< prev index next >
src/java.management/share/classes/sun/management/jmxremote/ConnectorBootstrap.java
Print this page
@ rev 12906 : 6425769: jmx remote bind address
|\ Summary: Allow for binding to a specific address via custom socket factories.
| \
| |\
| | \
| | |\
+-+---o rev 11054 : Merge
| | |/
+---o rev 11053 : 8049367: Modular Run-Time Images
| | Reviewed-by: chegar, dfuchs, ihse, joehw, mullan, psandoz, wetmore
| | Contributed-by: alan.bateman@oracle.com, alex.buckley@oracle.com, bradford.wetmore@oracle.com, chris.hegarty@oracle.com, erik.joelsson@oracle.com, james.laskey@oracle.com, jonathan.gibbons@oracle.com, karen.kinnear@oracle.com, magnus.ihse.bursie@oracle.com, mandy.chung@oracle.com, mark.reinhold@oracle.com, paul.sandoz@oracle.com, sundararajan.athijegannathan@oracle.com
| o rev 11007 : 8048050: Agent NullPointerException when rmi.port in use
|/ Reviewed-by: jbachorik, dfuchs
o rev 10469 : 8054834: Modular Source Code
| Reviewed-by: alanb, chegar, ihse, mduigou
| Contributed-by: alan.bateman@oracle.com, alex.buckley@oracle.com, chris.hegarty@oracle.com, erik.joelsson@oracle.com, jonathan.gibbons@oracle.com, karen.kinnear@oracle.com, magnus.ihse.bursie@oracle.com, mandy.chung@oracle.com, mark.reinhold@oracle.com, paul.sandoz@oracle.com
*** 28,47 ****
--- 28,51 ----
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
+ import java.io.Serializable;
import java.lang.management.ManagementFactory;
import java.net.InetAddress;
import java.net.MalformedURLException;
+ import java.net.Socket;
+ import java.net.ServerSocket;
import java.net.UnknownHostException;
import java.rmi.NoSuchObjectException;
import java.rmi.Remote;
import java.rmi.RemoteException;
import java.rmi.registry.Registry;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
+ import java.rmi.server.RMISocketFactory;
import java.rmi.server.RemoteObject;
import java.rmi.server.UnicastRemoteObject;
import java.security.KeyStore;
import java.security.Principal;
import java.util.HashMap;
*** 105,114 ****
--- 109,120 ----
**/
public static interface PropertyNames {
public static final String PORT =
"com.sun.management.jmxremote.port";
+ public static final String HOST =
+ "com.sun.management.jmxremote.host";
public static final String RMI_PORT =
"com.sun.management.jmxremote.rmi.port";
public static final String CONFIG_FILE_NAME =
"com.sun.management.config.file";
public static final String USE_LOCAL_ONLY =
*** 422,435 ****
--- 428,445 ----
accessFileName = props.getProperty(PropertyNames.ACCESS_FILE_NAME,
getDefaultFileName(DefaultValues.ACCESS_FILE_NAME));
checkAccessFile(accessFileName);
}
+ final String bindAddress =
+ props.getProperty(PropertyNames.HOST);
+
if (log.debugOn()) {
log.debug("startRemoteConnectorServer",
Agent.getText("jmxremote.ConnectorBootstrap.starting") +
"\n\t" + PropertyNames.PORT + "=" + port +
+ "\n\t" + PropertyNames.HOST + "=" + bindAddress +
"\n\t" + PropertyNames.RMI_PORT + "=" + rmiPort +
"\n\t" + PropertyNames.USE_SSL + "=" + useSsl +
"\n\t" + PropertyNames.USE_REGISTRY_SSL + "=" + useRegistrySsl +
"\n\t" + PropertyNames.SSL_CONFIG_FILE_NAME + "=" + sslConfigFileName +
"\n\t" + PropertyNames.SSL_ENABLED_CIPHER_SUITES + "=" +
*** 456,466 ****
final JMXConnectorServerData data = exportMBeanServer(
mbs, port, rmiPort, useSsl, useRegistrySsl,
sslConfigFileName, enabledCipherSuitesList,
enabledProtocolsList, sslNeedClientAuth,
useAuthentication, loginConfigName,
! passwordFileName, accessFileName);
cs = data.jmxConnectorServer;
url = data.jmxRemoteURL;
log.config("startRemoteConnectorServer",
Agent.getText("jmxremote.ConnectorBootstrap.ready",
url.toString()));
--- 466,476 ----
final JMXConnectorServerData data = exportMBeanServer(
mbs, port, rmiPort, useSsl, useRegistrySsl,
sslConfigFileName, enabledCipherSuitesList,
enabledProtocolsList, sslNeedClientAuth,
useAuthentication, loginConfigName,
! passwordFileName, accessFileName, bindAddress);
cs = data.jmxConnectorServer;
url = data.jmxRemoteURL;
log.config("startRemoteConnectorServer",
Agent.getText("jmxremote.ConnectorBootstrap.ready",
url.toString()));
*** 626,641 ****
private static SslRMIServerSocketFactory createSslRMIServerSocketFactory(
String sslConfigFileName,
String[] enabledCipherSuites,
String[] enabledProtocols,
! boolean sslNeedClientAuth) {
if (sslConfigFileName == null) {
return new SslRMIServerSocketFactory(
enabledCipherSuites,
enabledProtocols,
! sslNeedClientAuth);
} else {
checkRestrictedFile(sslConfigFileName);
try {
// Load the SSL keystore properties from the config file
Properties p = new Properties();
--- 636,652 ----
private static SslRMIServerSocketFactory createSslRMIServerSocketFactory(
String sslConfigFileName,
String[] enabledCipherSuites,
String[] enabledProtocols,
! boolean sslNeedClientAuth,
! String bindAddress) {
if (sslConfigFileName == null) {
return new SslRMIServerSocketFactory(
enabledCipherSuites,
enabledProtocols,
