@Override public void connect(ClientCallback<ClientConnection> listener, InetSocketAddress bindAddress, URI uri, XnioIoThread ioThread, XnioSsl ssl, ByteBufferPool bufferPool, OptionMap options) { if (uri.getScheme().equals("https")) { if (ssl == null) { listener.failed(UndertowMessages.MESSAGES.sslWasNull()); return; } OptionMap tlsOptions = OptionMap.builder().addAll(options).set(Options.SSL_STARTTLS, true).getMap(); if (bindAddress == null) { ssl.openSslConnection(ioThread, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, bufferPool, tlsOptions, uri), tlsOptions).addNotifier(createNotifier(listener), null); } else { ssl.openSslConnection(ioThread, bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, bufferPool, tlsOptions, uri), tlsOptions).addNotifier(createNotifier(listener), null); } } else { if (bindAddress == null) { ioThread.openStreamConnection(new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 80 : uri.getPort()), createOpenListener(listener, bufferPool, options, uri), options).addNotifier(createNotifier(listener), null); } else { ioThread.openStreamConnection(bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 80 : uri.getPort()), createOpenListener(listener, bufferPool, options, uri), null, options).addNotifier(createNotifier(listener), null); } } }
@Override public void connect(final ClientCallback<ClientConnection> listener, InetSocketAddress bindAddress, final URI uri, final XnioIoThread ioThread, final XnioSsl ssl, final ByteBufferPool bufferPool, final OptionMap options) { if (ssl == null) { listener.failed(UndertowMessages.MESSAGES.sslWasNull()); return; } if(bindAddress == null) { OptionMap tlsOptions = OptionMap.builder().addAll(options).set(Options.SSL_STARTTLS, true).getMap(); ssl.openSslConnection(ioThread, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, uri, ssl, bufferPool, tlsOptions), options).addNotifier(createNotifier(listener), null); } else { ssl.openSslConnection(ioThread, bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, uri, ssl, bufferPool, options), options).addNotifier(createNotifier(listener), null); } }
@Override public void connect(ClientCallback<ClientConnection> listener, InetSocketAddress bindAddress, URI uri, XnioWorker worker, XnioSsl ssl, ByteBufferPool bufferPool, OptionMap options) { if (uri.getScheme().equals("https")) { if (ssl == null) { listener.failed(UndertowMessages.MESSAGES.sslWasNull()); return; } OptionMap tlsOptions = OptionMap.builder().addAll(options).set(Options.SSL_STARTTLS, true).getMap(); if (bindAddress == null) { ssl.openSslConnection(worker, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, bufferPool, tlsOptions, uri), tlsOptions).addNotifier(createNotifier(listener), null); } else { ssl.openSslConnection(worker, bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, bufferPool, tlsOptions, uri), tlsOptions).addNotifier(createNotifier(listener), null); } } else { if (bindAddress == null) { worker.openStreamConnection(new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 80 : uri.getPort()), createOpenListener(listener, bufferPool, options, uri), options).addNotifier(createNotifier(listener), null); } else { worker.openStreamConnection(bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 80 : uri.getPort()), createOpenListener(listener, bufferPool, options, uri), null, options).addNotifier(createNotifier(listener), null); } } }
.set(Options.TCP_NODELAY, true) .set(Options.CORK, true) .addAll(workerOptions) .getMap()); .set(Options.BALANCING_CONNECTIONS, 2) .set(Options.BACKLOG, 1000) .addAll(this.socketOptions) .getMap(); .addAll(this.serverOptions) .getMap(); UndertowLogger.ROOT_LOGGER.debugf("Configuring listener with protocol %s for interface %s and port %s", listener.type, listener.host, listener.port); final HttpHandler rootHandler = listener.rootHandler != null ? listener.rootHandler : this.rootHandler; OptionMap socketOptionsWithOverrides = OptionMap.builder().addAll(socketOptions).addAll(listener.overrideSocketOptions).getMap(); if (listener.type == ListenerType.AJP) { AjpOpenListener openListener = new AjpOpenListener(buffers, serverOptions); listenerInfo.add(new ListenerInfo("ajp", server.getLocalAddress(), openListener, null, server)); } else { OptionMap undertowOptions = OptionMap.builder().set(UndertowOptions.BUFFER_PIPELINED_DATA, true).addAll(serverOptions).getMap(); boolean http2 = serverOptions.get(UndertowOptions.ENABLE_HTTP2, false); if (listener.type == ListenerType.HTTP) { } else { OptionMap.Builder builder = OptionMap.builder() .addAll(socketOptionsWithOverrides); if (!socketOptionsWithOverrides.contains(Options.SSL_PROTOCOL)) {
