Examples with GridNioSslFilter org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter used on opensource projects

Example 1 with GridNioSslFilter

use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.

the class GridTcpRouterImpl method startTcpServer.

/**
     * Tries to start server with given parameters.
     *
     * @param hostAddr Host on which server should be bound.
     * @param port Port on which server should be bound.
     * @param lsnr Server message listener.
     * @param parser Server message parser.
     * @param tcpNoDelay Flag indicating whether TCP_NODELAY flag should be set for accepted connections.
     * @param sslCtx SSL context in case if SSL is enabled.
     * @param wantClientAuth Whether client will be requested for authentication.
     * @param needClientAuth Whether client is required to be authenticated.
     * @return {@code True} if server successfully started, {@code false} if port is used and
     *      server was unable to start.
     */
private boolean startTcpServer(InetAddress hostAddr, int port, GridNioServerListener<GridClientMessage> lsnr, GridNioParser parser, boolean tcpNoDelay, @Nullable SSLContext sslCtx, boolean wantClientAuth, boolean needClientAuth) {
    try {
        GridNioFilter codec = new GridNioCodecFilter(parser, log, false);
        // This name is required to be unique in order to avoid collisions with
        // ThreadWorkerGroups running in the same JVM by other routers/nodes.
        String igniteInstanceName = "router-" + id;
        GridNioFilter[] filters;
        if (sslCtx != null) {
            GridNioSslFilter sslFilter = new GridNioSslFilter(sslCtx, false, ByteOrder.nativeOrder(), log);
            sslFilter.wantClientAuth(wantClientAuth);
            sslFilter.needClientAuth(needClientAuth);
            filters = new GridNioFilter[] { codec, sslFilter };
        } else
            filters = new GridNioFilter[] { codec };
        srv = GridNioServer.<GridClientMessage>builder().address(hostAddr).port(port).listener(lsnr).logger(log).selectorCount(Runtime.getRuntime().availableProcessors()).igniteInstanceName(igniteInstanceName).serverName("router").tcpNoDelay(tcpNoDelay).directBuffer(false).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(0).socketReceiveBufferSize(0).sendQueueLimit(0).filters(filters).idleTimeout(cfg.getIdleTimeout()).build();
        srv.start();
        return true;
    } catch (IgniteCheckedException e) {
        if (log.isDebugEnabled())
            log.debug("Failed to start TCP router protocol on port " + port + ": " + e.getMessage());
        srv = null;
        return false;
    }
}

Example 2 with GridNioSslFilter

use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.

the class GridTcpRestProtocol method startTcpServer.

/**
     * Tries to start server with given parameters.
     *
     * @param hostAddr Host on which server should be bound.
     * @param port Port on which server should be bound.
     * @param lsnr Server message listener.
     * @param parser Server message parser.
     * @param sslCtx SSL context in case if SSL is enabled.
     * @param cfg Configuration for other parameters.
     * @return {@code True} if server successfully started, {@code false} if port is used and
     *      server was unable to start.
     */
private boolean startTcpServer(InetAddress hostAddr, int port, GridNioServerListener<GridClientMessage> lsnr, GridNioParser parser, @Nullable SSLContext sslCtx, ConnectorConfiguration cfg) {
    try {
        GridNioFilter codec = new GridNioCodecFilter(parser, log, false);
        GridNioFilter[] filters;
        if (sslCtx != null) {
            GridNioSslFilter sslFilter = new GridNioSslFilter(sslCtx, cfg.isDirectBuffer(), ByteOrder.nativeOrder(), log);
            sslFilter.directMode(false);
            boolean auth = cfg.isSslClientAuth();
            sslFilter.wantClientAuth(auth);
            sslFilter.needClientAuth(auth);
            filters = new GridNioFilter[] { codec, sslFilter };
        } else
            filters = new GridNioFilter[] { codec };
        srv = GridNioServer.<GridClientMessage>builder().address(hostAddr).port(port).listener(lsnr).logger(log).selectorCount(cfg.getSelectorCount()).igniteInstanceName(ctx.igniteInstanceName()).serverName("tcp-rest").tcpNoDelay(cfg.isNoDelay()).directBuffer(cfg.isDirectBuffer()).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(cfg.getSendBufferSize()).socketReceiveBufferSize(cfg.getReceiveBufferSize()).sendQueueLimit(cfg.getSendQueueLimit()).filters(filters).directMode(false).build();
        srv.idleTimeout(cfg.getIdleTimeout());
        srv.start();
        ctx.ports().registerPort(port, IgnitePortProtocol.TCP, getClass());
        return true;
    } catch (IgniteCheckedException e) {
        if (log.isDebugEnabled())
            log.debug("Failed to start " + name() + " protocol on port " + port + ": " + e.getMessage());
        return false;
    }
}

Example 3 with GridNioSslFilter

use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.

the class TcpCommunicationSpi method resetNioServer.

