From: Martin Bobak Date: Mon, 2 Dec 2013 09:30:56 +0000 (+0100) Subject: - remove TLS/SSL support from netconf server and client X-Git-Tag: jenkins-controller-bulk-release-prepare-only-2-1~272^2 X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?p=controller.git;a=commitdiff_plain;h=b7b0bfb90e09d2838fa6717a3cfbc85b93e67e14 - remove TLS/SSL support from netconf server and client - refactoring related to AbstractSslChannelInitializer deletion - common code of initialize method moved to AbstractChannelInitializer - refactoring sal-netconf-connector's NetconfConnectorModule - integration tests reflects current changes - netconf server activator throws InvalidStateException if initial tcp configuration is not found Change-Id: I4fe793866cf9c1927f707943d922b36dae3c6665 Signed-off-by: Martin Bobak --- diff --git a/opendaylight/md-sal/sal-netconf-connector/src/main/java/org/opendaylight/controller/config/yang/md/sal/connector/netconf/NetconfConnectorModule.java b/opendaylight/md-sal/sal-netconf-connector/src/main/java/org/opendaylight/controller/config/yang/md/sal/connector/netconf/NetconfConnectorModule.java index 1275924614..4d0a1ac6b6 100644 --- a/opendaylight/md-sal/sal-netconf-connector/src/main/java/org/opendaylight/controller/config/yang/md/sal/connector/netconf/NetconfConnectorModule.java +++ b/opendaylight/md-sal/sal-netconf-connector/src/main/java/org/opendaylight/controller/config/yang/md/sal/connector/netconf/NetconfConnectorModule.java @@ -77,10 +77,9 @@ public final class NetconfConnectorModule extends org.opendaylight.controller.co EventLoopGroup bossGroup = getBossThreadGroupDependency(); EventLoopGroup workerGroup = getWorkerThreadGroupDependency(); - Optional maybeContext = Optional.absent(); NetconfClientDispatcher dispatcher = null; if(getTcpOnly()) { - dispatcher = new NetconfClientDispatcher(maybeContext , bossGroup, workerGroup); + dispatcher = new NetconfClientDispatcher( bossGroup, workerGroup); } else { AuthenticationHandler authHandler = new LoginPassword(getUsername(),getPassword()); dispatcher = new NetconfSshClientDispatcher(authHandler , bossGroup, workerGroup); diff --git a/opendaylight/netconf/config-persister-impl/src/main/java/org/opendaylight/controller/netconf/persist/impl/ConfigPersisterNotificationHandler.java b/opendaylight/netconf/config-persister-impl/src/main/java/org/opendaylight/controller/netconf/persist/impl/ConfigPersisterNotificationHandler.java index b20577afd2..99b7ee60a2 100644 --- a/opendaylight/netconf/config-persister-impl/src/main/java/org/opendaylight/controller/netconf/persist/impl/ConfigPersisterNotificationHandler.java +++ b/opendaylight/netconf/config-persister-impl/src/main/java/org/opendaylight/controller/netconf/persist/impl/ConfigPersisterNotificationHandler.java @@ -13,6 +13,22 @@ import com.google.common.base.Preconditions; import com.google.common.collect.Sets; import io.netty.channel.EventLoopGroup; import io.netty.channel.nio.NioEventLoopGroup; +import java.io.Closeable; +import java.io.IOException; +import java.io.InputStream; +import java.net.InetSocketAddress; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; +import java.util.regex.Pattern; +import javax.annotation.concurrent.ThreadSafe; +import javax.management.InstanceNotFoundException; +import javax.management.MBeanServerConnection; +import javax.management.Notification; +import javax.management.NotificationListener; +import javax.management.ObjectName; +import javax.xml.xpath.XPathConstants; +import javax.xml.xpath.XPathExpression; import org.opendaylight.controller.config.api.ConflictingVersionException; import org.opendaylight.controller.config.persist.api.ConfigSnapshotHolder; import org.opendaylight.controller.config.persist.api.Persister; @@ -32,24 +48,6 @@ import org.w3c.dom.Document; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import javax.annotation.concurrent.ThreadSafe; -import javax.management.InstanceNotFoundException; -import javax.management.MBeanServerConnection; -import javax.management.Notification; -import javax.management.NotificationListener; -import javax.management.ObjectName; -import javax.net.ssl.SSLContext; -import javax.xml.xpath.XPathConstants; -import javax.xml.xpath.XPathExpression; -import java.io.Closeable; -import java.io.IOException; -import java.io.InputStream; -import java.net.InetSocketAddress; -import java.util.Collections; -import java.util.HashSet; -import java.util.Set; -import java.util.regex.Pattern; - /** * Responsible for listening for notifications from netconf containing