From 05c598c830d4ff10b926a3f413e8a6129fd4337a Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 8 Sep 2015 18:16:50 +0200 Subject: Stuff --- src/main/java/org/openslx/imagemaster/App.java | 24 ++-- src/main/java/org/openslx/imagemaster/Globals.java | 123 +++++++-------------- .../serverconnection/ConnectionHandler.java | 8 +- .../imagemaster/serversession/ServerSession.java | 4 +- .../org/openslx/imagemaster/session/Session.java | 2 +- .../imagemaster/thrift/server/BinaryListener.java | 2 +- .../java/org/openslx/imagemaster/util/Util.java | 22 ++++ 7 files changed, 81 insertions(+), 104 deletions(-) diff --git a/src/main/java/org/openslx/imagemaster/App.java b/src/main/java/org/openslx/imagemaster/App.java index 6c834b0..4bb7730 100644 --- a/src/main/java/org/openslx/imagemaster/App.java +++ b/src/main/java/org/openslx/imagemaster/App.java @@ -35,22 +35,26 @@ public class App // Create binary listener Thread t; - t = new Thread( new BinaryListener( 9090, false ), "Thrift PLAIN" ); - servers.add( t ); - t.start(); + if ( Globals.getThriftPortPlain() != 0 ) { + t = new Thread( new BinaryListener( Globals.getThriftPortPlain(), false ), "Thrift PLAIN" ); + servers.add( t ); + t.start(); + } // Create UDP RPC local interface t = new Thread( new NetworkHandler( 1333, InetAddress.getLoopbackAddress() ) ); servers.add( t ); t.start(); - // Create SSL binary listener - try { - t = new Thread( new BinaryListener( 9091, true ), "Thrift TLS" ); - servers.add( t ); - t.start(); - } catch ( Exception e ) { - log.warn( "No TLS available:", e ); + if ( Globals.getThriftPortSsl() != 0 ) { + // Create SSL binary listener + try { + t = new Thread( new BinaryListener( Globals.getThriftPortSsl(), true ), "Thrift TLS" ); + servers.add( t ); + t.start(); + } catch ( Exception e ) { + log.warn( "No TLS available", e ); + } } // Run more servers diff --git a/src/main/java/org/openslx/imagemaster/Globals.java b/src/main/java/org/openslx/imagemaster/Globals.java index eb83f4d..852d8dd 100644 --- a/src/main/java/org/openslx/imagemaster/Globals.java +++ b/src/main/java/org/openslx/imagemaster/Globals.java @@ -5,7 +5,6 @@ import java.io.FileInputStream; import java.io.IOException; import java.util.Properties; -import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.openslx.imagemaster.util.Util; @@ -15,7 +14,7 @@ import org.openslx.imagemaster.util.Util; public class Globals { - private static Logger log = Logger.getLogger( Globals.class ); + private static Logger LOGGER = Logger.getLogger( Globals.class ); private static final Properties properties = new Properties(); /* CONSTANTS */ @@ -37,155 +36,107 @@ public class Globals // check properties Util.notNullOrEmptyFatal( getImageDir(), "Image directory must be set." ); - Util.notNullOrEmptyFatal( getLdapHost(), "Ldap host must be set." ); - Util.notNullOrEmptyFatal( getLdapBindQuery(), "Ldap bind query must be set." ); - Util.notNullOrEmptyFatal( getLdapSearchBaseDn(), "Ldap search base dn must be set." ); - Util.notNullOrEmptyFatal( getLdapSearchFilter(), "Ldap search filter must be set." ); - Util.notNullFatal( getLdapKeystorePassword(), "Ldap keystore password must be set." ); - Util.notNullOrEmptyFatal( getLdapKeystorePath(), "Ldap keystore path must be set." ); Util.notNullOrEmptyFatal( getSslKeystoreFile(), "SSL keystore file must be set." ); Util.notNullOrEmptyFatal( getSslKeystoreAlias(), "SSL keystore alias must be set." ); Util.notNullOrEmptyFatal( getSslKeystorePassword(), "SSL keystore password must be set." ); - Util.notNullFatal( getLdapPort(), "Ldap port must be set." ); Util.notNullFatal( getSessionTimeoutUser(), "Session timeout user must