/**
     * Recreates tpcSrvr socket instance.
     *
     * @return Server instance.
     * @throws IgniteCheckedException Thrown if it's not possible to create server.
     */
private GridNioServer<Message> resetNioServer() throws IgniteCheckedException {
    if (boundTcpPort >= 0)
        throw new IgniteCheckedException("Tcp NIO server was already created on port " + boundTcpPort);
    IgniteCheckedException lastEx = null;
    // If configured TCP port is busy, find first available in range.
    int lastPort = locPortRange == 0 ? locPort : locPort + locPortRange - 1;
    for (int port = locPort; port <= lastPort; port++) {
        try {
            MessageFactory msgFactory = new MessageFactory() {

                private MessageFactory impl;

                @Nullable
                @Override
                public Message create(short type) {
                    if (impl == null)
                        impl = getSpiContext().messageFactory();
                    assert impl != null;
                    return impl.create(type);
                }
            };
            GridNioMessageReaderFactory readerFactory = new GridNioMessageReaderFactory() {

                private MessageFormatter formatter;

                @Override
                public MessageReader reader(GridNioSession ses, MessageFactory msgFactory) throws IgniteCheckedException {
                    if (formatter == null)
                        formatter = getSpiContext().messageFormatter();
                    assert formatter != null;
                    ConnectionKey key = ses.meta(CONN_IDX_META);
                    return key != null ? formatter.reader(key.nodeId(), msgFactory) : null;
                }
            };
            GridNioMessageWriterFactory writerFactory = new GridNioMessageWriterFactory() {

                private MessageFormatter formatter;

                @Override
                public MessageWriter writer(GridNioSession ses) throws IgniteCheckedException {
                    if (formatter == null)
                        formatter = getSpiContext().messageFormatter();
                    assert formatter != null;
                    ConnectionKey key = ses.meta(CONN_IDX_META);
                    return key != null ? formatter.writer(key.nodeId()) : null;
                }
            };
            GridDirectParser parser = new GridDirectParser(log.getLogger(GridDirectParser.class), msgFactory, readerFactory);
            IgnitePredicate<Message> skipRecoveryPred = new IgnitePredicate<Message>() {

                @Override
                public boolean apply(Message msg) {
                    return msg instanceof RecoveryLastReceivedMessage;
                }
            };
            boolean clientMode = Boolean.TRUE.equals(ignite.configuration().isClientMode());
            IgniteBiInClosure<GridNioSession, Integer> queueSizeMonitor = !clientMode && slowClientQueueLimit > 0 ? new CI2<GridNioSession, Integer>() {

                @Override
                public void apply(GridNioSession ses, Integer qSize) {
                    checkClientQueueSize(ses, qSize);
                }
            } : null;
            GridNioFilter[] filters;
            if (isSslEnabled()) {
                GridNioSslFilter sslFilter = new GridNioSslFilter(ignite.configuration().getSslContextFactory().create(), true, ByteOrder.nativeOrder(), log);
                sslFilter.directMode(true);
                sslFilter.wantClientAuth(true);
                sslFilter.needClientAuth(true);
                filters = new GridNioFilter[] { new GridNioCodecFilter(parser, log, true), new GridConnectionBytesVerifyFilter(log), sslFilter };
            } else
                filters = new GridNioFilter[] { new GridNioCodecFilter(parser, log, true), new GridConnectionBytesVerifyFilter(log) };
            GridNioServer<Message> srvr = GridNioServer.<Message>builder().address(locHost).port(port).listener(srvLsnr).logger(log).selectorCount(selectorsCnt).igniteInstanceName(igniteInstanceName).serverName("tcp-comm").tcpNoDelay(tcpNoDelay).directBuffer(directBuf).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(sockSndBuf).socketReceiveBufferSize(sockRcvBuf).sendQueueLimit(msgQueueLimit).directMode(true).metricsListener(metricsLsnr).writeTimeout(sockWriteTimeout).selectorSpins(selectorSpins).filters(filters).writerFactory(writerFactory).skipRecoveryPredicate(skipRecoveryPred).messageQueueSizeListener(queueSizeMonitor).readWriteSelectorsAssign(usePairedConnections).build();
            boundTcpPort = port;
            // Ack Port the TCP server was bound to.
            if (log.isInfoEnabled()) {
                log.info("Successfully bound communication NIO server to TCP port " + "[port=" + boundTcpPort + ", locHost=" + locHost + ", selectorsCnt=" + selectorsCnt + ", selectorSpins=" + srvr.selectorSpins() + ", pairedConn=" + usePairedConnections + ']');
            }
            srvr.idleTimeout(idleConnTimeout);
            return srvr;
        } catch (IgniteCheckedException e) {
            if (X.hasCause(e, SSLException.class))
                throw new IgniteSpiException("Failed to create SSL context. SSL factory: " + ignite.configuration().getSslContextFactory() + '.', e);
            lastEx = e;
            if (log.isDebugEnabled())
                log.debug("Failed to bind to local port (will try next port within range) [port=" + port + ", locHost=" + locHost + ']');
            onException("Failed to bind to local port (will try next port within range) [port=" + port + ", locHost=" + locHost + ']', e);
        }
    }
    // If free port wasn't found.
    throw new IgniteCheckedException("Failed to bind to any port within range [startPort=" + locPort + ", portRange=" + locPortRange + ", locHost=" + locHost + ']', lastEx);
}