You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by gn...@apache.org on 2017/09/05 07:23:31 UTC
[1/3] karaf git commit: Minor code changes in the management module
Repository: karaf
Updated Branches:
refs/heads/master 178dfef34 -> bd3dff89e
Minor code changes in the management module
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/bd3dff89
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/bd3dff89
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/bd3dff89
Branch: refs/heads/master
Commit: bd3dff89e2c5463bf7628fe6a0c8be543b325762
Parents: b1a562c
Author: Guillaume Nodet <gn...@apache.org>
Authored: Tue Sep 5 09:23:11 2017 +0200
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Sep 5 09:23:26 2017 +0200
----------------------------------------------------------------------
.../karaf/management/MBeanServerFactory.java | 5 ++-
.../karaf/management/internal/Activator.java | 38 +++++++++++---------
2 files changed, 23 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/bd3dff89/management/server/src/main/java/org/apache/karaf/management/MBeanServerFactory.java
----------------------------------------------------------------------
diff --git a/management/server/src/main/java/org/apache/karaf/management/MBeanServerFactory.java b/management/server/src/main/java/org/apache/karaf/management/MBeanServerFactory.java
index f89aa09..4d43975 100644
--- a/management/server/src/main/java/org/apache/karaf/management/MBeanServerFactory.java
+++ b/management/server/src/main/java/org/apache/karaf/management/MBeanServerFactory.java
@@ -74,18 +74,17 @@ public class MBeanServerFactory {
if (this.server == null) {
init();
}
- return server;
+ return this.server;
}
public void init() throws Exception {
if (this.locateExistingServerIfPossible || this.agentId != null) {
try {
List servers = javax.management.MBeanServerFactory.findMBeanServer(agentId);
- MBeanServer server = null;
if (servers != null && servers.size() > 0) {
this.server = (MBeanServer) servers.get(0);
}
- if (server == null && agentId == null) {
+ if (this.server == null && agentId == null) {
this.server = ManagementFactory.getPlatformMBeanServer();
}
if (this.server == null) {
http://git-wip-us.apache.org/repos/asf/karaf/blob/bd3dff89/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java
----------------------------------------------------------------------
diff --git a/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java b/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java
index 1a22e9b..484c4ff 100644
--- a/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java
+++ b/management/server/src/main/java/org/apache/karaf/management/internal/Activator.java
@@ -144,35 +144,35 @@ public class Activator extends BaseActivator implements ManagedService {
registerMBean(securityMBean, "type=security,area=jmx");
register(MBeanServer.class, mbeanServer);
-
- keystoreInstanceServiceTracker = new ServiceTracker<>(
- bundleContext, KeystoreInstance.class, new ServiceTrackerCustomizer<KeystoreInstance, KeystoreInstance>() {
+
+ if (secured) {
+ keystoreInstanceServiceTracker = new ServiceTracker<>(
+ bundleContext, KeystoreInstance.class, new ServiceTrackerCustomizer<KeystoreInstance, KeystoreInstance>() {
@Override
public KeystoreInstance addingService(ServiceReference<KeystoreInstance> reference) {
- if (secured) {
- try {
- connectorServerFactory.init();
- } catch (Exception e) {
- LOG.error("Can't re-init JMXConnectorServer with SSL enabled when register a keystore:" + e.getMessage());
- }
+ try {
+ connectorServerFactory.init();
+ } catch (Exception e) {
+ LOG.error("Can't re-init JMXConnectorServer with SSL enabled when register a keystore:" + e.getMessage());
}
return null;
}
+
@Override
public void modifiedService(ServiceReference<KeystoreInstance> reference, KeystoreInstance service) {
}
+
@Override
public void removedService(ServiceReference<KeystoreInstance> reference, KeystoreInstance service) {
- if (secured) {
- try {
- connectorServerFactory.init();
- } catch (Exception e) {
- LOG.error("Can't re-init JMXConnectorServer with SSL enabled when unregister a keystore: " + e.getMessage());
- }
+ try {
+ connectorServerFactory.init();
+ } catch (Exception e) {
+ LOG.error("Can't re-init JMXConnectorServer with SSL enabled when unregister a keystore: " + e.getMessage());
}
}
});
- keystoreInstanceServiceTracker.open();
+ keystoreInstanceServiceTracker.open();
+ }
}
protected void doStop() {
@@ -202,7 +202,11 @@ public class Activator extends BaseActivator implements ManagedService {
rmiRegistryFactory = null;
}
if (keystoreInstanceServiceTracker != null) {
- keystoreInstanceServiceTracker.close();
+ try {
+ keystoreInstanceServiceTracker.close();
+ } finally {
+ keystoreInstanceServiceTracker = null;
+ }
}
}
[2/3] karaf git commit: [KARAF-5338] Unable to access the local JMX
server on OSX
Posted by gn...@apache.org.