be set." ); Util.notNullFatal( getSessionTimeoutServer(), "Session timeout server must be set." ); - Util.notNullFatal( getSslSocketPort(), "SSL socket port must be set." ); - Util.notNullFatal( getSslTimeout(), "SSL socket timeout must be set." ); - - if ( getSslTransmitTimes() <= 0 ) - log.fatal( "SSL socket transmitted times must be greater than 0." ); - - // check ldap_bind_query - if ( StringUtils.countMatches( getLdapBindQuery(), "%" ) == 0 ) { - log.fatal( "ldap_bind_query does not contain '%'" ); + if ( getFiletransferPortSsl() == 0 && getFiletransferPortPlain() == 0 ) { + LOGGER.fatal( "either SSL or plain port for file transfer must be set." ); + System.exit( 2 ); + } + if ( getThriftPortSsl() == 0 && getThriftPortPlain() == 0 ) { + LOGGER.fatal( "either SSL or plain port for thrift must be set." ); System.exit( 2 ); } - // check ldap_search_filter - if ( StringUtils.countMatches( getLdapSearchFilter(), "%" ) == 0 ) { - log.fatal( "ldap_search_filter does not contain '%'" ); + if ( getFiletransferRetransmits() <= 0 ) { + LOGGER.fatal( "SSL socket transmitted times must be greater than 0." ); System.exit( 2 ); } // check keystore if ( !getSslKeystoreFile().endsWith( ".jks" ) ) { - log.fatal( "Keystore is not in jks format." ); + LOGGER.fatal( "Keystore is not in jks format." ); System.exit( 2 ); } // remove "/" at the end of the paths String image = getImageDir(); if ( image.endsWith( "/" ) ) { - Globals.properties.put( "image_dir", image.substring( 0, image.length() - 1 ) ); + properties.put( "image_dir", image.substring( 0, image.length() - 1 ) ); } } catch ( IOException e ) { - log.fatal( "Could not load properties!" ); - log.warn( e.getStackTrace().toString() ); + LOGGER.fatal( "Could not load properties!" ); + LOGGER.warn( e.getStackTrace().toString() ); System.exit( 2 ); } - log.info( "Loaded properties successfully" ); + LOGGER.info( "Loaded properties successfully" ); } /* INTEGERS */ - public static int getLdapPort() - { - return Util.tryToParseInt( properties.getProperty( "ldap_port" ) ); - } - public static int getSessionTimeoutUser() { - return Util.tryToParseInt( properties.getProperty( "session_timeout_user" ) ); + return Util.tryToParseInt( properties.getProperty( "session.user.timeout" ) ); } public static int getSessionTimeoutServer() { - return Util.tryToParseInt( properties.getProperty( "session_timeout_user" ) ); - } - - public static int getSslSocketPort() - { - return Util.tryToParseInt( properties.getProperty( "ssl_socket_port" ) ); - } - - public static int getSslTimeout() - { - return Util.tryToParseInt( properties.getProperty( "ssl_socket_timeout" ) ); - } - - public static int getSslTransmitTimes() - { - return Util.tryToParseInt( properties.getProperty( "ssl_socket_transmit_times" ) ); - } - - public static int getCrcSchedulingInterval() - { - return Util.tryToParseInt( properties.getProperty( "crc_scheduling_interval" ) ); + return Util.tryToParseInt( properties.getProperty( "session.server.timeout" ) ); } - /* STRINGS */ - - public static String getImageDir() - { - return properties.getProperty( "image_dir" ); - } - - public static String getSslKeystoreFile() + public static int getFiletransferPortSsl() { - return properties.getProperty( "ssl_keystore_file" ); + return Util.tryToParseInt( properties.getProperty( "filetransfer.port.ssl" ) ); } - public static String getSslKeystoreAlias() + public static int getFiletransferPortPlain() { - return properties.getProperty( "ssl_keystore_alias" ); + return Util.tryToParseInt( properties.getProperty( "filetransfer.port.plain" ) ); } - public static String getSslKeystorePassword() + public static int