latest * committed configuration that should be persisted, and also for loading last @@ -151,7 +149,7 @@ public class ConfigPersisterNotificationHandler implements NotificationListener, long deadline = pollingStart + timeout; while (System.currentTimeMillis() < deadline) { attempt++; - netconfClientDispatcher = new NetconfClientDispatcher(Optional.absent(), nettyThreadgroup, nettyThreadgroup); + netconfClientDispatcher = new NetconfClientDispatcher(nettyThreadgroup, nettyThreadgroup); try { netconfClient = new NetconfClient(this.toString(), address, delay, netconfClientDispatcher); } catch (IllegalStateException e) { diff --git a/opendaylight/netconf/netconf-client/src/main/java/org/opendaylight/controller/netconf/client/NetconfClientDispatcher.java b/opendaylight/netconf/netconf-client/src/main/java/org/opendaylight/controller/netconf/client/NetconfClientDispatcher.java index 62c2113056..6ac57a88c9 100644 --- a/opendaylight/netconf/netconf-client/src/main/java/org/opendaylight/controller/netconf/client/NetconfClientDispatcher.java +++ b/opendaylight/netconf/netconf-client/src/main/java/org/opendaylight/controller/netconf/client/NetconfClientDispatcher.java @@ -8,17 +8,17 @@ package org.opendaylight.controller.netconf.client; -import com.google.common.base.Optional; -import com.google.common.base.Preconditions; import io.netty.channel.EventLoopGroup; import io.netty.channel.socket.SocketChannel; import io.netty.util.HashedWheelTimer; import io.netty.util.concurrent.Future; import io.netty.util.concurrent.Promise; +import java.io.Closeable; +import java.net.InetSocketAddress; import org.opendaylight.controller.netconf.api.NetconfMessage; import org.opendaylight.controller.netconf.api.NetconfSession; import org.opendaylight.controller.netconf.api.NetconfTerminationReason; -import org.opendaylight.controller.netconf.util.AbstractSslChannelInitializer; +import org.opendaylight.controller.netconf.util.AbstractChannelInitializer; import org.opendaylight.protocol.framework.AbstractDispatcher; import org.opendaylight.protocol.framework.ReconnectStrategy; import org.opendaylight.protocol.framework.SessionListener; @@ -26,22 +26,15 @@ import org.opendaylight.protocol.framework.SessionListenerFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLEngine; -import java.io.Closeable; -import java.net.InetSocketAddress; - public class NetconfClientDispatcher extends AbstractDispatcher implements Closeable { private static final Logger logger = LoggerFactory.getLogger(NetconfClient.class); - private final Optional maybeContext; private final NetconfClientSessionNegotiatorFactory negotatorFactory; private final HashedWheelTimer timer; - public NetconfClientDispatcher(final Optional maybeContext, EventLoopGroup bossGroup, EventLoopGroup workerGroup) { + public NetconfClientDispatcher(EventLoopGroup bossGroup, EventLoopGroup workerGroup) { super(bossGroup, workerGroup); - this.maybeContext = Preconditions.checkNotNull(maybeContext); timer = new HashedWheelTimer(); this.negotatorFactory = new NetconfClientSessionNegotiatorFactory(timer); } @@ -57,23 +50,27 @@ public class NetconfClientDispatcher extends AbstractDispatcher promise) { - new ClientSslChannelInitializer(maybeContext, negotatorFactory, sessionListener).initialize(ch, promise); + new ClientChannelInitializer( negotatorFactory, sessionListener).initialize(ch, promise); } }); } - private static class ClientSslChannelInitializer extends AbstractSslChannelInitializer { + private static class ClientChannelInitializer extends AbstractChannelInitializer { private final NetconfClientSessionNegotiatorFactory negotiatorFactory; private final NetconfClientSessionListener sessionListener; - private ClientSslChannelInitializer(Optional maybeContext, - NetconfClientSessionNegotiatorFactory negotiatorFactory, NetconfClientSessionListener sessionListener) { - super(maybeContext); + private ClientChannelInitializer(NetconfClientSessionNegotiatorFactory negotiatorFactory, + NetconfClientSessionListener sessionListener) { this.negotiatorFactory = negotiatorFactory; this.sessionListener = sessionListener; } + @Override + public void initialize(SocketChannel ch, Promise promise) { + super.initialize(ch,promise); + } + @Override protected void initializeAfterDecoder(SocketChannel ch, Promise promise) { ch.pipeline().addLast("negotiator", negotiatorFactory.getSessionNegotiator(new SessionListenerFactory() { @@ -84,12 +81,7 @@ public class NetconfClientDispatcher extends AbstractDispatcher