diff options
Diffstat (limited to 'qpid/java/broker-core/src/main/java')
17 files changed, 73 insertions, 149 deletions
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/configuration/BrokerProperties.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/configuration/BrokerProperties.java index ccda1e1fe1..765e1e4fa5 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/configuration/BrokerProperties.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/configuration/BrokerProperties.java @@ -40,9 +40,6 @@ public class BrokerProperties public static final String PROPERTY_DEFAULT_SUPPORTED_PROTOCOL_REPLY = "qpid.broker_default_supported_protocol_version_reply"; public static final String PROPERTY_DISABLED_FEATURES = "qpid.broker_disabled_features"; - public static final String PROPERTY_BROKER_DEFAULT_AMQP_PROTOCOL_EXCLUDES = "qpid.broker_default_amqp_protocol_excludes"; - public static final String PROPERTY_BROKER_DEFAULT_AMQP_PROTOCOL_INCLUDES = "qpid.broker_default_amqp_protocol_includes"; - public static final String PROPERTY_MANAGEMENT_RIGHTS_INFER_ALL_ACCESS = "qpid.broker_jmx_method_rights_infer_all_access"; public static final String PROPERTY_USE_CUSTOM_RMI_SOCKET_FACTORY = "qpid.broker_jmx_use_custom_rmi_socket_factory"; diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectFactoryImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectFactoryImpl.java index 350e4fcd44..27d914c639 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectFactoryImpl.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ConfiguredObjectFactoryImpl.java @@ -137,15 +137,6 @@ public class ConfiguredObjectFactoryImpl implements ConfiguredObjectFactory else { factory = getConfiguredObjectTypeFactory(category, null); - if(factory == null) - { - ManagedObject annotation = categoryClass.getAnnotation(ManagedObject.class); - factory = getConfiguredObjectTypeFactory(category, annotation.defaultType()); - if(factory == null) - { - throw new NoFactoryForTypeException(category, annotation.defaultType()); - } - } } return factory; } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ManagedObject.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ManagedObject.java index 8cfb84135e..f18869bced 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ManagedObject.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/ManagedObject.java @@ -35,4 +35,5 @@ public @interface ManagedObject boolean creatable() default true; String defaultType() default ""; // in this case the class/interface itself is to be used String type() default ""; + boolean register() default true; } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Port.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Port.java index e98ff1a79a..eca3b0c7b1 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Port.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Port.java @@ -20,7 +20,6 @@ */ package org.apache.qpid.server.model; -import java.security.AccessControlException; import java.util.Collection; import java.util.Set; @@ -64,30 +63,6 @@ public interface Port<X extends Port<X>> extends ConfiguredObject<X> @ManagedAttribute Collection<TrustStore> getTrustStores(); - - - - - - void addTransport(Transport transport) throws IllegalStateException, - AccessControlException, - IllegalArgumentException; - - Transport removeTransport(Transport transport) throws IllegalStateException, - AccessControlException, - IllegalArgumentException; - - - void addProtocol(Protocol protocol) throws IllegalStateException, - AccessControlException, - IllegalArgumentException; - - Protocol removeProtocol(Protocol protocol) throws IllegalStateException, - AccessControlException, - IllegalArgumentException; - - Collection<Protocol> getAvailableProtocols(); - //children Collection<VirtualHostAlias> getVirtualHostBindings(); Collection<Connection> getConnections(); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java index 32587c0f4e..61790441f9 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AbstractPort.java @@ -190,40 +190,12 @@ abstract public class AbstractPort<X extends AbstractPort<X>> extends AbstractCo } @Override - public void addTransport(Transport transport) - throws IllegalStateException, AccessControlException, IllegalArgumentException - { - throw