[KARAF-5338] Unable to access the local JMX server on OSX
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/b1a562ce
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/b1a562ce
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/b1a562ce
Branch: refs/heads/master
Commit: b1a562ce9f49bab42f1c7f8c96721907e8ffc5a3
Parents: 4bd4445
Author: Guillaume Nodet <gn...@apache.org>
Authored: Tue Sep 5 09:22:58 2017 +0200
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Sep 5 09:23:26 2017 +0200
----------------------------------------------------------------------
.../management/ConnectorServerFactory.java | 341 ++++++++++++++++++-
1 file changed, 327 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/b1a562ce/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
----------------------------------------------------------------------
diff --git a/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java b/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
index a15525e..805c71c 100644
--- a/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
+++ b/management/server/src/main/java/org/apache/karaf/management/ConnectorServerFactory.java
@@ -19,14 +19,22 @@ package org.apache.karaf.management;
import org.apache.karaf.jaas.config.KeystoreManager;
import org.apache.karaf.management.internal.MBeanInvocationHandler;
+import java.io.Closeable;
import java.io.IOException;
import java.lang.reflect.Proxy;
import java.net.BindException;
import java.net.InetAddress;
+import java.net.NetworkInterface;
import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.SocketAddress;
+import java.net.SocketException;
+import java.net.SocketImplFactory;
+import java.nio.channels.ServerSocketChannel;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.security.GeneralSecurityException;
+import java.util.Enumeration;
import java.util.Map;
import javax.management.JMException;
@@ -38,6 +46,7 @@ import javax.management.remote.JMXServiceURL;
import javax.management.remote.rmi.RMIConnectorServer;
import javax.net.ServerSocketFactory;
import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.rmi.ssl.SslRMIClientSocketFactory;
@@ -50,7 +59,7 @@ public class ConnectorServerFactory {
private KarafMBeanServerGuard guard;
private String serviceUrl;
private String rmiServerHost;
- private Map environment;
+ private Map<String, Object> environment;
private ObjectName objectName;
private boolean threaded = false;
private boolean daemon = false;
@@ -98,11 +107,11 @@ public class ConnectorServerFactory {
this.rmiServerHost = rmiServerHost;
}
- public Map getEnvironment() {
+ public Map<String, Object> getEnvironment() {
return environment;
}
- public void setEnvironment(Map environment) {
+ public void setEnvironment(Map<String, Object> environment) {
this.environment = environment;
}
@@ -229,13 +238,14 @@ public class ConnectorServerFactory {
throw new IllegalArgumentException("server must be set");
}
JMXServiceURL url = new JMXServiceURL(this.serviceUrl);
- setupKarafRMIServerSocketFactory();
if ( isClientAuth() ) {
this.secured = true;
}
if ( this.secured ) {
- this.setupSsl();
+ setupSsl();
+ } else {
+ setupKarafRMIServerSocketFactory();
}
if ( ! AuthenticatorType.PASSWORD.equals( this.authenticatorType ) ) {
@@ -304,9 +314,8 @@ public class ConnectorServerFactory {
}
private void setupSsl() throws GeneralSecurityException {
-
SSLServerSocketFactory sssf = keystoreManager.createSSLServerFactory(null, secureProtocol, algorithm, keyStore, keyAlias, trustStore,keyStoreAvailabilityTimeout);
- RMIServerSocketFactory rssf = new KarafSslRMIServerSocketFactory(sssf, this.isClientAuth(), getRmiServerHost());
+ RMIServerSocketFactory rssf = new KarafSslRMIServerSocketFactory(sssf, isClientAuth(), getRmiServerHost());
RMIClientSocketFactory rcsf = new SslRMIClientSocketFactory();
environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, rssf);
environment.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, rcsf);
@@ -315,8 +324,8 @@ public class ConnectorServerFactory {
}
private void setupKarafRMIServerSocketFactory() {
