QPID-5221 - Added a configurable role for connections that constrains their use.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1531084 13f79535-47bb-0310-9956-ffa450edef68

13 files changed, 189 insertions, 97 deletions

diff --git a/extras/dispatch/etc/qpid-dispatch.conf b/extras/dispatch/etc/qpid-dispatch.conf
index 4e74f1e96b..83fa98af60 100644
--- a/extras/dispatch/etc/qpid-dispatch.conf
+++ b/extras/dispatch/etc/qpid-dispatch.conf
@@ -102,6 +102,7 @@ listener {
 
 listener {
     label: Router Interconnect Access
+    role: inter-router
     addr: 0.0.0.0
     port: 5671
     sasl-mechanisms: EXTERNAL
@@ -112,6 +113,7 @@ listener {
 
 connector {
     label: Router Uplink
+    role: inter-router
     addr: backbone.enterprise.com
     port: amqps
     sasl-mechanisms: EXTERNAL
diff --git a/extras/dispatch/include/qpid/dispatch/container.h b/extras/dispatch/include/qpid/dispatch/container.h
index 62373f7e61..03fdd0c4cc 100644
--- a/extras/dispatch/include/qpid/dispatch/container.h
+++ b/extras/dispatch/include/qpid/dispatch/container.h
@@ -166,6 +166,7 @@ void *dx_link_get_context(dx_link_t *link);
 void dx_link_set_conn_context(dx_link_t *link, void *link_context);
 void *dx_link_get_conn_context(dx_link_t *link);
 
+dx_connection_t *dx_link_connection(dx_link_t *link);
 pn_link_t *dx_link_pn(dx_link_t *link);
 pn_terminus_t *dx_link_source(dx_link_t *link);
 pn_terminus_t *dx_link_target(dx_link_t *link);
diff --git a/extras/dispatch/include/qpid/dispatch/server.h b/extras/dispatch/include/qpid/dispatch/server.h
index dcdc6ad73f..e50f9ac75b 100644
--- a/extras/dispatch/include/qpid/dispatch/server.h
+++ b/extras/dispatch/include/qpid/dispatch/server.h
@@ -186,7 +186,7 @@ typedef struct dx_connector_t dx_connector_t;
 typedef struct dx_connection_t dx_connection_t;
 
 /**
- * Event type for the connection callback.
+ * \brief Event type for the connection callback.
  */
 typedef enum {
     /// The connection just opened via a listener (inbound).
@@ -204,6 +204,106 @@ typedef enum {
 
 
 /**
+ * \brief Configuration block for a connector or a listener.
+ */
+typedef struct dx_server_config_t {
+    /**
+     * Host name or network address to bind to a listener or use in the connector.
+     */
+    const char *host;
+
+    /**
+     * Port name or number to bind to a listener or use in the connector.
+     */
+    const char *port;
+
+    /**
+     * Space-separated list of SASL mechanisms to be accepted for the connection.
+     */
+    const char *sasl_mechanisms;
+
+    /**
+     * If appropriate for the mechanism, the username for authentication
+     * (connector only)
+     */
+    const char *sasl_username;
+
+    /**
+     * If appropriate for the mechanism, the password for authentication
+     * (connector only)
+     */
+    const char *sasl_password;
+
+    /**
+     * If appropriate for the mechanism, the minimum acceptable security strength factor
+     */
+    int sasl_minssf;
+
+    /**
+     * If appropriate for the mechanism, the maximum acceptable security strength factor
+     */
+    int sasl_maxssf;
+
+    /**
+     * SSL is enabled for this connection iff non-zero.
+     */
+    int ssl_enabled;
+
+    /**
+     * Connection will take on the role of SSL server iff non-zero.
+     */
+    int ssl_server;
+
+    /**
+     * Iff non-zero AND ssl_enabled is non-zero, this listener will detect the client's use
+     * of SSL or non-SSL and conform to the client's protocol.
+     * (listener only)
+     */
+    int ssl_allow_unsecured_client;
+
+    /**
+     * Path to the file containing the PEM-formatted public certificate for the local end
+     * of the connection.
+     */
+    const char *ssl_certificate_file;
+
+    /**
+     * Path to the file containing the PEM-formatted private key for the local end of the
+     * connection.
+     */
+    const char *ssl_private_key_file;
+
+    /**
+     * The password used to sign the private key, or NULL if the key is not protected.
+     */
+    const char *ssl_password;
+
+    /**
+     * Path to the file containing the PEM-formatted set of certificates of trusted CAs.
+     */
+    const char *ssl_trusted_certificate_db;
+
+    /**
+     * Iff non-zero, require that the peer's certificate be supplied and that it be authentic
+     * according to the set of trusted CAs.
+     */
+    int ssl_require_peer_authentication;
+
+    /**
+     * Allow the connection to be redirected by the peer (via CLOSE->Redirect).  This is
+     * meaningful for outgoing (connector) connections only.
+     */
+    int allow_redirect;
+
+    /**
+     * The specified role of the connection.  This can be used to control the behavior and
+     * capabilities of the connections.
+     */
+    const char *role;
+} dx_server_config_t;
+
+
+/**
  * \brief Connection Event Handler
  *
  * Callback invoked when processing is needed on a proton connection.  This
@@ -295,97 +395,12 @@ pn_connection_t *dx_connection_pn(dx_connection_t *conn);
 
 
 /**
- * \brief Configuration block for a connector or a listener.
+ * \brief Get the configuration that was used in the setup of this connection.
+ *
+ * @param conn Connection object supplied in DX_CONN_EVENT_{LISTENER,CONNETOR}_OPEN
+ * @return A pointer to the server configuration used in the establishment of this connection.
  */
-typedef struct dx_server_config_t {
-    /**
-     * Host name or network address to bind to a listener or use in the connector.
-     */
-    const char *host;
-
-    /**
-     * Port name or number to bind to a listener or use in the connector.
-     */
-    const char *port;
-
-    /**
-     * Space-separated list of SASL mechanisms to be accepted for the connection.
-     */
-    const char *sasl_mechanisms;
-
-    /**
-     * If appropriate for the mechanism, the username for authentication
-     * (connector only)
-     */
-    const char *sasl_username;
-
-    /**
-     * If appropriate for the mechanism, the password for authentication
-     * (connector only)
-     */
-    const char *sasl_password;
-
-    /**
-     * If appropriate for the mechanism, the minimum acceptable security strength factor
-     */
-    int sasl_minssf;
-
-    /**
-     * If appropriate for the mechanism, the maximum acceptable security strength factor
-     */
-    int sasl_maxssf;
-
-    /**
-     * SSL is enabled for this connection iff non-zero.
-     */
-    int ssl_enabled;
-
-    /**
-     * Connection will take on the role of SSL server iff non-zero.
-     */
-    int ssl_server;
-
-    /**
-     * Iff non-zero AND ssl_enabled is non-zero, this listener will detect the client's use
-     * of SSL or non-SSL and conform to the client's protocol.
-     * (listener only)
-     */
-    int ssl_allow_unsecured_client;
-
-    /**
-     * Path to the file containing the PEM-formatted public certificate for the local end
-     * of the connection.
-     */
-    const char *ssl_certificate_file;
-
-    /**
-     * Path to the file containing the PEM-formatted private key for the local end of the
-     * connection.
-     */
-    const char *ssl_private_key_file;
-
-    /**
-     * The password used to sign the private key, or NULL if the key is not protected.
-     */
-    const char *ssl_password;
-
-    /**
-     * Path to the file containing the PEM-formatted set of certificates of trusted CAs.
-     */
-    const char *ssl_trusted_certificate_db;
-
-    /**
-     * Iff non-zero, require that the peer's certificate be supplied and that it be authentic
-     * according to the set of trusted CAs.
-     */
-    int ssl_require_peer_authentication;
-
-    /**
-     * Allow the connection to be redirected by the peer (via CLOSE->Redirect).  This is
-     * meaningful for outgoing (connector) connections only.
-     */
-    int allow_redirect;
-} dx_server_config_t;
+const dx_server_config_t *dx_connection_config(const dx_connection_t *conn);
 
 
 /**
diff --git a/extras/dispatch/python/qpid/dispatch/config/schema.py b/extras/dispatch/python/qpid/dispatch/config/schema.py
index 1b3fe885cb..7b00000c99 100644
--- a/extras/dispatch/python/qpid/dispatch/config/schema.py
+++ b/extras/dispatch/python/qpid/dispatch/config/schema.py
@@ -57,6 +57,7 @@ config_schema = {
     'addr'              : (str,  0,    "M"),
     'port'              : (str,  1,    "M"),
     'label'             : (str,  None, "",  None),
+    'role'              : (str,  None, "",  'normal'),
     'sasl-mechanisms'   : (str,  None, "M"),
     'ssl-profile'       : (str,  None, "E", None),
     'require-peer-auth' : (bool, None, "",  True),
@@ -66,6 +67,7 @@ config_schema = {
     'addr'            : (str,  0,    "M"),
     'port'            : (str,  1,    "M"),
     'label'           : (str,  None, "",  None),
+    'role'            : (str,  None, "",  'normal'),
     'sasl-mechanisms' : (str,  None, "M"),
     'ssl-profile'     : (str,  None, "E", None),
     'allow-redirect'  : (bool, None, "",  True)
diff --git a/extras/dispatch/src/container.c b/extras/dispatch/src/container.c
index f206f492a1..3ae24d81b0 100644
--- a/extras/dispatch/src/container.c
+++ b/extras/dispatch/src/container.c
@@ -687,6 +687,27 @@ pn_link_t *dx_link_pn(dx_link_t *link)
 }
 
 
+dx_connection_t *dx_link_connection(dx_link_t *link)
+{
+    if (!link || !link->pn_link)
+        return 0;
+
+    pn_session_t *sess = pn_link_session(link->pn_link);
+    if (!sess)
+        return 0;
+
+    pn_connection_t *conn = pn_session_connection(sess);
+    if (!conn)
+        return 0;
+
+    dx_connection_t *ctx = pn_connection_get_context(conn);
+    if (!ctx)
+        return 0;
+
+    return ctx;
+}
+
+
 pn_terminus_t *dx_link_source(dx_link_t *link)
 {
     return pn_link_source(link->pn_link);
diff --git a/extras/dispatch/src/dispatch.c b/extras/dispatch/src/dispatch.c
index 6e406de7fb..20ba84afe0 100644
--- a/extras/dispatch/src/dispatch.c
+++ b/extras/dispatch/src/dispatch.c
@@ -137,6 +137,7 @@ static void load_server_config(dx_dispatch_t *dx, dx_server_config_t *config, co
 {
     config->host = dx_config_item_value_string(dx->config, section, i, "addr");
     config->port = dx_config_item_value_string(dx->config, section, i, "port");
+    config->role = dx_config_item_value_string(dx->config, section, i, "role");
     config->sasl_mechanisms =
         dx_config_item_value_string(dx->config, section, i, "sasl-mechanisms");
     config->ssl_enabled =
diff --git a/extras/dispatch/src/router_node.c b/extras/dispatch/src/router_node.c
index b10e4d2d91..4b13230687 100644
--- a/extras/dispatch/src/router_node.c
+++ b/extras/dispatch/src/router_node.c
@@ -28,6 +28,7 @@
 
 static char *module = "ROUTER";
 
+static char *router_role   = "inter-router";
 static char *local_prefix  = "_local/";
 static char *topo_prefix   = "_topo/";
 static char *direct_prefix;
@@ -122,6 +123,22 @@ static void dx_router_check_addr_LH(dx_router_t *router, dx_address_t *addr)
 
 
 /**
+ * Determine whether a connection is configured in the inter-router role.
+ */
+static int dx_router_connection_is_inter_router(const dx_connection_t *conn)
+{
+    if (!conn)
+        return 0;
+
+    const dx_server_config_t *cf = dx_connection_config(conn);
+    if (cf && strcmp(cf->role, router_role) == 0)
+        return 1;
+
+    return 0;
+}
+
+
+/**
  * Determine whether a terminus has router capability
  */
 static int dx_router_terminus_is_router(pn_terminus_t *term)
@@ -648,11 +665,17 @@ static void router_disp_handler(void* context, dx_link_t *link, dx_delivery_t *d
  */
 static int router_incoming_link_handler(void* context, dx_link_t *link)
 {
-    dx_router_t      *router  = (dx_router_t*) context;
-    dx_router_link_t *rlink   = new_dx_router_link_t();
-    pn_link_t        *pn_link = dx_link_pn(link);
-    int is_router             = dx_router_terminus_is_router(dx_link_remote_source(link));
+    dx_router_t *router    = (dx_router_t*) context;
+    pn_link_t   *pn_link   = dx_link_pn(link);
+    int          is_router = dx_router_terminus_is_router(dx_link_remote_source(link));
 
+    if (is_router && !dx_router_connection_is_inter_router(dx_link_connection(link))) {
+        dx_log(module, LOG_WARNING, "Incoming link claims router capability but is not on an inter-router connection");
+        pn_link_close(pn_link);
+        return 0;
+    }
+
+    dx_router_link_t *rlink = new_dx_router_link_t();
     DEQ_ITEM_INIT(rlink);
     rlink->link_type      = is_router ? DX_LINK_ROUTER : DX_LINK_ENDPOINT;
     rlink->link_direction = DX_INCOMING;
@@ -697,6 +720,12 @@ static int router_outgoing_link_handler(void* context, dx_link_t *link)
     int is_router        = dx_router_terminus_is_router(dx_link_remote_target(link));
     dx_field_iterator_t *iter = 0;
 
