You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by tr...@apache.org on 2013/06/24 22:03:58 UTC
svn commit: r1496189 - in /qpid/trunk/qpid/extras/dispatch: ./ etc/
include/qpid/dispatch/ src/ src/py/config/
Author: tross
Date: Mon Jun 24 20:03:58 2013
New Revision: 1496189
URL: http://svn.apache.org/r1496189
Log:
NO-JIRA - Added Listener and Connector Configuration, Wired in SSL support.
Added:
qpid/trunk/qpid/extras/dispatch/src/py/config/parser.py
- copied, changed from r1493730, qpid/trunk/qpid/extras/dispatch/src/py/config/configparse.py
qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py (with props)
Removed:
qpid/trunk/qpid/extras/dispatch/src/auth.c
qpid/trunk/qpid/extras/dispatch/src/auth.h
qpid/trunk/qpid/extras/dispatch/src/py/config/configparse.py
Modified:
qpid/trunk/qpid/extras/dispatch/CMakeLists.txt
qpid/trunk/qpid/extras/dispatch/etc/qpid-dispatch.conf
qpid/trunk/qpid/extras/dispatch/include/qpid/dispatch/config.h
qpid/trunk/qpid/extras/dispatch/src/config.c
qpid/trunk/qpid/extras/dispatch/src/config_private.h
qpid/trunk/qpid/extras/dispatch/src/dispatch.c
qpid/trunk/qpid/extras/dispatch/src/dispatch_private.h
qpid/trunk/qpid/extras/dispatch/src/py/config/__init__.py
qpid/trunk/qpid/extras/dispatch/src/router_node.c
qpid/trunk/qpid/extras/dispatch/src/server.c
qpid/trunk/qpid/extras/dispatch/src/server_private.h
Modified: qpid/trunk/qpid/extras/dispatch/CMakeLists.txt
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/CMakeLists.txt?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/CMakeLists.txt (original)
+++ qpid/trunk/qpid/extras/dispatch/CMakeLists.txt Mon Jun 24 20:03:58 2013
@@ -76,7 +76,6 @@ set(CATCH_UNDEFINED "-Wl,--no-undefined"
set(server_SOURCES
src/agent.c
src/alloc.c
- src/auth.c
src/buffer.c
src/config.c
src/container.c
Modified: qpid/trunk/qpid/extras/dispatch/etc/qpid-dispatch.conf
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/etc/qpid-dispatch.conf?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/etc/qpid-dispatch.conf (original)
+++ qpid/trunk/qpid/extras/dispatch/etc/qpid-dispatch.conf Mon Jun 24 20:03:58 2013
@@ -31,7 +31,7 @@ container {
## processor cores. To fully utilize a quad-core system, set the
## number of threads to 4.
##
- worker-threads: 1
+ worker-threads: 4
##
## container-name - The name of the AMQP container. If not specified,
@@ -55,10 +55,10 @@ ssl-profile {
name: ssl-profile-name
##
- ## trusted-cert-db - The path to the database that contains the public
+ ## cert-db - The path to the database that contains the public
## certificates of trusted certificate authorities (CAs).
##
- ## trusted-cert-db: /path/to/trusted-ca.db
+ ## cert-db: /path/to/trusted-ca.db
##
## cert-file - The path to the file containing the PEM-formatted public
@@ -96,7 +96,7 @@ ssl-profile {
##
listener {
addr: 0.0.0.0
- port: 5672
+ port: amqp
sasl-mechanisms: ANONYMOUS
}
@@ -107,13 +107,13 @@ listener {
sasl-mechanisms: EXTERNAL
ssl-profile: ssl-profile-name
require-peer-auth: yes
- allow-unsecured: no
+ allow-unsecured: yes
}
connector {
label: Router Uplink
- host: backbone.enterprise.com
- port: 5671
+ addr: backbone.enterprise.com
+ port: amqps
sasl-mechanisms: EXTERNAL
ssl-profile: ssl-profile-name
allow-redirect: no
Modified: qpid/trunk/qpid/extras/dispatch/include/qpid/dispatch/config.h
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/include/qpid/dispatch/config.h?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/include/qpid/dispatch/config.h (original)
+++ qpid/trunk/qpid/extras/dispatch/include/qpid/dispatch/config.h Mon Jun 24 20:03:58 2013
@@ -19,11 +19,13 @@
* under the License.
