Noe core clean up (#107)

UpgradeProtocol for connctors + refactoring

Co-authored-by: Thanos Ploumis <[email protected]>
Co-authored-by: Jan Stefl <[email protected]>

Author: 3 people

core/src/main/groovy/noe/server/Tomcat.groovy

@@ -628,6 +628,7 @@ class Tomcat extends ServerAbstract implements WorkerServer {
     this.updateConfReplaceRegExp('server.xml', '<Connector port="8009" protocol="AJP/1.3"', '<Connector port="' + Integer.valueOf(8009 + offset) + '" protocol="AJP/1.3"', true, true)
   }
 
+  @Deprecated
   void enableSslJsse() {
     def nl = platform.nl
     def aprListener = '<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />'
@@ -642,6 +643,7 @@ class Tomcat extends ServerAbstract implements WorkerServer {
     updateConfReplaceRegExp('server.xml', dummyComment, enableJavaSsl, true, true)
   }
 
+  @Deprecated
   void enableSslOpenSsl() {
     def nl = platform.nl
     def dummyComment = '<!-- Define an AJP 1.3 Connector on port 8009 -->'
@@ -655,6 +657,7 @@ class Tomcat extends ServerAbstract implements WorkerServer {
     updateConfReplaceRegExp('server.xml', dummyComment, enableOpenSsl, true, true)
   }
 
+  @Deprecated
   void enableSslNIOProtocol() {
     def nl = platform.nl
     def aprListener = '<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />'

core/src/main/groovy/noe/tomcat/configure/AjpConnectorTomcat.groovy

@@ -19,6 +19,10 @@ public class AjpConnectorTomcat extends ConnectorTomcatAbstract<AjpConnectorTomc
   private String secret
   private String allowedRequestAttributesPattern
 
+  public AjpConnectorTomcat() {
+    protocol = "AJP/1.3"
+  }
+
   Boolean getSecretRequired() {
     return secretRequired
   }

core/src/main/groovy/noe/tomcat/configure/ConnectorAttributesTransformer.groovy

@@ -14,25 +14,25 @@ class ConnectorAttributesTransformer {
 
   /**
    * Provides attributes for non secure HTTP connector.
-   * Returns map of key:value corresponding with attributes in Tomcat server.xml.
+   * Returns Node applicable into Tomcat server.xml.
    */
-  Map<String, Object> nonSecureHttpConnector() {
+  Node nonSecureHttpConnector() {
     return new CommonConnectorTransformer(connector).transform()
   }
 
   /**
    * Provides attributes for secure HTTP connector.
-   * Returns map of key:value corresponding with attributes in Tomcat server.xml.
+   * Returns Node applicable into Tomcat server.xml.
    */
-  Map<String, Object> secureHttpConnector() {
+  Node secureHttpConnector() {
     return new SecureHttpTransformer(connector).transform()
   }
 
   /**
    * Provides attributes for AJP connector.
-   * Returns map of key:value corresponding with attributes in Tomcat server.xml.
+   * Returns Node applicable into Tomcat server.xml.
    */
-  Map<String, Object> ajpConnector() {
+  Node ajpConnector() {
     return new CommonConnectorTransformer(connector).transform()
   }
 
@@ -47,51 +47,65 @@ class ConnectorAttributesTransformer {
       this.connector = connector
     }
 
-    Map<String, Object> transform() {
-      Map<String, Object> res = [:]
+    Node transform() {
+      Map<String, Object> attributes = [:]
 
