You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by gs...@apache.org on 2008/10/20 17:29:47 UTC
svn commit: r706321 - in /incubator/qpid/trunk/qpid/cpp/src:
qpid/broker/Broker.cpp qpid/broker/Broker.h qpid/sys/TCPIOPlugin.cpp
tests/BrokerFixture.h tests/exception_test.cpp
Author: gsim
Date: Mon Oct 20 08:29:46 2008
New Revision: 706321
URL: http://svn.apache.org/viewvc?rev=706321&view=rev
Log:
Add option to require that only encrypted connections be accepted.
Modified:
incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h
incubator/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp
incubator/qpid/trunk/qpid/cpp/src/tests/BrokerFixture.h
incubator/qpid/trunk/qpid/cpp/src/tests/exception_test.cpp
Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp?rev=706321&r1=706320&r2=706321&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.cpp Mon Oct 20 08:29:46 2008
@@ -87,7 +87,8 @@
replayFlushLimit(0),
replayHardLimit(0),
queueLimit(100*1048576/*100M default limit*/),
- tcpNoDelay(false)
+ tcpNoDelay(false),
+ requireEncrypted(false)
{
int c = sys::SystemInfo::concurrency();
workerThreads=c+1;
@@ -114,7 +115,8 @@
("auth", optValue(auth, "yes|no"), "Enable authentication, if disabled all incoming connections will be trusted")
("realm", optValue(realm, "REALM"), "Use the given realm when performing authentication")
("default-queue-limit", optValue(queueLimit, "BYTES"), "Default maximum size for queues (in bytes)")
- ("tcp-nodelay", optValue(tcpNoDelay), "Set TCP_NODELAY on TCP connections");
+ ("tcp-nodelay", optValue(tcpNoDelay), "Set TCP_NODELAY on TCP connections")
+ ("require-encryption", optValue(requireEncrypted), "Only accept connections that are encrypted");
}
const std::string empty;
@@ -365,18 +367,18 @@
}
boost::shared_ptr<ProtocolFactory> Broker::getProtocolFactory(const std::string& name) const {
- ProtocolFactoryMap::const_iterator i = protocolFactories.find(name);
+ ProtocolFactoryMap::const_iterator i
+ = name.empty() ? protocolFactories.begin() : protocolFactories.find(name);
if (i == protocolFactories.end()) return boost::shared_ptr<ProtocolFactory>();
else return i->second;
}
uint16_t Broker::getPort(const std::string& name) const {
- boost::shared_ptr<ProtocolFactory> factory
- = getProtocolFactory(name.empty() ? TCP_TRANSPORT : name);
+ boost::shared_ptr<ProtocolFactory> factory = getProtocolFactory(name);
if (factory) {
return factory->getPort();
} else {
- throw Exception(QPID_MSG("No such transport: " << name));
+ throw NoSuchTransportException(QPID_MSG("No such transport: '" << name << "'"));
}
}
@@ -432,7 +434,11 @@
Broker::getKnownBrokersImpl()
{
knownBrokers.clear();
- knownBrokers.push_back ( qpid::Url::getIpAddressesUrl ( getPort() ) );
+ try {
+ knownBrokers.push_back ( qpid::Url::getIpAddressesUrl ( getPort(TCP_TRANSPORT) ) );
+ } catch (const NoSuchTransportException& e) {
+ QPID_LOG(error, "Could not send client known broker urls for cluster: " << e.what());
+ }
return knownBrokers;
}
Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h?rev=706321&r1=706320&r2=706321&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/broker/Broker.h Mon Oct 20 08:29:46 2008
@@ -102,6 +102,7 @@
size_t replayHardLimit;
uint queueLimit;
bool tcpNoDelay;
+ bool requireEncrypted;
};
private:
@@ -149,7 +150,7 @@
* port, which will be different if the configured port is
* 0.