*/
+#include <stdint.h>
typedef struct dx_config_t dx_config_t;
int dx_config_item_count(const dx_config_t *config, const char *section);
const char *dx_config_item_value_string(const dx_config_t *config, const char *section, int index, const char* key);
uint32_t dx_config_item_value_int(const dx_config_t *config, const char *section, int index, const char* key);
+int dx_config_item_value_bool(const dx_config_t *config, const char *section, int index, const char* key);
#endif
Modified: qpid/trunk/qpid/extras/dispatch/src/config.c
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/config.c?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/config.c (original)
+++ qpid/trunk/qpid/extras/dispatch/src/config.c Mon Jun 24 20:03:58 2013
@@ -95,6 +95,36 @@ dx_config_t *dx_config(const char *filen
}
+void dx_config_read(dx_config_t *config)
+{
+ PyObject *pMethod;
+ PyObject *pArgs;
+ PyObject *pResult;
+
+ if (!config)
+ return;
+
+ pMethod = PyObject_GetAttrString(config->pObject, "read_file");
+ if (!pMethod || !PyCallable_Check(pMethod)) {
+ dx_log(log_module, LOG_ERROR, "Problem with configuration module: No callable 'item_count'");
+ if (pMethod) {
+ Py_DECREF(pMethod);
+ }
+ return;
+ }
+
+ pArgs = PyTuple_New(0);
+ pResult = PyObject_CallObject(pMethod, pArgs);
+ Py_DECREF(pArgs);
+ if (pResult) {
+ Py_DECREF(pResult);
+ } else {
+ PyErr_Print();
+ }
+ Py_DECREF(pMethod);
+}
+
+
void dx_config_free(dx_config_t *config)
{
if (config) {
@@ -113,6 +143,9 @@ int dx_config_item_count(const dx_config
PyObject *pResult;
int result = 0;
+ if (!config)
+ return 0;
+
pMethod = PyObject_GetAttrString(config->pObject, "item_count");
if (!pMethod || !PyCallable_Check(pMethod)) {
dx_log(log_module, LOG_ERROR, "Problem with configuration module: No callable 'item_count'");
@@ -147,6 +180,9 @@ static PyObject *item_value(const dx_con
PyObject *pArgs;
PyObject *pResult;
+ if (!config)
+ return 0;
+
pMethod = PyObject_GetAttrString(config->pObject, method);
if (!pMethod || !PyCallable_Check(pMethod)) {
dx_log(log_module, LOG_ERROR, "Problem with configuration module: No callable '%s'", method);
@@ -206,3 +242,19 @@ uint32_t dx_config_item_value_int(const
}
+int dx_config_item_value_bool(const dx_config_t *config, const char *section, int index, const char* key)
+{
+ PyObject *pResult = item_value(config, section, index, key, "value_bool");
+ int value = 0;
+
+ if (pResult && pResult != Py_None)
+ value = 1;
+
+ if (pResult) {
+ Py_DECREF(pResult);
+ }
+
+ return value;
+}
+
+
Modified: qpid/trunk/qpid/extras/dispatch/src/config_private.h
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/config_private.h?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/config_private.h (original)
+++ qpid/trunk/qpid/extras/dispatch/src/config_private.h Mon Jun 24 20:03:58 2013
@@ -24,6 +24,7 @@
void dx_config_initialize();
void dx_config_finalize();
dx_config_t *dx_config(const char *filename);
+void dx_config_read(dx_config_t *config);
void dx_config_free(dx_config_t *config);
#endif
Modified: qpid/trunk/qpid/extras/dispatch/src/dispatch.c
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/dispatch.c?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/dispatch.c (original)
+++ qpid/trunk/qpid/extras/dispatch/src/dispatch.c Mon Jun 24 20:03:58 2013
@@ -40,24 +40,13 @@ void dx_router_free(dx_router
dx_agent_t *dx_agent(dx_dispatch_t *dx);
void dx_agent_free(dx_agent_t *agent);
-
-static const char *CONF_CONTAINER = "container";
