summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* No need to concatenate hard-coded lists...bug26393Jean-Sebastien Pedron2014-12-102-4/+4
|
* Now that empty keys are dropped, we can always add ssl_* keysJean-Sebastien Pedron2014-12-101-11/+1
| | | | | If the connection isn't over SSL, ssl_* keys will be empty and dropped anyway.
* Filter out auth notification properties with no valueJean-Sebastien Pedron2014-12-032-2/+2
|
* Style fix: Use ++ to construct EventProps, not multiple temporary variablesJean-Sebastien Pedron2014-12-032-25/+17
|
* Pass "extra properties" to notify_auth_result/{3,4} instead of a messageJean-Sebastien Pedron2014-12-022-15/+12
| | | | | This avoids to passs an empty message in the case of successful authentication.
* Only include ssl/certificate informations when the connection is over SSLJean-Sebastien Pedron2014-12-021-6/+17
| | | | This gives lighter notifications for plain TCP connections.
* Use list comprehension instead of lists:foldl/3Jean-Sebastien Pedron2014-12-021-8/+8
| | | | | | To keep a somewhat logical order in the list of user_authentication_* properties, reverse the order of the AUTH_NOTIFICATION_INFO_KEYS list. This list was previously reversed by lists:foldl/3.
* Use rabbit_misc:format/2 instead of lists:flatten/1 + io_lib:format/2Jean-Sebastien Pedron2014-12-022-2/+2
|
* Move the info keys list added to user_authentication_* to a -define()Jean-Sebastien Pedron2014-12-021-15/+6
|
* Drop {refuse, _, _} from rabbit_auth_mechanism:handle_response/2 return valuesJean-Sebastien Pedron2014-11-262-7/+0
|
* Rephrase a comment to use the present tenseJean-Sebastien Pedron2014-11-261-1/+1
|
* Update rabbit_auth_mechanism:handle_response() spec to match the changeJean-Sebastien Pedron2014-11-262-3/+6
|
* Add more properties to the user_authentication_* notificationsJean-Sebastien Pedron2014-11-253-23/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Until now, the only property was {name, Username}. The added properties are: o {connection_type, network | direct} o {error, Message} (only if the authentication failed) For network connections, the following informations are added as returned by rabbit_reader:infos/2: o auth_mechanism o host o name (the property is renamed to connection_name to avoid conflict with the username) o peer_cert_issuer o peer_cert_subject o peer_cert_validity o peer_host o peer_port o protocol o ssl o ssl_cipher o ssl_protocol o vhost The notification is sent by rabbit_reader:notify_auth_result/5 and rabbit_direct:notify_auth_result/4, not by rabbit_access_control:check_user_login/2 anymore. This fixes a bug where a "user_authentication_success" event would be sent by rabbit_access_control:check_user_login/2, even if rabbit_reader:auth_phase/2 rejects the user later because the connection isn't on the loopback interface.
* stable to defaultSimon MacMullen2014-11-251-0/+6
|\
| * Merge bug26367rabbitmq_v3_4_2Simon MacMullen2014-11-251-9/+49
| |\
| * | Add a comment so we remember x-dead-letter-exchange was already verifiedbug26367Jean-Sebastien Pedron2014-11-241-4/+6
| | | | | | | | | | | | While here, rename the check function to a more sensible name.
| * | Restore the "x-dead-letter-exchange" check lost in changeset 12133Jean-Sebastien Pedron2014-11-241-0/+4
| | |
* | | stable to defaultSimon MacMullen2014-11-251-7/+29
|\ \ \ | | |/ | |/|
| * | Merge bug26474 (again)Simon MacMullen2014-11-251-7/+29
| |\ \
| | * | Also add a tiny bit more logging, for symmetry.bug26474Simon MacMullen2014-11-251-0/+4
| | | |
| | * | Mutual disconnect when partial partition detected. And don't allow a very ↵Simon MacMullen2014-11-251-1/+23
| | | | | | | | | | | | | | | | short disconnection since Mnesia might not detect it.
| | * | Do not attempt to "fix up" the partitions field; if Mnesia does not detect ↵Simon MacMullen2014-11-251-6/+2
| | | | | | | | | | | | | | | | the partition it will behave wrong anyway.
