You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/05/29 13:04:10 UTC
svn commit: r1682417 - in /tomcat/trunk/java/org/apache: coyote/
coyote/http11/ coyote/http2/ tomcat/util/net/
Author: markt
Date: Fri May 29 11:04:09 2015
New Revision: 1682417
URL: http://svn.apache.org/r1682417
Log:
Enable HTTP/2 by default temporarily (it makes my testing easier and HTTP/2 is working for basic usage).
Add an info log for enabled upgrades over ALPN and HTTP upgrade.
Extend UpgradeProtocol so HTTP/2 can opt not to support HTTP upgrade over TLS.
Only log an error if an UpgradeProtocol is ALPN only but is configured on a non-TLS connector.
Modified:
tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties
tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Fri May 29 11:04:09 2015
@@ -51,8 +51,7 @@ public abstract class AbstractProtocol<S
/**
* The string manager for this package.
*/
- protected static final StringManager sm =
- StringManager.getManager(Constants.Package);
+ private static final StringManager sm = StringManager.getManager(AbstractProtocol.class);
/**
Modified: tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/UpgradeProtocol.java Fri May 29 11:04:09 2015
@@ -21,11 +21,14 @@ import org.apache.tomcat.util.net.Socket
public interface UpgradeProtocol {
/**
+ * @param isSecure Is this for a connector that is configured to support
+ * TLS. Some protocols (e.g. HTTP/2) only support HTTP
+ * upgrade over non-secure connections.
* @return The name that clients will use to request an upgrade to this
* protocol via an HTTP/1.1 upgrade request or <code>null</code> if
* upgrade via an HTTP/1.1 upgrade request is not supported.
*/
- public String getHttpUpgradeName();
+ public String getHttpUpgradeName(boolean isSecure);
/**
* @return The byte sequence as listed in the IANA registry for this
Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Fri May 29 11:04:09 2015
@@ -37,23 +37,31 @@ import org.apache.coyote.UpgradeProtocol
import org.apache.coyote.http11.upgrade.InternalHttpUpgradeHandler;
import org.apache.coyote.http11.upgrade.UpgradeProcessorExternal;
import org.apache.coyote.http11.upgrade.UpgradeProcessorInternal;
-//import org.apache.coyote.http2.Http2Protocol;
+import org.apache.coyote.http2.Http2Protocol;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SocketWrapperBase;
+import org.apache.tomcat.util.res.StringManager;
public abstract class AbstractHttp11Protocol<S> extends AbstractProtocol<S> {
+ protected static final StringManager sm =
+ StringManager.getManager(AbstractHttp11Protocol.class);
+
+
public AbstractHttp11Protocol(AbstractEndpoint<S> endpoint) {
super(endpoint);
setSoTimeout(Constants.DEFAULT_CONNECTION_TIMEOUT);
+ }
+
+ @Override
+ public void init() throws Exception {
// TODO: Make this configurable via nested UpgradeProtocol elements in
// the Connector.
