rabbitmq
diff --git a/‎deps/amqp10_client/src/amqp10_client_session.erl‎
Lines changed: 55 additions & 47 deletions b/‎deps/amqp10_client/src/amqp10_client_session.erl‎
Lines changed: 55 additions & 47 deletions
diff --git a/‎deps/amqp10_client/test/system_SUITE.erl‎
Lines changed: 52 additions & 3 deletions b/‎deps/amqp10_client/test/system_SUITE.erl‎
Lines changed: 52 additions & 3 deletions
diff --git a/‎deps/rabbit/src/rabbit_amqp_session.erl‎
Lines changed: 59 additions & 25 deletions b/‎deps/rabbit/src/rabbit_amqp_session.erl‎
Lines changed: 59 additions & 25 deletions
@@ -127,7 +127,7 @@
 -record(link,
         {name :: link_name(),
          ref :: link_ref(),
-         state = detached :: detached | attach_sent | attached | detach_sent,
+         state = detached :: detached | attach_sent | attached | attach_refused | detach_sent,
          notify :: pid(),
          output_handle :: output_handle(),
          input_handle :: input_handle() | undefined,
@@ -325,9 +325,11 @@ mapped(cast, #'v1_0.end'{} = End, State) ->
     ok = notify_session_ended(End, State),
     {stop, normal, State};
 mapped(cast, #'v1_0.attach'{name = {utf8, Name},
-                            initial_delivery_count = IDC,
                             handle = {uint, InHandle},
                             role = PeerRoleBool,
+                            source = Source,
+                            target = Target,
+                            initial_delivery_count = IDC,
                             max_message_size = MaybeMaxMessageSize} = Attach,
        #state{links = Links, link_index = LinkIndex,
               link_handle_index = LHI} = State0) ->
@@ -339,20 +341,28 @@ mapped(cast, #'v1_0.attach'{name = {utf8, Name},
     #{OutHandle := Link0} = Links,
     ok = notify_link_attached(Link0, Attach, State0),
 
