechanisms, response)) {
+    if (sasl->start(mechanisms, response, context.getTransportSecuritySettings())) {
         init(sasl->getMechanism(), &response, hostname.size() ? &hostname : 0);
     } else {
         init(sasl->getMechanism(), 0, hostname.size() ? &hostname : 0);
diff --git a/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp b/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp
index ea2375cb26..a62a553d90 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp
+++ b/qpid/cpp/src/qpid/messaging/amqp/SslTransport.cpp
@@ -157,4 +157,11 @@ void SslTransport::activateOutput()
     if (aio) aio->notifyPendingWrite();
 }
 
+const qpid::sys::SecuritySettings* SslTransport::getSecuritySettings()
+{
+    securitySettings.ssf = socket.getKeyLen();
+    securitySettings.authid = "dummy";//set to non-empty string to enable external authentication
+    return &securitySettings;
+}
+
 }}} // namespace qpid::messaging::amqp
diff --git a/qpid/cpp/src/qpid/messaging/amqp/SslTransport.h b/qpid/cpp/src/qpid/messaging/amqp/SslTransport.h
index aad82c2c2a..2972be4fac 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/SslTransport.h
+++ b/qpid/cpp/src/qpid/messaging/amqp/SslTransport.h
@@ -23,6 +23,7 @@
  */
 #include "qpid/messaging/amqp/Transport.h"
 #include "qpid/sys/Mutex.h"
+#include "qpid/sys/SecuritySettings.h"
 #include "qpid/sys/ssl/SslSocket.h"
 #include <boost/shared_ptr.hpp>
 
@@ -50,6 +51,7 @@ class SslTransport : public Transport
     void abort();
     void connectionEstablished() {};
     void close();
+    const qpid::sys::SecuritySettings* getSecuritySettings();
 
   private:
     qpid::sys::ssl::SslSocket socket;
@@ -59,6 +61,7 @@ class SslTransport : public Transport
     boost::shared_ptr<qpid::sys::Poller> poller;
     bool closed;
     std::string id;
+    qpid::sys::SecuritySettings securitySettings;
 
     void connected(const qpid::sys::Socket&);
     void failed(const std::string& msg);
diff --git a/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.cpp b/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.cpp
index 98022d634c..c0a9560c6f 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.cpp
+++ b/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.cpp
@@ -159,4 +159,8 @@ void TcpTransport::activateOutput()
     if (aio) aio->notifyPendingWrite();
 }
 
+const qpid::sys::SecuritySettings* TcpTransport::getSecuritySettings()
+{
+    return 0;
+}
 }}} // namespace qpid::messaging::amqp
diff --git a/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.h b/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.h
index d7adf64f3e..406791417c 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.h
+++ b/qpid/cpp/src/qpid/messaging/amqp/TcpTransport.h
@@ -50,6 +50,7 @@ class TcpTransport : public Transport
     void abort();
     void connectionEstablished() {};
     void close();
+    const qpid::sys::SecuritySettings* getSecuritySettings();
 
   private:
     boost::scoped_ptr<qpid::sys::Socket> socket;
diff --git a/qpid/cpp/src/qpid/messaging/amqp/Transport.h b/qpid/cpp/src/qpid/messaging/amqp/Transport.h
index ee021f645b..3f0d2ba7ed 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/Transport.h
+++ b/qpid/cpp/src/qpid/messaging/amqp/Transport.h
@@ -27,6 +27,7 @@
 namespace qpid {
 namespace sys {
 class Poller;
+struct SecuritySettings;
 }
 namespace messaging {
 namespace amqp {
@@ -38,6 +39,7 @@ class Transport : public qpid::sys::OutputControl
     virtual ~Transport() {}
     virtual void connect(const std::string& host, const std::string& port) = 0;
     virtual void close() = 0;
+    virtual const qpid::sys::SecuritySettings* getSecuritySettings() = 0;
 
     typedef Transport* Factory(TransportContext&, boost::shared_ptr<qpid::sys::Poller>);
     static Transport* create(const std::string& name, TransportContext&, boost::shared_ptr<qpid::sys::Poller>);