+      // -- attributes -------------------------
       if (connector.getPort() != null && connector.getPort() > 0) {
-        res.put('port', connector.getPort())
+        attributes.put('port', connector.getPort())
       }
       if (connector.getProtocol() != null && !connector.getProtocol().isEmpty()) {
-        res.put('protocol', connector.getProtocol())
+        attributes.put('protocol', connector.getProtocol())
       }
       if (connector.getSecure() != null) {
-        res.put('secure', connector.getSecure())
+        attributes.put('secure', connector.getSecure())
       }
       if (connector.getScheme() != null && !connector.getScheme().isEmpty()) {
-        res.put('scheme', connector.getScheme())
+        attributes.put('scheme', connector.getScheme())
       }
 
       if (connector.getMaxThreads() != null && connector.getMaxThreads() > 0) {
-        res.put('maxThreads', connector.getMaxThreads())
+        attributes.put('maxThreads', connector.getMaxThreads())
       }
       if (connector.getAddress() != null && !connector.getAddress().isEmpty()) {
-        res.put('address', connector.getAddress())
+        attributes.put('address', connector.getAddress())
       }
       if (connector.getConnectionTimeout() != null && connector.getConnectionTimeout() > 0) {
-        res.put('connectionTimeout', connector.getConnectionTimeout())
+        attributes.put('connectionTimeout', connector.getConnectionTimeout())
       }
       if (connector.getRedirectPort() != null && connector.getRedirectPort() > 0) {
-        res.put('redirectPort', connector.getRedirectPort())
+        attributes.put('redirectPort', connector.getRedirectPort())
       }
 
       if(connector instanceof AjpConnectorTomcat) {
         if (connector.getSecretRequired() != null) {
-          res.put('secretRequired', connector.getSecretRequired())
+          attributes.put('secretRequired', connector.getSecretRequired())
         }
 
         if (connector.getSecret() != null && !connector.getSecret().isEmpty()) {
-          res.put('secret', connector.getSecret())
+          attributes.put('secret', connector.getSecret())
         }
 
         if (connector.getAllowedRequestAttributesPattern() != null
                 && !connector.getAllowedRequestAttributesPattern().isEmpty()) {
-          res.put('allowedRequestAttributesPattern', connector.getAllowedRequestAttributesPattern())
+          attributes.put('allowedRequestAttributesPattern', connector.getAllowedRequestAttributesPattern())
         }
       }
+      // ---------------------
 
-      return res
+
+      Node node = new Node(null, "Connector", attributes)
+
+
+      // -- sub elements -----
+      if (connector instanceof NonSecureHttpConnectorTomcat) {
+        if (connector.getUpgradeProtocol() != null) {
+          node.appendNode("UpgradeProtocol", ['className': connector.getUpgradeProtocol().getClassName()])
+        }
+      }
+      // --------------------
+
+      return node
     }
   }
 
@@ -102,39 +116,69 @@ class ConnectorAttributesTransformer {
       this.connector = connector
     }
 
-    Map<String, Object> transform() {
-      Map<String, Object> res = new CommonConnectorTransformer(connector).transform()
+    Node transform() {
+      Node node = new CommonConnectorTransformer(connector).transform()
+      Map<String, Object> attributes = node.attributes()
 
+      // -- attributes -------------------------
       if (connector.getSslEnabled() != null) {
-        res.put('SSLEnabled', connector.getSslEnabled())
+        attributes.put('SSLEnabled', connector.getSslEnabled())
       }
 