! sslNeedClientAuth, bindAddress);
} else {
checkRestrictedFile(sslConfigFileName);
try {
// Load the SSL keystore properties from the config file
Properties p = new Properties();
*** 689,699 ****
return new SslRMIServerSocketFactory(
ctx,
enabledCipherSuites,
enabledProtocols,
! sslNeedClientAuth);
} catch (Exception e) {
throw new AgentConfigurationError(AGENT_EXCEPTION, e, e.toString());
}
}
}
--- 700,710 ----
return new SslRMIServerSocketFactory(
ctx,
enabledCipherSuites,
enabledProtocols,
! sslNeedClientAuth, bindAddress);
} catch (Exception e) {
throw new AgentConfigurationError(AGENT_EXCEPTION, e, e.toString());
}
}
}
*** 709,727 ****
String[] enabledProtocols,
boolean sslNeedClientAuth,
boolean useAuthentication,
String loginConfigName,
String passwordFileName,
! String accessFileName)
throws IOException, MalformedURLException {
/* Make sure we use non-guessable RMI object IDs. Otherwise
* attackers could hijack open connections by guessing their
* IDs. */
System.setProperty("java.rmi.server.randomIDs", "true");
! JMXServiceURL url = new JMXServiceURL("rmi", null, rmiPort);
Map<String, Object> env = new HashMap<>();
PermanentExporter exporter = new PermanentExporter();
--- 720,739 ----
String[] enabledProtocols,
boolean sslNeedClientAuth,
boolean useAuthentication,
String loginConfigName,
String passwordFileName,
! String accessFileName,
! String bindAddress)
throws IOException, MalformedURLException {
/* Make sure we use non-guessable RMI object IDs. Otherwise
* attackers could hijack open connections by guessing their
* IDs. */
System.setProperty("java.rmi.server.randomIDs", "true");
! JMXServiceURL url = new JMXServiceURL("rmi", bindAddress, rmiPort);
Map<String, Object> env = new HashMap<>();
PermanentExporter exporter = new PermanentExporter();
*** 744,768 ****
}
}
RMIClientSocketFactory csf = null;
RMIServerSocketFactory ssf = null;
if (useSsl || useRegistrySsl) {
csf = new SslRMIClientSocketFactory();
ssf = createSslRMIServerSocketFactory(
sslConfigFileName, enabledCipherSuites,
! enabledProtocols, sslNeedClientAuth);
}
if (useSsl) {
env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
csf);
env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
ssf);
}
JMXConnectorServer connServer = null;
try {
connServer =
JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
connServer.start();
--- 756,791 ----
}
}
RMIClientSocketFactory csf = null;
RMIServerSocketFactory ssf = null;
+ RMIServerSocketFactory rmiServerSocketFactory = null;
+ RMIClientSocketFactory rmiClientSocketFactory = null;
if (useSsl || useRegistrySsl) {
csf = new SslRMIClientSocketFactory();
ssf = createSslRMIServerSocketFactory(
sslConfigFileName, enabledCipherSuites,
! enabledProtocols, sslNeedClientAuth, bindAddress);
}
if (useSsl) {
env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
csf);
env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
ssf);
}
+ if (bindAddress != null && ssf == null && csf == null) {
+ rmiServerSocketFactory = new HostAwareSocketFactory(bindAddress);
+ rmiClientSocketFactory = new DefaultClientSocketFactory();
+ env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE,
+ rmiServerSocketFactory);
+ env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
+ rmiClientSocketFactory);
+ }
+
JMXConnectorServer connServer = null;
try {
connServer =
JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
connServer.start();
*** 778,787 ****
--- 801,814 ----
if (useRegistrySsl) {
registry =
new SingleEntryRegistry(port, csf, ssf,
"jmxrmi", exporter.firstExported);
+ } else if (rmiClientSocketFactory != null && rmiServerSocketFactory != null ) {
+ registry =
+ new SingleEntryRegistry(port, rmiClientSocketFactory, rmiServerSocketFactory,
+ "jmxrmi", exporter.firstExported);
} else {
registry =
new SingleEntryRegistry(port,
"jmxrmi", exporter.firstExported);
}
*** 811,816 ****
--- 838,876 ----
}
private static final ClassLogger log =
new ClassLogger(ConnectorBootstrap.class.getPackage().getName(),
"ConnectorBootstrap");
+
+ private static class DefaultClientSocketFactory implements RMIClientSocketFactory, Serializable {
+
+ private static final long serialVersionUID = 1034101406854572967L;
+
+ @Override
+ public Socket createSocket(String host, int port) throws IOException {
+ return new Socket(host, port);
+ }
+ }
+
+ private static class HostAwareSocketFactory implements RMIServerSocketFactory {
+
+ private final String bindAddress;
+
+ private HostAwareSocketFactory(String bindAddress) {
+ this.bindAddress = bindAddress;
+ }
+
+ @Override
+ public ServerSocket createServerSocket(int port) throws IOException {
+ if (bindAddress == null) {
+ return new ServerSocket(port);
+ } else {
+ try {
+ InetAddress addr = InetAddress.getByName(bindAddress);
+ return new ServerSocket(port, 0, addr);
+ } catch (UnknownHostException e) {
+ return new ServerSocket(port);
+ }
+ }
+ }
+ }
}
< prev index next >