From 5cf1bab8df9c472709f77576e397f13ddb5f25ce Mon Sep 17 00:00:00 2001 From: Robert Gemmell Date: Thu, 18 Aug 2011 14:42:58 +0000 Subject: QPID-3430: enable excluding protocol versions from the SSL port(s) on the command line Applied patch from Andrew MacBean git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1159251 13f79535-47bb-0310-9956-ffa450edef68 --- .../main/java/org/apache/qpid/server/Broker.java | 86 ++++++++++++---------- 1 file changed, 49 insertions(+), 37 deletions(-) (limited to 'qpid/java') diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java index 3553a10c98..3729c9a1ed 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java @@ -33,6 +33,8 @@ import java.util.List; import java.util.Properties; import java.util.Set; +import javax.net.ssl.SSLContext; + import org.apache.log4j.PropertyConfigurator; import org.apache.log4j.xml.QpidLog4JConfigurator; import org.apache.qpid.server.configuration.ServerConfiguration; @@ -45,8 +47,8 @@ import org.apache.qpid.server.logging.actors.CurrentActor; import org.apache.qpid.server.logging.actors.GenericActor; import org.apache.qpid.server.logging.management.LoggingManagementMBean; import org.apache.qpid.server.logging.messages.BrokerMessages; -import org.apache.qpid.server.protocol.MultiVersionProtocolEngineFactory; import org.apache.qpid.server.protocol.AmqpProtocolVersion; +import org.apache.qpid.server.protocol.MultiVersionProtocolEngineFactory; import org.apache.qpid.server.registry.ApplicationRegistry; import org.apache.qpid.server.registry.ConfigurationFileApplicationRegistry; import org.apache.qpid.server.transport.QpidAcceptor; @@ -191,57 +193,41 @@ public class Broker { for(int port : ports) { - Set supported = EnumSet.allOf(AmqpProtocolVersion.class); - - if(exclude_0_10.contains(port)) - { - supported.remove(AmqpProtocolVersion.v0_10); - } - - if(exclude_0_9_1.contains(port)) - { - supported.remove(AmqpProtocolVersion.v0_9_1); - } - if(exclude_0_9.contains(port)) - { - supported.remove(AmqpProtocolVersion.v0_9); - } - if(exclude_0_8.contains(port)) - { - supported.remove(AmqpProtocolVersion.v0_8); - } - - NetworkTransportConfiguration settings = - new ServerNetworkTransportConfiguration(serverConfig, port, bindAddress.getHostName(), Transport.TCP); - - IncomingNetworkTransport transport = Transport.getIncomingTransportInstance(); - MultiVersionProtocolEngineFactory protocolEngineFactory = - new MultiVersionProtocolEngineFactory(hostName, supported); + final Set supported = + getSupportedVersions(port, exclude_0_10, exclude_0_9_1, exclude_0_9, exclude_0_8); + final NetworkTransportConfiguration settings = + new ServerNetworkTransportConfiguration(serverConfig, port, bindAddress.getHostName(), Transport.TCP); + + final IncomingNetworkTransport transport = Transport.getIncomingTransportInstance(); + final MultiVersionProtocolEngineFactory protocolEngineFactory = + new MultiVersionProtocolEngineFactory(hostName, supported); transport.accept(settings, protocolEngineFactory, null); ApplicationRegistry.getInstance().addAcceptor(new InetSocketAddress(bindAddress, port), - new QpidAcceptor(transport,"TCP")); + new QpidAcceptor(transport,"TCP")); CurrentActor.get().message(BrokerMessages.LISTENING("TCP", port)); } } if (serverConfig.getEnableSSL()) { - String keystorePath = serverConfig.getKeystorePath(); - String keystorePassword = serverConfig.getKeystorePassword(); - String certType = serverConfig.getCertType(); - SSLContextFactory sslFactory = - new SSLContextFactory(keystorePath, keystorePassword, certType); + final String keystorePath = serverConfig.getKeystorePath(); + final String keystorePassword = serverConfig.getKeystorePassword(); + final String certType = serverConfig.getCertType(); + final SSLContext sslContext = SSLContextFactory.buildServerContext(keystorePath, keystorePassword, certType); for(int sslPort : sslPorts) { - NetworkTransportConfiguration settings = + final Set supported = + getSupportedVersions(sslPort, exclude_0_10, exclude_0_9_1, exclude_0_9, exclude_0_8); + final NetworkTransportConfiguration settings = new ServerNetworkTransportConfiguration(serverConfig, sslPort, bindAddress.getHostName(), Transport.TCP); - IncomingNetworkTransport transport = new MinaNetworkTransport(); - - transport.accept(settings, new MultiVersionProtocolEngineFactory(), sslFactory); + final IncomingNetworkTransport transport = new MinaNetworkTransport(); + final MultiVersionProtocolEngineFactory protocolEngineFactory = + new MultiVersionProtocolEngineFactory(hostName, supported); + transport.accept(settings, protocolEngineFactory, sslContext); ApplicationRegistry.getInstance().addAcceptor(new InetSocketAddress(bindAddress, sslPort), new QpidAcceptor(transport,"TCP")); CurrentActor.get().message(BrokerMessages.LISTENING("TCP/SSL", sslPort)); @@ -257,6 +243,32 @@ public class Broker } } + private static Set getSupportedVersions(final int port, final Set exclude_0_10, + final Set exclude_0_9_1, final Set exclude_0_9, + final Set exclude_0_8) + { + final EnumSet supported = EnumSet.allOf(AmqpProtocolVersion.class); + + if(exclude_0_10.contains(port)) + { + supported.remove(AmqpProtocolVersion.v0_10); + } + if(exclude_0_9_1.contains(port)) + { + supported.remove(AmqpProtocolVersion.v0_9_1); + } + if(exclude_0_9.contains(port)) + { + supported.remove(AmqpProtocolVersion.v0_9); + } + if(exclude_0_8.contains(port)) + { + supported.remove(AmqpProtocolVersion.v0_8); + } + + return supported; + } + private File getConfigFile(final String fileName, final String defaultFileName, final String qpidHome, boolean throwOnFileNotFound) throws InitException -- cgit v1.2.1