- // This is disabled by default otherwise it will break the
- // APR/native connector with clients that support h2 with ALPN
- // (because the Http2Protocol is only stubbed out)
- //addUpgradeProtocol(new Http2Protocol());
+ addUpgradeProtocol(new Http2Protocol());
+
+ super.init();
}
@@ -293,9 +301,36 @@ public abstract class AbstractHttp11Prot
*/
private final Map<String,UpgradeProtocol> negotiatedProtocols = new HashMap<>();
public void addUpgradeProtocol(UpgradeProtocol upgradeProtocol) {
- httpUpgradeProtocols.put(upgradeProtocol.getHttpUpgradeName(), upgradeProtocol);
- negotiatedProtocols.put(upgradeProtocol.getAlpnName(), upgradeProtocol);
- getEndpoint().addNegotiatedProtocol(upgradeProtocol.getAlpnName());
+ boolean secure = getEndpoint().isSSLEnabled();
+ // HTTP Upgrade
+ String httpUpgradeName = upgradeProtocol.getHttpUpgradeName(secure);
+ boolean httpUpgradeConfigured = false;
+ if (httpUpgradeName != null && httpUpgradeName.length() > 0) {
+ httpUpgradeProtocols.put(httpUpgradeName, upgradeProtocol);
+ httpUpgradeConfigured = true;
+ getLog().info(sm.getString("abstractHttp11Protocol.httpUpgradeConfigured",
+ getName(), httpUpgradeName));
+ }
+
+ // ALPN
+ String alpnName = upgradeProtocol.getAlpnName();
+ if (alpnName != null && alpnName.length() > 0) {
+ // ALPN requires SSL
+ if (secure) {
+ negotiatedProtocols.put(alpnName, upgradeProtocol);
+ getEndpoint().addNegotiatedProtocol(alpnName);
+ getLog().info(sm.getString("abstractHttp11Protocol.alpnConfigured",
+ getName(), alpnName));
+ } else {
+ if (!httpUpgradeConfigured) {
+ // HTTP Upgrade is not available for this protocol so it
+ // requires ALPN. It has been configured on a non-secure
+ // connector where ALPN is not available.
+ getLog().error(sm.getString("abstractHttp11Protocol.alpnWithNoTls",
+ upgradeProtocol.getClass().getName(), alpnName, getName()));
+ }
+ }
+ }
}
@Override
public UpgradeProtocol getNegotiatedProtocol(String negotiatedName) {
Modified: tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties Fri May 29 11:04:09 2015
@@ -13,6 +13,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+abstractHttp11Protocol.alpnConfigured=The [{0}] connector has been configured to support negotiation to [{1}] via ALPN
+abstractHttp11Protocol.alpnWithNoTls=The upgrade handler [{0}] for [{1}] only supports upgrade via ALPN but has been configured for the [{2}] connector that is not enabled for TLS.
+abstractHttp11Protocol.httpUpgradeConfigured=The [{0}] connector has been configured to support HTTP upgrade to [{1}]
+
http11processor.fallToDebug=\n Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
http11processor.header.parse=Error parsing HTTP request header
http11processor.neverused=This method should never be used
Modified: tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/Http2Protocol.java Fri May 29 11:04:09 2015
@@ -31,8 +31,12 @@ public class Http2Protocol implements Up
private static final byte[] ALPN_IDENTIFIER = ALPN_NAME.getBytes(StandardCharsets.UTF_8);
@Override
- public String getHttpUpgradeName() {
- return HTTP_UPGRADE_NAME;
+ public String getHttpUpgradeName(boolean isSecure) {
+ if (isSecure) {
+ return null;
+ } else {
+ return HTTP_UPGRADE_NAME;
+ }
}
@Override
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Fri May 29 11:04:09 2015
@@ -549,9 +549,6 @@ public class AprEndpoint extends Abstrac
Long defaultSSLContext = (Long) defaultSSLHostConfig.getSslContext();
sslContext = defaultSSLContext.longValue();
SSLContext.registerDefault(defaultSSLContext, this);
-
- } else if (negotiableProtocols.size() > 0) {
- log.info(sm.getString("endpoint.noNegotiation", getName(), negotiableProtocols.toString()));
}
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties?rev=1682417&r1=1682416&r2=1682417&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties Fri May 29 11:04:09 2015
@@ -50,7 +50,6 @@ endpoint.getAttribute=[{0}] is [{1}]
endpoint.init.bind=Socket bind failed: [{0}] {1}
endpoint.init.listen=Socket listen failed: [{0}] {1}
endpoint.init.notavail=APR not available
-endpoint.noNegotiation=TLS was not configured for the [{0}] connector so negotiation via ALPN for {1} is not available
endpoint.noSslHostName=No host name was provided for the SSL host configuration
endpoint.poll.limitedpollsize=Failed to create poller with specified size of {0}
endpoint.poll.initfail=Poller creation failed
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org