* | | | Merge heads of defaultJean-Sebastien Pedron2014-11-241-4/+4
|\ \ \ \
| * \ \ \ Merge bug26257 (again)Jean-Sebastien Pedron2014-11-244-7/+23
| |\ \ \ \
| * | | | | When reporting invalid cluster node names, keep configuration orderbug26257Jean-Sebastien Pedron2014-11-241-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | While here, fix an unused variable warning.
* | | | | | stable to defaultSimon MacMullen2014-11-2416-178/+493
|\ \ \ \ \ \ | | |/ / / / | |/| / / / | |_|/ / / |/| | | |
| * | | | Merge bug26257Simon MacMullen2014-11-211-14/+34
| |\ \ \ \ | | |/ / /
| | * | | Detect other invalid 'cluster_nodes' valuesJean-Sebastien Pedron2014-11-211-7/+33
| | | | | | | | | | | | | | | | | | | | In all cases, abort startup with an explanatory message.
| | * | | Remove support for the legacy 'cluster_nodes' valuesJean-S?bastien P?dron2014-11-201-13/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this change, a list of nodes without the node type was accepted. In this case, the node type was guessed and a warning suggesting how to update the configuration was logged. Now, the node type is mandatory and the RabbitMQ server refuses to start if the node type is unspecified.
| * | | | stable to defaultSimon MacMullen2014-11-203-15/+13
| |\ \ \ \ | | | |_|/ | | |/| |
| * | | | stable to defaultSimon MacMullen2014-11-201-1/+13
| |\ \ \ \
| * \ \ \ \ stable to defaultSimon MacMullen2014-11-201-1/+7
| |\ \ \ \ \ | | |_|_|/ / | |/| | | |
| * | | | | stable to defaultSimon MacMullen2014-11-191-0/+5
| |\ \ \ \ \
| * \ \ \ \ \ Merge bug26469Simon MacMullen2014-11-1411-96/+201
| |\ \ \ \ \ \
| | * | | | | | Tweak the APIs again, so that authz plugins aren't expected to create a ↵bug26469Simon MacMullen2014-11-148-71/+120
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | #auth_user record in the first place, just whatever impl they want. Which necessitates seperate login functions for authz and authn, and if we're going to do that we might as well split the behaviours so that we have the possibility of making an authz-only plugin.
| | * | | | | | Rename.Simon MacMullen2014-11-141-2/+2
| | | | | | | |
| | * | | | | | Fix tests.Simon MacMullen2014-11-141-4/+6
| | | | | | | |
| | * | | | | | Never pass the #user{} record into auth backends, they should only see their ↵Simon MacMullen2014-11-137-62/+87
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | own stuff. Get rid of authN_backend, it has little reason for existing. Flatten case of authZ_backend.
| | * | | | | | Cosmetic.Simon MacMullen2014-11-131-31/+30
| | | | | | | |
| | * | | | | | Import changes from ↵Simon MacMullen2014-11-1310-66/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/gotthardp/rabbitmq-server/tree/multi_authorization
| * | | | | | | stable to defaultSimon MacMullen2014-11-144-68/+258
| |\ \ \ \ \ \ \ | | |/ / / / / /
| | * | | | | | Merge bug26457Simon MacMullen2014-11-131-2/+10
| | |\ \ \ \ \ \
| | | * | | | | | R13B03 compatibility.Simon MacMullen2014-11-131-2/+10
| | | | | | | | |
| | * | | | | | | Remove a couple of TODOs, make the read buffer size configurable, and don't ↵bug26457Simon MacMullen2014-11-132-5/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the read buffer for the QI or msg store transform since they already read in decent sized chunks.
| | * | | | | | | Small refactor suggested by Matthias.Simon MacMullen2014-11-131-20/+14
| | | | | | | | |
| | * | | | | | | Be a bit more systematic about reseting the read buffer.Simon MacMullen2014-11-131-21/+30
| | | | | | | | |
| | * | | | | | | If they ask to read more than the buffer size, do so.Simon MacMullen2014-11-131-2/+2
| | | | | | | | |
| | * | | | | | | Merge in defaultSimon MacMullen2014-11-125-14/+31
| | |\ \ \ \ \ \ \ | | | |/ / / / / /
| | | * | | | | | Merge bug24781Simon MacMullen2014-11-123-5/+10
| | | |\ \ \ \ \ \
| | | | * \ \ \ \ \ stable to defaultSimon MacMullen2014-11-121-30/+72
| | | | |\ \ \ \ \ \
View Lorry Controller Status