- RMIServerSocketFactory rmiServerSocketFactory = new KarafRMIServerSocketFactory(getRmiServerHost());
- environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, rmiServerSocketFactory);
+ RMIServerSocketFactory rssf = new KarafRMIServerSocketFactory(getRmiServerHost());
+ environment.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, rssf);
}
private static class KarafSslRMIServerSocketFactory implements RMIServerSocketFactory {
@@ -331,9 +340,16 @@ public class ConnectorServerFactory {
}
public ServerSocket createServerSocket(int port) throws IOException {
- SSLServerSocket ss = (SSLServerSocket) sssf.createServerSocket(port, 50, InetAddress.getByName(rmiServerHost));
- ss.setNeedClientAuth(clientAuth);
- return ss;
+ InetAddress host = InetAddress.getByName(rmiServerHost);
+ if (host.isLoopbackAddress()) {
+ final SSLServerSocket ss = (SSLServerSocket) sssf.createServerSocket(port, 50);
+ ss.setNeedClientAuth(clientAuth);
+ return new LocalOnlySSLServerSocket(ss);
+ } else {
+ final SSLServerSocket ss = (SSLServerSocket) sssf.createServerSocket(port, 50, InetAddress.getByName(rmiServerHost));
+ ss.setNeedClientAuth(clientAuth);
+ return ss;
+ }
}
}
@@ -345,10 +361,307 @@ public class ConnectorServerFactory {
}
public ServerSocket createServerSocket(int port) throws IOException {
- ServerSocket serverSocket = ServerSocketFactory.getDefault().createServerSocket(port, 50, InetAddress.getByName(rmiServerHost));
- return serverSocket;
+ InetAddress host = InetAddress.getByName(rmiServerHost);
+ if (host.isLoopbackAddress()) {
+ final ServerSocket ss = ServerSocketFactory.getDefault().createServerSocket(port, 50);
+ return new LocalOnlyServerSocket(ss);
+ } else {
+ final ServerSocket ss = ServerSocketFactory.getDefault().createServerSocket(port, 50, InetAddress.getByName(rmiServerHost));
+ return ss;
+ }
+ }
+ }
+
+ private static class LocalOnlyServerSocket extends ServerSocket {
+
+ private final ServerSocket ss;
+
+ public LocalOnlyServerSocket(ServerSocket ss) throws IOException {
+ this.ss = ss;
+ }
+
+ @Override
+ public void bind(SocketAddress endpoint) throws IOException {
+ ss.bind(endpoint);
+ }
+
+ @Override
+ public void bind(SocketAddress endpoint, int backlog) throws IOException {
+ ss.bind(endpoint, backlog);
+ }
+
+ @Override
+ public InetAddress getInetAddress() {
+ return ss.getInetAddress();
+ }
+
+ @Override
+ public int getLocalPort() {
+ return ss.getLocalPort();
+ }
+
+ @Override
+ public SocketAddress getLocalSocketAddress() {
+ return ss.getLocalSocketAddress();
+ }
+
+ @Override
+ public Socket accept() throws IOException {
+ return checkLocal(ss.accept());
+ }
+
+ @Override
+ public void close() throws IOException {
+ ss.close();
+ }
+
+ @Override
+ public ServerSocketChannel getChannel() {
+ return ss.getChannel();
+ }
+
+ @Override
+ public boolean isBound() {
+ return ss.isBound();
+ }
+
+ @Override
+ public boolean isClosed() {
+ return ss.isClosed();
+ }
+
+ @Override
+ public void setSoTimeout(int timeout) throws SocketException {
+ ss.setSoTimeout(timeout);
+ }
+
+ @Override
+ public int getSoTimeout() throws IOException {
+ return ss.getSoTimeout();
+ }
+
+ @Override
+ public void setReuseAddress(boolean on) throws SocketException {
+ ss.setReuseAddress(on);
+ }
+
+ @Override
+ public boolean getReuseAddress() throws SocketException {
+ return ss.getReuseAddress();
+ }
+
+ @Override
+ public String toString() {
+ return ss.toString();
+ }
+
+ @Override
+ public void setReceiveBufferSize(int size) throws SocketException {
+ ss.setReceiveBufferSize(size);
+ }
+
+ @Override
+ public int getReceiveBufferSize() throws SocketException {
+ return ss.getReceiveBufferSize();
+ }
+
+ @Override
+ public void setPerformancePreferences(int connectionTime, int latency, int bandwidth) {
+ ss.setPerformancePreferences(connectionTime, latency, bandwidth);
+ }
+ }
+
+ private static class LocalOnlySSLServerSocket extends SSLServerSocket {
+
+ private final SSLServerSocket ss;
+
+ public LocalOnlySSLServerSocket(SSLServerSocket ss) throws IOException {
+ this.ss = ss;
+ }
+
+ @Override