new IllegalStateException(); - } - - @Override - public Transport removeTransport(Transport transport) - throws IllegalStateException, AccessControlException, IllegalArgumentException - { - throw new IllegalStateException(); - } - - @Override public Set<Protocol> getProtocols() { return _protocols; } @Override - public void addProtocol(Protocol protocol) - throws IllegalStateException, AccessControlException, IllegalArgumentException - { - throw new IllegalStateException(); - } - - @Override - public Protocol removeProtocol(Protocol protocol) - throws IllegalStateException, AccessControlException, IllegalArgumentException - { - throw new IllegalStateException(); - } - - @Override public Collection<VirtualHostAlias> getVirtualHostBindings() { List<VirtualHostAlias> aliases = new ArrayList<VirtualHostAlias>(); @@ -251,19 +223,6 @@ abstract public class AbstractPort<X extends AbstractPort<X>> extends AbstractCo } @Override - public Set<Protocol> getAvailableProtocols() - { - Set<Protocol> protocols = getProtocols(); - if(protocols == null || protocols.isEmpty()) - { - protocols = getDefaultProtocols(); - } - return protocols; - } - - protected abstract Set<Protocol> getDefaultProtocols(); - - @Override public State getState() { return _state; @@ -382,11 +341,11 @@ abstract public class AbstractPort<X extends AbstractPort<X>> extends AbstractCo for (Port<?> existingPort : existingPorts) { - Collection<Protocol> portProtocols = existingPort.getAvailableProtocols(); + Collection<Protocol> portProtocols = existingPort.getProtocols(); if (portProtocols != null) { final ArrayList<Protocol> intersection = new ArrayList(portProtocols); - intersection.retainAll(getAvailableProtocols()); + intersection.retainAll(getProtocols()); if(!intersection.isEmpty()) { throw new IllegalConfigurationException("Port for protocols " + intersection + " already exists. Only one management port per protocol can be created."); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java index fa599b4d5f..b50a289b22 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPort.java @@ -24,6 +24,7 @@ import java.util.Set; import org.apache.qpid.server.model.AuthenticationProvider; import org.apache.qpid.server.model.ManagedAttribute; +import org.apache.qpid.server.model.ManagedContextDefault; import org.apache.qpid.server.model.ManagedObject; import org.apache.qpid.server.model.Port; import org.apache.qpid.server.model.Protocol; @@ -42,6 +43,11 @@ public interface AmqpPort<X extends AmqpPort<X>> extends Port<X> String SEND_BUFFER_SIZE = "sendBufferSize"; String RECEIVE_BUFFER_SIZE = "receiveBufferSize"; + String DEFAULT_AMQP_PROTOCOLS = "qpid.port.default_amqp_protocols"; + + @ManagedContextDefault(name = DEFAULT_AMQP_PROTOCOLS) + String INSTALLED_PROTOCOLS = AmqpPortImpl.getInstalledProtocolsAsString(); + @ManagedAttribute( defaultValue = AmqpPort.DEFAULT_AMQP_TCP_NO_DELAY ) boolean isTcpNoDelay(); @@ -66,8 +72,9 @@ public interface AmqpPort<X extends AmqpPort<X>> extends Port<X> validValues = {"org.apache.qpid.server.model.port.AmqpPortImpl#getAllAvailableTransportCombinations()"}) Set<Transport> getTransports(); - @ManagedAttribute( validValues = {"org.apache.qpid.server.model.port.AmqpPortImpl#getAllAvailableProtocolCombinations()"} ) + @ManagedAttribute( defaultValue = "${" + DEFAULT_AMQP_PROTOCOLS + "}", validValues = {"org.apache.qpid.server.model.port.AmqpPortImpl#getAllAvailableProtocolCombinations()"} ) Set<Protocol> getProtocols(); VirtualHostImpl getVirtualHost(String name); + } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java index 1fbc0c8bc1..2c958b00d0 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/AmqpPortImpl.java @@ -25,7 +25,6 @@ import java.security.GeneralSecurityException; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; -import java.util.EnumSet; import java.util.HashSet; import java.util.Map; import java.util.Set; @@ -43,6 +42,7 @@ import org.apache.qpid.server.logging.messages.BrokerMessages; import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.KeyStore; import org.apache.qpid.server.model.ManagedAttributeField; +import org.apache.qpid.server.model.ManagedContextDefault; import org.apache.qpid.server.model.ManagedObjectFactoryConstructor; import org.apache.qpid.server.model.Protocol; import