OptionMap.Builder builder = OptionMap.builder().addAll(options); builder.set(UndertowOptions.ENABLE_STATISTICS, enabled); openListener.setUndertowOptions(builder.getMap());
if (endpointCreationOptions != null && endpointCreationOptions.size() > 0) { if (! endpointCreationOptions.contains(Options.THREAD_DAEMON)) { endpointCreationOptions = OptionMap.builder().addAll(endpointCreationOptions).set(Options.THREAD_DAEMON, true).getMap();
sm.checkPermission(CREATE_ENDPOINT_PERM); final OptionMap modifiedOptionMap = OptionMap.builder().addAll(optionMap).set(Options.WORKER_NAME, endpointName == null ? "Remoting (anonymous)" : "Remoting \"" + endpointName + "\"").getMap(); final AtomicReference<Endpoint> endpointRef = new AtomicReference<Endpoint>(); final XnioWorker xnioWorker = xnio.createWorker(null, modifiedOptionMap, new Runnable() {
/** * Set the quiet local auth property to the given value if the user hasn't already set this property. * * @param optionMap the option map * @param useQuietAuth the value to set the quiet local auth property to * @return the option map with the quiet local auth property set to the given value if the user hasn't already set this property */ private static OptionMap setQuietLocalAuth(final OptionMap optionMap, final boolean useQuietAuth) { final Sequence<Property> existingSaslProps = optionMap.get(Options.SASL_PROPERTIES); if (existingSaslProps != null) { for (Property prop : existingSaslProps) { final String propKey = prop.getKey(); if (propKey.equals(LocalUserClient.QUIET_AUTH) || propKey.equals(LocalUserClient.LEGACY_QUIET_AUTH)) { // quiet local auth property was already set, do not override it return optionMap; } } // set the quiet local auth property since it wasn't already set in SASL_PROPERTIES existingSaslProps.add(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(useQuietAuth))); return optionMap; } // set the quiet local auth property since no SASL_PROPERTIES were set final OptionMap.Builder updatedOptionMapBuilder = OptionMap.builder().addAll(optionMap); updatedOptionMapBuilder.set(Options.SASL_PROPERTIES, Sequence.of(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(useQuietAuth)))); return updatedOptionMapBuilder.getMap(); } }
/** * Set the quiet local auth property to the given value if the user hasn't already set this property. * * @param optionMap the option map * @param useQuietAuth the value to set the quiet local auth property to * @return the option map with the quiet local auth property set to the given value if the user hasn't already set this property */ private static OptionMap setQuietLocalAuth(final OptionMap optionMap, final boolean useQuietAuth) { final Sequence<Property> existingSaslProps = optionMap.get(Options.SASL_PROPERTIES); if (existingSaslProps != null) { for (Property prop : existingSaslProps) { final String propKey = prop.getKey(); if (propKey.equals(LocalUserClient.QUIET_AUTH) || propKey.equals(LocalUserClient.LEGACY_QUIET_AUTH)) { // quiet local auth property was already set, do not override it return optionMap; } } // set the quiet local auth property since it wasn't already set in SASL_PROPERTIES existingSaslProps.add(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(useQuietAuth))); return optionMap; } // set the quiet local auth property since no SASL_PROPERTIES were set final OptionMap.Builder updatedOptionMapBuilder = OptionMap.builder().addAll(optionMap); updatedOptionMapBuilder.set(Options.SASL_PROPERTIES, Sequence.of(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(useQuietAuth)))); return updatedOptionMapBuilder.getMap(); }
