qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tr...@apache.org
Subject [3/3] qpid-dispatch git commit: DISPATCH-920 - Block policy enforcement on inter-router connections
Date Mon, 29 Jan 2018 21:38:55 GMT
DISPATCH-920 - Block policy enforcement on inter-router connections


Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/ee044a15
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/ee044a15
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/ee044a15

Branch: refs/heads/master
Commit: ee044a15f48e046919bc5679f4b2bef7ae1f1f99
Parents: 6383909
Author: Ted Ross <tross@redhat.com>
Authored: Sat Jan 27 15:02:50 2018 -0500
Committer: Ted Ross <tross@redhat.com>
Committed: Mon Jan 29 16:19:31 2018 -0500

----------------------------------------------------------------------
 src/policy.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/ee044a15/src/policy.c
----------------------------------------------------------------------
diff --git a/src/policy.c b/src/policy.c
index a712f35..7f53899 100644
--- a/src/policy.c
+++ b/src/policy.c
@@ -664,7 +664,7 @@ bool qd_policy_approve_amqp_receiver_link(pn_link_t *pn_link, qd_connection_t
*q
         }
     } else {
         // A receiver with no remote source.
-        qd_log(qd_server_dispatch(qd_conn->server)->policy->log_source, QD_LOG_TRACE,
+        qd_log(qd_server_dispatch(qd_conn->server)->policy->log_source, QD_LOG_INFO,
                "DENY AMQP Attach receiver link '' for user '%s', rhost '%s', vhost '%s'",
                qd_conn->user_id, hostip, vhost);
         _qd_policy_deny_amqp_receiver_link(pn_link, qd_conn, QD_AMQP_COND_UNAUTHORIZED_ACCESS);
@@ -681,7 +681,7 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
     qd_policy_t *policy = qd->policy;
     bool connection_allowed = true;
 
-    if (policy->enableVhostPolicy) {
+    if (policy->enableVhostPolicy && (!qd_conn->role || strcmp(qd_conn->role,
"inter-router"))) {
         // Open connection or not based on policy.
         pn_transport_t *pn_trans = pn_connection_transport(conn);
         const char *hostip = qd_connection_remote_ip(qd_conn);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message