diff options
| author | Simon MacMullen <simon@rabbitmq.com> | 2013-10-03 11:34:45 +0100 |
|---|---|---|
| committer | Simon MacMullen <simon@rabbitmq.com> | 2013-10-03 11:34:45 +0100 |
| commit | b725d82cd5be0dbb7f8fe8c7f516d3853ecb79ff (patch) | |
| tree | d5f7a5adea5ab83e8a6fcd5f98cd3e1bde3e94d8 | |
| parent | e5d2110f4f5d9752a8f9b11af2b7415d38bcce00 (diff) | |
| parent | 81a3ada337243110ef1f56325a97426048bc8d69 (diff) | |
| download | rabbitmq-server-b725d82cd5be0dbb7f8fe8c7f516d3853ecb79ff.tar.gz | |
Merge bug 24094
| -rw-r--r-- | src/rabbit_direct.erl | 11 | ||||
| -rw-r--r-- | src/rabbit_reader.erl | 34 |
2 files changed, 31 insertions, 14 deletions
diff --git a/src/rabbit_direct.erl b/src/rabbit_direct.erl index a7ee3276..5a004792 100644 --- a/src/rabbit_direct.erl +++ b/src/rabbit_direct.erl @@ -37,8 +37,8 @@ rabbit_event:event_props()) -> rabbit_types:ok_or_error2( {rabbit_types:user(), rabbit_framing:amqp_table()}, - 'broker_not_found_on_node' | 'auth_failure' | - 'access_refused')). + 'broker_not_found_on_node' | + {'auth_failure', string()} | 'access_refused')). -spec(start_channel/9 :: (rabbit_channel:channel_number(), pid(), pid(), string(), rabbit_types:protocol(), rabbit_types:user(), rabbit_types:vhost(), @@ -90,9 +90,10 @@ connect(Username, VHost, Protocol, Pid, Infos) -> connect0(AuthFun, VHost, Protocol, Pid, Infos) -> case rabbit:is_running() of true -> case AuthFun() of - {ok, User} -> connect(User, VHost, Protocol, Pid, - Infos); - {refused, _M, _A} -> {error, auth_failure} + {ok, User} -> + connect(User, VHost, Protocol, Pid, Infos); + {refused, _M, _A} -> + {error, {auth_failure, "Refused"}} end; false -> {error, broker_not_found_on_node} end. diff --git a/src/rabbit_reader.erl b/src/rabbit_reader.erl index 1a94de8e..157b8270 100644 --- a/src/rabbit_reader.erl +++ b/src/rabbit_reader.erl @@ -176,12 +176,13 @@ server_properties(Protocol) -> NormalizedConfigServerProps). server_capabilities(rabbit_framing_amqp_0_9_1) -> - [{<<"publisher_confirms">>, bool, true}, - {<<"exchange_exchange_bindings">>, bool, true}, - {<<"basic.nack">>, bool, true}, - {<<"consumer_cancel_notify">>, bool, true}, - {<<"connection.blocked">>, bool, true}, - {<<"consumer_priorities">>, bool, true}]; + [{<<"publisher_confirms">>, bool, true}, + {<<"exchange_exchange_bindings">>, bool, true}, + {<<"basic.nack">>, bool, true}, + {<<"consumer_cancel_notify">>, bool, true}, + {<<"connection.blocked">>, bool, true}, + {<<"consumer_priorities">>, bool, true}, + {<<"authentication_failure_close">>, bool, true}]; server_capabilities(_) -> []. @@ -965,14 +966,29 @@ auth_mechanisms_binary(Sock) -> auth_phase(Response, State = #v1{connection = Connection = #connection{protocol = Protocol, + capabilities = Capabilities, auth_mechanism = {Name, AuthMechanism}, auth_state = AuthState}, sock = Sock}) -> case AuthMechanism:handle_response(Response, AuthState) of {refused, Msg, Args} -> - rabbit_misc:protocol_error( - access_refused, "~s login refused: ~s", - [Name, io_lib:format(Msg, Args)]); + AmqpError = rabbit_misc:amqp_error( + access_refused, "~s login refused: ~s", + [Name, io_lib:format(Msg, Args)], none), + case rabbit_misc:table_lookup(Capabilities, + <<"authentication_failure_close">>) of + {bool, true} -> + SafeMsg = io_lib:format( + "Login was refused using authentication " + "mechanism ~s. For details see the broker " + "logfile.", [Name]), + AmqpError1 = AmqpError#amqp_error{explanation = SafeMsg}, + {0, CloseMethod} = rabbit_binary_generator:map_exception( + 0, AmqpError1, Protocol), + ok = send_on_channel0(State#v1.sock, CloseMethod, Protocol); + _ -> ok + end, + rabbit_misc:protocol_error(AmqpError); {protocol_error, Msg, Args} -> rabbit_misc:protocol_error(syntax_error, Msg, Args); {challenge, Challenge, AuthState1} -> |