-    {DeliveryCount, MaxMessageSize} =
+    {LinkState, DeliveryCount, MaxMessageSize} =
     case Link0 of
         #link{role = sender = OurRole,
               delivery_count = DC} ->
+            LS = case Target of
+                     #'v1_0.target'{} -> attached;
+                     _ -> attach_refused
+                 end,
             MSS = case MaybeMaxMessageSize of
                       {ulong, S} when S > 0 -> S;
                       _ -> undefined
                   end,
-            {DC, MSS};
+            {LS, DC, MSS};
         #link{role = receiver = OurRole,
               max_message_size = MSS} ->
-            {unpack(IDC), MSS}
+            LS = case Source of
+                     #'v1_0.source'{} -> attached;
+                     _ -> attach_refused
+                 end,
+            {LS, unpack(IDC), MSS}
     end,
-    Link = Link0#link{state = attached,
+    Link = Link0#link{state = LinkState,
                       input_handle = InHandle,
                       delivery_count = DeliveryCount,
                       max_message_size = MaxMessageSize},
@@ -495,50 +505,41 @@ mapped({call, From},
   when Window =< 0 ->
     {keep_state_and_data, {reply, From, {error, remote_incoming_window_exceeded}}};
 mapped({call, From = {Pid, _}},
-       {transfer, #'v1_0.transfer'{handle = {uint, OutHandle},
-                                   delivery_tag = {binary, DeliveryTag},
-                                   settled = false} = Transfer0, Sections},
-       #state{outgoing_delivery_id = DeliveryId, links = Links,
-              outgoing_unsettled = Unsettled} = State) ->
-    case Links of
-        #{OutHandle := #link{input_handle = undefined}} ->
-            {keep_state_and_data, {reply, From, {error, half_attached}}};
-        #{OutHandle := #link{link_credit = LC}} when LC =< 0 ->
-            {keep_state_and_data, {reply, From, {error, insufficient_credit}}};
-        #{OutHandle := Link = #link{max_message_size = MaxMessageSize,
-                                    footer_opt = FooterOpt}} ->
-            Transfer = Transfer0#'v1_0.transfer'{delivery_id = uint(DeliveryId)},
-            case send_transfer(Transfer, Sections, FooterOpt, MaxMessageSize, State) of
-                {ok, NumFrames} ->
-                    State1 = State#state{outgoing_unsettled = Unsettled#{DeliveryId => {DeliveryTag, Pid}}},
-                    {keep_state, book_transfer_send(NumFrames, Link, State1), {reply, From, ok}};
-                Error ->
-                    {keep_state_and_data, {reply, From, Error}}
-            end;
-        _ ->
-            {keep_state_and_data, {reply, From, {error, link_not_found}}}
-
-    end;
-mapped({call, From},
-       {transfer, #'v1_0.transfer'{handle = {uint, OutHandle}} = Transfer0,
-        Sections}, #state{outgoing_delivery_id = DeliveryId,
-                       links = Links} = State) ->
+       {transfer,
+        #'v1_0.transfer'{handle = {uint, OutHandle},
+                         delivery_tag = DeliveryTag,
+                         settled = Settled} = Transfer0,
+        Sections},
+       #state{outgoing_delivery_id = DeliveryId,
+              links = Links,
+              outgoing_unsettled = Unsettled0} = State0) ->
     case Links of
+        #{OutHandle := #link{state = attach_refused}} ->
+            {keep_state_and_data, {reply, From, {error, attach_refused}}};
         #{OutHandle := #link{input_handle = undefined}} ->
             {keep_state_and_data, {reply, From, {error, half_attached}}};
         #{OutHandle := #link{link_credit = LC}} when LC =< 0 ->
             {keep_state_and_data, {reply, From, {error, insufficient_credit}}};
         #{OutHandle := Link = #link{max_message_size = MaxMessageSize,
                                     footer_opt = FooterOpt}} ->
             Transfer = Transfer0#'v1_0.transfer'{delivery_id = uint(DeliveryId)},
-            case send_transfer(Transfer, Sections, FooterOpt, MaxMessageSize, State) of
+            case send_transfer(Transfer, Sections, FooterOpt, MaxMessageSize, State0) of
                 {ok, NumFrames} ->
+                    State = case Settled of
+                                true ->
+                                    State0;
+                                false ->
+                                    {binary, Tag} = DeliveryTag,
+                                    Unsettled = Unsettled0#{DeliveryId => {Tag, Pid}},
+                                    State0#state{outgoing_unsettled = Unsettled}
+                            end,
                     {keep_state, book_transfer_send(NumFrames, Link, State), {reply, From, ok}};
                 Error ->
                     {keep_state_and_data, {reply, From, Error}}
             end;
         _ ->
             {keep_state_and_data, {reply, From, {error, link_not_found}}}
+
     end;
 
 mapped({call, From},
@@ -688,21 +689,28 @@ send_flow_link(OutHandle,
                    never -> never;
                    _ -> {RenewWhenBelow, Credit}
                end,
-    #{OutHandle := #link{output_handle = H,
+    #{OutHandle := #link{state = LinkState,
+                         output_handle = H,
                          role = receiver,
                          delivery_count = DeliveryCount,
                          available = Available} = Link} = Links,
-    Flow1 = Flow0#'v1_0.flow'{
-                    handle = uint(H),
-                    %% "In the event that the receiving link endpoint has not yet seen the
-                    %% initial attach frame from the sender this field MUST NOT be set." [2.7.4]
-                    delivery_count = maybe_uint(DeliveryCount),
-                    available = uint(Available)},
-    Flow = set_flow_session_fields(Flow1, State),
-    ok = send(Flow, State),
-    State#state{links = Links#{OutHandle =>
-                               Link#link{link_credit = Credit,
-                                         auto_flow = AutoFlow}}}.
+    case LinkState of
+        attach_refused ->
+            %% We will receive the DETACH frame shortly.
+            State;
+        _ ->
+            Flow1 = Flow0#'v1_0.flow'{
+                            handle = uint(H),
+                            %% "In the event that the receiving link endpoint has not yet seen the
+                            %% initial attach frame from the sender this field MUST NOT be set." [2.7.4]
+                            delivery_count = maybe_uint(DeliveryCount),
+                            available = uint(Available)},
+            Flow = set_flow_session_fields(Flow1, State),
+            ok = send(Flow, State),
+            State#state{links = Links#{OutHandle =>
+                                       Link#link{link_credit = Credit,
+                                                 auto_flow = AutoFlow}}}
+    end.
 
