Commit 933c9cc6 authored by Tom Evans's avatar Tom Evans

OF-626: BOSH enhancements

- Removed non-functional stream-based compression in favor of HTTP
transport compression (per spec
http://xmpp.org/extensions/xep-0206.html#create).
- Prevent runaway session initiation storms (via strophe) by returning a
400 HTTP error if a client attempts to deliver stanza(s) without a valid
sid (per spec http://xmpp.org/extensions/xep-0124.html#session-request).
- Use maxRequests to determine how many pending stanzas to preserve
while enabling delivery via multiple BOSH connections (per spec
http://xmpp.org/extensions/xep-0124.html#rids-broken)
parent c30b216a
......@@ -22,6 +22,7 @@ jetty-io.jar | Jetty 9.1.5.v20140505
jetty-security.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-server.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-servlet.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-servlets.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-util.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-webapp.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-websocket.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
......
......@@ -23,10 +23,17 @@ package org.jivesoftware.openfire.http;
import java.io.File;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.ForwardedRequestCustomizer;
import org.eclipse.jetty.server.Handler;
......@@ -39,15 +46,19 @@ import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.servlets.GzipFilter;
import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.webapp.WebAppContext;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.JMXManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.net.SSLConfig;
import org.jivesoftware.openfire.session.ConnectionSettings;
import org.jivesoftware.util.CertificateEventListener;
import org.jivesoftware.util.CertificateManager;
import org.jivesoftware.util.JiveGlobals;
......@@ -108,6 +119,13 @@ public final class HttpBindManager {
public static Map<String, Boolean> HTTP_BIND_ALLOWED_ORIGINS = new HashMap<String, Boolean>();
private static HttpBindManager instance = new HttpBindManager();
// Compression "disabled" by default; use "optional" to enable compression (restart required)
// When enabled, http response will be compressed if the http request includes an
// "Accept" header with a value of "gzip" and/or "deflate"
private static boolean isCompressionEnabled = !(JiveGlobals.getProperty(
ConnectionSettings.Server.COMPRESSION_SETTINGS, Connection.CompressionPolicy.disabled.toString())
.equalsIgnoreCase(Connection.CompressionPolicy.disabled.toString()));
private Server httpBindServer;
......@@ -552,9 +570,27 @@ public final class HttpBindManager {
{
ServletContextHandler context = new ServletContextHandler(contexts, boshPath, ServletContextHandler.SESSIONS);
context.addServlet(new ServletHolder(new HttpBindServlet()),"/*");
}
private void createCrossDomainHandler(ContextHandlerCollection contexts, String crossPath)
if (isHttpCompressionEnabled()) {
Filter gzipFilter = new GzipFilter() {
@Override
public void init(FilterConfig config) throws ServletException {
super.init(config);
_methods.add(HttpMethod.POST.asString());
Log.info("Installed response compression filter");
}
};
FilterHolder filterHolder = new FilterHolder();
filterHolder.setFilter(gzipFilter);
context.addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
}
}
// NOTE: disabled by default
private boolean isHttpCompressionEnabled() {
return isCompressionEnabled;
}
private void createCrossDomainHandler(ContextHandlerCollection contexts, String crossPath)
{
ServletContextHandler context = new ServletContextHandler(contexts, crossPath, ServletContextHandler.SESSIONS);
context.addServlet(new ServletHolder(new FlashCrossDomainServlet()),"");
......
......@@ -168,9 +168,16 @@ public class HttpBindServlet extends HttpServlet {
String sid = node.attributeValue("sid");
// We have a new session
if (sid == null) {
createNewSession(request, response, node);
if (node.elements().size() > 0) {
// invalid session request; missing sid
Log.warn("Invalid client request; SID is required. [" + request.getRemoteAddr() + "]");
sendLegacyError(response, BoshBindingError.badRequest);
return;
} else {
// We have a new session
createNewSession(request, response, node);
}
}
else {
handleSessionRequest(sid, request, response, node);
......
......@@ -157,16 +157,6 @@ public class HttpSession extends LocalClientSession {
}
}
// Include Stream Compression Mechanism
if (conn.getCompressionPolicy() != Connection.CompressionPolicy.disabled &&
!conn.isCompressed()) {
Element compression = DocumentHelper.createElement(new QName("compression",
new Namespace("", "http://jabber.org/features/compress")));
Element method = compression.addElement("method");
method.setText("zlib");
elements.add(compression);
}
if (XMPPServer.getInstance().getIQRegisterHandler().isInbandRegEnabled()) {
elements.add(DocumentHelper.createElement(new QName("register",
new Namespace("", "http://jabber.org/features/iq-register"))));
......@@ -853,7 +843,7 @@ public class HttpSession extends LocalClientSession {
Delivered delivered = new Delivered(deliverable);
delivered.setRequestID(connection.getRequestId());
while (sentElements.size() > hold) {
while (sentElements.size() > maxRequests) {
sentElements.remove(0);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment