Added passing of bosh and tcp client ports to Clearspace. Also made index.jsp...

Added passing of bosh and tcp client ports to Clearspace.  Also made index.jsp actually REALLY indicate whether ssl services are available.

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10596 b35dd754-fafc-0310-a699-88a17e54d16e

src/java/org/jivesoftware/openfire/clearspace/ClearspaceManager.java

@@ -17,12 +17,15 @@ import org.apache.commons.httpclient.auth.AuthScope;
 import org.apache.commons.httpclient.methods.*;
 import org.apache.commons.httpclient.protocol.Protocol;
 import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
+import org.apache.mina.transport.socket.nio.SocketAcceptor;
 import org.dom4j.*;
 import org.dom4j.io.XMPPPacketReader;
 import org.jivesoftware.openfire.IQResultListener;
 import org.jivesoftware.openfire.IQRouter;
 import org.jivesoftware.openfire.XMPPServer;
 import org.jivesoftware.openfire.XMPPServerInfo;
+import org.jivesoftware.openfire.spi.ConnectionManagerImpl;
+import org.jivesoftware.openfire.http.HttpBindManager;
 import org.jivesoftware.openfire.auth.AuthFactory;
 import org.jivesoftware.openfire.auth.UnauthorizedException;
 import static org.jivesoftware.openfire.clearspace.ClearspaceManager.HttpType.GET;
@@ -32,7 +35,9 @@ import org.jivesoftware.openfire.container.BasicModule;
 import org.jivesoftware.openfire.group.GroupNotFoundException;
 import org.jivesoftware.openfire.muc.spi.MultiUserChatServiceImpl;
 import org.jivesoftware.openfire.net.MXParser;
+import org.jivesoftware.openfire.net.SSLConfig;
 import org.jivesoftware.openfire.session.ComponentSession;
+import org.jivesoftware.openfire.session.LocalClientSession;
 import org.jivesoftware.openfire.user.UserNotFoundException;
 import org.jivesoftware.util.*;
 import org.jivesoftware.util.cache.Cache;
@@ -49,6 +54,8 @@ import java.net.*;
 import java.util.*;
 import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.TimeUnit;
+import java.security.KeyStore;
+import java.security.cert.X509Certificate;
 
 
 /**
@@ -62,7 +69,7 @@ import java.util.concurrent.TimeUnit;
  *
  * @author Daniel Henninger
  */
-public class ClearspaceManager extends BasicModule implements ExternalComponentManagerListener, ComponentEventListener {
+public class ClearspaceManager extends BasicModule implements ExternalComponentManagerListener, ComponentEventListener, PropertyEventListener, CertificateEventListener {
     /**
      * This is the username of the user that Openfires uses to connect
      * to Clearspace. It is fixed a well known by Openfire and Clearspace.
@@ -489,8 +496,12 @@ public class ClearspaceManager extends BasicModule implements ExternalComponentM
             }
             // Listen for changes to external component settings
             ExternalComponentManager.addListener(this);
-            // List for registration of new components
+            // Listen for registration of new components
             InternalComponentManager.getInstance().addListener(this);
+            // Listen for changes in certificates
+            CertificateManager.addListener(this);
+            // Listen for property changes
+            PropertyEventDispatcher.addListener(this);
             // Set up custom clearspace MUC service
             // Create service if it doesn't exist, load if it does.
             MultiUserChatServiceImpl muc = (MultiUserChatServiceImpl)XMPPServer.getInstance().getMultiUserChatManager().getMultiUserChatService(MUC_SUBDOMAIN);
@@ -583,6 +594,9 @@ public class ClearspaceManager extends BasicModule implements ExternalComponentM
         try {
 
             XMPPServerInfo serverInfo = XMPPServer.getInstance().getServerInfo();
+            ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager());
+            SocketAcceptor socketAcceptor = connectionManager.getSocketAcceptor();
+            HttpBindManager httpBindManager = HttpBindManager.getInstance();
 
             String path = IM_URL_PREFIX + "configureComponent/";
 
@@ -598,8 +612,38 @@ public class ClearspaceManager extends BasicModule implements ExternalComponentM
             Element portE = rootE.addElement("port");
             portE.setText(String.valueOf(ExternalComponentManager.getServicePort()));
 
