Bug-1383: BGP listener should fail to configure if we do not have privileges

-verify if has root privileges, before BGP server is created.
-changed bgp's binding port initial configuration to 1790

Change-Id: Ic15c5c18ee773902b060fde733fe54f3a7a8526c
Signed-off-by: Milos Fabian <milfabia@cisco.com>

diff --git a/bgp/controller-config/src/main/resources/initial/41-bgp-example.xml b/bgp/controller-config/src/main/resources/initial/41-bgp-example.xml
index b32ffc045c4bbbb54509eac6339f04d67d87d0df..d4fcc5dd6d5370ee5a706f5d24b2eee76218d5e7 100644 (file)
--- a/bgp/controller-config/src/main/resources/initial/41-bgp-example.xml
+++ b/bgp/controller-config/src/main/resources/initial/41-bgp-example.xml
@@ -43,7 +43,9 @@
 
                     <!--Default parameters-->
                     <!--<binding-address>0.0.0.0</binding-address>-->
-                    <!--<binding-port>179</binding-port>-->
+
+                    <!--Default binding-port 179-->
+                    <binding-port>1790</binding-port>
 
                     <accepting-bgp-dispatcher>
                         <type xmlns:prefix="urn:opendaylight:params:xml:ns:yang:controller:bgp:rib:impl">prefix:bgp-dispatcher</type>

diff --git a/bgp/rib-impl/src/main/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModule.java b/bgp/rib-impl/src/main/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModule.java
index 7f5b67ec41d6b7ec761debec59b885829a15c8e7..51a9a9c4de4d6994d7e4613b5f3d10b97962ad60 100644 (file)
--- a/bgp/rib-impl/src/main/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModule.java
+++ b/bgp/rib-impl/src/main/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModule.java
@@ -4,14 +4,16 @@ import com.google.common.collect.Lists;
 import io.netty.channel.ChannelFuture;
 import io.netty.util.concurrent.Future;
 import io.netty.util.concurrent.GenericFutureListener;
+import io.netty.util.internal.PlatformDependent;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.UnknownHostException;
+import java.security.AccessControlException;
 import org.opendaylight.controller.config.api.JmxAttributeValidationException;
 import org.opendaylight.protocol.bgp.rib.impl.BGPServerSessionValidator;
 
 /**
-* BGP peer acceptor that handles incomming bgp connections.
+* BGP peer acceptor that handles incoming bgp connections.
 */
 public class BGPPeerAcceptorModule extends org.opendaylight.controller.config.yang.bgp.rib.impl.AbstractBGPPeerAcceptorModule {
     public BGPPeerAcceptorModule(org.opendaylight.controller.config.api.ModuleIdentifier identifier, org.opendaylight.controller.config.api.DependencyResolver dependencyResolver) {
@@ -24,6 +26,10 @@ public class BGPPeerAcceptorModule extends org.opendaylight.controller.config.ya
 
     @Override
     public void customValidation() {
+        // check if unix root user
+        if (!PlatformDependent.isWindows() && !PlatformDependent.isRoot() && getBindingPort().getValue() < 1024) {
+            throw new AccessControlException("Unable to bind port " + getBindingPort().getValue() + " while running as non-root user.");
+        }
         // Try to parse address
         try {
             getAddress();

diff --git a/bgp/rib-impl/src/test/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModuleTest.java b/bgp/rib-impl/src/test/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModuleTest.java
index 05220c6c99d595229611c47ab46497f313bf4764..3272d5d74b522d0aac9fff3bbb4eecc7e13e1ac8 100644 (file)
--- a/bgp/rib-impl/src/test/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModuleTest.java
+++ b/bgp/rib-impl/src/test/java/org/opendaylight/controller/config/yang/bgp/rib/impl/BGPPeerAcceptorModuleTest.java
@@ -7,6 +7,7 @@
  */
 package org.opendaylight.controller.config.yang.bgp.rib.impl;
 
+import static org.junit.Assert.fail;
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.anyBoolean;
 import static org.mockito.Mockito.doNothing;
@@ -19,10 +20,12 @@ import com.google.common.collect.Lists;
 import io.netty.channel.Channel;
 import io.netty.channel.ChannelFuture;
 import io.netty.util.concurrent.GenericFutureListener;
+import io.netty.util.internal.PlatformDependent;
 import java.net.InetSocketAddress;
 import java.util.List;
 import javax.management.InstanceAlreadyExistsException;
 import javax.management.ObjectName;
+import junit.framework.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.mockito.Mock;
@@ -67,11 +70,19 @@ public class BGPPeerAcceptorModuleTest extends AbstractConfigTest {
     }
 
     @Test
-    public void testCreateBeanDefaultAddress() throws Exception {
-        final CommitStatus status = createRegistryInstance(Optional.<String>absent(), Optional.<Integer>absent(), true, true);
-        assertBeanCount(1, FACTORY_NAME);
-        assertStatus(status, 3, 0, 0);
-        verify(dispatcher).createServer(any(BGPPeerRegistry.class), any(InetSocketAddress.class), any(BGPSessionValidator.class));
+    public void testCreateBeanDefaultAddress() throws InstanceAlreadyExistsException, ConflictingVersionException, ValidationException {
+        try {
+            final CommitStatus status = createRegistryInstance(Optional.<String>absent(), Optional.<Integer>absent(), true, true);
+            assertBeanCount(1, FACTORY_NAME);
+            assertStatus(status, 3, 0, 0);
+            verify(dispatcher).createServer(any(BGPPeerRegistry.class), any(InetSocketAddress.class), any(BGPSessionValidator.class));
+        } catch (ValidationException e) {
+            if(!PlatformDependent.isWindows() && !PlatformDependent.isRoot()) {
+                Assert.assertTrue(e.getMessage().contains("Unable to bind port"));
+            } else {
+                fail();
+            }
+        }
     }
 
     @Test