       // SSL BIO and NIO
       if (connector.getSslProtocol() != null && !connector.getSslProtocol().isEmpty()) {
-        res.put('sslProtocol', connector.getSslProtocol())
+        attributes.put('sslProtocol', connector.getSslProtocol())
       }
       if (connector.getKeystoreFile() != null && !connector.getKeystoreFile().isEmpty()) {
-        res.put('keystoreFile', connector.getKeystoreFile())
+        attributes.put('keystoreFile', connector.getKeystoreFile())
       }
       if (connector.getKeystorePass() != null && !connector.getKeystorePass().isEmpty()) {
-        res.put('keystorePass', connector.getKeystorePass())
+        attributes.put('keystorePass', connector.getKeystorePass())
+      }
+      if (connector.getKeystoreType() != null && !connector.getKeystoreType().isEmpty()) {
+        attributes.put('keystoreType', connector.getKeystoreType())
+      }
+      if (connector.getTruststoreFile() != null && !connector.getTruststoreFile().isEmpty()) {
+        attributes.put('truststoreFile', connector.getTruststoreFile())
+      }
+      if (connector.getTruststorePass() != null && !connector.getTruststorePass().isEmpty()) {
+        attributes.put('truststorePass', connector.getTruststorePass())
+      }
+      if (connector.getTruststoreType() != null && !connector.getTruststoreType().isEmpty()) {
+        attributes.put('truststoreType', connector.getTruststoreType())
       }
       if (connector.getClientAuth() != null) {
-        res.put('clientAuth', connector.getClientAuth())
+        attributes.put('clientAuth', connector.getClientAuth())
+      }
+
+      // HTTP2
+      if (connector.getSslImplementationName() != null && !connector.getSslImplementationName().isEmpty()) {
+        attributes.put('sslImplementationName', connector.getSslImplementationName())
       }
 
       // SSL APR
       if (connector.getSslCertificateFile() != null && !connector.getSslCertificateFile().isEmpty()) {
-        res.put('SSLCertificateFile', connector.getSslCertificateFile())
+        attributes.put('SSLCertificateFile', connector.getSslCertificateFile())
+      }
+      if (connector.getSslCACertificateFile() != null && !connector.getSslCACertificateFile().isEmpty()) {
+        attributes.put('SSLCACertificateFile', connector.getSslCACertificateFile())
       }
       if (connector.getSslCertificateKeyFile() != null && !connector.getSslCertificateKeyFile().isEmpty()) {
-        res.put('SSLCertificateKeyFile', connector.getSslCertificateKeyFile())
+        attributes.put('SSLCertificateKeyFile', connector.getSslCertificateKeyFile())
       }
       if (connector.getSslPassword() != null && !connector.getSslPassword().isEmpty()) {
-        res.put('SSLPassword', connector.getSslPassword())
+        attributes.put('SSLPassword', connector.getSslPassword())
+      }
+      if (connector.getSslEnabledProtocols() != null && connector.getSslEnabledProtocols()) {
+        attributes.put('sslEnabledProtocols', connector.getSslEnabledProtocols())
+      }
+      // ---------------------
+
+      if (connector.getUpgradeProtocol() != null) {
+        node.appendNode("UpgradeProtocol", ['className': connector.getUpgradeProtocol().getClassName()])
       }
 
-      return res
+      return node
     }
   }
 

core/src/main/groovy/noe/tomcat/configure/ConnectorConfiguratorTomcat.groovy

@@ -27,11 +27,11 @@ class ConnectorConfiguratorTomcat {
     int httpConnectorSize = loadHttpConnectorSize()
 
     if (httpConnectorSize > 1) {
-      throw new IllegalStateException("Unexpected server.xml format - one secure connector expected at most")
+      throw new IllegalStateException("Unexpected server.xml format - one non secure connector expected at most")
     }
     if (httpConnectorSize == 1) {
-      Node Connector = loadExistingHttpConnector()
-      updateExistingConnector(Connector, new ConnectorAttributesTransformer(connector).nonSecureHttpConnector())
+      Node ConnectorElement = loadExistingHttpConnector()
+      updateExistingConnector(ConnectorElement, new ConnectorAttributesTransformer(connector).nonSecureHttpConnector())
     } else {
       createNewConnector(new ConnectorAttributesTransformer(connector).nonSecureHttpConnector())
     }
@@ -104,7 +104,7 @@ class ConnectorConfiguratorTomcat {
     } else if (connectors.size() < 1) {
       return null
     } else {
-      throw new IllegalStateException("Unexpected server.xml format - one http connector expected")
+      throw new IllegalStateException("Unexpected server.xml format - one https connector expected at most")
     }
   }
 