+            Integer boshUnsecurePort = 0;
+            Integer boshSecurePort = 0;
+            Integer tcpPort = 0;
+            if (httpBindManager.isHttpBindEnabled()) {
+                if (httpBindManager.getHttpBindSecurePort() > 0) {
+                    boshSecurePort = httpBindManager.getHttpBindSecurePort();
+                }
+                if (httpBindManager.getHttpBindUnsecurePort() > 0) {
+                    boshUnsecurePort = httpBindManager.getHttpBindUnsecurePort();
+                }
+            } 
+            if (socketAcceptor != null) {
+                for (SocketAddress socketAddress : socketAcceptor.getManagedServiceAddresses()) {
+                    InetSocketAddress address = (InetSocketAddress) socketAddress;
+                    tcpPort = address.getPort();
+                    break;
+                }
+            }
+
+            Element boshSecurePortElem = rootE.addElement("clientBoshSslPort");
+            boshSecurePortElem.setText(String.valueOf(boshSecurePort));
+
+            Element boshUnsecurePortElem = rootE.addElement("clientBoshPort");
+            boshUnsecurePortElem.setText(String.valueOf(boshUnsecurePort));
+
+            Element tcpPortElem = rootE.addElement("clientTcpPort");
+            tcpPortElem.setText(String.valueOf(tcpPort));
+
             Log.debug("Trying to configure Clearspace with: Domain: " + serverInfo.getXMPPDomain() + ", hosts: " +
-                    bindInterfaces.toString() + ", port: " + port);
+                    bindInterfaces.toString() + ", port: " + port + ", client bosh ssl port: " + boshSecurePort
+                    + ", client bosh port: " + boshUnsecurePort + ", client tcp port: " + tcpPort
+            );
 
             executeRequest(POST, path, rootE.asXML());
 
@@ -693,6 +737,46 @@ public class ClearspaceManager extends BasicModule implements ExternalComponentM
 
     }
 
+    private void updateClearspaceClientSettings() {
+        String xmppBoshSslPort = "0";
+        String xmppBoshPort = "0";
+        String xmppPort = String.valueOf(XMPPServer.getInstance().getConnectionManager().getClientListenerPort());
+        if (JiveGlobals.getBooleanProperty(HttpBindManager.HTTP_BIND_ENABLED, HttpBindManager.HTTP_BIND_ENABLED_DEFAULT)) {
+            int boshSslPort = HttpBindManager.getInstance().getHttpBindSecurePort();
+            int boshPort = HttpBindManager.getInstance().getHttpBindUnsecurePort();
+            try {
+                if (CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), XMPPServer.getInstance().getServerInfo().getXMPPDomain()) && LocalClientSession.getTLSPolicy() != org.jivesoftware.openfire.Connection.TLSPolicy.disabled && boshSslPort > 0) {
+                    xmppBoshSslPort = String.valueOf(boshSslPort);
+                }
+            }
+            catch (Exception e) {
+                // Exception while working with certificate
+                Log.debug("Error while checking SSL certificate.  Instructing Clearspace not to use SSL port.");
+            }
+            if (boshPort > 0) {
+                xmppBoshPort = String.valueOf(boshPort);
+            }
+        }
+
+        try {
+            String path = IM_URL_PREFIX + "updateClientSettings/";
+
+            // Creates the XML with the data
+            Document groupDoc = DocumentHelper.createDocument();
+            Element rootE = groupDoc.addElement("updateClientSettings");
+            rootE.addElement("boshSslPort").setText(xmppBoshSslPort);
+            rootE.addElement("boshPort").setText(xmppBoshPort);
+            rootE.addElement("tcpPort").setText(xmppPort);
+
+            executeRequest(POST, path, groupDoc.asXML());
+        } catch (UnauthorizedException ue) {
+            Log.error("Error updating the client settings of Clearspace", ue);
+        } catch (Exception e) {
+            Log.error("Error updating the client settings of Clearspace", e);
+        }
+
+    }
+
     public void serviceEnabled(boolean enabled) throws ModificationNotAllowedException {
         // Do not let admins shutdown the external component service
         if (!enabled) {
@@ -1161,6 +1245,41 @@ public class ClearspaceManager extends BasicModule implements ExternalComponentM
         return System.currentTimeMillis() - time < JiveConstants.MINUTE;
     }
 
+    public void propertySet(String property, Map params) {
+        if (property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_ENABLED) ||
+                property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_PORT) ||
+                property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_SECURE_PORT) ||
+                property.equalsIgnoreCase("xmpp.socket.plain.port")) {
+            updateClearspaceClientSettings();
+        }
+    }
+
+    public void propertyDeleted(String property, Map params) {
+        if (property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_ENABLED) ||
+                property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_PORT) ||
+                property.equalsIgnoreCase(HttpBindManager.HTTP_BIND_SECURE_PORT) ||
+                property.equalsIgnoreCase("xmpp.socket.plain.port")) {
+            updateClearspaceClientSettings();
+        }
+    }
+
+    public void xmlPropertySet(String property, Map params) {
+    }
+
+    public void xmlPropertyDeleted(String property, Map params) {
+    }
+
+    public void certificateCreated(KeyStore keyStore, String alias, X509Certificate cert) {
+        updateClearspaceClientSettings();
+    }
+
+    public void certificateDeleted(KeyStore keyStore, String alias) {
+        updateClearspaceClientSettings();
+    }
+
+    public void certificateSigned(KeyStore keyStore, String alias, List<X509Certificate> certificates) {
+    }
+
     private class ConfigClearspaceTask extends TimerTask {
 
         public void run() {

src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java

@@ -50,6 +50,7 @@ public class AdminConsolePlugin implements Plugin {
     private ContextHandlerCollection contexts;
     private CertificateEventListener certificateListener;
     private boolean restartNeeded = false;
+    private boolean sslEnabled = false;
 
     private File pluginDir;
 
