From 8cbf3c170da5a01009518b69df2f3cc72da52d52 Mon Sep 17 00:00:00 2001
From: Kenneth Giusti <kgiusti@gmail.com>
Date: Wed, 16 Sep 2015 16:33:58 -0400
Subject: [PATCH] Disable ACL if authentication cannot be performed.

If the version of qpidd does not support setting the SASL service name
as required by AMQP 1.0, then authentication is not possible.

Change-Id: I74f2bb094fc0dbae0525ba535a60fe80661e89f2
Closes-Bug: #1496573
---
 setup-test-env-qpid.sh | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/setup-test-env-qpid.sh b/setup-test-env-qpid.sh
index 099ceb7a8..c66d85cd5 100755
--- a/setup-test-env-qpid.sh
+++ b/setup-test-env-qpid.sh
@@ -44,7 +44,6 @@ fi
 
 cat > ${DATADIR}/qpidd.conf <<EOF
 port=65123
-acl-file=${DATADIR}/qpidd.acl
 sasl-config=${DATADIR}/sasl2
 ${LIBACL}
 mgmt-enable=yes
@@ -63,6 +62,7 @@ EOF
 else
     cat >> ${DATADIR}/qpidd.conf <<EOF
 auth=yes
+acl-file=${DATADIR}/qpidd.acl
 EOF
 fi
 
@@ -92,8 +92,19 @@ cat > ${DATADIR}/sasl2/qpidd.conf <<EOF
 pwcheck_method: auxprop
 auxprop_plugin: sasldb
 sasldb_path: ${DATADIR}/qpidd.sasldb
+EOF
+
+# TODO(kgiusti): we can remove "ANONYMOUS" once proton 0.10.1+ is released:
+# https://issues.apache.org/jira/browse/PROTON-974
+if [ $PROTOCOL == "1" ]; then
+    cat >> ${DATADIR}/sasl2/qpidd.conf <<EOF
+mech_list: PLAIN ANONYMOUS
+EOF
+else
+    cat >> ${DATADIR}/sasl2/qpidd.conf <<EOF
 mech_list: PLAIN
 EOF
+fi
 
 echo secretqpid | saslpasswd2 -c -p -f ${DATADIR}/qpidd.sasldb -u QPID stackqpid