org.apache.qpid.server.model.State; @@ -53,6 +53,7 @@ import org.apache.qpid.server.plugin.QpidServiceLoader; import org.apache.qpid.server.plugin.TransportProviderFactory; import org.apache.qpid.server.transport.AcceptingTransport; import org.apache.qpid.server.transport.TransportProvider; +import org.apache.qpid.server.util.ServerScopedRuntimeException; import org.apache.qpid.server.virtualhost.VirtualHostImpl; import org.apache.qpid.transport.network.security.ssl.QpidMultipleTrustManager; @@ -110,34 +111,6 @@ public class AmqpPortImpl extends AbstractPortWithAuthProvider<AmqpPortImpl> imp return (VirtualHostImpl) _broker.findVirtualHostByName(name); } - protected Set<Protocol> getDefaultProtocols() - { - Set<Protocol> defaultProtocols = EnumSet.of(Protocol.AMQP_0_8, Protocol.AMQP_0_9, Protocol.AMQP_0_9_1, - Protocol.AMQP_0_10, Protocol.AMQP_1_0); - String excludedProtocols = System.getProperty(BrokerProperties.PROPERTY_BROKER_DEFAULT_AMQP_PROTOCOL_EXCLUDES); - if (excludedProtocols != null) - { - String[] excludes = excludedProtocols.split(","); - for (String exclude : excludes) - { - Protocol protocol = Protocol.valueOf(exclude); - defaultProtocols.remove(protocol); - } - } - String includedProtocols = System.getProperty(BrokerProperties.PROPERTY_BROKER_DEFAULT_AMQP_PROTOCOL_INCLUDES); - if (includedProtocols != null) - { - String[] includes = includedProtocols.split(","); - for (String include : includes) - { - Protocol protocol = Protocol.valueOf(include); - defaultProtocols.add(protocol); - } - } - return defaultProtocols; - } - - @Override protected State onActivate() { @@ -178,7 +151,7 @@ public class AmqpPortImpl extends AbstractPortWithAuthProvider<AmqpPortImpl> imp _transport = transportProvider.createTransport(transportSet, sslContext, this, - getAvailableProtocols(), + getProtocols(), defaultSupportedProtocolReply); _transport.start(); @@ -363,4 +336,21 @@ public class AmqpPortImpl extends AbstractPortWithAuthProvider<AmqpPortImpl> imp } return Collections.unmodifiableSet(combinationsAsString); } + + + public static String getInstalledProtocolsAsString() + { + Set<Protocol> installedProtocols = getInstalledProtocols(); + ObjectMapper mapper = new ObjectMapper(); + + try(StringWriter output = new StringWriter()) + { + mapper.writeValue(output, installedProtocols); + return output.toString(); + } + catch (IOException e) + { + throw new ServerScopedRuntimeException(e); + } + } } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java index fa2af121ae..51d31cb8ab 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPort.java @@ -51,7 +51,7 @@ public interface HttpPort<X extends HttpPort<X>> extends Port<X> validValues = {"[ \"TCP\" ]", "[ \"SSL\" ]", "[ \"TCP\", \"SSL\" ]"}) Set<Transport> getTransports(); - @ManagedAttribute( validValues = { "[ \"HTTP\"]"} ) + @ManagedAttribute( defaultValue = "HTTP", validValues = { "[ \"HTTP\"]"} ) Set<Protocol> getProtocols(); void setPortManager(PortManager manager); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java index a89ba9bbff..33abee9bde 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/HttpPortImpl.java @@ -40,12 +40,6 @@ public class HttpPortImpl extends AbstractPortWithAuthProvider<HttpPortImpl> imp super(attributes, broker); } - @Override - protected Set<Protocol> getDefaultProtocols() - { - return Collections.singleton(Protocol.HTTP); - } - public void setPortManager(PortManager manager) { _portManager = manager; diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPort.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPort.java index 48754e92e4..981d81a342 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPort.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPort.java @@ -51,7 +51,7 @@ public interface JmxPort<X extends JmxPort<X>> extends Port<X> validValues = {"[ \"TCP\" ]", "[ \"SSL\" ]"}) Set<Transport> getTransports(); - @ManagedAttribute( validValues = { "[ \"JMX_RMI\"]"} ) + @ManagedAttribute( defaultValue = "JMX_RMI", validValues = { "[ \"JMX_RMI\"]"} ) Set<Protocol> getProtocols(); void setPortManager(PortManager manager); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPortImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPortImpl.java index ac691c0860..a235613c29 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPortImpl.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/JmxPortImpl.java @@ -48,12 +48,6 @@ public class JmxPortImpl extends AbstractPortWithAuthProvider<JmxPortImpl> imple } @Override - protected Set<Protocol> getDefaultProtocols() - { - return Collections.singleton(Protocol.JMX_RMI); - } - - @Override public void setPortManager(PortManager manager) { _portManager = manager; diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPort.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPort.java index d2420aa343..8fad90ada3 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPort.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPort.java @@ -32,7 +32,7 @@ import org.apache.qpid.server.model.Transport; public interface RmiPort<X extends RmiPort<X>> extends Port<X> { - @ManagedAttribute( validValues = { "[ \"RMI\"]"} ) + @ManagedAttribute( defaultValue = "RMI", validValues = { "[ \"RMI\"]"} ) Set<Protocol> getProtocols(); @ManagedAttribute( defaultValue = "TCP", diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPortImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPortImpl.java index e236b7cb91..82e68d75c8 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPortImpl.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/port/RmiPortImpl.java @@ -56,12 +56,6 @@ public class RmiPortImpl extends AbstractPort<RmiPortImpl> implements RmiPort<Rm } - @Override - protected Set<Protocol> getDefaultProtocols() - { - return Collections.singleton(Protocol.RMI); - } - public void setPortManager(PortManager manager) { _portManager = manager; diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java index 5b62f7cffd..0e532cee89 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleAuthenticationManager.java @@ -46,7 +46,7 @@ import org.apache.qpid.server.security.auth.UsernamePrincipal; import org.apache.qpid.server.security.auth.sasl.plain.PlainPasswordCallback; import org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer; -@ManagedObject( category = false, type = "Simple" ) +@ManagedObject( category = false, type = "Simple", register = false ) public class SimpleAuthenticationManager extends AbstractAuthenticationManager<SimpleAuthenticationManager> { private static final Logger _logger = Logger.getLogger(SimpleAuthenticationManager.class); diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java index c0c92f0389..b094ea96f9 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypter.java @@ -36,17 +36,25 @@ import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import javax.xml.bind.DatatypeConverter; -import org.apache.qpid.server.configuration.IllegalConfigurationException; - class AESKeyFileEncrypter implements ConfigurationSecretEncrypter { private static final String CIPHER_NAME = "AES/CBC/PKCS5Padding"; private static final int AES_INITIALIZATION_VECTOR_LENGTH = 16; + private static final String AES_ALGORITHM = "AES"; private final SecretKey _secretKey; private final SecureRandom _random = new SecureRandom(); AESKeyFileEncrypter(SecretKey secretKey) { + if(secretKey == null) + { + throw new NullPointerException("A non null secret key must be supplied"); + } + if(!AES_ALGORITHM.equals(secretKey.getAlgorithm())) + { + throw new IllegalArgumentException("Provided secret key was for the algorithm: " + secretKey.getAlgorithm() + + "when" + AES_ALGORITHM + "was needed."); + } _secretKey = secretKey; } @@ -68,19 +76,26 @@ class AESKeyFileEncrypter implements ConfigurationSecretEncrypter } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) { - throw new IllegalConfigurationException("Unable to encrypt secret", e); + throw new IllegalArgumentException("Unable to encrypt secret", e); } } @Override public String decrypt(final String encrypted) { + if(!isValidBase64(encrypted)) + { + throw new IllegalArgumentException("Encrypted value is not valid Base 64 data: '" + encrypted + "'"); + } byte[] encryptedBytes = DatatypeConverter.parseBase64Binary(encrypted); try { Cipher cipher = Cipher.getInstance(CIPHER_NAME); - cipher.init(Cipher.DECRYPT_MODE, _secretKey, new IvParameterSpec(encryptedBytes, 0, - AES_INITIALIZATION_VECTOR_LENGTH)); + + IvParameterSpec ivParameterSpec = new IvParameterSpec(encryptedBytes, 