Merge pull request #98 from deleolajide/master

OF-847: Bouncycastle 1.51 for JitsiVideobridge

build/lib/versions.txt

@@ -3,9 +3,9 @@ Name                                |  Version
 ant.jar                             | Jetty 6.1.0 (1.6.5)                                          | Apache 2.0
 ant-contrib.jar                     | 1.0b1                                                        | Apache 2.0
 ant-subdirtask.jar                  | Revision 1.4 (CVS)                                           |
-bcpg-jdk15on.jar                    | 1.50                                                         | See http://www.bouncycastle.org/licence.html
-bcpkix-jdk15on.jar                  | 1.50                                                         | See http://www.bouncycastle.org/licence.html
-bcprov-jdk15on.jar                  | 1.50                                                         | See http://www.bouncycastle.org/licence.html
+bcpg-jdk15on.jar                    | 1.51                                                         | See http://www.bouncycastle.org/licence.html
+bcpkix-jdk15on.jar                  | 1.51                                                         | See http://www.bouncycastle.org/licence.html
+bcprov-jdk15on.jar                  | 1.51                                                         | See http://www.bouncycastle.org/licence.html
 cglib.jar                           | 2.1.3 (JMock 2.1.0)                                          |
 commons-lang.jar                    | 2.3                                                          | Apache 2.0
 commons-logging.jar                 | Jetty 5.1.10                                                 | Apache 2.0

src/java/org/jivesoftware/openfire/net/OCSPChecker.java

@@ -32,6 +32,7 @@ import java.security.cert.PKIXParameters;
 import java.security.cert.TrustAnchor;
 import java.security.cert.X509CertSelector;
 import java.security.cert.X509Certificate;
+
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Iterator;
@@ -40,13 +41,17 @@ import java.util.Set;
 
 import javax.security.auth.x500.X500Principal;
 
-import org.bouncycastle.ocsp.BasicOCSPResp;
-import org.bouncycastle.ocsp.CertificateID;
-import org.bouncycastle.ocsp.CertificateStatus;
-import org.bouncycastle.ocsp.OCSPReq;
-import org.bouncycastle.ocsp.OCSPReqGenerator;
-import org.bouncycastle.ocsp.OCSPResp;
-import org.bouncycastle.ocsp.SingleResp;
+import org.bouncycastle.cert.ocsp.BasicOCSPResp;
+import org.bouncycastle.cert.ocsp.CertificateID;
+import org.bouncycastle.cert.ocsp.CertificateStatus;
+import org.bouncycastle.cert.ocsp.OCSPReq;
+import org.bouncycastle.cert.ocsp.OCSPReqBuilder;
+import org.bouncycastle.cert.ocsp.OCSPResp;
+import org.bouncycastle.cert.ocsp.SingleResp;
+import org.bouncycastle.cert.X509CertificateHolder;
+import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
+import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
+
 import org.jivesoftware.util.JiveGlobals;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -218,11 +223,11 @@ public class OCSPChecker extends PKIXCertPathChecker {
             }
 
             // Construct an OCSP Request
-            OCSPReqGenerator gen = new OCSPReqGenerator();
+            OCSPReqBuilder gen = new OCSPReqBuilder();
 
-            CertificateID certID = new CertificateID(CertificateID.HASH_SHA1, issuerCert, currCert.getSerialNumber());
+            CertificateID certID = new CertificateID(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build().get(CertificateID.HASH_SHA1), new X509CertificateHolder(issuerCert.getEncoded()), currCert.getSerialNumber());
             gen.addRequest(certID);
-            OCSPReq ocspRequest = gen.generate();
+            OCSPReq ocspRequest = gen.build();
 
 
             URL url;
@@ -261,10 +266,10 @@ public class OCSPChecker extends PKIXCertPathChecker {
             BigInteger serialNumber = currCert.getSerialNumber();
             BasicOCSPResp brep = (BasicOCSPResp) ocspResponse.getResponseObject();
             try {
-                if( ! brep.verify(responderCert.getPublicKey(),"BC")) {
+                if( ! brep.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(responderCert.getPublicKey()))) {
                     throw new CertPathValidatorException("OCSP response is not verified");
                 }
-            } catch (NoSuchProviderException e) {
+            } catch (Exception e) {
                 throw new CertPathValidatorException("OCSP response could not be verified ("+e.getMessage()+")" ,null, cp, certIndex);
             }
             SingleResp[] singleResp = brep.getResponses();
@@ -278,11 +283,11 @@ public class OCSPChecker extends PKIXCertPathChecker {
                                 serialNumber.toString() + ") is: good");
                         foundResponse = true;
                         break;
-                    } else if (status instanceof org.bouncycastle.ocsp.RevokedStatus) {
+                    } else if (status instanceof org.bouncycastle.cert.ocsp.RevokedStatus) {
                         Log.debug("OCSPChecker: Status of certificate (with serial number " +
                                 serialNumber.toString() + ") is: revoked");
                         throw new CertPathValidatorException("Certificate has been revoked", null, cp, certIndex);
-                    } else if (status instanceof org.bouncycastle.ocsp.UnknownStatus) {
+                    } else if (status instanceof org.bouncycastle.cert.ocsp.UnknownStatus) {
                         Log.debug("OCSPChecker: Status of certificate (with serial number " +
                                 serialNumber.toString() + ") is: unknown");
                         throw new CertPathValidatorException("Certificate's revocation status is unknown", null, cp, certIndex);