-static const char *CONF_ROUTER = "router";
-static const char *CONF_LISTENER = "listener";
-
-
-typedef struct dx_config_listener_t {
- DEQ_LINKS(struct dx_config_listener_t);
- dx_server_config_t configuration;
- dx_listener_t *listener;
-} dx_config_listener_t;
-
-
-ALLOC_DECLARE(dx_config_listener_t);
ALLOC_DEFINE(dx_config_listener_t);
-DEQ_DECLARE(dx_config_listener_t, listener_list_t);
+ALLOC_DEFINE(dx_config_connector_t);
-listener_list_t listeners;
+static const char *CONF_CONTAINER = "container";
+static const char *CONF_ROUTER = "router";
+static const char *CONF_LISTENER = "listener";
+static const char *CONF_CONNECTOR = "connector";
dx_dispatch_t *dx_dispatch(const char *config_path)
@@ -69,14 +58,16 @@ dx_dispatch_t *dx_dispatch(const char *c
const char *router_area = 0;
const char *router_id = 0;
+ DEQ_INIT(dx->config_listeners);
+ DEQ_INIT(dx->config_connectors);
+
dx_python_initialize();
dx_log_initialize();
dx_alloc_initialize();
- DEQ_INIT(listeners);
-
dx_config_initialize();
dx->config = dx_config(config_path);
+ dx_config_read(dx->config);
if (dx->config) {
int count = dx_config_item_count(dx->config, CONF_CONTAINER);
@@ -130,7 +121,33 @@ void dx_dispatch_free(dx_dispatch_t *dx)
}
-static void configure_connections(dx_dispatch_t *dx)
+static void load_server_config(dx_dispatch_t *dx, dx_server_config_t *config, const char *section, int i)
+{
+ config->host = dx_config_item_value_string(dx->config, section, i, "addr");
+ config->port = dx_config_item_value_string(dx->config, section, i, "port");
+ config->sasl_mechanisms =
+ dx_config_item_value_string(dx->config, section, i, "sasl-mechanisms");
+ config->ssl_enabled =
+ dx_config_item_value_bool(dx->config, section, i, "ssl-profile");
+ if (config->ssl_enabled) {
+ config->ssl_server = 1;
+ config->ssl_allow_unsecured_client =
+ dx_config_item_value_bool(dx->config, section, i, "allow-unsecured");
+ config->ssl_certificate_file =
+ dx_config_item_value_string(dx->config, section, i, "cert-file");
+ config->ssl_private_key_file =
+ dx_config_item_value_string(dx->config, section, i, "key-file");
+ config->ssl_password =
+ dx_config_item_value_string(dx->config, section, i, "password");
+ config->ssl_trusted_certificate_db =
+ dx_config_item_value_string(dx->config, section, i, "cert-db");
+ config->ssl_require_peer_authentication =
+ dx_config_item_value_bool(dx->config, section, i, "require-peer-auth");
+ }
+}
+
+
+static void configure_listeners(dx_dispatch_t *dx)
{
int count;
@@ -139,22 +156,59 @@ static void configure_connections(dx_dis
count = dx_config_item_count(dx->config, CONF_LISTENER);
for (int i = 0; i < count; i++) {
- dx_config_listener_t *l = new_dx_config_listener_t();
- memset(l, 0, sizeof(dx_config_listener_t));
+ dx_config_listener_t *cl = new_dx_config_listener_t();
+ load_server_config(dx, &cl->configuration, CONF_LISTENER, i);
+
+ printf("\nListener : %s:%s\n", cl->configuration.host, cl->configuration.port);
+ printf(" SASL: %s\n", cl->configuration.sasl_mechanisms);
+ printf(" SSL: %d\n", cl->configuration.ssl_enabled);
+ if (cl->configuration.ssl_enabled) {
+ printf(" unsec: %d\n", cl->configuration.ssl_allow_unsecured_client);
+ printf(" cert-file: %s\n", cl->configuration.ssl_certificate_file);
+ printf(" key-file: %s\n", cl->configuration.ssl_private_key_file);
+ printf(" cert-db: %s\n", cl->configuration.ssl_trusted_certificate_db);
+ printf(" peer-auth: %d\n", cl->configuration.ssl_require_peer_authentication);
