inconsistent authentication handling

[totaam]

Issue migrated from trac ticket # 1731

component: server | priority: blocker | resolution: fixed

2017-12-30 09:43:30: antoine created the issue

---

Because TCP sockets can be upgraded to websockets, SSL or both (Secure websockets) - for details see #1504 and Authentication - the authentication module for the connection is not always the one expected: wrapping with websockets uses the new socket type (ws-auth), but ssl would not! (and a wss upgrade from tcp would use ssl!)

Same problem applies to websockets upgraded to ssl (bind-ws with ssl=on), or ssl sockets upgraded to secure-websockets (bind-ssl with html=on).

[totaam]

2017-12-30 09:50:31: antoine changed status from new to assigned

[totaam]

2017-12-30 09:50:31: antoine commented

---

Minimal? fix in r17798: keep track of the original socket type, use those authentication modules.

Backport still needed. (oh joy)

In the meantime, the easy workaround is to always make sure to set ssl-auth, ws-auth and wss-auth if you are setting tcp-auth.

[totaam]

2018-01-11 05:09:10: antoine changed status from assigned to new

[totaam]

2018-01-11 05:09:10: antoine changed owner from antoine to maxmylyn

[totaam]

2018-01-11 05:09:10: antoine commented

---

Backport in 17972.

@mamylyn: FYI, that's a bigger than usual backport.

[totaam]

2018-01-11 17:40:32: maxmylyn changed status from new to closed

[totaam]

2018-01-11 17:40:32: maxmylyn set resolution to fixed

[totaam]

2018-01-11 17:40:32: maxmylyn commented

---

Noted and closing.