src/java/org/jivesoftware/util/CertificateManager.java

@@ -72,6 +72,7 @@ import org.bouncycastle.asn1.ASN1InputStream;
 import org.bouncycastle.asn1.ASN1TaggedObject;
 import org.bouncycastle.asn1.ASN1Encodable;
 import org.bouncycastle.asn1.DERSequence;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DERObjectIdentifier;
 import org.bouncycastle.asn1.DEROutputStream;
 import org.bouncycastle.asn1.ASN1Sequence;
@@ -386,7 +387,7 @@ public class CertificateManager {
                         ASN1Sequence otherNameSeq = (ASN1Sequence) decoder.readObject();
 
                         // Check the object identifier
-                        DERObjectIdentifier objectId = (DERObjectIdentifier) otherNameSeq.getObjectAt(0);
+                        ASN1ObjectIdentifier objectId = (ASN1ObjectIdentifier) otherNameSeq.getObjectAt(0);
                     	Log.debug("Parsing otherName for subject alternative names: " + objectId.toString() );
 
                         if ( !OTHERNAME_XMPP_OID.equals(objectId.getId())) {

src/plugins/jitsivideobridge/changelog.html

@@ -43,6 +43,12 @@
 Jitsi Video Bridge Plugin Changelog
 </h1>
 
+<p><b>1.3.2</b> -- Oct 30th, 2014</p>
+
+<ul>
+     <li>Added support for clustering</li>
+</ul>
+
 <p><b>1.3.1</b> -- May 10th, 2014</p>
 
 <ul>

src/plugins/jitsivideobridge/plugin.xml

@@ -4,9 +4,9 @@
     <class>org.jitsi.videobridge.openfire.PluginImpl</class>
     <description>Integrates Jitsi Video Bridge into Openfire.</description>
     <licenseType>LGPL</licenseType>
-    <minServerVersion>3.9.2</minServerVersion>
+    <minServerVersion>3.10.0</minServerVersion>
     <name>Jitsi Video Bridge</name>
-    <version>1.3.1</version>
+    <version>1.3.2</version>
 
    <adminconsole>
         <tab id="tab-server">

src/plugins/jitsivideobridge/src/java/org/jitsi/videobridge/openfire/Config.java

@@ -45,7 +45,7 @@ public class Config extends HttpServlet
 			ServletOutputStream out = response.getOutputStream();
 
 			String iceServers = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.iceservers", "");
-			String resolution = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.resolution", "720");
+			String resolution = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.resolution", "360");
 			String audioBandwidth = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.audio.bandwidth", "64");
 			String videoBandwidth = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.video.bandwidth", "512");
 			String useNicks = JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.usenicks", "false");

src/plugins/jitsivideobridge/src/java/org/jitsi/videobridge/openfire/PluginImpl.java

@@ -24,6 +24,8 @@ import org.jivesoftware.openfire.container.*;
 import org.jivesoftware.openfire.muc.*;
 import org.jivesoftware.util.*;
 import org.jivesoftware.openfire.http.HttpBindManager;
+import org.jivesoftware.openfire.cluster.ClusterEventListener;
+import org.jivesoftware.openfire.cluster.ClusterManager;
 import org.jivesoftware.openfire.XMPPServer;
 import org.jivesoftware.openfire.handler.IQHandler;
 import org.jivesoftware.openfire.IQHandlerInfo;
@@ -83,7 +85,7 @@ import org.ifsoft.rtp.*;
  * @author Lyubomir Marinov
  * @author Damian Minkov
  */
-public class PluginImpl  implements Plugin, PropertyEventListener
+public class PluginImpl  implements Plugin, PropertyEventListener, ClusterEventListener
 {
 	private static ConcurrentHashMap<String, FocusAgent> sessions;
     /**
@@ -216,9 +218,50 @@ public class PluginImpl  implements Plugin, PropertyEventListener
      */
     private ExecutorService executorService;
 
