From 27d018327a292d78e8d8a88692ec345565775647 Mon Sep 17 00:00:00 2001 From: Justin Bertram Date: Wed, 9 Feb 2022 21:06:28 -0600 Subject: [PATCH] ARTEMIS-3678 return proper CONNACK code when MQTT 3.x auth fails --- .../core/protocol/mqtt/MQTTProtocolHandler.java | 2 ++ .../tests/integration/mqtt/MQTTSecurityTest.java | 12 +++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolHandler.java b/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolHandler.java index 599f1a7600..03728fae02 100644 --- a/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolHandler.java +++ b/artemis-protocols/artemis-mqtt-protocol/src/main/java/org/apache/activemq/artemis/core/protocol/mqtt/MQTTProtocolHandler.java @@ -234,6 +234,8 @@ public class MQTTProtocolHandler extends ChannelInboundHandlerAdapter { } catch (ActiveMQSecurityException e) { if (session.is5()) { session.getProtocolHandler().sendConnack(MQTTReasonCodes.BAD_USER_NAME_OR_PASSWORD); + } else { + session.getProtocolHandler().sendConnack(MQTTReasonCodes.NOT_AUTHORIZED_3); } disconnect(true); return; diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/mqtt/MQTTSecurityTest.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/mqtt/MQTTSecurityTest.java index 3535a9c0dd..3938aabca7 100644 --- a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/mqtt/MQTTSecurityTest.java +++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/mqtt/MQTTSecurityTest.java @@ -16,12 +16,13 @@ */ package org.apache.activemq.artemis.tests.integration.mqtt; -import java.io.EOFException; import java.util.Arrays; import org.apache.activemq.artemis.tests.util.Wait; import org.fusesource.mqtt.client.BlockingConnection; import org.fusesource.mqtt.client.MQTT; +import org.fusesource.mqtt.client.MQTTException; +import org.fusesource.mqtt.codec.CONNACK; import org.junit.Test; public class MQTTSecurityTest extends MQTTTestSupport { @@ -52,7 +53,7 @@ public class MQTTSecurityTest extends MQTTTestSupport { } } - @Test(timeout = 30000, expected = EOFException.class) + @Test(timeout = 30000) public void testConnectionWithNullPassword() throws Exception { for (String version : Arrays.asList("3.1", "3.1.1")) { @@ -66,8 +67,13 @@ public class MQTTSecurityTest extends MQTTTestSupport { connection = mqtt.blockingConnection(); connection.connect(); fail("Connect should fail"); + } catch (MQTTException e) { + assertEquals(CONNACK.Code.CONNECTION_REFUSED_NOT_AUTHORIZED, e.connack.code()); + } catch (Exception e) { + fail("Should have caught an MQTTException"); } finally { - if (connection != null && connection.isConnected()) connection.disconnect(); + if (connection != null && connection.isConnected()) + connection.disconnect(); } } }