 send_flow_session(State) ->
     Flow = set_flow_session_fields(#'v1_0.flow'{}, State),
 
@@ -52,6 +52,7 @@ groups() ->
       ]},
      {mock, [], [
                  insufficient_credit,
+                 attach_refused,
                  incoming_heartbeat,
                  multi_transfer_without_delivery_id
                 ]}
@@ -772,11 +773,13 @@ insufficient_credit(Config) ->
                                              outgoing_window = {uint, 1000}}
                                              ]}
                 end,
-    AttachStep = fun({0 = Ch, #'v1_0.attach'{role = false,
-                                             name = Name}, <<>>}) ->
+    AttachStep = fun({0 = Ch, #'v1_0.attach'{name = Name,
+                                             role = false,
+                                             target = Target}, <<>>}) ->
                          {Ch, [#'v1_0.attach'{name = Name,
                                               handle = {uint, 99},
-                                              role = true}]}
+                                              role = true,
+                                              target = Target}]}
                  end,
     Steps = [fun mock_server:recv_amqp_header_step/1,
              fun mock_server:send_amqp_header_step/1,
@@ -799,6 +802,52 @@ insufficient_credit(Config) ->
     ok = amqp10_client:close_connection(Connection),
     ok.
 
+attach_refused(Config) ->
+    Hostname = ?config(mock_host, Config),
+    Port = ?config(mock_port, Config),
+    OpenStep = fun({0 = Ch, #'v1_0.open'{}, _Pay}) ->
+                       {Ch, [#'v1_0.open'{container_id = {utf8, <<"mock">>}}]}
+               end,
+    BeginStep = fun({0 = Ch, #'v1_0.begin'{}, _Pay}) ->
+                        {Ch, [#'v1_0.begin'{remote_channel = {ushort, Ch},
+                                            next_outgoing_id = {uint, 1},
+                                            incoming_window = {uint, 1000},
+                                            outgoing_window = {uint, 1000}}
+                             ]}
+                end,
+    AttachStep = fun({0 = Ch, #'v1_0.attach'{name = Name,
+                                             role = false}, <<>>}) ->
+                         %% We test only the 1st stage of link refusal:
+                         %% Server replies with its local terminus set to null.
+                         %% We omit the 2nd stage (the detach frame).
+                         {Ch, [#'v1_0.attach'{name = Name,
+                                              handle = {uint, 99},
+                                              role = true,
+                                              target = undefined}]}
+                 end,
+    Steps = [fun mock_server:recv_amqp_header_step/1,
+             fun mock_server:send_amqp_header_step/1,
+             mock_server:amqp_step(OpenStep),
+             mock_server:amqp_step(BeginStep),
+             mock_server:amqp_step(AttachStep)],
+
+    ok = mock_server:set_steps(?config(mock_server, Config), Steps),
+
+    Cfg = #{address => Hostname, port => Port, sasl => none, notify => self()},
+    {ok, Connection} = amqp10_client:open_connection(Cfg),
+    {ok, Session} = amqp10_client:begin_session_sync(Connection),
+    {ok, Sender} = amqp10_client:attach_sender_link(Session, <<"mock1-sender">>,
+                                                    <<"test">>),
+    await_link(Sender, attached, attached_timeout),
+    Msg = amqp10_msg:new(<<"mock-tag">>, <<"banana">>, true),
+    %% We expect that the lib prevents the app from sending messages
+    %% in this intermediate link refusal state.
+    ?assertEqual({error, attach_refused},
+                 amqp10_client:send_msg(Sender, Msg)),
+
+    ok = amqp10_client:end_session(Session),
+    ok = amqp10_client:close_connection(Connection).
+
 multi_transfer_without_delivery_id(Config) ->
     Hostname = ?config(mock_host, Config),
     Port = ?config(mock_port, Config),
 