absent(), bossGroup, workerGroup); + super(bossGroup, workerGroup); this.authHandler = authHandler; this.timer = new HashedWheelTimer(); this.negotatorFactory = new NetconfClientSessionNegotiatorFactory(timer); } - @Override public Future createClient(InetSocketAddress address, final NetconfClientSessionListener sessionListener, ReconnectStrategy strat) { return super.createClient(address, strat, new PipelineInitializer() { @@ -88,12 +78,7 @@ public class NetconfSshClientDispatcher extends NetconfClientDispatcher { try { Invoker invoker = Invoker.subsystem("netconf"); ch.pipeline().addFirst(new SshHandler(authenticationHandler, invoker)); - ch.pipeline().addLast("aggregator", new NetconfMessageAggregator(FramingMechanism.EOM)); - ch.pipeline().addLast(handlerFactory.getDecoders()); - initializeAfterDecoder(ch, promise); - ch.pipeline().addLast("frameEncoder", - FramingMechanismHandlerFactory.createHandler(FramingMechanism.EOM)); - ch.pipeline().addLast(handlerFactory.getEncoders()); + super.initialize(ch,promise); } catch (IOException e) { throw new RuntimeException(e); } diff --git a/opendaylight/netconf/netconf-impl/src/main/java/org/opendaylight/controller/netconf/impl/NetconfServerDispatcher.java b/opendaylight/netconf/netconf-impl/src/main/java/org/opendaylight/controller/netconf/impl/NetconfServerDispatcher.java index 882d368a1a..4f60788975 100644 --- a/opendaylight/netconf/netconf-impl/src/main/java/org/opendaylight/controller/netconf/impl/NetconfServerDispatcher.java +++ b/opendaylight/netconf/netconf-impl/src/main/java/org/opendaylight/controller/netconf/impl/NetconfServerDispatcher.java @@ -8,25 +8,21 @@ package org.opendaylight.controller.netconf.impl; -import com.google.common.base.Optional; import io.netty.channel.ChannelFuture; import io.netty.channel.EventLoopGroup; import io.netty.channel.socket.SocketChannel; import io.netty.util.concurrent.Promise; +import java.net.InetSocketAddress; import org.opendaylight.controller.netconf.api.NetconfSession; import org.opendaylight.controller.netconf.impl.util.DeserializerExceptionHandler; -import org.opendaylight.controller.netconf.util.AbstractSslChannelInitializer; +import org.opendaylight.controller.netconf.util.AbstractChannelInitializer; import org.opendaylight.protocol.framework.AbstractDispatcher; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLEngine; -import java.net.InetSocketAddress; - public class NetconfServerDispatcher extends AbstractDispatcher { - private final ServerSslChannelInitializer initializer; + private final ServerChannelInitializer initializer; - public NetconfServerDispatcher(ServerSslChannelInitializer serverChannelInitializer, EventLoopGroup bossGroup, + public NetconfServerDispatcher(ServerChannelInitializer serverChannelInitializer, EventLoopGroup bossGroup, EventLoopGroup workerGroup) { super(bossGroup, workerGroup); this.initializer = serverChannelInitializer; @@ -43,15 +39,13 @@ public class NetconfServerDispatcher extends AbstractDispatcher maybeContext, - NetconfServerSessionNegotiatorFactory negotiatorFactory, + public ServerChannelInitializer(NetconfServerSessionNegotiatorFactory negotiatorFactory, NetconfServerSessionListenerFactory listenerFactory) { - super(maybeContext); this.negotiatorFactory = negotiatorFactory; this.listenerFactory = listenerFactory; } @@ -62,10 +56,6 @@ public class NetconfServerDispatcher extends AbstractDispatcherabsent(), serverNegotiatorFactory, listenerFactory); + NetconfServerDispatcher.ServerChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerChannelInitializer( + serverNegotiatorFactory, listenerFactory); dispatch = new NetconfServerDispatcher(serverChannelInitializer, eventLoopGroup, eventLoopGroup); logger.info("Starting TCP netconf server at {}", address); diff --git a/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/ConcurrentClientsTest.java b/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/ConcurrentClientsTest.java index b363976aae..c0d2687a8a 100644 --- a/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/ConcurrentClientsTest.java +++ b/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/ConcurrentClientsTest.java @@ -14,6 +14,18 @@ import io.netty.channel.ChannelFuture; import io.netty.channel.EventLoopGroup; import io.netty.channel.nio.NioEventLoopGroup; import io.netty.util.HashedWheelTimer; +import java.io.DataOutputStream; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.lang.management.ManagementFactory; +import java.net.InetSocketAddress; +import java.net.Socket; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Set; +import