+ }
- l->configuration.host = dx_config_item_value_string(dx->config, CONF_LISTENER, i, "addr");
- l->configuration.port = dx_config_item_value_string(dx->config, CONF_LISTENER, i, "port");
- l->configuration.sasl_mechanisms =
- dx_config_item_value_string(dx->config, CONF_LISTENER, i, "sasl-mechansism");
- l->configuration.ssl_enabled = 0;
+ cl->listener = dx_server_listen(dx, &cl->configuration, cl);
+ DEQ_ITEM_INIT(cl);
+ DEQ_INSERT_TAIL(dx->config_listeners, cl);
+ }
+}
+
+
+static void configure_connectors(dx_dispatch_t *dx)
+{
+ int count;
+
+ if (!dx->config)
+ return;
+
+ count = dx_config_item_count(dx->config, CONF_CONNECTOR);
+ for (int i = 0; i < count; i++) {
+ dx_config_connector_t *cc = new_dx_config_connector_t();
+ load_server_config(dx, &cc->configuration, CONF_CONNECTOR, i);
+
+ printf("\nConnector : %s:%s\n", cc->configuration.host, cc->configuration.port);
+ printf(" SASL: %s\n", cc->configuration.sasl_mechanisms);
+ printf(" SSL: %d\n", cc->configuration.ssl_enabled);
+ if (cc->configuration.ssl_enabled) {
+ printf(" cert-file: %s\n", cc->configuration.ssl_certificate_file);
+ printf(" key-file: %s\n", cc->configuration.ssl_private_key_file);
+ printf(" cert-db: %s\n", cc->configuration.ssl_trusted_certificate_db);
+ printf(" peer-auth: %d\n", cc->configuration.ssl_require_peer_authentication);
+ }
- l->listener = dx_server_listen(dx, &l->configuration, l);
+ cc->connector = dx_server_connect(dx, &cc->configuration, cc);
+ DEQ_ITEM_INIT(cc);
+ DEQ_INSERT_TAIL(dx->config_connectors, cc);
}
}
void dx_dispatch_configure(dx_dispatch_t *dx)
{
- configure_connections(dx);
+ configure_listeners(dx);
+ configure_connectors(dx);
}
Modified: qpid/trunk/qpid/extras/dispatch/src/dispatch_private.h
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/dispatch_private.h?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/dispatch_private.h (original)
+++ qpid/trunk/qpid/extras/dispatch/src/dispatch_private.h Mon Jun 24 20:03:58 2013
@@ -21,17 +21,40 @@
#include "server_private.h"
#include "config_private.h"
+#include <qpid/dispatch/ctools.h>
typedef struct dx_container_t dx_container_t;
typedef struct dx_router_t dx_router_t;
typedef struct dx_agent_t dx_agent_t;
+typedef struct dx_config_listener_t {
+ DEQ_LINKS(struct dx_config_listener_t);
+ dx_listener_t *listener;
+ dx_server_config_t configuration;
+} dx_config_listener_t;
+
+DEQ_DECLARE(dx_config_listener_t, dx_config_listener_list_t);
+ALLOC_DECLARE(dx_config_listener_t);
+
+
+typedef struct dx_config_connector_t {
+ DEQ_LINKS(struct dx_config_connector_t);
+ dx_connector_t *connector;
+ dx_server_config_t configuration;
+} dx_config_connector_t;
+
+DEQ_DECLARE(dx_config_connector_t, dx_config_connector_list_t);
+ALLOC_DECLARE(dx_config_connector_t);
+
struct dx_dispatch_t {
- dx_server_t *server;
- dx_container_t *container;
- dx_router_t *router;
- dx_agent_t *agent;
- dx_config_t *config;
+ dx_server_t *server;
+ dx_container_t *container;
+ dx_router_t *router;
+ dx_agent_t *agent;
+ dx_config_t *config;
+
+ dx_config_listener_list_t config_listeners;
+ dx_config_connector_list_t config_connectors;
};
#endif
Modified: qpid/trunk/qpid/extras/dispatch/src/py/config/__init__.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/py/config/__init__.py?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/py/config/__init__.py (original)
+++ qpid/trunk/qpid/extras/dispatch/src/py/config/__init__.py Mon Jun 24 20:03:58 2013