@@ -967,14 +967,17 @@ handle_frame({Performative = #'v1_0.transfer'{handle = ?UINT(Handle)}, Paylaod},
     {Reply, State} =
     case IncomingLinks of
         #{Handle := Link0} ->
-            case incoming_link_transfer(Performative, Paylaod, Link0, State1) of
+            try incoming_link_transfer(Performative, Paylaod, Link0, State1) of
                 {ok, Reply0, Link, State2} ->
                     {Reply0, State2#state{incoming_links = IncomingLinks#{Handle := Link}}};
                 {error, Reply0} ->
                     %% "When an error occurs at a link endpoint, the endpoint MUST be detached
                     %% with appropriate error information supplied in the error field of the
                     %% detach frame. The link endpoint MUST then be destroyed." [2.6.5]
                     {Reply0, State1#state{incoming_links = maps:remove(Handle, IncomingLinks)}}
+            catch {link_error, Error} ->
+                      Detach = detach(Handle, Link0, Error),
+                      {[Detach], State1#state{incoming_links = maps:remove(Handle, IncomingLinks)}}
             end;
         _ ->
             incoming_mgmt_link_transfer(Performative, Paylaod, State1)
@@ -1110,16 +1113,44 @@ handle_frame(#'v1_0.disposition'{role = ?AMQP_ROLE_RECEIVER,
             reply_frames(Reply, State)
     end;
 
-handle_frame(#'v1_0.attach'{handle = ?UINT(Handle)} = Attach,
-             #state{cfg = #cfg{max_handle = MaxHandle}} = State) ->
+handle_frame(#'v1_0.attach'{handle = ?UINT(HandleInt)},
+             #state{cfg = #cfg{max_handle = MaxHandle}})
+  when HandleInt > MaxHandle ->
+    protocol_error(?V_1_0_CONNECTION_ERROR_FRAMING_ERROR,
+                   "link handle value (~b) exceeds maximum link handle value (~b)",
+                   [HandleInt, MaxHandle]);
+handle_frame(#'v1_0.attach'{name = {utf8, NameBin} = Name,
+                            handle = Handle,
+                            role = Role,
+                            source = Source,
+                            target = Target} = Attach,
+             State) ->
     ok = validate_attach(Attach),
-    case Handle > MaxHandle of
-        true ->
-            protocol_error(?V_1_0_CONNECTION_ERROR_FRAMING_ERROR,
-                           "link handle value (~b) exceeds maximum link handle value (~b)",
-                           [Handle, MaxHandle]);
-        false ->
-            handle_attach(Attach, State)
+    try handle_attach(Attach, State)
+    catch {link_error, Error} ->
+              %% Figure 2.33
+              ?LOG_WARNING("refusing link '~ts': ~tp", [NameBin, Error]),
+              AttachReply = case Role of
+                                ?AMQP_ROLE_SENDER ->
+                                    #'v1_0.attach'{
+                                       name = Name,
+                                       handle = Handle,
+                                       role = ?AMQP_ROLE_RECEIVER,
+                                       source = Source,
+                                       target = null};
+                                ?AMQP_ROLE_RECEIVER ->
+                                    #'v1_0.attach'{
+                                       name = Name,
+                                       handle = Handle,
+                                       role = ?AMQP_ROLE_SENDER,
+                                       source = null,
+                                       target = Target,
+                                       initial_delivery_count = ?UINT(?INITIAL_DELIVERY_COUNT)}
+                            end,
+              Detach = #'v1_0.detach'{handle = Handle,
+                                      closed = true,
+                                      error = Error},
+              {ok, [AttachReply, Detach], State}
     end;
 
 handle_frame(Detach = #'v1_0.detach'{handle = ?UINT(HandleInt)},
@@ -1530,6 +1561,11 @@ handle_attach(#'v1_0.attach'{role = ?AMQP_ROLE_RECEIVER,
             end
     end.
 
