/*
* TeleStax, Open Source Cloud Communications
* Copyright 2011-2016, TeleStax Inc. and individual contributors
* by the @authors tag.
*
* This program is free software: you can redistribute it and/or modify
* under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
* This file incorporates work covered by the following copyright and
* permission notice:
*
* JBoss, Home of Professional Open Source
* Copyright 2007-2011, Red Hat, Inc. and individual contributors
* by the @authors tag. See the copyright.txt in the distribution for a
* full listing of individual contributors.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jdiameter.server.impl.io.tls;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.util.concurrent.CopyOnWriteArrayList;
import org.jdiameter.api.Configuration;
import org.jdiameter.client.api.parser.IMessageParser;
import org.jdiameter.client.impl.transport.tls.TLSClientConnection;
import org.jdiameter.client.impl.transport.tls.TLSUtils;
import org.jdiameter.common.api.concurrent.DummyConcurrentFactory;
import org.jdiameter.common.api.concurrent.IConcurrentFactory;
import org.jdiameter.server.api.IMetaData;
import org.jdiameter.server.api.io.INetworkConnectionListener;
import org.jdiameter.server.api.io.INetworkGuard;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* TLS implementation of {@link org.jdiameter.server.api.io.INetworkGuard}.
*
* @author <a href="mailto:baranowb@gmail.com"> Bartosz Baranowski </a>
* @author <a href="mailto:brainslog@gmail.com"> Alexandre Mendonca </a>
*/
public class NetworkGuard implements INetworkGuard, Runnable {
private static final Logger logger = LoggerFactory.getLogger(NetworkGuard.class);
private IMessageParser parser;
private IConcurrentFactory concurrentFactory;
private int port;
private CopyOnWriteArrayList<INetworkConnectionListener> listeners = new CopyOnWriteArrayList<INetworkConnectionListener>();
private boolean isWork = false;
// private SSLServerSocket serverSocket;
private ServerSocket serverSocket;
private Configuration localPeerSSLConfig;
private Thread thread;
private String secRef;
public NetworkGuard(InetAddress inetAddress, int port, IConcurrentFactory concurrentFactory, IMessageParser parser, IMetaData data) throws Exception {
this.port = port;
this.parser = parser;
this.concurrentFactory = concurrentFactory == null ? new DummyConcurrentFactory() : concurrentFactory;
this.thread = this.concurrentFactory.getThread("NetworkGuard", this);
// extract sec_ref from local peer;
Configuration conf = data.getConfiguration();
if (!conf.isAttributeExist(org.jdiameter.client.impl.helpers.Parameters.SecurityRef.ordinal())) {
throw new IllegalArgumentException("No security_ref attribute present in local peer!");
}
String secRef = conf.getStringValue(org.jdiameter.client.impl.helpers.Parameters.SecurityRef.ordinal(), "");
// now need to get proper security data.
this.localPeerSSLConfig = TLSUtils.getSSLConfiguration(conf, secRef);
if (this.localPeerSSLConfig == null) {
throw new IllegalArgumentException("No Security for security_reference '" + secRef + "'");
}
// SSLContext sslContext = TLSUtils.getSecureContext(localPeerSSLConfig);
try {
// SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory();
// this.serverSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket();
this.serverSocket = new ServerSocket();
this.serverSocket.bind(new InetSocketAddress(inetAddress, port));
this.isWork = true;
logger.info("Open server socket {} ", serverSocket);
this.thread.start();
}
catch (Exception exc) {
destroy();
throw new Exception(exc);
}
}
@Override
public void run() {
try {
while (this.isWork) {
// without timeout when we kill socket, this causes errors, bug in VM ?
try {
Socket clientConnection = serverSocket.accept();
logger.info("Open incomming SSL connection {}", clientConnection);
TLSClientConnection client = new TLSClientConnection(null, this.localPeerSSLConfig, this.concurrentFactory, clientConnection, parser);
this.notifyListeners(client);
}
catch (Exception e) {
logger.debug("Failed to accept connection,", e);
}
}
}
catch (Exception exc) {
logger.warn("Server socket stopped", exc);
}
}
/*
* (non-Javadoc)
*
* @see org.jdiameter.server.api.io.INetworkGuard#addListener(org.jdiameter.server .api.io.INetworkConnectionListener)
*/
@Override
public void addListener(INetworkConnectionListener listener) {
if (!this.listeners.contains(listener)) {
this.listeners.add(listener);
}
}
/*
* (non-Javadoc)
*
* @see org.jdiameter.server.api.io.INetworkGuard#remListener(org.jdiameter.server .api.io.INetworkConnectionListener)
*/
@Override
public void remListener(INetworkConnectionListener listener) {
this.listeners.remove(listener);
}
/*
* (non-Javadoc)
*
* @see org.jdiameter.server.api.io.INetworkGuard#destroy()
*/
@Override
public void destroy() {
try {
this.isWork = false;
try {
if (this.thread != null) {
this.thread.join(2000);
if (this.thread.isAlive()) {
// FIXME: remove ASAP
this.thread.interrupt();
}
thread = null;
}
}
catch (InterruptedException e) {
logger.debug("Can not stop thread", e);
}
if (this.serverSocket != null) {
this.serverSocket.close();
this.serverSocket = null;
}
}
catch (IOException e) {
logger.error("", e);
}
}
// ------------------------- private section ---------------------------
private void notifyListeners(TLSClientConnection client) {
for (INetworkConnectionListener listener : this.listeners) {
try {
listener.newNetworkConnection(client);
}
catch (Exception e) {
logger.debug("Connection listener threw exception!", e);
}
}
}
}