@@ -17,4 +17,4 @@
# under the License.
#
-from config.configparse import DXConfig
+from config.parser import DXConfig
Copied: qpid/trunk/qpid/extras/dispatch/src/py/config/parser.py (from r1493730, qpid/trunk/qpid/extras/dispatch/src/py/config/configparse.py)
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/py/config/parser.py?p2=qpid/trunk/qpid/extras/dispatch/src/py/config/parser.py&p1=qpid/trunk/qpid/extras/dispatch/src/py/config/configparse.py&r1=1493730&r2=1496189&rev=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/py/config/configparse.py (original)
+++ qpid/trunk/qpid/extras/dispatch/src/py/config/parser.py Mon Jun 24 20:03:58 2013
@@ -18,6 +18,154 @@
##
import json
+from schema import config_schema
+
+class Section:
+ """
+ """
+
+ def __init__(self, name, kv_pairs, schema_section):
+ self.name = name
+ self.schema_section = schema_section
+ self.values = schema_section.check_and_default(kv_pairs)
+ self.index = schema_section.index_of(kv_pairs)
+
+ def __repr__(self):
+ return "%r" % self.values
+
+
+class ConfigMain:
+ """
+ """
+
+ def __init__(self, schema):
+ self.sections_by_name = {}
+ self.sections_by_index = {}
+ self.schema = schema
+
+
+ def update(self, raw_config):
+ for sec_map in raw_config:
+ name = sec_map.keys()[0]
+ kv = sec_map[name]
+ schema_section = self.schema.sections[name]
+ sec = Section(name, kv, schema_section)
+ if name not in self.sections_by_name:
+ self.sections_by_name[name] = []
+ self.sections_by_name[name].append(sec)
+ self.sections_by_index[sec.index] = sec
+ self._expand_references()
+
+
+ def item_count(self, name):
+ if name in self.sections_by_name:
+ return len(self.sections_by_name[name])
+ return 0
+
+
+ def get_value(self, name, idx, key):
+ if name in self.sections_by_name:
+ sec = self.sections_by_name[name]
+ if idx <= len(sec):
+ if key in sec[idx].values:
+ return sec[idx].values[key]
+ return None
+
+
+ def _expand_references(self):
+ for name, sec_list in self.sections_by_name.items():
+ for sec in sec_list:
+ for k,v in sec.values.items():
+ if sec.schema_section.is_expandable(k):
+ ref_name = "%s:%s" % (k, v)
+ if ref_name in self.sections_by_index:
+ ref_section = self.sections_by_index[ref_name]
+ for ek,ev in ref_section.values.items():
+ if ref_section.schema_section.expand_copy(ek):
+ sec.values[ek] = ev
+
+
+
+
+SECTION_SINGLETON = 0
+SECTION_VALUES = 1
+
+VALUE_TYPE = 0
+VALUE_INDEX = 1
+VALUE_FLAGS = 2
+VALUE_DEFAULT = 3
+
+
+class SchemaSection:
+ """
+ """
+
+ def __init__(self, name, section_tuple):
+ self.name = name
+ self.singleton = section_tuple[SECTION_SINGLETON]
+ self.values = section_tuple[SECTION_VALUES]
+ self.index_keys = []
+ finding_index = True
+ index_ord = 0
+ while finding_index:
+ finding_index = False
+ for k,v in self.values.items():
+ if v[VALUE_INDEX] == index_ord:
+ self.index_keys.append(k)
+ index_ord += 1
+ finding_index = True
+
+
+ def is_mandatory(self, key):
+ return self.values[key][VALUE_FLAGS].find('M') >= 0
+
+
+ def is_expandable(self, key):
+ return self.values[key][VALUE_FLAGS].find('E') >= 0
+
+
+ def expand_copy(self, key):
+ return self.values[key][VALUE_FLAGS].find('S') >= 0
+
+
+ def default_value(self, key):
+ return self.values[key][VALUE_DEFAULT]
+
+
+ def check_and_default(self, kv_map):
+ copy = {}
+ for k,v in self.values.items():
+ if k not in kv_map:
+ if self.is_mandatory(k):
+ raise Exception("In section '%s', missing mandatory key '%s'" % (self.name, k))
+ else:
+ copy[k] = self.default_value(k)
