Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle URI Query Parameters #534

Merged
merged 3 commits into from
Dec 20, 2017
Merged

Conversation


require "amq/protocol/version"
puts "Using Ruby #{RUBY_VERSION}, amq-protocol #{AMQ::Protocol::VERSION}"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe it's more relevant to show SHA of the amq-protocol master branch here instead of version.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is there is no "SHA" because we don't run with a local clone?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As far as CI grabs amq-protocol master branch before tests run, it'd be nice to see exact commit SHA. Probably it'd bring a little benefit locally, but I'd prefer to control deps with bundle config --local local.amq-protocol ../amq-protocol. In this case I'm free to specify any path and don't create symlinks and use #custom_gem extension to #gem.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can do that in .travis.yml.

@@ -319,9 +343,9 @@
password: "bunny_password",
vhost: "bunny_testbed",
ssl: true,
ssl_cert: "spec/tls/client_cert.pem",
Copy link
Contributor Author

@Tensho Tensho Dec 20, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:ssl context test data setup is outdated, so I normalized it with :tls context.

end

it "parses extra connection parameters" do
# session.start # raises "OpenSSL::SSL::SSLError: hostname "127.0.0.1" does not match the server certificate"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I responded there.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inspecting the transport suggests that it has :ssl=>0.

@@ -464,7 +464,7 @@ def blocked?
# @param [String] uri amqp or amqps URI to parse
# @return [Hash] Parsed URI as a hash
def self.parse_uri(uri)
AMQ::Settings.parse_amqp_url(uri)
AMQ::Settings.configure(uri)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❗️ Very important change that enables defaults merge for the parsed parameters.

@Tensho
Copy link
Contributor Author

Tensho commented Dec 20, 2017

Strange things happen at CI, I can't understand how Bunny::Session#ssl? may return 0?
https://travis-ci.org/ruby-amqp/bunny/builds/319109274

Failures:

  1) Bunny::Session initialized via connection URI when URI contains query parameters parses extra connection parameters

     Failure/Error: expect(session.ssl?).to eq(true)

       expected: true
            got: 0

       (compared using ==)
     # ./spec/higher_level_api/integration/connection_spec.rb:66:in `block (4 levels) in <top (required)>'

Finished in 3 minutes 0 seconds (files took 0.2697 seconds to load)

198 examples, 1 failure

Failed examples:

rspec ./spec/higher_level_api/integration/connection_spec.rb:55 # Bunny::Session initialized via connection URI when URI contains query parameters parses extra connection parameters

@michaelklishin
Copy link
Member

I get several TLS connection test suite failures in my standard testing environment, will take a look later in the week.

@@ -191,7 +191,7 @@ def initialize(connection_string_or_opts = ENV['RABBITMQ_URL'], optz = Hash.new)

client_props = opts[:properties] || opts[:client_properties] || {}
@client_properties = DEFAULT_CLIENT_PROPERTIES.merge(client_props)
@mechanism = normalize_auth_mechanism(opts.fetch(:auth_mechanism, "PLAIN"))
@mechanism = (opts[:auth_mechanism] || []).first || "PLAIN"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we modify this at all (not sure why it's a part of this PR but OK), normalize_auth_mechanism should then be deleted.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, nice spot, I forgot to remove the method. Basically auth_mechanism confused me too. According to specification client may specify several auth mechanism, so I decided to adheer in amq-protocol. But when I proceed with bunny, I realised that session initialization expects a single string value, not array. TBH, I didn't have time to analyze, how several auth mechanisms should be handled properly, so i decided to adheer bunny fallback to "PLAIN" for array case.

Let me recheck, maybe normalize_auth_mechanism is OK for array default value, I don't remember exact reason, why I replaced it...

@michaelklishin
Copy link
Member

So far everything points at the fact that @opts in Bunny::Session in your test have :ssl => 0. I pushed Tensho-init-params with my changes that were necessary to make the tests except for one (the same as yours) pass for me.

Please open a new PR based on that branch once you figure out what's going on in the newly added test example. Thanks.

@michaelklishin
Copy link
Member

michaelklishin commented Dec 20, 2017

So the issue comes from AMQ::Settings.configure:

require "pp"

pp AMQ::Settings.configure("amqps://bunny_gem:bunny_password@/bunny_testbed?heartbeat=10&connection_timeout=100&channel_max=1000&verify=false&cacertfile=spec/tls/ca_certificate.pem&certfile=spec/tls/client_certificate.pem&keyfile=spec/tls/client_key.pem")

produces

{:host=>"127.0.0.1",
 :port=>5671,
 :user=>"bunny_gem",
 :pass=>"bunny_password",
 :vhost=>"bunny_testbed",
 :ssl=>0,
 :frame_max=>131072,
 :heartbeat=>10,
 :connection_timeout=>100,
 :channel_max=>1000,
 :auth_mechanism=>nil,
 :verify=>"false",
 :fail_if_no_peer_cert=>nil,
 :cacertfile=>"spec/tls/ca_certificate.pem",
 :certfile=>"spec/tls/client_certificate.pem",
 :keyfile=>"spec/tls/client_key.pem",
 :scheme=>"amqps"}

@@ -349,8 +353,8 @@ def prepare_tls_context(opts)
@tls_key = tls_key_from(opts)
@tls_certificate_store = opts[:tls_certificate_store]

@tls_ca_certificates = opts.fetch(:tls_ca_certificates, default_tls_certificates)
@verify_peer = (opts[:verify_ssl] || opts[:verify_peer])
@tls_ca_certificates = tls_ca_certificates_paths_from(opts) || default_tls_certificates
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I susptect that tls_ca_certificates_paths_from will never evaluate to nil, so the default_tls_certificates will never be used

Copy link
Contributor Author

@Tensho Tensho Jan 10, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are totally right, what do you think if we call Array() out of #tls_ca_certificates_paths_from method?

@tls_ca_certificates  = Array(tls_ca_certificates_paths_from(opts) || default_tls_certificates)

Should I create a PR with fix?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, great

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants