summaryrefslogtreecommitdiff
path: root/qpid/cpp/src/tests/Acl.cpp
Commit message (Collapse)AuthorAgeFilesLines
* QPID-4123: C++ Broker ACL creates too many rulesCharles E. Rolke2014-07-231-0/+14
| | | | | | | | | | | | | | | | | | | | | | | Recent changes have added new tables to define what are ACL lookups and their properties. This commit finishes that work by not propagating rules that will never match. Also, it completes the scaffolding for allowed and denied host lists to be fully integrated. This commit: * Adds startup logging of ACL validation tables with cross references to possible rule matches. * Hooks the ACL host allow/deny connection lists into self test. * Fixes self tests that get broken by proper rule table handling. * Introduces a 'create connection' decision mode similar to ACL rule decision mode. * Describes it all in doc book. git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1612874 13f79535-47bb-0310-9956-ffa450edef68
* QPID-4947: C++ Broker ACL restricts hosts from which users may connect.Charles E. Rolke2014-07-151-9/+12
| | | | | | | | | | | | | | | | | This commit adds: * Acl rule file "create connection host=hostname" support for allowing and denying connections. * AclHost class to represent a host specified in the rule file. * Global and user-specific lists of AclHost rules. Created by AclReader and consumed by AclConnectionCounter. * Address range checks and other giblets in SocketAddress: ** asString support to hide IPv6 decoration and service (port) details. ** binary comparison of network addresses. ** new firstAddress function to complement existing nextAddress. Socket addrinfo for AclHost objects is computed once only for lifetime of Acl file load. ** Posix and Windows implementations are identical. * New unit test for address comparisons. Testing a live broker is great but forcing connections to be from some arbitrary IPv4 or IPv6 address is hard. So there's a unit test for that. Further discussion about this feature is in https://reviews.apache.org/r/23322 git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1610874 13f79535-47bb-0310-9956-ffa450edef68
* QPID-5890: Improve Acl enum verificationCharles E. Rolke2014-07-121-13/+5
| | | | git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1609900 13f79535-47bb-0310-9956-ffa450edef68
* QPID-5890: Refactoring AclModule.hCharles E. Rolke2014-07-111-0/+157
* make single instances of strings associated with enums * make more compact search functions * make string definitions const * return 'const string&' instead of copies of temporaries * add self test as string defs sanity check * export AclHelper to satisfy tests (!!) git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1609828 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status