Author: kwall
Date: Wed May 21 14:08:02 2014
New Revision: 1596579
URL: http://svn.apache.org/r1596579
Log:
QPID-5779: [Java Broker] JMX plugin's server sockets should set the
SO_REUSEADDR socket option
* Plugin now passes correctly configured ServerSocketFactory to JMX for both
the registry and connector servers.
* Manually retested SSL connections to JMX.
Added:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidRMIServerSocketFactory.java
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/RegistryProtectingRMIServerSocketFactory.java
- copied, changed from r1596565,
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java
Removed:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java
Modified:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidSslRMIServerSocketFactory.java
Modified:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java?rev=1596579&r1=1596578&r2=1596579&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
(original)
+++
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/JMXManagedObjectRegistry.java
Wed May 21 14:08:02 2014
@@ -149,9 +149,8 @@ public class JMXManagedObjectRegistry im
}
else
{
- //Do not specify any specific RMI socket factories, resulting in
use of the defaults.
- csf = null;
- ssf = null;
+ csf = null; // signifies the default
+ ssf = new QpidRMIServerSocketFactory();
}
int jmxPortRegistryServer = _registryPort.getPort();
@@ -260,17 +259,9 @@ public class JMXManagedObjectRegistry im
private Registry createRmiRegistry(int jmxPortRegistryServer, boolean
useCustomRmiRegistry)
throws RemoteException
{
- Registry rmiRegistry;
- if(useCustomRmiRegistry)
- {
- _log.debug("Using custom RMIServerSocketFactory");
- rmiRegistry = LocateRegistry.createRegistry(jmxPortRegistryServer,
null, new CustomRMIServerSocketFactory());
- }
- else
- {
- _log.debug("Using default RMIServerSocketFactory");
- rmiRegistry = LocateRegistry.createRegistry(jmxPortRegistryServer,
null, null);
- }
+ final RMIServerSocketFactory ssf;
+ ssf = getRmiServerSocketFactory(useCustomRmiRegistry);
+ Registry rmiRegistry =
LocateRegistry.createRegistry(jmxPortRegistryServer, null, ssf);
getEventLogger().message(ManagementConsoleMessages.LISTENING("RMI
Registry", jmxPortRegistryServer));
return rmiRegistry;
@@ -409,4 +400,22 @@ public class JMXManagedObjectRegistry im
}
}
+ private RMIServerSocketFactory getRmiServerSocketFactory(final boolean
useCustomRmiRegistry)
+ {
+ final RMIServerSocketFactory ssf;
+ if(useCustomRmiRegistry)
+ {
+ if (_log.isDebugEnabled())
+ {
+ _log.debug("Using registry-protecting RMIServerSocketFactory");
+ }
+ ssf = new RegistryProtectingRMIServerSocketFactory();
+ }
+ else
+ {
+ ssf = new QpidRMIServerSocketFactory();
+ }
+ return ssf;
+ }
+
}
Added:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidRMIServerSocketFactory.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidRMIServerSocketFactory.java?rev=1596579&view=auto
==============================================================================
---
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidRMIServerSocketFactory.java
(added)
+++
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidRMIServerSocketFactory.java
Wed May 21 14:08:02 2014
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.qpid.server.jmx;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.rmi.server.RMIServerSocketFactory;
+
+import javax.net.ServerSocketFactory;
+import javax.net.SocketFactory;
+
+class QpidRMIServerSocketFactory implements RMIServerSocketFactory
+{
+ @Override
+ public ServerSocket createServerSocket(int port) throws IOException
+ {
+ ServerSocket serverSocket =
ServerSocketFactory.getDefault().createServerSocket(port);
+ serverSocket.setReuseAddress(true);
+ return serverSocket;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 37;
+ return prime * QpidRMIServerSocketFactory.class.getName().hashCode();
+ }
+
+ @Override
+ public boolean equals(final Object obj)
+ {
+ return getClass() == obj.getClass();
+ }
+}
\ No newline at end of file
Modified:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidSslRMIServerSocketFactory.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidSslRMIServerSocketFactory.java?rev=1596579&r1=1596578&r2=1596579&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidSslRMIServerSocketFactory.java
(original)
+++
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/QpidSslRMIServerSocketFactory.java
Wed May 21 14:08:02 2014
@@ -61,22 +61,24 @@ public class QpidSslRMIServerSocketFacto
{
final SSLSocketFactory factory = _sslContext.getSocketFactory();
- return new ServerSocket(port)
+ ServerSocket serverSocket = new ServerSocket(port)
{
public Socket accept() throws IOException
{
Socket socket = super.accept();
SSLSocket sslSocket =
- (SSLSocket) factory.createSocket(socket,
-
socket.getInetAddress().getHostName(),
- socket.getPort(),
- true);
+ (SSLSocket) factory.createSocket(socket,
+
socket.getInetAddress().getHostName(),
+ socket.getPort(),
+ true);
sslSocket.setUseClientMode(false);
return sslSocket;
}
};
+ serverSocket.setReuseAddress(true);
+ return serverSocket;
}
/**
Copied:
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/RegistryProtectingRMIServerSocketFactory.java
(from r1596565,
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java)
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/RegistryProtectingRMIServerSocketFactory.java?p2=qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/RegistryProtectingRMIServerSocketFactory.java&p1=qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java&r1=1596565&r2=1596579&rev=1596579&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/CustomRMIServerSocketFactory.java
(original)
+++
qpid/trunk/qpid/java/broker-plugins/management-jmx/src/main/java/org/apache/qpid/server/jmx/RegistryProtectingRMIServerSocketFactory.java
Wed May 21 14:08:02 2014
@@ -26,19 +26,35 @@ import java.net.Socket;
import java.rmi.server.RMIServerSocketFactory;
/**
- * Custom RMIServerSocketFactory class, used to prevent updates to the RMI
registry.
+ * A custom RMIServerSocketFactory class, used to prevent updates to the RMI
registry.
* Supplied to the registry at creation, this will prevent RMI-based
operations on the
* registry such as attempting to bind a new object, thereby securing it from
tampering.
* This is accomplished by always returning null when attempting to determine
the address
* of the caller, thus ensuring the registry will refuse the attempt. Calls to
bind etc
* made using the object reference will not be affected and continue to
operate normally.
*/
-class CustomRMIServerSocketFactory implements RMIServerSocketFactory
+class RegistryProtectingRMIServerSocketFactory implements
RMIServerSocketFactory
{
+ @Override
public ServerSocket createServerSocket(int port) throws IOException
{
- return new NoLocalAddressServerSocket(port);
+ NoLocalAddressServerSocket serverSocket = new
NoLocalAddressServerSocket(port);
+ serverSocket.setReuseAddress(true);
+ return serverSocket;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ final int prime = 31;
+ return prime *
RegistryProtectingRMIServerSocketFactory.class.getName().hashCode();
+ }
+
+ @Override
+ public boolean equals(final Object obj)
+ {
+ return getClass() == obj.getClass();
}
private static class NoLocalAddressServerSocket extends ServerSocket
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