+ public void bind(SocketAddress endpoint) throws IOException {
+ ss.bind(endpoint);
+ }
+
+ @Override
+ public void bind(SocketAddress endpoint, int backlog) throws IOException {
+ ss.bind(endpoint, backlog);
+ }
+
+ @Override
+ public InetAddress getInetAddress() {
+ return ss.getInetAddress();
+ }
+
+ @Override
+ public int getLocalPort() {
+ return ss.getLocalPort();
+ }
+
+ @Override
+ public SocketAddress getLocalSocketAddress() {
+ return ss.getLocalSocketAddress();
+ }
+
+ @Override
+ public Socket accept() throws IOException {
+ return checkLocal(ss.accept());
+ }
+
+ @Override
+ public void close() throws IOException {
+ ss.close();
+ }
+
+ @Override
+ public ServerSocketChannel getChannel() {
+ return ss.getChannel();
+ }
+
+ @Override
+ public boolean isBound() {
+ return ss.isBound();
+ }
+
+ @Override
+ public boolean isClosed() {
+ return ss.isClosed();
+ }
+
+ @Override
+ public void setSoTimeout(int timeout) throws SocketException {
+ ss.setSoTimeout(timeout);
+ }
+
+ @Override
+ public int getSoTimeout() throws IOException {
+ return ss.getSoTimeout();
+ }
+
+ @Override
+ public void setReuseAddress(boolean on) throws SocketException {
+ ss.setReuseAddress(on);
+ }
+
+ @Override
+ public boolean getReuseAddress() throws SocketException {
+ return ss.getReuseAddress();
+ }
+
+ @Override
+ public String toString() {
+ return ss.toString();
+ }
+
+ @Override
+ public void setReceiveBufferSize(int size) throws SocketException {
+ ss.setReceiveBufferSize(size);
+ }
+
+ @Override
+ public int getReceiveBufferSize() throws SocketException {
+ return ss.getReceiveBufferSize();
+ }
+
+ @Override
+ public void setPerformancePreferences(int connectionTime, int latency, int bandwidth) {
+ ss.setPerformancePreferences(connectionTime, latency, bandwidth);
+ }
+ public String[] getEnabledCipherSuites() {
+ return ss.getEnabledCipherSuites();
+ }
+
+ public void setEnabledCipherSuites(String[] strings) {
+ ss.setEnabledCipherSuites(strings);
+ }
+
+ public String[] getSupportedCipherSuites() {
+ return ss.getSupportedCipherSuites();
+ }
+
+ public String[] getSupportedProtocols() {
+ return ss.getSupportedProtocols();
+ }
+
+ public String[] getEnabledProtocols() {
+ return ss.getEnabledProtocols();
+ }
+
+ public void setEnabledProtocols(String[] strings) {
+ ss.setEnabledProtocols(strings);
+ }
+
+ public void setNeedClientAuth(boolean b) {
+ ss.setNeedClientAuth(b);
+ }
+
+ public boolean getNeedClientAuth() {
+ return ss.getNeedClientAuth();
+ }
+
+ public void setWantClientAuth(boolean b) {
+ ss.setWantClientAuth(b);
+ }
+
+ public boolean getWantClientAuth() {
+ return ss.getWantClientAuth();
+ }
+
+ public void setUseClientMode(boolean b) {
+ ss.setUseClientMode(b);
+ }
+
+ public boolean getUseClientMode() {
+ return ss.getUseClientMode();
+ }
+
+ public void setEnableSessionCreation(boolean b) {
+ ss.setEnableSessionCreation(b);
+ }
+
+ public boolean getEnableSessionCreation() {
+ return ss.getEnableSessionCreation();
+ }
+
+ public SSLParameters getSSLParameters() {
+ return ss.getSSLParameters();
+ }
+
+ public void setSSLParameters(SSLParameters sslParameters) {
+ ss.setSSLParameters(sslParameters);
}
}
+ private static Socket checkLocal(Socket socket) throws IOException {
+ InetAddress addr = socket.getInetAddress();
+ if (addr != null) {
+ if (addr.isLoopbackAddress()) {
+ return socket;
+ } else {
+ try {
+ Enumeration<NetworkInterface> nis = NetworkInterface.getNetworkInterfaces();
+ while (nis.hasMoreElements()) {
+ NetworkInterface ni = nis.nextElement();
+ Enumeration<InetAddress> ads = ni.getInetAddresses();
+ while (ads.hasMoreElements()) {
+ InetAddress ad = ads.nextElement();
+ if (ad.equals(addr)) {
+ return socket;
+ }
+ }
+ }
+ } catch (SocketException e) {
+ // Ignore
+ }
+ }
+ }
+ try {
+ socket.close();
+ } catch (Exception e) {
+ // Ignore
+ }
+ throw new IOException("Only connections from clients running on the host where the RMI remote objects have been exported are accepted.");
+ }
}
[3/3] karaf git commit: Remove some IDE warnings
Posted by gn...@apache.org.
