Author: markt Date: Fri May 29 11:04:09 2015 New Revision: 1682417 URL: http://svn.apache.org/r1682417 Log: Enable HTTP/2 by default temporarily (it makes my testing easier and HTTP/2 is working for basic usage). Add an info log for enabled upgrades over ALPN and HTTP upgrade. Extend UpgradeProtocol so HTTP/2 can opt not to support HTTP upgrade over TLS. Only log an error if an UpgradeProtocol is ALPN only but is configured on a non-TLS connector.
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Fri May 29 11:04:09 2015 @@ -51,8 +51,7 @@ public abstract class AbstractProtocol<S /** * The string manager for this package. */ - protected static final StringManager sm = - StringManager.getManager(Constants.Package); + private static final StringManager sm = StringManager.getManager(AbstractProtocol.class); /** Modified: tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java Fri May 29 11:04:09 2015 @@ -21,11 +21,14 @@ import org.apache.tomcat.util.net.Socket public interface UpgradeProtocol { /** + * @param isSecure Is this for a connector that is configured to support + * TLS. Some protocols (e.g. HTTP/2) only support HTTP + * upgrade over non-secure connections. * @return The name that clients will use to request an upgrade to this * protocol via an HTTP/1.1 upgrade request or <code>null</code> if * upgrade via an HTTP/1.1 upgrade request is not supported. */ - public String getHttpUpgradeName(); + public String getHttpUpgradeName(boolean isSecure); /** * @return The byte sequence as listed in the IANA registry for this Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Fri May 29 11:04:09 2015 @@ -37,23 +37,31 @@ import org.apache.coyote.UpgradeProtocol import org.apache.coyote.http11.upgrade.InternalHttpUpgradeHandler; import org.apache.coyote.http11.upgrade.UpgradeProcessorExternal; import org.apache.coyote.http11.upgrade.UpgradeProcessorInternal; -//import org.apache.coyote.http2.Http2Protocol; +import org.apache.coyote.http2.Http2Protocol; import org.apache.tomcat.util.net.AbstractEndpoint; import org.apache.tomcat.util.net.SSLHostConfig; import org.apache.tomcat.util.net.SocketWrapperBase; +import org.apache.tomcat.util.res.StringManager; public abstract class AbstractHttp11Protocol<S> extends AbstractProtocol<S> { + protected static final StringManager sm = + StringManager.getManager(AbstractHttp11Protocol.class); + + public AbstractHttp11Protocol(AbstractEndpoint<S> endpoint) { super(endpoint); setSoTimeout(Constants.DEFAULT_CONNECTION_TIMEOUT); + } + + @Override + public void init() throws Exception { // TODO: Make this configurable via nested UpgradeProtocol elements in // the Connector. - // This is disabled by default otherwise it will break the - // APR/native connector with clients that support h2 with ALPN - // (because the Http2Protocol is only stubbed out) - //addUpgradeProtocol(new Http2Protocol()); + addUpgradeProtocol(new Http2Protocol()); + + super.init(); } @@ -293,9 +301,36 @@ public abstract class AbstractHttp11Prot */ private final Map<String,UpgradeProtocol> negotiatedProtocols = new HashMap<>(); public void addUpgradeProtocol(UpgradeProtocol upgradeProtocol) { - httpUpgradeProtocols.put(upgradeProtocol.getHttpUpgradeName(), upgradeProtocol); - negotiatedProtocols.put(upgradeProtocol.getAlpnName(), upgradeProtocol); - getEndpoint().addNegotiatedProtocol(upgradeProtocol.getAlpnName()); + boolean secure = getEndpoint().isSSLEnabled(); + // HTTP Upgrade + String httpUpgradeName = upgradeProtocol.getHttpUpgradeName(secure); + boolean httpUpgradeConfigured = false; + if (httpUpgradeName != null && httpUpgradeName.length() > 0) { + httpUpgradeProtocols.put(httpUpgradeName, upgradeProtocol); + httpUpgradeConfigured = true; + getLog().info(sm.getString("abstractHttp11Protocol.httpUpgradeConfigured", + getName(), httpUpgradeName)); + } + + // ALPN + String alpnName = upgradeProtocol.getAlpnName(); + if (alpnName != null && alpnName.length() > 0) { + // ALPN requires SSL + if (secure) { + negotiatedProtocols.put(alpnName, upgradeProtocol); + getEndpoint().addNegotiatedProtocol(alpnName); + getLog().info(sm.getString("abstractHttp11Protocol.alpnConfigured", + getName(), alpnName)); + } else { + if (!httpUpgradeConfigured) { + // HTTP Upgrade is not available for this protocol so it + // requires ALPN. It has been configured on a non-secure + // connector where ALPN is not available. + getLog().error(sm.getString("abstractHttp11Protocol.alpnWithNoTls", + upgradeProtocol.getClass().getName(), alpnName, getName())); + } + } + } } @Override public UpgradeProtocol getNegotiatedProtocol(String negotiatedName) { Modified: tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties Fri May 29 11:04:09 2015 @@ -13,6 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. +abstractHttp11Protocol.alpnConfigured=The [{0}] connector has been configured to support negotiation to [{1}] via ALPN +abstractHttp11Protocol.alpnWithNoTls=The upgrade handler [{0}] for [{1}] only supports upgrade via ALPN but has been configured for the [{2}] connector that is not enabled for TLS. +abstractHttp11Protocol.httpUpgradeConfigured=The [{0}] connector has been configured to support HTTP upgrade to [{1}] + http11processor.fallToDebug=\n Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. http11processor.header.parse=Error parsing HTTP request header http11processor.neverused=This method should never be used Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java Fri May 29 11:04:09 2015 @@ -31,8 +31,12 @@ public class Http2Protocol implements Up private static final byte[] ALPN_IDENTIFIER = ALPN_NAME.getBytes(StandardCharsets.UTF_8); @Override - public String getHttpUpgradeName() { - return HTTP_UPGRADE_NAME; + public String getHttpUpgradeName(boolean isSecure) { + if (isSecure) { + return null; + } else { + return HTTP_UPGRADE_NAME; + } } @Override Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Fri May 29 11:04:09 2015 @@ -549,9 +549,6 @@ public class AprEndpoint extends Abstrac Long defaultSSLContext = (Long) defaultSSLHostConfig.getSslContext(); sslContext = defaultSSLContext.longValue(); SSLContext.registerDefault(defaultSSLContext, this); - - } else if (negotiableProtocols.size() > 0) { - log.info(sm.getString("endpoint.noNegotiation", getName(), negotiableProtocols.toString())); } } Modified: tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties?rev=1682417&r1=1682416&r2=1682417&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties Fri May 29 11:04:09 2015 @@ -50,7 +50,6 @@ endpoint.getAttribute=[{0}] is [{1}] endpoint.init.bind=Socket bind failed: [{0}] {1} endpoint.init.listen=Socket listen failed: [{0}] {1} endpoint.init.notavail=APR not available -endpoint.noNegotiation=TLS was not configured for the [{0}] connector so negotiation via ALPN for {1} is not available endpoint.noSslHostName=No host name was provided for the SSL host configuration endpoint.poll.limitedpollsize=Failed to create poller with specified size of {0} endpoint.poll.initfail=Poller creation failed --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org