Bug 1009493 - Client succeeds to connect to non-ssl broker even if the ssl transport is requested by the client
Client succeeds to connect to non-ssl broker even if the ssl transport is req...
Status: CLOSED ERRATA
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: qpid-cpp (Show other bugs)
Development
Unspecified Unspecified
medium Severity medium
: 3.0
: ---
Assigned To: Gordon Sim
Leonid Zhaldybin
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-18 10:33 EDT by Petr Matousek
Modified: 2014-11-09 17:39 EST (History)
5 users (show)

See Also:
Fixed In Version: qpid-cpp-0.22-16
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-09-24 11:08:48 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Apache JIRA QPID-5143 None None None Never

  None (edit)
Description Petr Matousek 2013-09-18 10:33:32 EDT
Description of problem:

When using qpid-send/qpid-receive clients for sending/receiving message to default broker address and the ssl transport is requested by the client, the client is successful even when connecting to non-ssl broker: 
qpid-send --connection-options "{transport: 'ssl'}" -a "q;{create:always}"

Note: When the broker address is specified for the connection then the connection is not initiated (as expected):
qpid-send --connection-options "{transport: 'ssl'}" -a "q;{create:always}" -b localhost
qpid-send: Unknown protocol: ssl (/builddir/build/BUILD/qpid-0.22/cpp/src/qpid/client/Connector.cpp:52)

Version-Release number of selected component (if applicable):
qpid-cpp-*-0.22-14

How reproducible:
100%

Steps to Reproduce:
1. run a non-ssl broker
2. qpid-send --connection-options "{transport: 'ssl'}" -a "q;{create:always}"
3. qpid-config queues
4. the queue q was created

Actual results:
ssl connection to non-ssl broker succeeds

Expected results:
ssl connection to non-ssl broker is aborted

Additional info:
Comment 1 Gordon Sim 2013-09-18 15:28:27 EDT
Fixed upstream: https://svn.apache.org/r1524506
Comment 3 Leonid Zhaldybin 2014-01-07 10:46:36 EST
Tested on RHEL6.5 (both i386 and x86_64). This issue has been fixed.

Packages used for testing:
python-qpid-0.22-9.el6
python-qpid-qmf-0.22-25.el6
qpid-cpp-client-0.22-30.el6
qpid-cpp-client-devel-0.22-30.el6
qpid-cpp-client-devel-docs-0.22-30.el6
qpid-cpp-client-ssl-0.22-30.el6
qpid-cpp-server-0.22-30.el6
qpid-cpp-server-devel-0.22-30.el6
qpid-cpp-server-linearstore-0.22-30.el6
qpid-cpp-server-ssl-0.22-30.el6
qpid-cpp-server-xml-0.22-30.el6
qpid-java-client-0.22-5.el6
qpid-java-common-0.22-5.el6
qpid-java-example-0.22-5.el6
qpid-jca-0.22-1.el6
qpid-jca-xarecovery-0.22-1.el6
qpid-proton-c-0.6-1.el6
qpid-qmf-0.22-25.el6
qpid-snmpd-1.0.0-15.el6
qpid-tools-0.22-7.el6

-> VERIFIED
Comment 4 errata-xmlrpc 2014-09-24 11:08:48 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2014-1296.html

Note You need to log in before you can comment on or make changes to this bug.