Created attachment 410648 [details] Adds a completely untested checkUserName function to allow for both normal-ish usernames as well as kerberos host/service principles Description of problem: While trying to add a host principle to a group the acl policy file fails to load and prevents qpidd from running. Version-Release number of selected component (if applicable): 0.7.929717-1.el5 How reproducible: Fails every time. Steps to Reproduce: 1. Add a host or service principle to a group in the acl file. Something like this will suffice: group somegroup host/somemachine.example.com Actual results: Failure to start. Error message is: Daemon startup failed: Could not read ACL file ACL format error: /etc/qpid/policy.acl:25: Name "host/somemachine.example.com" contains illegal characters. Expected results: Should load and parse the group cleanly.
I have checked in a fix upstream at rev 943351 This also contains test cases and improved error reporting.
verified on RHEL 5.5/4.8 - i386/x86_64: rpm -qa | grep -E '(qpid|ais|sesame)' | sort -n openais-0.80.6-16.el5_5.1 openais-debuginfo-0.80.6-16.el5_5.1 openais-devel-0.80.6-16.el5_5.1 python-qpid-0.7.946106-1.el5 qpid-cpp-client-0.7.946106-1.el5 qpid-cpp-client-devel-0.7.946106-1.el5 qpid-cpp-client-devel-docs-0.7.946106-1.el5 qpid-cpp-client-ssl-0.7.946106-1.el5 qpid-cpp-server-0.7.946106-1.el5 qpid-cpp-server-cluster-0.7.946106-1.el5 qpid-cpp-server-devel-0.7.946106-1.el5 qpid-cpp-server-ssl-0.7.946106-1.el5 qpid-cpp-server-store-0.7.946106-1.el5 qpid-cpp-server-xml-0.7.946106-1.el5 qpid-java-client-0.7.946106-3.el5 qpid-java-common-0.7.946106-3.el5 qpid-tools-0.7.946106-4.el5 rh-tests-distribution-MRG-Messaging-qpid_common-1.6-27 sesame-0.7.3918-2.el5 --> VERIFIED