getFiletransferTimeout() { - return properties.getProperty( "ssl_keystore_password" ); + return Util.tryToParseInt( properties.getProperty( "filetransfer.timeout" ) ); } - public static String getLdapHost() + public static int getFiletransferRetransmits() { - return properties.getProperty( "ldap_host" ); + return Util.tryToParseInt( properties.getProperty( "filetransfer.retries" ) ); } - public static String getLdapBindQuery() + public static int getThriftPortSsl() { - return properties.getProperty( "ldap_bind_query" ); + return Util.tryToParseInt( properties.getProperty( "thrift.port.ssl" ) ); } - public static String getLdapSearchBaseDn() + public static int getThriftPortPlain() { - return properties.getProperty( "ldap_search_base_dn" ); + return Util.tryToParseInt( properties.getProperty( "thrift.port.plain" ) ); } - public static String getLdapSearchFilter() - { - return properties.getProperty( "ldap_search_filter" ); - } + /* STRINGS */ - public static String getLdapKeystorePassword() + public static String getImageDir() { - return properties.getProperty( "ldap_keystore_password" ); + return properties.getProperty( "storage.dir" ); } - public static String getLdapKeystorePath() + public static String getSslKeystoreFile() { - return properties.getProperty( "ldap_keystore_path" ); + return properties.getProperty( "ssl.keystore.file" ); } - /* BOOLEANS */ - - public static boolean getLdapSsl() + public static String getSslKeystoreAlias() { - return Boolean.valueOf( properties.getProperty( "ldap_ssl" ) ); + return properties.getProperty( "ssl.keystore.alias" ); } - public static int getPlainSocketPort() + public static String getSslKeystorePassword() { - return Util.tryToParseInt( properties.getProperty( "filetransfer.port.plain" ) ); + return properties.getProperty( "ssl.keystore.password" ); } } diff --git a/src/main/java/org/openslx/imagemaster/serverconnection/ConnectionHandler.java b/src/main/java/org/openslx/imagemaster/serverconnection/ConnectionHandler.java index 9340706..44c8e16 100644 --- a/src/main/java/org/openslx/imagemaster/serverconnection/ConnectionHandler.java +++ b/src/main/java/org/openslx/imagemaster/serverconnection/ConnectionHandler.java @@ -50,7 +50,7 @@ public class ConnectionHandler implements IncomingEvent private static Listener listener; static { - log.debug( "Starting listener on port " + Globals.getSslSocketPort() ); + log.debug( "Starting listener on port " + Globals.getFiletransferPortSsl() ); try { String pathToKeyStore = Globals.getSslKeystoreFile(); char[] passphrase = Globals.getSslKeystorePassword().toCharArray(); @@ -58,10 +58,10 @@ public class ConnectionHandler implements IncomingEvent keystore.load( new FileInputStream( pathToKeyStore ), passphrase ); KeyManagerFactory kmf = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm() ); kmf.init( keystore, passphrase ); - sslContext = SSLContext.getInstance( "SSLv3" ); + sslContext = SSLContext.getInstance( "TLSv1.2" ); KeyManager[] keyManagers = kmf.getKeyManagers(); sslContext.init( keyManagers, null, null ); - listener = new Listener( eventHandler, sslContext, Globals.getSslSocketPort(), 15000 ); + listener = new Listener( eventHandler, sslContext, Globals.getFiletransferPortSsl(), Globals.getFiletransferTimeout() * 1000 ); listener.start(); } catch ( Exception e ) { log.error( "Initialization failed.", e ); @@ -119,7 +119,7 @@ public class ConnectionHandler implements IncomingEvent // TODO addUpload( token, image ); // TODO Set crc file on image - if there is already a crc file assigned, this does nothing - return new TransferInformation( token, Globals.getPlainSocketPort(), Globals.getSslSocketPort() ); + return