+ for k,v in kv_map.items():
+ if k not in self.values:
+ raise Exception("In section '%s', unknown key '%s'" % (self.name, k))
+ copy[k] = v
+ return copy
+
+
+ def index_of(self, kv_map):
+ result = self.name
+ for key in self.index_keys:
+ result += ':%s' % kv_map[key]
+ if result == "":
+ result = "SINGLE"
+ return result
+
+
+class Schema:
+ """
+ """
+
+ def __init__(self):
+ self.sections = {}
+ for k,v in config_schema.items():
+ self.sections[k] = SchemaSection(k, v)
+
+
class DXConfig:
"""
@@ -47,14 +195,24 @@ class DXConfig:
def __init__(self, path):
self.path = path
- self.config = None
-
- cfile = open(self.path)
- text = cfile.read()
- cfile.close()
-
- self.json_text = "[" + self._toJson(text) + "]"
- self.config = json.loads(self.json_text);
+ self.raw_config = None
+ self.config = None
+ self.schema = Schema()
+
+
+ def read_file(self):
+ try:
+ cfile = open(self.path)
+ text = cfile.read()
+ cfile.close()
+
+ self.json_text = "[" + self._toJson(text) + "]"
+ self.raw_config = json.loads(self.json_text);
+ self._validate_raw_config()
+ self._process_schema()
+ except Exception, E:
+ print "Exception in read_file: %r" % E
+ raise
def __repr__(self):
@@ -103,29 +261,47 @@ class DXConfig:
return stripped[:-1]
- def _getSection(self, section):
- result = []
- for item in self.config:
- if item.__class__ == dict and section in item:
- result.append(item[section])
- return result
+ def _validate_raw_config(self):
+ """
+ Ensure that the configuration is well-formed. Once this is validated,
+ further functions can assume a well-formed data structure is in place.
+ """
+ if self.raw_config.__class__ != list:
+ raise Exception("Invalid Config: Expected List at top level")
+ for section in self.raw_config:
+ if section.__class__ != dict:
+ raise Exception("Invalid Config: List items must be maps")
+ if len(section) != 1:
+ raise Exception("Invalid Config: Map must have only one entry")
+ for key,val in section.items():
+ if key.__class__ != str and key.__class__ != unicode:
+ raise Exception("Invalid Config: Key in map must be a string")
+ if val.__class__ != dict:
+ raise Exception("Invalid Config: Value in map must be a map")
+ for k,v in val.items():
+ if k.__class__ != str and k.__class__ != unicode:
+ raise Exception("Invalid Config: Key in section must be a string")
+ if v.__class__ != str and v.__class__ != unicode:
+ raise Exception("Invalid Config: Value in section must be a string")
+
+
+ def _process_schema(self):
+ self.config = ConfigMain(self.schema)
+ self.config.update(self.raw_config)
+ self.raw_config = None
def item_count(self, section):
"""
Return the number of items in a section (i.e. the number if instances of a section-name).
"""
- sec = self._getSection(section)
- return len(sec)
+ result = self.config.item_count(section)
+ return result
+
def _value(self, section, idx, key):
- sec = self._getSection(section)
- if idx >= len(sec):
- return None
- item = sec[idx]
- if item.__class__ == dict and key in item:
- return item[key]
- return None
+ return self.config.get_value(section, idx, key)
+
def value_string(self, section, idx, key):
"""
@@ -136,6 +312,7 @@ class DXConfig:
return str(value)
return None
+
def value_int(self, section, idx, key):
"""
Return the integer value for the key in the idx'th item in the section.
@@ -144,3 +321,14 @@ class DXConfig:
return long(value)
+ def value_bool(self, section, idx, key):
+ """
+ Return the boolean value for the key in the idx'th item in the section.