java.util.concurrent.TimeUnit; +import javax.management.ObjectName; import org.apache.commons.io.IOUtils; import org.junit.After; import org.junit.AfterClass; @@ -42,21 +54,6 @@ import org.opendaylight.controller.netconf.util.xml.XmlUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Document; - -import javax.management.ObjectName; -import javax.net.ssl.SSLContext; -import java.io.DataOutputStream; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.lang.management.ManagementFactory; -import java.net.InetSocketAddress; -import java.net.Socket; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import java.util.Set; -import java.util.concurrent.TimeUnit; - import static com.google.common.base.Preconditions.checkNotNull; import static org.junit.Assert.fail; import static org.mockito.Matchers.any; @@ -67,8 +64,7 @@ public class ConcurrentClientsTest { private static final int CONCURRENCY = 16; private static EventLoopGroup nettyGroup = new NioEventLoopGroup(); - public static final NetconfClientDispatcher NETCONF_CLIENT_DISPATCHER = new NetconfClientDispatcher( - Optional. absent(), nettyGroup, nettyGroup); + public static final NetconfClientDispatcher NETCONF_CLIENT_DISPATCHER = new NetconfClientDispatcher( nettyGroup, nettyGroup); @Mock private YangStoreService yangStoreService; @@ -109,8 +105,7 @@ public class ConcurrentClientsTest { NetconfServerSessionListenerFactory listenerFactory = new NetconfServerSessionListenerFactory( factoriesListener, commitNot, idProvider); - NetconfServerDispatcher.ServerSslChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerSslChannelInitializer( - Optional. absent(), serverNegotiatorFactory, listenerFactory); + NetconfServerDispatcher.ServerChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerChannelInitializer(serverNegotiatorFactory, listenerFactory); dispatch = new NetconfServerDispatcher(serverChannelInitializer, nettyGroup, nettyGroup); ChannelFuture s = dispatch.createServer(netconfAddress); diff --git a/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/NetconfDispatcherImplTest.java b/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/NetconfDispatcherImplTest.java index e43febec79..eec96592d8 100644 --- a/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/NetconfDispatcherImplTest.java +++ b/opendaylight/netconf/netconf-impl/src/test/java/org/opendaylight/controller/netconf/impl/NetconfDispatcherImplTest.java @@ -8,21 +8,18 @@ package org.opendaylight.controller.netconf.impl; -import com.google.common.base.Optional; import io.netty.channel.ChannelFuture; import io.netty.channel.EventLoopGroup; import io.netty.channel.nio.NioEventLoopGroup; import io.netty.util.HashedWheelTimer; +import java.lang.management.ManagementFactory; +import java.net.InetSocketAddress; import org.junit.After; import org.junit.Before; import org.junit.Test; import org.opendaylight.controller.netconf.impl.osgi.NetconfOperationServiceFactoryListener; import org.opendaylight.controller.netconf.impl.osgi.NetconfOperationServiceFactoryListenerImpl; -import javax.net.ssl.SSLContext; -import java.lang.management.ManagementFactory; -import java.net.InetSocketAddress; - public class NetconfDispatcherImplTest { private EventLoopGroup nettyGroup; @@ -50,7 +47,7 @@ public class NetconfDispatcherImplTest { NetconfServerSessionListenerFactory listenerFactory = new NetconfServerSessionListenerFactory( factoriesListener, commitNot, idProvider); - NetconfServerDispatcher.ServerSslChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerSslChannelInitializer(Optional.absent(), serverNegotiatorFactory, listenerFactory); + NetconfServerDispatcher.ServerChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerChannelInitializer(serverNegotiatorFactory, listenerFactory); NetconfServerDispatcher dispatch = new NetconfServerDispatcher( diff --git a/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITSecureTest.java b/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITSecureTest.java index 0c22a71c6b..a2b87c113c 100644 --- a/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITSecureTest.java +++ b/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITSecureTest.java @@ -8,11 +8,24 @@ package org.opendaylight.controller.netconf.it; -import com.google.common.base.Optional; import io.netty.channel.ChannelFuture; import io.netty.channel.EventLoopGroup; import io.netty.channel.nio.NioEventLoopGroup; import io.netty.util.HashedWheelTimer; +import java.io.IOException; +import java.io.InputStream; +import