+    if (is_router && !dx_router_connection_is_inter_router(dx_link_connection(link))) {
+        dx_log(module, LOG_WARNING, "Outgoing link claims router capability but is not on an inter-router connection");
+        pn_link_close(pn_link);
+        return 0;
+    }
+
     //
     // If this link is not a router link and it has no source address, we can't
     // accept it.
@@ -861,8 +890,14 @@ static void router_inbound_open_handler(void *type_context, dx_connection_t *con
 
 static void router_outbound_open_handler(void *type_context, dx_connection_t *conn)
 {
-    // TODO - Make sure this connection is annotated as an inter-router transport.
-    //        Ignore otherwise
+    //
+    // Check the configured role of this connection.  If it is not the inter-router
+    // role, ignore it.
+    //
+    if (!dx_router_connection_is_inter_router(conn)) {
+        dx_log(module, LOG_WARNING, "Outbound connection set up without inter-router role");
+        return;
+    }
 
     dx_router_t         *router = (dx_router_t*) type_context;
     dx_link_t           *sender;
diff --git a/extras/dispatch/src/server.c b/extras/dispatch/src/server.c
index e81672dea9..65e181bd2c 100644
--- a/extras/dispatch/src/server.c
+++ b/extras/dispatch/src/server.c
@@ -880,6 +880,14 @@ pn_connection_t *dx_connection_pn(dx_connection_t *conn)
 }
 
 
+const dx_server_config_t *dx_connection_config(const dx_connection_t *conn)
+{
+    if (conn->listener)
+        return conn->listener->config;
+    return conn->connector->config;
+}
+
+
 dx_listener_t *dx_server_listen(dx_dispatch_t *dx, const dx_server_config_t *config, void *context)
 {
     dx_server_t   *dx_server = dx->server;
diff --git a/extras/dispatch/tests/threerouters-A.conf b/extras/dispatch/tests/threerouters-A.conf
index c8c74d6eb2..3f18ad668c 100644
--- a/extras/dispatch/tests/threerouters-A.conf
+++ b/extras/dispatch/tests/threerouters-A.conf
@@ -54,6 +54,7 @@ listener {
 
 connector {
     label: Router Uplink
+    role: inter-router
     addr: 0.0.0.0
     port: 20002
     sasl-mechanisms: ANONYMOUS
diff --git a/extras/dispatch/tests/threerouters-B.conf b/extras/dispatch/tests/threerouters-B.conf
index 12dfc11c54..10310306d6 100644
--- a/extras/dispatch/tests/threerouters-B.conf
+++ b/extras/dispatch/tests/threerouters-B.conf
@@ -47,6 +47,7 @@ container {
 ## Listeners and Connectors
 ##
 listener {
+    role: inter-router
     addr: 0.0.0.0
     port: 20002
     sasl-mechanisms: ANONYMOUS
@@ -54,6 +55,7 @@ listener {
 
 connector {
     label: Router Uplink
+    role: inter-router
     addr: 0.0.0.0
     port: 20003
     sasl-mechanisms: ANONYMOUS
diff --git a/extras/dispatch/tests/threerouters-C.conf b/extras/dispatch/tests/threerouters-C.conf
index 03ec5296f9..83c0ff603d 100644
--- a/extras/dispatch/tests/threerouters-C.conf
+++ b/extras/dispatch/tests/threerouters-C.conf
@@ -47,6 +47,7 @@ container {
 ## Listeners and Connectors
 ##
 listener {
+    role: inter-router
     addr: 0.0.0.0
     port: 20003
     sasl-mechanisms: ANONYMOUS
diff --git a/extras/dispatch/tests/tworouters-A.conf b/extras/dispatch/tests/tworouters-A.conf
index d46d47787b..0d00efdbd4 100644
--- a/extras/dispatch/tests/tworouters-A.conf
+++ b/extras/dispatch/tests/tworouters-A.conf
@@ -47,6 +47,7 @@ container {
 ## Listeners and Connectors
 ##
 listener {
+    role: inter-router
     addr: 0.0.0.0
     port: 20001
     sasl-mechanisms: ANONYMOUS
diff --git a/extras/dispatch/tests/tworouters-B.conf b/extras/dispatch/tests/tworouters-B.conf
index f0d689755a..8999c9878c 100644
--- a/extras/dispatch/tests/tworouters-B.conf
+++ b/extras/dispatch/tests/tworouters-B.conf
@@ -47,6 +47,7 @@ container {
 ## Listeners and Connectors
 ##
 listener {
+    role: inter-router
     addr: 0.0.0.0
     port: 20002
     sasl-mechanisms: ANONYMOUS
@@ -54,6 +55,7 @@ listener {
 
 connector {
     label: Router Uplink
+    role: inter-router
     addr: 0.0.0.0
     port: 20001
     sasl-mechanisms: ANONYMOUS