diff options
| author | Emile Joubert <emile@rabbitmq.com> | 2013-01-23 16:19:50 +0000 |
|---|---|---|
| committer | Emile Joubert <emile@rabbitmq.com> | 2013-01-23 16:19:50 +0000 |
| commit | d9a16fd51273f2ba9f6d71d960fbe6b7ded44188 (patch) | |
| tree | 2c41c42ed65c8a2edf788fa5e81d2f489e34d5d0 | |
| parent | fe93d74e591786c93f357d4fb2932657d5d57433 (diff) | |
| download | rabbitmq-server-git-d9a16fd51273f2ba9f6d71d960fbe6b7ded44188.tar.gz | |
Reject AMQP 1.0 TLS requests specifically
| -rw-r--r-- | src/rabbit_reader.erl | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/rabbit_reader.erl b/src/rabbit_reader.erl index ae8327498e..39affb17e4 100644 --- a/src/rabbit_reader.erl +++ b/src/rabbit_reader.erl @@ -699,10 +699,13 @@ handle_input(handshake, <<"AMQP", 1, 1, 9, 1>>, State) -> start_connection({8, 0, 0}, rabbit_framing_amqp_0_8, State); %% ... and finally, the 1.0 spec is crystal clear! Note that the -%% TLS uses a different protocol number, and would go here. handle_input(handshake, <<"AMQP", 0, 1, 0, 0>>, State) -> become_1_0(amqp, {0, 1, 0, 0}, State); +%% 2 stands for TLS +handle_input(handshake, <<"AMQP", 2, 1, 0, 0>>, #v1{sock = Sock}) -> + refuse_1_0_connection(Sock, tls_request_refused); + %% 3 stands for "SASL" handle_input(handshake, <<"AMQP", 3, 1, 0, 0>>, State) -> become_1_0(sasl, {3, 1, 0, 0}, State); @@ -740,6 +743,10 @@ refuse_connection(Sock, Exception) -> ok = inet_op(fun () -> rabbit_net:send(Sock, <<"AMQP",0,0,9,1>>) end), throw(Exception). +refuse_1_0_connection(Sock, Exception) -> + ok = inet_op(fun () -> rabbit_net:send(Sock, <<"AMQP",0,1,0,0>>) end), + throw(Exception). + ensure_stats_timer(State = #v1{connection_state = running}) -> rabbit_event:ensure_stats_timer(State, #v1.stats_timer, emit_stats); ensure_stats_timer(State) -> |