new TransferInformation( token, Globals.getFiletransferPortPlain(), Globals.getFiletransferPortSsl() ); } /** diff --git a/src/main/java/org/openslx/imagemaster/serversession/ServerSession.java b/src/main/java/org/openslx/imagemaster/serversession/ServerSession.java index 3b79c5d..199507a 100644 --- a/src/main/java/org/openslx/imagemaster/serversession/ServerSession.java +++ b/src/main/java/org/openslx/imagemaster/serversession/ServerSession.java @@ -10,12 +10,12 @@ import org.openslx.imagemaster.db.models.LocalSatellite; */ public class ServerSession { - private static final long TIMEOUT = Long.valueOf( Globals.getSessionTimeoutServer() ) * 1000L; + private static final long TIMEOUT = Globals.getSessionTimeoutServer() * 1000L; private long timeOut = 0; private final LocalSatellite serverUser; - public ServerSession(final LocalSatellite serverUser) + public ServerSession( final LocalSatellite serverUser ) { this.serverUser = serverUser; this.timeOut = System.currentTimeMillis() + TIMEOUT; diff --git a/src/main/java/org/openslx/imagemaster/session/Session.java b/src/main/java/org/openslx/imagemaster/session/Session.java index ed36274..3cdcd0f 100644 --- a/src/main/java/org/openslx/imagemaster/session/Session.java +++ b/src/main/java/org/openslx/imagemaster/session/Session.java @@ -10,7 +10,7 @@ import org.openslx.imagemaster.Globals; */ public class Session { - private static final long TIMEOUT = Long.valueOf( Globals.getSessionTimeoutUser() ) * 1000L; + private static final long TIMEOUT = Globals.getSessionTimeoutUser() * 1000L; private long timeOut = 0; private final UserInfo user; diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java b/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java index d18e8a8..a17f216 100644 --- a/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java +++ b/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java @@ -65,7 +65,7 @@ public class BinaryListener implements Runnable SSLSocketFactory sf = context.getSocketFactory(); String[] cipherSuites = sf.getSupportedCipherSuites(); // TODO: Remove insecure ones - final TSSLTransportParameters params = new TSSLTransportParameters( "TLS", cipherSuites ); + final TSSLTransportParameters params = new TSSLTransportParameters( "TLSv1.2", cipherSuites ); params.setKeyStore( Globals.getSslKeystoreFile(), Globals.getSslKeystorePassword() ); TServerTransport serverTransport; try { diff --git a/src/main/java/org/openslx/imagemaster/util/Util.java b/src/main/java/org/openslx/imagemaster/util/Util.java index ca595b5..79589c4 100644 --- a/src/main/java/org/openslx/imagemaster/util/Util.java +++ b/src/main/java/org/openslx/imagemaster/util/Util.java @@ -40,6 +40,28 @@ public class Util } } + /** + * Check if the given object is null, abort program if true. + * An optional message to be printed can be passed. A stack trace + * will be printed, too. Finally the application terminates with + * exit code 2. + * + * This comes in handy if something must not be null, and you want + * user friendly output. A perfect example would be reading settings + * from a config file. You can use this on mandatory fields. + * + * @param something the object to compare to null + * @param message the message to be printed if something is null + */ + public static void notNullFatal( int number, String message ) + { + if ( number == 0 ) { + if ( message != null ) + log.fatal( "[NOTNULL] " + message, new NullPointerException() ); + System.exit( 2 ); + } + } + /** * Check if String is null or empty, abort program if so. * An optional message to be printed can be passed. A stack trace -- cgit v1.2.3-55-g7522