Author: chirino
Date: Tue Nov 16 16:00:47 2010
New Revision: 1035670
URL: http://svn.apache.org/viewvc?rev=1035670&view=rev
Log:
Generate a keystore when a broker instance is created so that we can enable a tls transport
by default.
Added:
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo-ssl.xml
- copied, changed from r1035650, activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
Modified:
activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
activemq/activemq-apollo/trunk/apollo-cli/src/main/scala/org/apache/activemq/apollo/cli/commands/Create.scala
Copied: activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo-ssl.xml
(from r1035650, activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml)
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo-ssl.xml?p2=activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo-ssl.xml&p1=activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml&r1=1035650&r2=1035670&rev=1035670&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
(original)
+++ activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo-ssl.xml
Tue Nov 16 16:00:47 2010
@@ -14,16 +14,18 @@
limitations under the License.
-->
<broker id="default" rev="1" xmlns="http://activemq.apache.org/schema/activemq/apollo">
- <notes>
- The default configuration.
- </notes>
+ <notes>
+ The default configuration.
+ </notes>
- <virtual-host id="default" auto-create-queues="true" >
- <host-name>localhost</host-name>
- <host-name>127.0.0.1</host-name>
- <hawtdb-store directory="${apollo.base}/data"/>
- </virtual-host>
+ <virtual-host id="default" auto-create-queues="true" >
+ <host-name>localhost</host-name>
+ <hawtdb-store directory="${apollo.base}/data"/>
+ </virtual-host>
- <connector id="port-61613" bind="tcp://0.0.0.0:61613" connection-limit="2000" protocol="multi"/>
+ <key-storage file="${apollo.base}/etc/keystore" password="password" key-password="password"/>
+
+ <connector id="tcp" bind="tcp://0.0.0.0:61613" connection-limit="2000" protocol="multi"/>
+ <connector id="tls" bind="tls://0.0.0.0:61614" connection-limit="2000" protocol="multi"/>
</broker>
Modified: activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml?rev=1035670&r1=1035669&r2=1035670&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
(original)
+++ activemq/activemq-apollo/trunk/apollo-cli/src/main/resources/org/apache/activemq/apollo/cli/commands/etc/apollo.xml
Tue Nov 16 16:00:47 2010
@@ -14,16 +14,15 @@
limitations under the License.
-->
<broker id="default" rev="1" xmlns="http://activemq.apache.org/schema/activemq/apollo">
- <notes>
- The default configuration.
- </notes>
+ <notes>
+ The default configuration.
+ </notes>
- <virtual-host id="default" auto-create-queues="true" >
- <host-name>localhost</host-name>
- <host-name>127.0.0.1</host-name>
- <hawtdb-store directory="${apollo.base}/data"/>
- </virtual-host>
+ <virtual-host id="default" auto-create-queues="true" >
+ <host-name>localhost</host-name>
+ <hawtdb-store directory="${apollo.base}/data"/>
+ </virtual-host>
- <connector id="port-61613" bind="tcp://0.0.0.0:61613" connection-limit="2000" protocol="multi"/>
+ <connector id="tcp" bind="tcp://0.0.0.0:61613" connection-limit="2000" protocol="multi"/>
</broker>
Modified: activemq/activemq-apollo/trunk/apollo-cli/src/main/scala/org/apache/activemq/apollo/cli/commands/Create.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-cli/src/main/scala/org/apache/activemq/apollo/cli/commands/Create.scala?rev=1035670&r1=1035669&r2=1035670&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-cli/src/main/scala/org/apache/activemq/apollo/cli/commands/Create.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-cli/src/main/scala/org/apache/activemq/apollo/cli/commands/Create.scala
Tue Nov 16 16:00:47 2010
@@ -40,6 +40,9 @@ class Create extends Action {
@argument(name = "directory", description = "The instance directory to hold the broker's
configuration and data", index=0, required=true)
var directory:File = _
+ @option(name = "--host", description = "The host name of the broker")
+ var host:String = "localhost"
+
@option(name = "--force", description = "Overwrite configuration at destination directory")
var force = false
@@ -57,8 +60,26 @@ class Create extends Action {
var target = etc / "log4j.properties"
write("etc/log4j.properties", target)
+ // Generate a keystore with a new key
+ val ssl = system(etc, Array(
+ "keytool", "-genkey",
+ "-storetype", "JKS",
+ "-storepass", "password",
+ "-keystore", "keystore",
+ "-keypass", "password",
+ "-alias", host,
+ "-keyalg", "RSA",
+ "-keysize", "4096",
+ "-dname", "cn=%s".format(host),
+ "-validity", "3650"))==0
+
target = etc / "apollo.xml"
- write("etc/apollo.xml", target)
+ if( ssl ) {
+ write("etc/apollo-ssl.xml", target)
+ } else {
+ write("etc/apollo.xml", target)
+ }
+
if( IS_WINDOWS ) {
target = bin / "apollo-broker.cmd"
@@ -87,14 +108,31 @@ class Create extends Action {
null
}
- def write(source:String, target:File) = {
+ def write(source:String, target:File, filter:Boolean=false) = {
if( target.exists && !force ) {
error("The file '%s' already exists. Use --force to overwrite.".format(target))
}
- using(new FileOutputStream(target)) { out=>
+ if( filter ) {
+
+ val out = new ByteArrayOutputStream()
using(getClass.getResourceAsStream(source)) { in=>
copy(in, out)
}
+
+ var content = new String(out.toByteArray, "UTF-8")
+ content = content.replaceAll("${host}", host)
+ val in = new ByteArrayInputStream(content.getBytes("UTF-8"))
+
+ using(new FileOutputStream(target)) { out=>
+ copy(in, out)
+ }
+
+ } else {
+ using(new FileOutputStream(target)) { out=>
+ using(getClass.getResourceAsStream(source)) { in=>
+ copy(in, out)
+ }
+ }
}
}
@@ -126,7 +164,7 @@ class Create extends Action {
}
}.start
}
-
+ process.getOutputStream.close;
drain(process.getInputStream, System.out)
drain(process.getErrorStream, System.err)
process.waitFor
|