@@ -115,23 +115,44 @@ class ConnectorConfiguratorTomcat {
     } else if (connectors.size() < 1) {
       return null
     } else {
-      throw new IllegalStateException("Unexpected server.xml format - one http connector expected at most")
+      throw new IllegalStateException("Unexpected server.xml format - one ajp connector expected at most")
     }
   }
 
   private boolean isSecured(Node connector) {
     return connector.@secure.toString().toLowerCase().trim() == "true"
   }
 
-  private void createNewConnector(Map<String, Object> attributes) {
-    server.Service.each { service ->
-      service.appendNode ("Connector", attributes)
+
+  private void createNewConnector(Node element) {
+    server.Service.each { Node service ->
+      service.appendNode(element, element.attributes(), element.value())
     }
   }
 
-  private void updateExistingConnector(Node Connector, Map<String, Object> attributes) {
-    attributes.each { attribute ->
-      Connector.@"${attribute.key}" = attribute.value
+  private void updateExistingConnector(Node connector, Node newConnector) {
+    // update attributes
+    newConnector.attributes().each { attribute ->
+      connector.@"${attribute.key}" = attribute.value
+    }
+
+    // update nodes
+    newConnector.each { Node newSubelement ->
+      String UpgradeProtocol = ConnectorUpgradeProtocolTomcat.ELEMENT_NAME
+
+      if (newSubelement.name() == UpgradeProtocol) {
+        if (connector.find { it.name() == UpgradeProtocol } == null) {
+          // create new element
+          connector.appendNode(newSubelement, newSubelement.attributes(), newSubelement.value())
+        } else {
+          // upgrade existing element
+          connector.findAll { it.name() == UpgradeProtocol }.each { upgradeProtocol ->
+            newSubelement.attributes() { attribute ->
+              upgradeProtocol.@"${attribute.key}" = attribute.value
+            }
+          }
+        }
+      }
     }
   }
 

core/src/main/groovy/noe/tomcat/configure/ConnectorUpgradeProtocolTomcat.groovy

@@ -0,0 +1,26 @@
+package noe.tomcat.configure
+
+/**
+ * Abstraction for HTTP connector, the element UpgradeProtocol.
+ *
+ * @link https://tomcat.apache.org/tomcat-8.5-doc/config/http2.html
+ */
+class ConnectorUpgradeProtocolTomcat {
+
+  public static String ELEMENT_NAME = "UpgradeProtocol"
+
+  public static String PROTOCOL_CLASS_HTTP2 = "org.apache.coyote.http2.Http2Protocol"
+
+  public String className
+
+
+  public String getClassName() {
+    return this.className
+  }
+
+  public setClassName(String className) {
+    this.className = className
+    return this
+  }
+
+}

core/src/main/groovy/noe/tomcat/configure/NonSecureHttpConnectorTomcat.groovy

@@ -17,10 +17,27 @@ package noe.tomcat.configure
  */
 public class NonSecureHttpConnectorTomcat extends ConnectorTomcatAbstract<NonSecureHttpConnectorTomcat> {
 
+  private ConnectorUpgradeProtocolTomcat upgradeProtocol
+
+
   public NonSecureHttpConnectorTomcat() {
     super.setSecure(false)
   }
 
+  public ConnectorUpgradeProtocolTomcat getUpgradeProtocol() {
+    return upgradeProtocol
+  }
+
+  public NonSecureHttpConnectorTomcat setUpgradeProtocol(ConnectorUpgradeProtocolTomcat upgradeProtocol) {
+    this.upgradeProtocol = upgradeProtocol
+    return this
+  }
+
+  public NonSecureHttpConnectorTomcat setUpgradeProtocolToHttp2Protocol() {
+    setUpgradeProtocol(new ConnectorUpgradeProtocolTomcat().setClassName(ConnectorUpgradeProtocolTomcat.PROTOCOL_CLASS_HTTP2))
+    return this
+  }
+
   /**
    * Input argument secure is ignored secure is set 'false' always.
    */