java.lang.management.ManagementFactory; +import java.net.InetSocketAddress; +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.util.Collection; +import java.util.List; +import java.util.concurrent.TimeUnit; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -32,21 +45,6 @@ import org.opendaylight.controller.netconf.impl.SessionIdProvider; import org.opendaylight.controller.netconf.impl.osgi.NetconfOperationServiceFactoryListenerImpl; import org.opendaylight.protocol.util.SSLUtil; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import java.io.IOException; -import java.io.InputStream; -import java.lang.management.ManagementFactory; -import java.net.InetSocketAddress; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.util.Collection; -import java.util.List; -import java.util.concurrent.TimeUnit; - public class NetconfITSecureTest extends AbstractConfigTest { private static final InetSocketAddress tlsAddress = new InetSocketAddress("127.0.0.1", 12024); @@ -68,13 +66,12 @@ public class NetconfITSecureTest extends AbstractConfigTest { nettyThreadgroup = new NioEventLoopGroup(); - dispatchS = createDispatcher(Optional.of(getSslContext()), factoriesListener); + dispatchS = createDispatcher(factoriesListener); ChannelFuture s = dispatchS.createServer(tlsAddress); s.await(); } - private NetconfServerDispatcher createDispatcher(Optional sslC, - NetconfOperationServiceFactoryListenerImpl factoriesListener) { + private NetconfServerDispatcher createDispatcher(NetconfOperationServiceFactoryListenerImpl factoriesListener) { SessionIdProvider idProvider = new SessionIdProvider(); NetconfServerSessionNegotiatorFactory serverNegotiatorFactory = new NetconfServerSessionNegotiatorFactory( new HashedWheelTimer(5000, TimeUnit.MILLISECONDS), factoriesListener, idProvider); @@ -82,8 +79,8 @@ public class NetconfITSecureTest extends AbstractConfigTest { NetconfServerSessionListenerFactory listenerFactory = new NetconfServerSessionListenerFactory( factoriesListener, commitNot, idProvider); - NetconfServerDispatcher.ServerSslChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerSslChannelInitializer( - sslC, serverNegotiatorFactory, listenerFactory); + NetconfServerDispatcher.ServerChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerChannelInitializer( + serverNegotiatorFactory, listenerFactory); return new NetconfServerDispatcher(serverChannelInitializer, nettyThreadgroup, nettyThreadgroup); } @@ -114,7 +111,7 @@ public class NetconfITSecureTest extends AbstractConfigTest { @Test public void testSecure() throws Exception { - NetconfClientDispatcher dispatch = new NetconfClientDispatcher(Optional.of(getSslContext()), nettyThreadgroup, nettyThreadgroup); + NetconfClientDispatcher dispatch = new NetconfClientDispatcher(nettyThreadgroup, nettyThreadgroup); try (NetconfClient netconfClient = new NetconfClient("tls-client", tlsAddress, 4000, dispatch)) { } diff --git a/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITTest.java b/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITTest.java index 65cc2b4e37..9483785031 100644 --- a/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITTest.java +++ b/opendaylight/netconf/netconf-it/src/test/java/org/opendaylight/controller/netconf/it/NetconfITTest.java @@ -29,7 +29,6 @@ import java.util.Set; import java.util.concurrent.TimeUnit; import java.util.regex.Pattern; import javax.management.ObjectName; -import javax.net.ssl.SSLContext; import javax.xml.parsers.ParserConfigurationException; import junit.framework.Assert; import org.junit.After; @@ -113,15 +112,14 @@ public class NetconfITTest extends AbstractConfigTest { commitNot = new DefaultCommitNotificationProducer(ManagementFactory.getPlatformMBeanServer()); - dispatch = createDispatcher(Optional. absent(), factoriesListener); + dispatch = createDispatcher(factoriesListener); ChannelFuture s = dispatch.createServer(tcpAddress); s.await(); - clientDispatcher = new NetconfClientDispatcher(Optional.absent(), nettyThreadgroup, nettyThreadgroup); + clientDispatcher = new NetconfClientDispatcher( nettyThreadgroup, nettyThreadgroup); } - private NetconfServerDispatcher createDispatcher(Optional sslC, - NetconfOperationServiceFactoryListenerImpl factoriesListener) { + private NetconfServerDispatcher createDispatcher(NetconfOperationServiceFactoryListenerImpl factoriesListener) { SessionIdProvider idProvider = new SessionIdProvider(); NetconfServerSessionNegotiatorFactory serverNegotiatorFactory = new NetconfServerSessionNegotiatorFactory( new HashedWheelTimer(5000, TimeUnit.MILLISECONDS), factoriesListener, idProvider); @@ -129,8 +127,8 @@ public class NetconfITTest extends AbstractConfigTest { NetconfServerSessionListenerFactory listenerFactory = new NetconfServerSessionListenerFactory( factoriesListener, commitNot, idProvider); - NetconfServerDispatcher.ServerSslChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerSslChannelInitializer( - sslC, serverNegotiatorFactory, listenerFactory); + NetconfServerDispatcher.ServerChannelInitializer serverChannelInitializer = new NetconfServerDispatcher.ServerChannelInitializer( + serverNegotiatorFactory, listenerFactory); return new NetconfServerDispatcher(serverChannelInitializer, nettyThreadgroup, nettyThreadgroup); } diff --git a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/osgi/NetconfSSHActivator.java b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/osgi/NetconfSSHActivator.java index d2f6c8c81c..6f164f93d9 100644 --- a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/osgi/NetconfSSHActivator.java +++ b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/osgi/NetconfSSHActivator.java @@ -30,15 +30,15 @@ public class NetconfSSHActivator implements BundleActivator{ private NetconfSSHServer server; private static final Logger logger = LoggerFactory.getLogger(NetconfSSHActivator.class); + private static final String EXCEPTION_MESSAGE = "Netconf ssh bridge is not available."; @Override public void start(BundleContext context) throws Exception { logger.trace("Starting netconf SSH bridge."); - Optional sshSocketAddressOptional = NetconfConfigUtil.extractSSHNetconfAddress(context); - InetSocketAddress tcpSocketAddress = NetconfConfigUtil.extractTCPNetconfAddress(context, - "TCP is not configured, netconf ssh bridge is not available."); + Optional sshSocketAddressOptional = NetconfConfigUtil.extractSSHNetconfAddress(context,EXCEPTION_MESSAGE); + InetSocketAddress tcpSocketAddress = NetconfConfigUtil.extractTCPNetconfAddress(context,EXCEPTION_MESSAGE); if (sshSocketAddressOptional.isPresent()){ server = NetconfSSHServer.start(sshSocketAddressOptional.get().getPort(),tcpSocketAddress); diff --git a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractChannelInitializer.java b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractChannelInitializer.java index caee542152..aeee2fb04b 100644 --- a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractChannelInitializer.java +++ b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractChannelInitializer.java @@ -11,10 +11,22 @@ package org.opendaylight.controller.netconf.util; import io.netty.channel.socket.SocketChannel; import io.netty.util.concurrent.Promise; import org.opendaylight.controller.netconf.api.NetconfSession; +import org.opendaylight.controller.netconf.util.handler.FramingMechanismHandlerFactory; +import org.opendaylight.controller.netconf.util.handler.NetconfHandlerFactory; +import org.opendaylight.controller.netconf.util.handler.NetconfMessageAggregator; +import org.opendaylight.controller.netconf.util.messages.FramingMechanism; +import org.opendaylight.controller.netconf.util.messages.NetconfMessageFactory; public abstract class AbstractChannelInitializer { - public abstract void initialize(SocketChannel ch, Promise promise); + public void initialize(SocketChannel ch, Promise promise){ + NetconfHandlerFactory handlerFactory = new NetconfHandlerFactory(new NetconfMessageFactory()); + ch.pipeline().addLast("aggregator", new NetconfMessageAggregator(FramingMechanism.EOM)); + ch.pipeline().addLast(handlerFactory.getDecoders()); + initializeAfterDecoder(ch, promise); + ch.pipeline().addLast("frameEncoder", FramingMechanismHandlerFactory.createHandler(FramingMechanism.EOM)); + ch.pipeline().addLast(handlerFactory.getEncoders()); + } protected abstract void initializeAfterDecoder(SocketChannel ch, Promise promise); diff --git a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractSslChannelInitializer.java b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractSslChannelInitializer.java deleted file mode 100644 index d490eb2be6..0000000000 --- a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/AbstractSslChannelInitializer.