protected IoFuture<SslConnection> createSslConnection(final URI uri, final InetSocketAddress bindAddress, final InetSocketAddress destination, final OptionMap options, final AuthenticationConfiguration configuration, final SSLContext sslContext, final ChannelListener<StreamConnection> openListener) { final URI newUri; try { newUri = new URI("https", "", uri.getHost(), uri.getPort(), "/", "", ""); } catch (URISyntaxException e) { return new FailedIoFuture<>(new IOException(e)); } final FutureResult<SslConnection> returnedFuture = new FutureResult<>(getExecutor()); final OptionMap modifiedOptions = OptionMap.builder().addAll(options).set(Options.SSL_STARTTLS, false).getMap(); ChannelListener<StreamConnection> upgradeListener = new UpgradeListener<SslConnection>(SslConnection.class, newUri, openListener, returnedFuture); IoFuture<SslConnection> rawFuture = super.createSslConnection(uri, bindAddress, destination, modifiedOptions, configuration, sslContext, upgradeListener); rawFuture.addNotifier( new IoFuture.HandlingNotifier<StreamConnection, FutureResult<SslConnection>>() { @Override public void handleCancelled(FutureResult<SslConnection> attachment) { attachment.setCancelled(); } @Override public void handleFailed(IOException exception, FutureResult<SslConnection> attachment) { attachment.setException(exception); } } , returnedFuture); return returnedFuture.getIoFuture(); }
@Override ListenerService createService(String name, final String serverName, final OperationContext context, ModelNode model, OptionMap listenerOptions, OptionMap socketOptions) throws OperationFailedException { OptionMap.Builder builder = OptionMap.builder().addAll(socketOptions); ModelNode securityRealmModel = HttpsListenerResourceDefinition.SECURITY_REALM.resolveModelAttribute(context, model); final boolean proxyProtocol = HttpListenerResourceDefinition.PROXY_PROTOCOL.resolveModelAttribute(context, model).asBoolean(); String cipherSuites = null; if(securityRealmModel.isDefined()) { //we only support setting these options for security realms HttpsListenerResourceDefinition.VERIFY_CLIENT.resolveOption(context, model, builder); ModelNode value = HttpsListenerResourceDefinition.ENABLED_CIPHER_SUITES.resolveModelAttribute(context, model); cipherSuites = value.isDefined() ? value.asString() : null; HttpsListenerResourceDefinition.ENABLED_PROTOCOLS.resolveOption(context, model, builder); HttpsListenerResourceDefinition.SSL_SESSION_CACHE_SIZE.resolveOption(context, model, builder); HttpsListenerResourceDefinition.SSL_SESSION_TIMEOUT.resolveOption(context, model, builder); } OptionMap.Builder listenerBuilder = OptionMap.builder().addAll(listenerOptions); HttpsListenerResourceDefinition.ENABLE_HTTP2.resolveOption(context, model, listenerBuilder); HttpListenerAdd.handleHttp2Options(context, model, listenerBuilder); HttpListenerResourceDefinition.REQUIRE_HOST_HTTP11.resolveOption(context, model,listenerBuilder); final boolean certificateForwarding = HttpListenerResourceDefinition.CERTIFICATE_FORWARDING.resolveModelAttribute(context, model).asBoolean(); final boolean proxyAddressForwarding = HttpListenerResourceDefinition.PROXY_ADDRESS_FORWARDING.resolveModelAttribute(context, model).asBoolean(); return new HttpsListenerService(name, serverName, listenerBuilder.getMap(), cipherSuites, builder.getMap(), certificateForwarding, proxyAddressForwarding, proxyProtocol); }
private OpenListener createAlpnOpenListener() { OptionMap undertowOptions = OptionMap.builder().addAll(commonOptions).addAll(listenerOptions).set(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, getUndertowService().isStatisticsEnabled()).getMap(); ByteBufferPool bufferPool = getBufferPool().getValue(); HttpOpenListener http = new HttpOpenListener(bufferPool, undertowOptions); AlpnOpenListener alpn = new AlpnOpenListener(bufferPool, undertowOptions, http); if(listenerOptions.get(UndertowOptions.ENABLE_HTTP2, false)) { Http2OpenListener http2 = new Http2OpenListener(bufferPool, undertowOptions, "h2"); alpn.addProtocol(Http2OpenListener.HTTP2, http2, 10); Http2OpenListener http2_14 = new Http2OpenListener(bufferPool, undertowOptions, "h2-14"); alpn.addProtocol(Http2OpenListener.HTTP2_14, http2_14, 9); } return alpn; }