0, AES_INITIALIZATION_VECTOR_LENGTH); + + cipher.init(Cipher.DECRYPT_MODE, _secretKey, ivParameterSpec); + return new String(readFromCipherStream(encryptedBytes, AES_INITIALIZATION_VECTOR_LENGTH, encryptedBytes.length - AES_INITIALIZATION_VECTOR_LENGTH, @@ -88,10 +103,15 @@ class AESKeyFileEncrypter implements ConfigurationSecretEncrypter } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) { - throw new IllegalConfigurationException("Unable to encrypt secret", e); + throw new IllegalArgumentException("Unable to encrypt secret", e); } } + private boolean isValidBase64(final String encrypted) + { + return encrypted.matches("^([\\w\\d+/]{4})*([\\w\\d+/]{2}==|[\\w\\d+/]{3}=)?$"); + } + private byte[] readFromCipherStream(final byte[] unencryptedBytes, final Cipher cipher) throws IOException { @@ -106,16 +126,16 @@ class AESKeyFileEncrypter implements ConfigurationSecretEncrypter offset, length), cipher)) { - byte[] buf = new byte[1024]; + byte[] buf = new byte[512]; int pos = 0; int read; while ((read = cipherInputStream.read(buf, pos, buf.length - pos)) != -1) { pos += read; - if (pos == buf.length - 1) + if (pos == buf.length) { byte[] tmp = buf; - buf = new byte[buf.length + 1024]; + buf = new byte[buf.length + 512]; System.arraycopy(tmp, 0, buf, 0, tmp.length); } } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactory.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactory.java index 447f19b7ce..ef92c2a131 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactory.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactory.java @@ -46,13 +46,15 @@ import org.apache.qpid.server.plugin.PluggableService; @PluggableService public class AESKeyFileEncrypterFactory implements ConfigurationSecretEncrypterFactory { - private static final String ENCRYPTER_KEY_FILE = "encrypter.key.file"; + static final String ENCRYPTER_KEY_FILE = "encrypter.key.file"; private static final int AES_KEY_SIZE_BITS = 256; private static final int AES_KEY_SIZE_BYTES = AES_KEY_SIZE_BITS / 8; private static final String AES_ALGORITHM = "AES"; - public static String TYPE = "AESKeyFile"; + public static final String TYPE = "AESKeyFile"; + + static final String DEFAULT_KEYS_SUBDIR_NAME = ".keys"; @Override public ConfigurationSecretEncrypter createEncrypter(final ConfiguredObject<?> object) @@ -66,7 +68,7 @@ public class AESKeyFileEncrypterFactory implements ConfigurationSecretEncrypterF { fileLocation = object.getContextValue(String.class, BrokerOptions.QPID_WORK_DIR) - + File.separator + ".keys" + File.separator + + File.separator + DEFAULT_KEYS_SUBDIR_NAME + File.separator + object.getCategoryClass().getSimpleName() + "_" + object.getName() + ".key"; @@ -94,14 +96,14 @@ public class AESKeyFileEncrypterFactory implements ConfigurationSecretEncrypterF || permissions.contains(PosixFilePermission.GROUP_WRITE) || permissions.contains(PosixFilePermission.OTHERS_WRITE)) { - throw new IllegalStateException("Key file '" + throw new IllegalArgumentException("Key file '" + fileLocation + "' has incorrect permissions. Only the owner " + "should be able to read or write this file."); } if(Files.size(file.toPath()) != AES_KEY_SIZE_BYTES) { - throw new IllegalConfigurationException("Key file '" + fileLocation + "' contains an incorrect about of data"); + throw new IllegalArgumentException("Key file '" + fileLocation + "' contains an incorrect about of data"); } try(FileInputStream inputStream = new FileInputStream(file)) @@ -151,7 +153,7 @@ public class AESKeyFileEncrypterFactory implements ConfigurationSecretEncrypterF } catch (NoSuchAlgorithmException | IOException e) { - throw new IllegalConfigurationException("Cannot create key file: " + e.getMessage(), e); + throw new IllegalArgumentException("Cannot create key file: " + e.getMessage(), e); } } diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java index 450fc30bf2..eacc4f2458 100644 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/virtualhost/AbstractVirtualHost.java @@ -251,7 +251,7 @@ public abstract class AbstractVirtualHost<X extends AbstractVirtualHost<X>> exte { for(Port port :_broker.getPorts()) { - if (Protocol.hasAmqpProtocol(port.getAvailableProtocols())) + if (Protocol.hasAmqpProtocol(port.getProtocols())) { _aliases.add(new VirtualHostAliasAdapter(this, port)); } |