@@ -92,6 +93,7 @@ public class AdminConsolePlugin implements Plugin {
         }
 
         // Create a connector for https traffic if it's enabled.
+        sslEnabled = false;
         try {
             if (adminSecurePort > 0 && CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), "*"))
             {
@@ -115,6 +117,8 @@ public class AdminConsolePlugin implements Plugin {
                 httpsConnector.setKeystoreType(SSLConfig.getStoreType());
                 httpsConnector.setKeystore(SSLConfig.getKeystoreLocation());
                 adminServer.addConnector(httpsConnector);
+
+                sslEnabled = true;
             }
         }
         catch (Exception e) {
@@ -217,6 +221,9 @@ public class AdminConsolePlugin implements Plugin {
      * @return the SSL port on which the admin console is current operating.
      */
     public int getAdminSecurePort() {
+        if (!sslEnabled) {
+            return 0;
+        }
         return adminSecurePort;
     }
 

src/java/org/jivesoftware/openfire/http/HttpBindManager.java

@@ -58,6 +58,8 @@ public final class HttpBindManager {
 
     private int bindSecurePort;
 
+    private boolean sslEnabled = false;
+
     private CertificateListener certificateListener;
 
     private HttpSessionManager httpSessionManager;
@@ -276,8 +278,12 @@ public final class HttpBindManager {
             httpBindServer.addConnector(httpConnector);
         }
         if (httpsConnector != null) {
+            sslEnabled = true;
             httpBindServer.addConnector(httpsConnector);
         }
+        else {
+            sslEnabled = false;
+        }
 
         createBoshHandler(contexts, "/http-bind");
         createCrossDomainHandler(contexts, "/");
@@ -357,6 +363,9 @@ public final class HttpBindManager {
      * @return the HTTP binding port which uses SSL.
      */
     public int getHttpBindSecurePort() {
+        if (!sslEnabled) {
+            return 0;
+        }
         return JiveGlobals.getIntProperty(HTTP_BIND_SECURE_PORT, HTTP_BIND_SECURE_PORT_DEFAULT);
     }
 

src/web/index.jsp

@@ -444,11 +444,15 @@
     <tr>
         <td><%= "0.0.0.0".equals(address.getHostName()) ? LocaleUtils.getLocalizedString("ports.all_ports") : address.getHostName() %></td>
         <td><%= address.getPort() %></td>
-        <% if (LocalClientSession.getTLSPolicy() == org.jivesoftware.openfire.Connection.TLSPolicy.disabled) { %>
+        <% try { %>
+        <% if (!CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), XMPPServer.getInstance().getServerInfo().getXMPPDomain()) || LocalClientSession.getTLSPolicy() == org.jivesoftware.openfire.Connection.TLSPolicy.disabled) { %>
             <td><img src="images/blank.gif" width="1" height="1" alt=""/></td>
         <% } else { %>
             <td><img src="images/lock.gif" width="16" height="16" border="0" alt=""/></td>
         <% } %>
+        <% } catch (Exception e) { %>
+            <td><img src="images/blank.gif" width="1" height="1" alt=""/></td>
+        <% } %>
         <td><fmt:message key="ports.client_to_server" /></td>
         <td><fmt:message key="ports.client_to_server.desc">
             <fmt:param value="<a href='ssl-settings.jsp'>" />
@@ -536,6 +540,9 @@
         <td><fmt:message key="ports.admin_console" /></td>
         <td><fmt:message key="ports.admin_console.desc_unsecured" /></td>
     </tr>
+    <%
+        if (adminConsolePlugin.getAdminSecurePort() > 0) {
+    %>
     <tr>
         <td><%= interfaceName == null ? LocaleUtils.getLocalizedString("ports.all_ports") : interfaceName %></td>
         <td><%= adminConsolePlugin.getAdminSecurePort() %></td>
@@ -543,6 +550,7 @@
         <td><fmt:message key="ports.admin_console" /></td>
         <td><fmt:message key="ports.admin_console.desc_secured" /></td>
     </tr>
+    <% } %>
     <%
         if (fileTransferProxy.isProxyEnabled()) {
     %>