+    private File pluginDirectory;
+
+
+
+    /**
+     * Initializes this <tt>Plugin</tt>.
+     *
+     * @param manager the <tt>PluginManager</tt> which loads and manages this
+     * <tt>Plugin</tt>
+     * @param pluginDirectory the directory into which this <tt>Plugin</tt> is
+     * located
+     * @see Plugin#initializePlugin(PluginManager, File)
+     */
+    public void initializePlugin(PluginManager manager, File pluginDirectory)
+    {
+		this.pluginDirectory = pluginDirectory;
+
+		boolean nodejs = XMPPServer.getInstance().getPluginManager().getPlugin("nodejs") != null;
+
+		if (nodejs)
+		{
+			Log.info("Jitsi Videobridge - Found NodeJs Plugin. Starting Etherpad");
+
+			JiveGlobals.setProperty("js.jitsivideobridge.etherpad.path", pluginDirectory.getAbsolutePath() + File.separator + "apps" + File.separator + "ofmeet");
+			JiveGlobals.setProperty("js.jitsivideobridge.etherpad", "node_modules/ep_etherpad-lite/node/server.js");
+		}
+
+		startComponent();
+        ClusterManager.addListener(this);
+	}
 
     public void destroyPlugin()
     {
+		Log.info("Jitsi Videobridge - destroyPlugin");
+
+		stopComponent();
+        ClusterManager.removeListener(this);
+;
+	}
+
+    public void stopComponent()
+    {
+		Log.info("Jitsi Videobridge - stopComponent");
+
         PropertyEventDispatcher.removeListener(this);
 
         executorService.shutdown();
@@ -241,17 +284,10 @@ public class PluginImpl  implements Plugin, PropertyEventListener
 		destroyIQHandlers();
     }
 
-    /**
-     * Initializes this <tt>Plugin</tt>.
-     *
-     * @param manager the <tt>PluginManager</tt> which loads and manages this
-     * <tt>Plugin</tt>
-     * @param pluginDirectory the directory into which this <tt>Plugin</tt> is
-     * located
-     * @see Plugin#initializePlugin(PluginManager, File)
-     */
-    public void initializePlugin(final PluginManager manager, final File pluginDirectory)
+    public void startComponent()
     {
+		Log.info("Jitsi Videobridge - startComponent");
+
         PropertyEventDispatcher.addListener(this);
 
 		System.setProperty("net.java.sip.communicator.SC_HOME_DIR_LOCATION", pluginDirectory.getPath());
@@ -352,22 +388,46 @@ public class PluginImpl  implements Plugin, PropertyEventListener
 				{
 					ce.printStackTrace(System.err);
 				}
+			}
+		});
+    }
 
-				boolean nodejs = XMPPServer.getInstance().getPluginManager().getPlugin("nodejs") != null;
+	@Override
+	public void joinedCluster()
+	{
+		Log.info("Jitsi Videobridge - joinedCluster");
+		stopComponent();
+	}
 
-				if (nodejs)
+	@Override
+	public void joinedCluster(byte[] arg0)
 	{
-					Log.info("Found NodeJs Plugin. Starting Etherpad");
 
-					JiveGlobals.setProperty("js.jitsivideobridge.etherpad.path", pluginDirectory.getAbsolutePath() + File.separator + "apps" + File.separator + "ofmeet");
-					JiveGlobals.setProperty("js.jitsivideobridge.etherpad", "node_modules/ep_etherpad-lite/node/server.js");
+
 	}
+
+	@Override
+	public void leftCluster()
+	{
+		Log.info("Jitsi Videobridge - leftCluster");
+		startComponent();
 	}
-		});
+
+	@Override
+	public void leftCluster(byte[] arg0)
+	{
+
+
 	}
 
-    /**
+	@Override
+	public void markedAsSeniorClusterMember()
+	{
+		Log.info("Jitsi Videobridge - markedAsSeniorClusterMember");
+		startComponent();
+	}
 
+    /**
      */
     private static final SecurityHandler basicAuth(String username, String password, String realm) {
 

src/plugins/jitsivideobridge/src/web/jitsi-videobridge.jsp

@@ -174,7 +174,7 @@
 		    <fmt:message key="config.page.configuration.ofmeet.resolution"/>
 		</td>
 		<td><input type="text" size="10" maxlength="100" name="resolution"
-			   value="<%= JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.resolution", "720") %>">
+			   value="<%= JiveGlobals.getProperty("org.jitsi.videobridge.ofmeet.resolution", "360") %>">
 		</td>
 	    </tr>
 	    <tr>