Skip to content

Do not propagate none password to http backend #13408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 25, 2025
Merged

Do not propagate none password to http backend #13408

merged 2 commits into from
Feb 25, 2025

Conversation

MarcialRosales
Copy link
Contributor

@MarcialRosales MarcialRosales commented Feb 24, 2025
edited
Loading

Proposed Changes

Do not propagate password if not provided. Internally, when a connection authenticates with a client certificate, the password credentials is set to none. When RabbitMQ delegates the authentication to a http backend, RabbitMQ should not send a password whose value is the Erlang term none.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

  • Bug fix (non-breaking change which fixes issue #NNNN)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause an observable behavior change in existing systems)
  • Documentation improvements (corrections, new content, etc)
  • Cosmetic change (whitespace, formatting, etc)
  • Build system and/or CI

@MarcialRosales MarcialRosales self-assigned this Feb 24, 2025
@MarcialRosales MarcialRosales changed the title Do not propagate password if not provided (mqtt) Do not propagate password if not provided Feb 24, 2025
@MarcialRosales MarcialRosales changed the title (mqtt) Do not propagate password if not provided (mqtt) Do not propagate password to http backend when it is none Feb 24, 2025
@MarcialRosales MarcialRosales changed the title (mqtt) Do not propagate password to http backend when it is none Do not propagate password to http backend when it is none Feb 24, 2025
@MarcialRosales MarcialRosales force-pushed the mqtt-optional-password-cred branch 2 times, most recently from 566feb0 to 1547216 Compare February 25, 2025 10:56
@MarcialRosales MarcialRosales force-pushed the mqtt-optional-password-cred branch from dbffcde to b09bfb2 Compare February 25, 2025 11:51
@MarcialRosales MarcialRosales changed the title Do not propagate password to http backend when it is none Do not propagate none password to http backend Feb 25, 2025
@MarcialRosales MarcialRosales marked this pull request as ready for review February 25, 2025 14:41
@michaelklishin michaelklishin added this to the 4.1.0 milestone Feb 25, 2025
@michaelklishin michaelklishin merged commit 9dd6fa7 into main Feb 25, 2025
267 of 269 checks passed
@michaelklishin michaelklishin deleted the mqtt-optional-password-cred branch February 25, 2025 18:27
@mergify mergify bot mentioned this pull request Feb 25, 2025
Merged
6 tasks
michaelklishin added a commit that referenced this pull request Feb 25, 2025
@michaelklishin
Merge pull request #13427 from rabbitmq/mergify/bp/v4.1.x/pr-13408
b3c4f45 
Do not propagate `none` password to http backend (backport #13408)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelklishin michaelklishin Awaiting requested review from michaelklishin

Assignees

@MarcialRosales MarcialRosales

Labels
backport-v4.1.x
Projects
None yet
Milestone
4.1.0
Development

Successfully merging this pull request may close these issues.
2 participants
@MarcialRosales @michaelklishin