qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gmur...@apache.org
Subject [1/3] qpid-dispatch git commit: DISPATCH-920 - Block policy enforcement on inter-router connections
Date Fri, 16 Feb 2018 20:13:24 GMT
Repository: qpid-dispatch
Updated Branches:
  refs/heads/1.0.x 7b2c07a32 -> 3fabd9629


DISPATCH-920 - Block policy enforcement on inter-router connections

(cherry picked from commit ee044a15f48e046919bc5679f4b2bef7ae1f1f99)


Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/6ba4d09a
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/6ba4d09a
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/6ba4d09a

Branch: refs/heads/1.0.x
Commit: 6ba4d09ae361cae0ee2b1b35515129475fd11acb
Parents: 7b2c07a
Author: Ted Ross <tross@redhat.com>
Authored: Sat Jan 27 15:02:50 2018 -0500
Committer: Ganesh Murthy <gmurthy@redhat.com>
Committed: Fri Feb 16 14:58:11 2018 -0500

----------------------------------------------------------------------
 src/policy.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/6ba4d09a/src/policy.c
----------------------------------------------------------------------
diff --git a/src/policy.c b/src/policy.c
index 960a3a7..d89fd86 100644
--- a/src/policy.c
+++ b/src/policy.c
@@ -663,7 +663,7 @@ bool qd_policy_approve_amqp_receiver_link(pn_link_t *pn_link, qd_connection_t
*q
         }
     } else {
         // A receiver with no remote source.
-        qd_log(qd_server_dispatch(qd_conn->server)->policy->log_source, QD_LOG_TRACE,
+        qd_log(qd_server_dispatch(qd_conn->server)->policy->log_source, QD_LOG_INFO,
                "DENY AMQP Attach receiver link '' for user '%s', rhost '%s', vhost '%s'",
                qd_conn->user_id, hostip, vhost);
         _qd_policy_deny_amqp_receiver_link(pn_link, qd_conn, QD_AMQP_COND_UNAUTHORIZED_ACCESS);
@@ -680,7 +680,7 @@ void qd_policy_amqp_open(qd_connection_t *qd_conn) {
     qd_policy_t *policy = qd->policy;
     bool connection_allowed = true;
 
-    if (policy->enableVhostPolicy) {
+    if (policy->enableVhostPolicy && (!qd_conn->role || strcmp(qd_conn->role,
"inter-router"))) {
         // Open connection or not based on policy.
         pn_transport_t *pn_trans = pn_connection_transport(conn);
         const char *hostip = qd_connection_remote_ip(qd_conn);


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message