+link_error(Condition, Msg, Args) ->
+    Description = unicode:characters_to_binary(lists:flatten(io_lib:format(Msg, Args))),
+    throw({link_error, #'v1_0.error'{condition = Condition,
+                                     description = {utf8, Description}}}).
+
 send_pending(#state{remote_incoming_window = RemoteIncomingWindow,
                     outgoing_pending = Buf0
                    } = State) ->
@@ -2871,7 +2907,8 @@ check_exchange(XNameBin, User, Vhost, PermCache0) ->
                        end,
             {ok, Exchange, PermCache};
         {error, not_found} ->
-            exit_not_found(XName)
+            link_error(?V_1_0_AMQP_ERROR_NOT_FOUND,
+                       "no ~ts", [rabbit_misc:rs(XName)])
     end.
 
 address_v1_permitted() ->
@@ -3429,14 +3466,17 @@ exit_if_absent(Kind, Vhost, Name) when is_list(Name) ->
 exit_if_absent(Kind, Vhost, Name) when is_binary(Name) ->
     exit_if_absent(rabbit_misc:r(Vhost, Kind, Name)).
 
-exit_if_absent(ResourceName = #resource{kind = Kind}) ->
+exit_if_absent(Resource = #resource{kind = Kind}) ->
     Mod = case Kind of
               exchange -> rabbit_exchange;
               queue -> rabbit_amqqueue
           end,
-    case Mod:exists(ResourceName) of
-        true -> ok;
-        false -> exit_not_found(ResourceName)
+    case Mod:exists(Resource) of
+        true ->
+            ok;
+        false ->
+            link_error(?V_1_0_AMQP_ERROR_NOT_FOUND,
+                       "no ~ts", [rabbit_misc:rs(Resource)])
     end.
 
 generate_queue_name_v1() ->
@@ -3482,7 +3522,7 @@ declare_queue(QNameBin,
         {existing, _Q} ->
             ok;
         {error, queue_limit_exceeded, Reason, ReasonArgs} ->
-            protocol_error(
+            link_error(
               ?V_1_0_AMQP_ERROR_RESOURCE_LIMIT_EXCEEDED,
               Reason,
               ReasonArgs);
@@ -3685,9 +3725,9 @@ maybe_detach_mgmt_link(
 
 check_internal_exchange(#exchange{internal = true,
                                   name = XName}) ->
-    protocol_error(?V_1_0_AMQP_ERROR_UNAUTHORIZED_ACCESS,
-                   "forbidden to publish to internal ~ts",
-                   [rabbit_misc:rs(XName)]);
+    link_error(?V_1_0_AMQP_ERROR_UNAUTHORIZED_ACCESS,
+               "forbidden to publish to internal ~ts",
+               [rabbit_misc:rs(XName)]);
 check_internal_exchange(_) ->
     ok.
 
@@ -3841,12 +3881,6 @@ exit_not_implemented(Format) ->
 exit_not_implemented(Format, Args) ->
     protocol_error(?V_1_0_AMQP_ERROR_NOT_IMPLEMENTED, Format, Args).
 
--spec exit_not_found(rabbit_types:r(exchange | queue)) -> no_return().
-exit_not_found(Resource) ->
-    protocol_error(?V_1_0_AMQP_ERROR_NOT_FOUND,
-                   "no ~ts",
-                   [rabbit_misc:rs(Resource)]).
-
 -spec error_not_found(rabbit_types:r(exchange | queue)) -> #'v1_0.error'{}.
 error_not_found(Resource) ->
     Description = unicode:characters_to_binary("no " ++ rabbit_misc:rs(Resource)),