+ """
+ value = self._value(section, idx, key)
+ if value:
+ if str(value) != "no":
+ return True
+ return None
+
+
Added: qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py?rev=1496189&view=auto
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py (added)
+++ qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py Mon Jun 24 20:03:58 2013
@@ -0,0 +1,82 @@
+##
+## Licensed to the Apache Software Foundation (ASF) under one
+## or more contributor license agreements. See the NOTICE file
+## distributed with this work for additional information
+## regarding copyright ownership. The ASF licenses this file
+## to you under the Apache License, Version 2.0 (the
+## "License"); you may not use this file except in compliance
+## with the License. You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing,
+## software distributed under the License is distributed on an
+## "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+## KIND, either express or implied. See the License for the
+## specific language governing permissions and limitations
+## under the License
+##
+
+#
+# config_schema =
+# { <section_name> :
+# (<singleton>,
+# {<key> : (<value-type>, <index>, <flags>, <default-value>)
+# )
+# }
+#
+# <section-name> = String name of a configuration section
+# <singleton> = False => There may be 0 or more sections with this name
+# True => There must be exactly one section with this name
+# <key> = String key of a section's key-value pair
+# <value-type> = Python type for the value
+# <index> = None => This value is not an index for multiple sections
+# >= 0 => Ordinal of this value in the section primary-key
+# <flags> = Set of characters:
+# M = Mandatory (no default value)
+# E = Expand referenced section into this record
+# S = During expansion, this key should be copied
+# <default-value> = If not mandatory and not specified, the value defaults to this
+# value
+#
+
+config_schema = {
+ 'container' : (True, {
+ 'worker-threads' : (int, None, "", 1),
+ 'container-name' : (str, None, "", None)
+ }),
+ 'ssl-profile' : (False, {
+ 'name' : (str, 0, "M"),
+ 'cert-db' : (str, None, "S", None),
+ 'cert-file' : (str, None, "S", None),
+ 'key-file' : (str, None, "S", None),
+ 'password-file' : (str, None, "S", None),
+ 'password' : (str, None, "S", None)
+ }),
+ 'listener' : (False, {
+ 'addr' : (str, 0, "M"),
+ 'port' : (str, 1, "M"),
+ 'label' : (str, None, "", None),
+ 'sasl-mechanisms' : (str, None, "M"),
+ 'ssl-profile' : (str, None, "E", None),
+ 'require-peer-auth' : (bool, None, "", True),
+ 'allow-unsecured' : (bool, None, "", False)
+ }),
+ 'connector' : (False, {
+ 'addr' : (str, 0, "M"),
+ 'port' : (str, 1, "M"),
+ 'label' : (str, None, "", None),
+ 'sasl-mechanisms' : (str, None, "M"),
+ 'ssl-profile' : (str, None, "E", None),
+ 'allow-redirect' : (bool, None, "", True)
+ }),
+ 'router' : (True, {
+ 'router-id' : (str, None, "M"),
+ 'area' : (str, None, "", None),
+ 'hello-interval' : (int, None, "", 1),
+ 'hello-max-age' : (int, None, "", 3),
+ 'ra-interval' : (int, None, "", 30),
+ 'remote-ls-max-age' : (int, None, "", 60),
+ 'mobile-addr-max-age' : (int, None, "", 60)
+ })}
+
Propchange: qpid/trunk/qpid/extras/dispatch/src/py/config/schema.py
------------------------------------------------------------------------------
svn:eol-style = native
Modified: qpid/trunk/qpid/extras/dispatch/src/router_node.c
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/router_node.c?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/router_node.c (original)
+++ qpid/trunk/qpid/extras/dispatch/src/router_node.c Mon Jun 24 20:03:58 2013
@@ -239,9 +239,9 @@ static void router_disp_handler(void* co
pn_link_t *pn_link = pn_delivery_link(delivery);
if (pn_link_is_sender(pn_link)) {
- pn_disposition_t disp = pn_delivery_remote_state(delivery);
- dx_message_t *msg = pn_delivery_get_context(delivery);
- pn_delivery_t *activate = 0;
+ uint64_t disp = pn_delivery_remote_state(delivery);