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved. - * - * This program and the accompanying materials are made available under the - * terms of the Eclipse Public License v1.0 which accompanies this distribution, - * and is available at http://www.eclipse.org/legal/epl-v10.html - */ - -package org.opendaylight.controller.netconf.util; - -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLEngine; - -import org.opendaylight.controller.netconf.api.NetconfMessage; -import org.opendaylight.controller.netconf.api.NetconfSession; -import org.opendaylight.controller.netconf.util.handler.FramingMechanismHandlerFactory; -import org.opendaylight.controller.netconf.util.handler.NetconfMessageAggregator; -import org.opendaylight.controller.netconf.util.messages.FramingMechanism; -import org.opendaylight.controller.netconf.util.messages.NetconfMessageFactory; -import org.opendaylight.protocol.framework.ProtocolHandlerFactory; -import org.opendaylight.protocol.framework.ProtocolMessageDecoder; -import org.opendaylight.protocol.framework.ProtocolMessageEncoder; - -import com.google.common.base.Optional; - -import io.netty.channel.ChannelHandler; -import io.netty.channel.socket.SocketChannel; -import io.netty.handler.ssl.SslHandler; -import io.netty.util.concurrent.Promise; - -public abstract class AbstractSslChannelInitializer extends AbstractChannelInitializer { - - private final Optional maybeContext; - private final NetconfHandlerFactory handlerFactory; - - public AbstractSslChannelInitializer(Optional maybeContext) { - this.maybeContext = maybeContext; - this.handlerFactory = new NetconfHandlerFactory(new NetconfMessageFactory()); - } - - @Override - public void initialize(SocketChannel ch, Promise promise) { - if (maybeContext.isPresent()) { - initSsl(ch); - } - - ch.pipeline().addLast("aggregator", new NetconfMessageAggregator(FramingMechanism.EOM)); - ch.pipeline().addLast(handlerFactory.getDecoders()); - initializeAfterDecoder(ch, promise); - ch.pipeline().addLast("frameEncoder", FramingMechanismHandlerFactory.createHandler(FramingMechanism.EOM)); - ch.pipeline().addLast(handlerFactory.getEncoders()); - } - - private void initSsl(SocketChannel ch) { - SSLEngine sslEngine = maybeContext.get().createSSLEngine(); - initSslEngine(sslEngine); - final SslHandler handler = new SslHandler(sslEngine); - ch.pipeline().addLast("ssl", handler); - } - - protected abstract void initSslEngine(SSLEngine sslEngine); - - private static final class NetconfHandlerFactory extends ProtocolHandlerFactory { - - public NetconfHandlerFactory(final NetconfMessageFactory msgFactory) { - super(msgFactory); - } - - @Override - public ChannelHandler[] getEncoders() { - return new ChannelHandler[] { new ProtocolMessageEncoder(this.msgFactory) }; - } - - @Override - public ChannelHandler[] getDecoders() { - return new ChannelHandler[] { new ProtocolMessageDecoder(this.msgFactory) }; - } - } -} diff --git a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/handler/NetconfHandlerFactory.java b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/handler/NetconfHandlerFactory.java new file mode 100644 index 0000000000..d878c5e819 --- /dev/null +++ b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/handler/NetconfHandlerFactory.java @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ +package org.opendaylight.controller.netconf.util.handler; + +import io.netty.channel.ChannelHandler; +import org.opendaylight.controller.netconf.api.NetconfMessage; +import org.opendaylight.controller.netconf.util.messages.NetconfMessageFactory; +import org.opendaylight.protocol.framework.ProtocolHandlerFactory; +import org.opendaylight.protocol.framework.ProtocolMessageDecoder; +import org.opendaylight.protocol.framework.ProtocolMessageEncoder; + +public class NetconfHandlerFactory extends ProtocolHandlerFactory { + + public NetconfHandlerFactory(final NetconfMessageFactory msgFactory) { + super(msgFactory); + } + + @Override + public ChannelHandler[] getEncoders() { + return new ChannelHandler[] { new ProtocolMessageEncoder(this.msgFactory) }; + } + + @Override + public ChannelHandler[] getDecoders() { + return new ChannelHandler[] { new ProtocolMessageDecoder(this.msgFactory) }; + } + +} diff --git a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/osgi/NetconfConfigUtil.java b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/osgi/NetconfConfigUtil.java index 35e17a2a3e..b1d902d634 100644 --- a/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/osgi/NetconfConfigUtil.java +++ b/opendaylight/netconf/netconf-util/src/main/java/org/opendaylight/controller/netconf/util/osgi/NetconfConfigUtil.java @@ -9,117 +9,50 @@ package org.opendaylight.controller.netconf.util.osgi; import com.google.common.base.Optional; -import org.opendaylight.protocol.util.SSLUtil; -import org.osgi.framework.BundleContext; - -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; import