Return-Path: X-Original-To: apmail-qpid-commits-archive@www.apache.org Delivered-To: apmail-qpid-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5876C10392 for ; Sat, 11 Jan 2014 21:23:27 +0000 (UTC) Received: (qmail 66204 invoked by uid 500); 11 Jan 2014 21:23:25 -0000 Delivered-To: apmail-qpid-commits-archive@qpid.apache.org Received: (qmail 66095 invoked by uid 500); 11 Jan 2014 21:23:18 -0000 Mailing-List: contact commits-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@qpid.apache.org Delivered-To: mailing list commits@qpid.apache.org Received: (qmail 66088 invoked by uid 99); 11 Jan 2014 21:23:14 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jan 2014 21:23:14 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Jan 2014 21:23:12 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 92FD4238883D; Sat, 11 Jan 2014 21:22:52 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1557467 - in /qpid/trunk/qpid/java: broker-core/src/main/java/org/apache/qpid/server/protocol/ broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ broker-plugins/amqp-0-8-protocol/src/test/java/org/apache... Date: Sat, 11 Jan 2014 21:22:51 -0000 To: commits@qpid.apache.org From: robbie@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20140111212252.92FD4238883D@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: robbie Date: Sat Jan 11 21:22:51 2014 New Revision: 1557467 URL: http://svn.apache.org/r1557467 Log: QPID-5373: move retrieval of the peer Principal into the connection IO thread, retrieving from the NetworkConnection during the AMQP handshak after the SSL handshake must have already been completed. Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ProtocolEngine_0_10.java qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/InternalTestProtocolSession.java qpid/trunk/qpid/java/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java qpid/trunk/qpid/java/client/src/test/java/org/apache/qpid/client/transport/TestNetworkConnection.java qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/NetworkConnection.java qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkConnection.java qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkTransport.java qpid/trunk/qpid/java/common/src/test/java/org/apache/qpid/transport/network/io/IdleTimeoutTickerTest.java qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngineFactoryTest.java qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/test/unit/client/protocol/AMQProtocolSessionTest.java Modified: qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java (original) +++ qpid/trunk/qpid/java/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java Sat Jan 11 21:22:51 2014 @@ -30,6 +30,8 @@ import java.util.Set; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLSocket; + import org.apache.log4j.Logger; import org.apache.qpid.protocol.ServerProtocolEngine; import org.apache.qpid.server.logging.actors.CurrentActor; @@ -144,11 +146,6 @@ public class MultiVersionProtocolEngine private static final int MINIMUM_REQUIRED_HEADER_BYTES = 8; - public void setNetworkConnection(NetworkConnection networkConnection) - { - setNetworkConnection(networkConnection, networkConnection.getSender()); - } - public void setNetworkConnection(NetworkConnection network, Sender sender) { _network = network; @@ -477,7 +474,7 @@ public class MultiVersionProtocolEngine SSLStatus sslStatus = new SSLStatus(); _sslReceiver = new SSLReceiver(_engine,_decryptEngine,sslStatus); _sslSender = new SSLBufferingSender(_engine,_sender,sslStatus); - _decryptEngine.setNetworkConnection(new SSLNetworkConnection(_engine,_network, _sslSender)); + _decryptEngine.setNetworkConnection(new SSLNetworkConnection(_engine,_network, _sslSender), _sslSender); } @Override @@ -594,6 +591,9 @@ public class MultiVersionProtocolEngine private final NetworkConnection _network; private final SSLBufferingSender _sslSender; private final SSLEngine _engine; + private Principal _principal; + private boolean _principalChecked; + private final Object _lock = new Object(); public SSLNetworkConnection(SSLEngine engine, NetworkConnection network, SSLBufferingSender sslSender) @@ -649,21 +649,25 @@ public class MultiVersionProtocolEngine } @Override - public void setPeerPrincipal(Principal principal) - { - _network.setPeerPrincipal(principal); - } - - @Override public Principal getPeerPrincipal() { - try + synchronized (_lock) { - return _engine.getSession().getPeerPrincipal(); - } - catch (SSLPeerUnverifiedException e) - { - return null; + if(!_principalChecked) + { + try + { + _principal = _engine.getSession().getPeerPrincipal(); + } + catch (SSLPeerUnverifiedException e) + { + _principal = null; + } + + _principalChecked = true; + } + + return _principal; } } Modified: qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ProtocolEngine_0_10.