+ dx_message_t *msg = pn_delivery_get_context(delivery);
+ pn_delivery_t *activate = 0;
if (msg) {
assert(delivery == dx_message_out_delivery(msg));
Modified: qpid/trunk/qpid/extras/dispatch/src/server.c
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/server.c?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/server.c (original)
+++ qpid/trunk/qpid/extras/dispatch/src/server.c Mon Jun 24 20:03:58 2013
@@ -24,7 +24,6 @@
#include "timer_private.h"
#include "alloc_private.h"
#include "dispatch_private.h"
-#include "auth.h"
#include "work_queue.h"
#include <stdio.h>
#include <time.h>
@@ -102,7 +101,7 @@ static void thread_process_listeners(pn_
dx_log(module, LOG_TRACE, "Accepting Connection");
cxtr = pn_listener_accept(listener);
ctx = new_dx_connection_t();
- ctx->state = CONN_STATE_SASL_SERVER;
+ ctx->state = CONN_STATE_OPENING;
ctx->owner_thread = CONTEXT_NO_OWNER;
ctx->enqueued = 0;
ctx->pn_cxtr = cxtr;
@@ -112,6 +111,40 @@ static void thread_process_listeners(pn_
ctx->context = ctx->listener->context;
ctx->ufd = 0;
+ //
+ // Get a pointer to the transport so we can insert security components into it
+ //
+ pn_transport_t *tport = pn_connector_transport(cxtr);
+ const dx_server_config_t *config = ctx->listener->config;
+
+ //
+ // Set up SSL if appropriate
+ //
+ if (config->ssl_enabled) {
+ pn_ssl_domain_t *domain = pn_ssl_domain(PN_SSL_MODE_SERVER);
+ pn_ssl_domain_set_credentials(domain,
+ config->ssl_certificate_file,
+ config->ssl_private_key_file,
+ config->ssl_password);
+ if (config->ssl_allow_unsecured_client)
+ pn_ssl_domain_allow_unsecured_client(domain);
+
+ if (config->ssl_require_peer_authentication)
+ pn_ssl_domain_set_peer_authentication(domain, PN_SSL_VERIFY_PEER_NAME, config->ssl_trusted_certificate_db);
+
+ pn_ssl_t *ssl = pn_ssl(tport);
+ pn_ssl_init(ssl, domain, 0);
+ pn_ssl_domain_free(domain);
+ }
+
+ //
+ // Set up SASL
+ //
+ pn_sasl_t *sasl = pn_sasl(tport);
+ pn_sasl_mechanisms(sasl, config->sasl_mechanisms);
+ pn_sasl_server(sasl);
+ pn_sasl_done(sasl, PN_SASL_OK); // TODO - This needs to go away
+
pn_connector_set_context(cxtr, ctx);
listener = pn_driver_listener(driver);
}
@@ -148,9 +181,8 @@ static void block_if_paused_LH(dx_server
static int process_connector(dx_server_t *dx_server, pn_connector_t *cxtr)
{
dx_connection_t *ctx = pn_connector_context(cxtr);
- int events = 0;
- int auth_passes = 0;
- int passes = 0;
+ int events = 0;
+ int passes = 0;
if (ctx->state == CONN_STATE_USER) {
dx_server->ufd_handler(ctx->ufd->context, ctx->ufd);
@@ -171,7 +203,7 @@ static int process_connector(dx_server_t
switch (ctx->state) {
case CONN_STATE_CONNECTING:
if (!pn_connector_closed(cxtr)) {
- ctx->state = CONN_STATE_SASL_CLIENT;
+ //ctx->state = CONN_STATE_SASL_CLIENT;
assert(ctx->connector);
ctx->connector->state = CXTR_STATE_OPEN;
events = 1;
@@ -181,26 +213,6 @@ static int process_connector(dx_server_t
}
break;
- case CONN_STATE_SASL_CLIENT:
- if (auth_passes == 0) {
- auth_client_handler(cxtr);
- events = 1;
- } else {
- auth_passes++;
- events = 0;
- }
- break;
-
- case CONN_STATE_SASL_SERVER:
- if (auth_passes == 0) {
- auth_server_handler(cxtr);
- events = 1;
- } else {
- auth_passes++;
- events = 0;
- }
- break;
-
case CONN_STATE_OPENING:
ctx->state = CONN_STATE_OPERATIONAL;
Modified: qpid/trunk/qpid/extras/dispatch/src/server_private.h
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/extras/dispatch/src/server_private.h?rev=1496189&r1=1496188&r2=1496189&view=diff
==============================================================================
--- qpid/trunk/qpid/extras/dispatch/src/server_private.h (original)
+++ qpid/trunk/qpid/extras/dispatch/src/server_private.h Mon Jun 24 20:03:58 2013
@@ -32,8 +32,6 @@ void dx_server_timer_cancel_LH(dx_timer_
typedef enum {
CONN_STATE_CONNECTING = 0,
- CONN_STATE_SASL_CLIENT,
- CONN_STATE_SASL_SERVER,
CONN_STATE_OPENING,
CONN_STATE_OPERATIONAL,
CONN_STATE_FAILED,
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org