java.net.InetSocketAddress; - +import org.osgi.framework.BundleContext; import static com.google.common.base.Preconditions.checkNotNull; -import static com.google.common.base.Preconditions.checkState; -public class NetconfConfigUtil { + public class NetconfConfigUtil { private static final String PREFIX_PROP = "netconf."; private enum InfixProp { - tcp, tls, ssh + tcp, ssh } private static final String PORT_SUFFIX_PROP = ".port"; private static final String ADDRESS_SUFFIX_PROP = ".address"; - private static final String NETCONF_TLS_KEYSTORE_PROP = PREFIX_PROP + InfixProp.tls + ".keystore"; - private static final String NETCONF_TLS_KEYSTORE_PASSWORD_PROP = NETCONF_TLS_KEYSTORE_PROP + ".password"; - public static InetSocketAddress extractTCPNetconfAddress(BundleContext context, String exceptionMessageIfNotFound) { - Optional inetSocketAddressOptional = extractSomeNetconfAddress(context, InfixProp.tcp); + Optional inetSocketAddressOptional = extractSomeNetconfAddress(context, InfixProp.tcp, exceptionMessageIfNotFound); + if (inetSocketAddressOptional.isPresent() == false) { throw new IllegalStateException("Netconf tcp address not found." + exceptionMessageIfNotFound); } return inetSocketAddressOptional.get(); } - public static Optional extractSSHNetconfAddress(BundleContext context) { - return extractSomeNetconfAddress(context, InfixProp.ssh); - } - - - public static Optional extractTLSConfiguration(BundleContext context) { - Optional address = extractSomeNetconfAddress(context, InfixProp.tls); - if (address.isPresent()) { - String keystoreFileName = context.getProperty(NETCONF_TLS_KEYSTORE_PROP); - File keystoreFile = new File(keystoreFileName); - checkState(keystoreFile.exists() && keystoreFile.isFile() && keystoreFile.canRead(), - "Keystore file %s does not exist or is not readable file", keystoreFileName); - keystoreFile = keystoreFile.getAbsoluteFile(); - String keystorePassword = context.getProperty(NETCONF_TLS_KEYSTORE_PASSWORD_PROP); - checkNotNull(keystoreFileName, "Property %s must be defined for tls netconf server", - NETCONF_TLS_KEYSTORE_PROP); - keystorePassword = keystorePassword != null ? keystorePassword : ""; - return Optional.of(new TLSConfiguration(address.get(), keystoreFile, keystorePassword)); - } else { - return Optional.absent(); - } - } - - public static class TLSConfiguration { - private final InetSocketAddress address; - private final File keystoreFile; - private final String keystorePassword; - private final SSLContext sslContext; - - TLSConfiguration(InetSocketAddress address, File keystoreFile, String keystorePassword) { - this.address = address; - this.keystoreFile = keystoreFile; - this.keystorePassword = keystorePassword; - try { - try (InputStream keyStoreIS = new FileInputStream(keystoreFile)) { - try (InputStream trustStoreIS = new FileInputStream(keystoreFile)) { - sslContext = SSLUtil.initializeSecureContext("password", keyStoreIS, trustStoreIS, KeyManagerFactory.getDefaultAlgorithm()); - } - } - } catch (Exception e) { - throw new RuntimeException("Cannot initialize ssl context for netconf file " + keystoreFile, e); - } - } - - public SSLContext getSslContext() { - return sslContext; - } - - public InetSocketAddress getAddress() { - return address; - } - - public File getKeystoreFile() { - return keystoreFile; - } - - public String getKeystorePassword() { - return keystorePassword; - } + public static Optional extractSSHNetconfAddress(BundleContext context, String exceptionMessage) { + return extractSomeNetconfAddress(context, InfixProp.ssh, exceptionMessage); } /** * @param context * from which properties are being read. * @param infixProp - * either tcp or tls - * @return absent if address is missing, value if address and port are - * valid. + * either tcp or ssh + * @return value if address and port are valid. * @throws IllegalStateException - * if address or port are invalid + * if address or port are invalid, or configuration is missing */ private static Optional extractSomeNetconfAddress(BundleContext context, - InfixProp infixProp) { + InfixProp infixProp, String exceptionMessage) { String address = context.getProperty(PREFIX_PROP + infixProp + ADDRESS_SUFFIX_PROP); if (address == null) { - return Optional.absent(); + throw new IllegalStateException("Cannot find initial netconf configuration for parameter " + +PREFIX_PROP + infixProp + ADDRESS_SUFFIX_PROP + +" in config.ini. "+exceptionMessage); } String portKey = PREFIX_PROP + infixProp + PORT_SUFFIX_PROP; String portString = context.getProperty(portKey);