Description of problem: When starting qpid broker with --sasl-config option (that specifies _path_ to qpidd.conf file for SASL) such that the option value is an invalid directory, qpid broker deals that like the sasl config is empty. No error is printed, broker runs properly. That is quite confusing. Please either write an error like "sasl-config path does not exist, using empty SASL configuration", or even halt the broker startup. Version-Release number of selected component (if applicable): 0.30-1 How reproducible: 100% Steps to Reproduce: 1. echo "nonsense" >> /etc/sasl2/qpidd.conf 2. qpidd --sasl-config=/etc/sasl2/qpidd.conf 3. qpidd --sasl-config=/some/notexisting/directory 4. rm -f /qpidd.conf; qpidd --sasl-config=/ Actual results: Brokers in steps 2.,3. and 4. starts "successfully" Expected results: Neither broker in 2.,3. or 4. should start (or can but logging error message) Additional info: Derived from bz728196
For steps 1 and 2 in comment #0, the directory and file exist. The problem is with the contents of the file. A typical sasl qpidd.conf looks like: pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /usr/local/etc/qpid/sasl_config/qpidd.sasldb sql_select: dummy select mech_list: ANONYMOUS PLAIN DIGEST-MD5 EXTERNAL CRAM-MD5 If we are now going to parse the content of that file, which lines should we validate?
We don't want to parse the contents at all. We should only attempt to cover case number 3, imo.
Created attachment 952565 [details] Add various tests on the passed in directory The patch adds the following tests: That what is passed in is a directory and not a file That the directory contains a qpidd.conf file That the broker is able to read the qpidd.conf file Patch has been reviewed.
Currently the windows sasl implementation does not use the --sasl-config option and so is not affected by this bz and patch.
https://svn.apache.org/r1637122
Created attachment 957261 [details] Fixes build problem Prevents the broker from failing to start if an empty saslConfig directory is used.
https://svn.apache.org/r1639493
This issue is fixed. Checked on RHEL 6 x86_64 and i386 with packages: qpid-cpp-client-0.34-1.el6 qpid-cpp-server-rdma-0.34-1.el6 qpid-cpp-server-ha-0.34-1.el6 qpid-proton-c-0.9-4.el6 qpid-cpp-server-0.34-1.el6 qpid-cpp-client-devel-0.34-1.el6 qpid-cpp-server-linearstore-0.34-1.el6 qpid-cpp-server-devel-0.34-1.el6 qpid-qmf-0.34-1.el6 qpid-cpp-client-rdma-0.34-1.el6 qpid-cpp-server-xml-0.34-1.el6 qpid-cpp-debuginfo-0.34-1.el6 and qpid-cpp-client-rdma-0.32-1.el6 qpid-cpp-debuginfo-0.32-1.el6 qpid-proton-c-0.9-4.el6 qpid-cpp-server-0.32-1.el6 qpid-cpp-client-devel-0.32-1.el6 qpid-cpp-server-rdma-0.32-1.el6 qpid-cpp-server-xml-0.32-1.el6 qpid-cpp-server-linearstore-0.32-1.el6 qpid-cpp-client-0.32-1.el6 qpid-cpp-server-devel-0.32-1.el6 qpid-cpp-server-ha-0.32-1.el6 Broker does not start in both versions in steps 2., 3. and 4. and gives an error message, which is OK. -> VERIFIED
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2015-1879.html