*/
- virtual uint16_t getPort(const std::string& name = TCP_TRANSPORT) const;
+ virtual uint16_t getPort(const std::string& name) const;
/**
* Run the broker. Implements Runnable::run() so the broker
Modified: incubator/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp?rev=706321&r1=706320&r2=706321&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp Mon Oct 20 08:29:46 2008
@@ -65,9 +65,14 @@
// Only provide to a Broker
if (broker) {
const broker::Broker::Options& opts = broker->getOptions();
- ProtocolFactory::shared_ptr protocol(new AsynchIOProtocolFactory(opts.port, opts.connectionBacklog, opts.tcpNoDelay));
- QPID_LOG(info, "Listening on TCP port " << protocol->getPort());
- broker->registerProtocolFactory("tcp", protocol);
+ if (opts.requireEncrypted) {
+ QPID_LOG(info, "Not accepting unencrypted connections on TCP");
+ } else {
+ ProtocolFactory::shared_ptr protocol(new AsynchIOProtocolFactory(opts.port, opts.connectionBacklog,
+ opts.tcpNoDelay));
+ QPID_LOG(info, "Listening on TCP port " << protocol->getPort());
+ broker->registerProtocolFactory("tcp", protocol);
+ }
}
}
} tcpPlugin;
Modified: incubator/qpid/trunk/qpid/cpp/src/tests/BrokerFixture.h
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/tests/BrokerFixture.h?rev=706321&r1=706320&r2=706321&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/tests/BrokerFixture.h (original)
+++ incubator/qpid/trunk/qpid/cpp/src/tests/BrokerFixture.h Mon Oct 20 08:29:46 2008
@@ -52,7 +52,7 @@
// TODO aconway 2007-12-05: At one point BrokerFixture
// tests could hang in Connection ctor if the following
// line is removed. This may not be an issue anymore.
- broker->getPort();
+ broker->getPort(qpid::broker::Broker::TCP_TRANSPORT);
brokerThread = qpid::sys::Thread(*broker);
};
@@ -63,10 +63,10 @@
/** Open a connection to the broker. */
void open(qpid::client::Connection& c) {
- c.open("localhost", broker->getPort());
+ c.open("localhost", broker->getPort(qpid::broker::Broker::TCP_TRANSPORT));
}
- uint16_t getPort() { return broker->getPort(); }
+ uint16_t getPort() { return broker->getPort(qpid::broker::Broker::TCP_TRANSPORT); }
};
/** Connection that opens in its constructor */
@@ -108,7 +108,7 @@
SessionFixtureT(Broker::Options opts=Broker::Options()) :
BrokerFixture(opts),
- ClientT<ConnectionType,SessionType>(broker->getPort())
+ ClientT<ConnectionType,SessionType>(broker->getPort(qpid::broker::Broker::TCP_TRANSPORT))
{}
};
Modified: incubator/qpid/trunk/qpid/cpp/src/tests/exception_test.cpp
URL: http://svn.apache.org/viewvc/incubator/qpid/trunk/qpid/cpp/src/tests/exception_test.cpp?rev=706321&r1=706320&r2=706321&view=diff
==============================================================================
--- incubator/qpid/trunk/qpid/cpp/src/tests/exception_test.cpp (original)
+++ incubator/qpid/trunk/qpid/cpp/src/tests/exception_test.cpp Mon Oct 20 08:29:46 2008
@@ -39,6 +39,7 @@
using namespace client;
using namespace framing;
+using qpid::broker::Broker;
using boost::bind;
using boost::function;
@@ -88,7 +89,7 @@
QPID_AUTO_TEST_CASE(DisconnectedPop) {
ProxySessionFixture fix;
- ProxyConnection c(fix.broker->getPort());
+ ProxyConnection c(fix.broker->getPort(Broker::TCP_TRANSPORT));
fix.session.queueDeclare(arg::queue="q");
fix.subs.subscribe(fix.lq, "q");
Catcher<ConnectionException> pop(bind(&LocalQueue::pop, boost::ref(fix.lq)));
@@ -101,7 +102,7 @@
struct NullListener : public MessageListener {
void received(Message&) { BOOST_FAIL("Unexpected message"); }
} l;
- ProxyConnection c(fix.broker->getPort());
+ ProxyConnection c(fix.broker->getPort(Broker::TCP_TRANSPORT));
fix.session.queueDeclare(arg::queue="q");
fix.subs.subscribe(l, "q");