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ProtocolEngine_0_10.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ProtocolEngine_0_10.java (original) +++ qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ProtocolEngine_0_10.java Sat Jan 11 21:22:51 2014 @@ -60,15 +60,8 @@ public class ProtocolEngine_0_10 extend if(network != null) { - setNetworkConnection(network); + setNetworkConnection(network, network.getSender()); } - - - } - - public void setNetworkConnection(NetworkConnection network) - { - setNetworkConnection(network, network.getSender()); } public void setNetworkConnection(NetworkConnection network, Sender sender) @@ -77,7 +70,6 @@ public class ProtocolEngine_0_10 extend _connection.setNetworkConnection(network); _connection.setSender(new Disassembler(wrapSender(sender), MAX_FRAME_SIZE)); - _connection.setPeerPrincipal(_network.getPeerPrincipal()); // FIXME Two log messages to maintain compatibility with earlier protocol versions _connection.getLogActor().message(ConnectionMessages.OPEN(null, null, null, null, false, false, false, false)); _connection.getLogActor().message(ConnectionMessages.OPEN(null, "0-10", null, null, false, true, false, false)); Modified: qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java (original) +++ qpid/trunk/qpid/java/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java Sat Jan 11 21:22:51 2014 @@ -73,7 +73,6 @@ public class ServerConnection extends Co private Port _port; private AtomicLong _lastIoTime = new AtomicLong(); private boolean _blocking; - private Principal _peerPrincipal; private NetworkConnection _networkConnection; private Transport _transport; private volatile boolean _stopped; @@ -529,12 +528,7 @@ public class ServerConnection extends Co public Principal getPeerPrincipal() { - return _peerPrincipal; - } - - public void setPeerPrincipal(Principal peerPrincipal) - { - _peerPrincipal = peerPrincipal; + return _networkConnection.getPeerPrincipal(); } @Override Modified: qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/InternalTestProtocolSession.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/InternalTestProtocolSession.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/InternalTestProtocolSession.java (original) +++ qpid/trunk/qpid/java/broker-plugins/amqp-0-8-protocol/src/test/java/org/apache/qpid/server/protocol/v0_8/InternalTestProtocolSession.java Sat Jan 11 21:22:51 2014 @@ -314,11 +314,6 @@ public class InternalTestProtocolSession } @Override - public void setPeerPrincipal(Principal principal) - { - } - - @Override public Principal getPeerPrincipal() { return null; Modified: qpid/trunk/qpid/java/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java (original) +++ qpid/trunk/qpid/java/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java Sat Jan 11 21:22:51 2014 @@ -268,14 +268,9 @@ class WebSocketProvider implements Accep } @Override - public void setPeerPrincipal(final Principal principal) - { - _principal = principal; - } - - @Override public Principal getPeerPrincipal() { + //TODO: how do we populate this? return _principal; } Modified: qpid/trunk/qpid/java/client/src/test/java/org/apache/qpid/client/transport/TestNetworkConnection.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/test/java/org/apache/qpid/client/transport/TestNetworkConnection.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/client/src/test/java/org/apache/qpid/client/transport/TestNetworkConnection.java (original) +++ qpid/trunk/qpid/java/client/src/test/java/org/apache/qpid/client/transport/TestNetworkConnection.java Sat Jan 11 21:22:51 2014 @@ -75,11 +75,6 @@ public class TestNetworkConnection imple } @Override - public void setPeerPrincipal(Principal principal) - { - } - - @Override public Principal getPeerPrincipal() { return null; Modified: qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/NetworkConnection.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/NetworkConnection.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/NetworkConnection.java (original) +++ qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/NetworkConnection.java Sat Jan 11 21:22:51 2014 @@ -47,8 +47,6 @@ public interface NetworkConnection void setMaxReadIdle(int sec); - void setPeerPrincipal(Principal principal); - Principal getPeerPrincipal(); int getMaxReadIdle(); Modified: qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkConnection.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkConnection.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkConnection.java (original) +++ qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkConnection.java Sat Jan 11 21:22:51 2014 @@ -24,11 +24,14 @@ import java.net.Socket; import java.net.SocketAddress; import java.nio.ByteBuffer; import java.security.Principal; + +import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLSocket; + import org.apache.qpid.transport.Receiver; import org.apache.qpid.transport.Sender; import org.apache.qpid.transport.network.Ticker; import org.apache.qpid.transport.network.NetworkConnection; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -39,15 +42,11 @@ public class IoNetworkConnection impleme private final long _timeout; private final IoSender _ioSender; private final IoReceiver _ioReceiver; - private Principal _principal; private int _maxReadIdle; private int _maxWriteIdle; - - public IoNetworkConnection(Socket socket, Receiver delegate, - int sendBufferSize, int receiveBufferSize, long timeout) - { - this(socket,delegate,sendBufferSize,receiveBufferSize,timeout,null); - } + private Principal _principal; + private boolean _principalChecked; + private final Object _lock = new Object(); public IoNetworkConnection(Socket socket, Receiver delegate, int sendBufferSize, int receiveBufferSize, long timeout, Ticker ticker) @@ -108,15 +107,29 @@ public class IoNetworkConnection impleme } @Override - public void setPeerPrincipal(Principal principal) - { - _principal = principal; - } - - @Override public Principal getPeerPrincipal() { - return _principal; + synchronized (_lock) + { + if(!_principalChecked) + { + if(_socket instanceof SSLSocket) + { + try + { + _principal = ((SSLSocket) _socket).getSession().getPeerPrincipal(); + } + catch(SSLPeerUnverifiedException e) + { + _principal = null; + } + } + + _principalChecked = true; + } + + return _principal; + } } @Override Modified: qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkTransport.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkTransport.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkTransport.java (original) +++ qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/network/io/IoNetworkTransport.java Sat Jan 11 21:22:51 2014 @@ -245,19 +245,6 @@ public class IoNetworkTransport implemen ticker.setConnection(connection); - if(_sslContext != null && socket instanceof SSLSocket) - { - try - { - Principal peerPrincipal = ((SSLSocket) socket).getSession().getPeerPrincipal(); - connection.setPeerPrincipal(peerPrincipal); - } - catch(SSLPeerUnverifiedException e) - { - // ignore - } - } - engine.setNetworkConnection(connection, connection.getSender()); connection.start(); Modified: qpid/trunk/qpid/java/common/src/test/java/org/apache/qpid/transport/network/io/IdleTimeoutTickerTest.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/test/java/org/apache/qpid/transport/network/io/IdleTimeoutTickerTest.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/common/src/test/java/org/apache/qpid/transport/network/io/IdleTimeoutTickerTest.java (original) +++ qpid/trunk/qpid/java/common/src/test/java/org/apache/qpid/transport/network/io/IdleTimeoutTickerTest.java Sat Jan 11 21:22:51 2014 @@ -233,11 +233,6 @@ public class IdleTimeoutTickerTest exten } @Override - public void setPeerPrincipal(Principal principal) - { - } - - @Override public Principal getPeerPrincipal() { return null; Modified: qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngineFactoryTest.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngineFactoryTest.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngineFactoryTest.java (original) +++ qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngineFactoryTest.java Sat Jan 11 21:22:51 2014 @@ -254,11 +254,6 @@ public class MultiVersionProtocolEngineF } @Override - public void setPeerPrincipal(Principal principal) - { - } - - @Override public Principal getPeerPrincipal() { return null; Modified: qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/test/unit/client/protocol/AMQProtocolSessionTest.java URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/test/unit/client/protocol/AMQProtocolSessionTest.java?rev=1557467&r1=1557466&r2=1557467&view=diff ============================================================================== --- qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/test/unit/client/protocol/AMQProtocolSessionTest.java (original) +++ qpid/trunk/qpid/java/systests/src/main/java/org/apache/qpid/test/unit/client/protocol/AMQProtocolSessionTest.java Sat Jan 11 21:22:51 2014 @@ -154,11 +154,6 @@ public class AMQProtocolSessionTest exte } @Override - public void setPeerPrincipal(Principal principal) - { - } - - @Override public Principal getPeerPrincipal() { return null; --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org For additional commands, e-mail: commits-help@qpid.apache.org