@Override public void connect(final ClientCallback<ClientConnection> listener, InetSocketAddress bindAddress, final URI uri, final XnioWorker worker, final XnioSsl ssl, final ByteBufferPool bufferPool, final OptionMap options) { if (ssl == null) { listener.failed(UndertowMessages.MESSAGES.sslWasNull()); return; } OptionMap tlsOptions = OptionMap.builder().addAll(options).set(Options.SSL_STARTTLS, true).getMap(); if(bindAddress == null) { ssl.openSslConnection(worker, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, uri, ssl, bufferPool, tlsOptions), tlsOptions).addNotifier(createNotifier(listener), null); } else { ssl.openSslConnection(worker, bindAddress, new InetSocketAddress(uri.getHost(), uri.getPort() == -1 ? 443 : uri.getPort()), createOpenListener(listener, uri, ssl, bufferPool, tlsOptions), tlsOptions).addNotifier(createNotifier(listener), null); } }
protected OptionMap getSSLOptions(SSLContext sslContext) { Builder builder = OptionMap.builder().addAll(commonOptions); builder.addAll(socketOptions); builder.set(Options.USE_DIRECT_BUFFERS, true); if (cipherSuites != null) { String[] cipherList = CipherSuiteSelector.fromString(cipherSuites).evaluate(sslContext.getSupportedSSLParameters().getCipherSuites()); builder.setSequence((Option<Sequence<String>>) HttpsListenerResourceDefinition.ENABLED_CIPHER_SUITES.getOption(), cipherList); } return builder.getMap(); }
@Override protected OpenListener createOpenListener() { AjpOpenListener ajpOpenListener = new AjpOpenListener(getBufferPool().getValue(), OptionMap.builder().addAll(commonOptions).addAll(listenerOptions).set(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, getUndertowService().isStatisticsEnabled()).getMap()); ajpOpenListener.setScheme(scheme); return ajpOpenListener; }
protected void startListening(XnioWorker worker, InetSocketAddress socketAddress, ChannelListener<AcceptingChannel<StreamConnection>> acceptListener) throws IOException { server = worker.createStreamConnectionServer(socketAddress, acceptListener, OptionMap.builder().addAll(commonOptions).addAll(socketOptions).getMap()); server.resumeAccepts(); final InetSocketAddress boundAddress = server.getLocalAddress(InetSocketAddress.class); UndertowLogger.ROOT_LOGGER.listenerStarted("HTTP", getName(), NetworkUtils.formatIPAddressForURI(boundAddress.getAddress()), boundAddress.getPort()); }
@Override void startListening(XnioWorker worker, InetSocketAddress socketAddress, ChannelListener<AcceptingChannel<StreamConnection>> acceptListener) throws IOException { server = worker.createStreamConnectionServer(socketAddress, acceptListener, OptionMap.builder().addAll(commonOptions).addAll(socketOptions).getMap()); server.resumeAccepts(); final InetSocketAddress boundAddress = server.getLocalAddress(InetSocketAddress.class); UndertowLogger.ROOT_LOGGER.listenerStarted("AJP", getName(), NetworkUtils.formatIPAddressForURI(boundAddress.getAddress()), boundAddress.getPort()); }
@Override ListenerService createService(String name, final String serverName, final OperationContext context, ModelNode model, OptionMap listenerOptions, OptionMap socketOptions) throws OperationFailedException { ModelNode schemeNode = AjpListenerResourceDefinition.SCHEME.resolveModelAttribute(context, model); String scheme = null; if (schemeNode.isDefined()) { scheme = schemeNode.asString(); } OptionMap.Builder listenerBuilder = OptionMap.builder().addAll(listenerOptions); AjpListenerResourceDefinition.MAX_AJP_PACKET_SIZE.resolveOption(context, model,listenerBuilder); return new AjpListenerService(name, scheme, listenerBuilder.getMap(), socketOptions); }
@Override ListenerService createService(String name, final String serverName, final OperationContext context, ModelNode model, OptionMap listenerOptions, OptionMap socketOptions) throws OperationFailedException { final boolean proxyProtocol = HttpListenerResourceDefinition.PROXY_PROTOCOL.resolveModelAttribute(context, model).asBoolean(); final boolean certificateForwarding = HttpListenerResourceDefinition.CERTIFICATE_FORWARDING.resolveModelAttribute(context, model).asBoolean(); final boolean proxyAddressForwarding = HttpListenerResourceDefinition.PROXY_ADDRESS_FORWARDING.resolveModelAttribute(context, model).asBoolean(); OptionMap.Builder listenerBuilder = OptionMap.builder().addAll(listenerOptions); HttpListenerResourceDefinition.ENABLE_HTTP2.resolveOption(context, model,listenerBuilder); HttpListenerResourceDefinition.REQUIRE_HOST_HTTP11.resolveOption(context, model,listenerBuilder); handleHttp2Options(context, model, listenerBuilder); return new HttpListenerService(name, serverName, listenerBuilder.getMap(), socketOptions, certificateForwarding, proxyAddressForwarding, proxyProtocol); }