Remove some IDE warnings
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/4bd4445b
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/4bd4445b
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/4bd4445b
Branch: refs/heads/master
Commit: 4bd4445bfb1c71115f005f2488d38b264d26fd7a
Parents: 178dfef
Author: Guillaume Nodet <gn...@apache.org>
Authored: Mon Sep 4 10:00:45 2017 +0200
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Sep 5 09:23:26 2017 +0200
----------------------------------------------------------------------
.../java/org/apache/karaf/maven/command/PasswordCommand.java | 1 -
.../org/apache/karaf/maven/command/RepositoryAddCommand.java | 6 +++---
2 files changed, 3 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/4bd4445b/maven/core/src/main/java/org/apache/karaf/maven/command/PasswordCommand.java
----------------------------------------------------------------------
diff --git a/maven/core/src/main/java/org/apache/karaf/maven/command/PasswordCommand.java b/maven/core/src/main/java/org/apache/karaf/maven/command/PasswordCommand.java
index 4243212..ceaf90e 100644
--- a/maven/core/src/main/java/org/apache/karaf/maven/command/PasswordCommand.java
+++ b/maven/core/src/main/java/org/apache/karaf/maven/command/PasswordCommand.java
@@ -93,7 +93,6 @@ public class PasswordCommand extends MavenConfigurationSupport {
config.put(prefix + PROPERTY_SECURITY_FILE, newSecuritySettingsFile.getCanonicalPath());
cmConfig.update(config);
}
- return;
}
}
http://git-wip-us.apache.org/repos/asf/karaf/blob/4bd4445b/maven/core/src/main/java/org/apache/karaf/maven/command/RepositoryAddCommand.java
----------------------------------------------------------------------
diff --git a/maven/core/src/main/java/org/apache/karaf/maven/command/RepositoryAddCommand.java b/maven/core/src/main/java/org/apache/karaf/maven/command/RepositoryAddCommand.java
index 1001ade..5ab8092 100644
--- a/maven/core/src/main/java/org/apache/karaf/maven/command/RepositoryAddCommand.java
+++ b/maven/core/src/main/java/org/apache/karaf/maven/command/RepositoryAddCommand.java
@@ -117,15 +117,15 @@ public class RepositoryAddCommand extends RepositoryEditCommandSupport {
StringBuilder sb = new StringBuilder();
sb.append(urlResolved.val());
- sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_ID + "=" + id);
+ sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_ID + "=").append(id);
if (snapshots) {
sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_ALLOW_SNAPSHOTS);
}
if (noReleases) {
sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_DISALLOW_RELEASES);
}
- sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_UPDATE + "=" + updatePolicy);
- sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_CHECKSUM + "=" + checksumPolicy);
+ sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_UPDATE + "=").append(updatePolicy);
+ sb.append(ServiceConstants.SEPARATOR_OPTIONS + ServiceConstants.OPTION_CHECKSUM + "=").append(checksumPolicy);
MavenRepositoryURL newRepository = new MavenRepositoryURL(sb.toString());
List<MavenRepositoryURL> newRepos = new LinkedList<>(Arrays.asList(pidRepos));