MetricsMapI::MetricsMapI(const std::string& mapPrefix, const PropertiesPtr& properties) :
_properties(properties->getPropertiesForPrefix(mapPrefix)),
_retain(properties->getPropertyAsIntWithDefault(mapPrefix + "RetainDetached", 10)),
_accept(parseRule(properties, mapPrefix + "Accept")),
_reject(parseRule(properties, mapPrefix + "Reject"))
{
validateProperties(mapPrefix, properties);
string groupBy = properties->getPropertyWithDefault(mapPrefix + "GroupBy", "id");
vector<string>& groupByAttributes = const_cast<vector<string>&>(_groupByAttributes);
vector<string>& groupBySeparators = const_cast<vector<string>&>(_groupBySeparators);
if(!groupBy.empty())
{
string v;
bool attribute = IceUtilInternal::isAlpha(groupBy[0]) || IceUtilInternal::isDigit(groupBy[0]);
if(!attribute)
{
groupByAttributes.push_back("");
}
for(string::const_iterator p = groupBy.begin(); p != groupBy.end(); ++p)
{
bool isAlphaNum = IceUtilInternal::isAlpha(*p) || IceUtilInternal::isDigit(*p) || *p == '.';
if(attribute && !isAlphaNum)
{
groupByAttributes.push_back(v);
v = *p;
attribute = false;
}
else if(!attribute && isAlphaNum)
{
groupBySeparators.push_back(v);
v = *p;
attribute = true;
}
else
{
v += *p;
}
}
if(attribute)
{
groupByAttributes.push_back(v);
}
else
{
groupBySeparators.push_back(v);
}
}
}
IcePatch2::Patcher::Patcher(const CommunicatorPtr& communicator, const PatcherFeedbackPtr& feedback) :
_feedback(feedback),
_dataDir(getDataDir(communicator, ".")),
_thorough(getThorough(communicator, 0) > 0),
_chunkSize(getChunkSize(communicator, 100)),
_remove(getRemove(communicator, 1)),
_log(0)
{
const PropertiesPtr properties = communicator->getProperties();
const char* clientProxyProperty = "IcePatch2Client.Proxy";
std::string clientProxy = properties->getProperty(clientProxyProperty);
if(clientProxy.empty())
{
const char* endpointsProperty = "IcePatch2.Endpoints";
string endpoints = properties->getProperty(endpointsProperty);
if(endpoints.empty())
{
ostringstream os;
os << "No proxy to IcePatch2 server. Please set `" << clientProxyProperty
<< "' or `" << endpointsProperty << "'.";
throw os.str();
}
ostringstream os;
os << "The property " << endpointsProperty << " is deprecated, use " << clientProxyProperty << " instead.";
communicator->getLogger()->warning(os.str());
Identity id;
id.category = properties->getPropertyWithDefault("IcePatch2.InstanceName", "IcePatch2");
id.name = "server";
clientProxy = "\"" + communicator->identityToString(id) + "\" :" + endpoints;
}
ObjectPrx serverBase = communicator->stringToProxy(clientProxy);
FileServerPrx server = FileServerPrx::checkedCast(serverBase);
if(!server)
{
throw "proxy `" + clientProxy + "' is not a file server.";
}
init(server);
}
bool
IceBox::ServiceManagerI::start()
{
try
{
ServiceManagerPtr obj = this;
PropertiesPtr properties = _communicator->getProperties();
//
// Create an object adapter. Services probably should NOT share
// this object adapter, as the endpoint(s) for this object adapter
// will most likely need to be firewalled for security reasons.
//
ObjectAdapterPtr adapter;
if(properties->getProperty("IceBox.ServiceManager.Endpoints") != "")
{
adapter = _communicator->createObjectAdapter("IceBox.ServiceManager");
Identity identity;
identity.category = properties->getPropertyWithDefault("IceBox.InstanceName", "IceBox");
identity.name = "ServiceManager";
adapter->add(obj, identity);
}
//
// Parse the property set with the prefix "IceBox.Service.". These
// properties should have the following format:
//
// IceBox.Service.Foo=entry_point [args]
//
// We parse the service properties specified in IceBox.LoadOrder
// first, then the ones from remaining services.
//
const string prefix = "IceBox.Service.";
PropertyDict services = properties->getPropertiesForPrefix(prefix);
PropertyDict::iterator p;
StringSeq loadOrder = properties->getPropertyAsList("IceBox.LoadOrder");
vector<StartServiceInfo> servicesInfo;
for(StringSeq::const_iterator q = loadOrder.begin(); q != loadOrder.end(); ++q)
{
p = services.find(prefix + *q);
if(p == services.end())
{
FailureException ex(__FILE__, __LINE__);
ex.reason = "ServiceManager: no service definition for `" + *q + "'";
throw ex;
}
servicesInfo.push_back(StartServiceInfo(*q, p->second, _argv));
services.erase(p);
}
for(p = services.begin(); p != services.end(); ++p)
{
servicesInfo.push_back(StartServiceInfo(p->first.substr(prefix.size()), p->second, _argv));
}
//
// Check if some services are using the shared communicator in which
// case we create the shared communicator now with a property set which
// is the union of all the service properties (services which are using
// the shared communicator).
//
PropertyDict sharedCommunicatorServices = properties->getPropertiesForPrefix("IceBox.UseSharedCommunicator.");
if(!sharedCommunicatorServices.empty())
{
InitializationData initData;
initData.properties = createServiceProperties("SharedCommunicator");
for(vector<StartServiceInfo>::iterator q = servicesInfo.begin(); q != servicesInfo.end(); ++q)
{
if(properties->getPropertyAsInt("IceBox.UseSharedCommunicator." + q->name) <= 0)
{
continue;
}
//
// Load the service properties using the shared communicator properties as
// the default properties.
//
PropertiesPtr svcProperties = createProperties(q->args, initData.properties);
//
// Erase properties from the shared communicator which don't exist in the
// service properties (which include the shared communicator properties
// overriden by the service properties).
//
PropertyDict allProps = initData.properties->getPropertiesForPrefix("");
for(PropertyDict::iterator p = allProps.begin(); p != allProps.end(); ++p)
{
if(svcProperties->getProperty(p->first) == "")
{
initData.properties->setProperty(p->first, "");
}
}
//
// Add the service properties to the shared communicator properties.
//
PropertyDict props = svcProperties->getPropertiesForPrefix("");
for(PropertyDict::const_iterator r = props.begin(); r != props.end(); ++r)
{
initData.properties->setProperty(r->first, r->second);
}
//
// Parse <service>.* command line options (the Ice command line options
// were parsed by the createProperties above)
//
q->args = initData.properties->parseCommandLineOptions(q->name, q->args);
}
_sharedCommunicator = initialize(initData);
}
//
// Start the services.
//
for(vector<StartServiceInfo>::const_iterator r = servicesInfo.begin(); r != servicesInfo.end(); ++r)
{
start(r->name, r->entryPoint, r->args);
}
//
// We may want to notify external scripts that the services
// have started. This is done by defining the property:
//
// IceBox.PrintServicesReady=bundleName
//
// Where bundleName is whatever you choose to call this set of
// services. It will be echoed back as "bundleName ready".
//
// This must be done after start() has been invoked on the
// services.
//
string bundleName = properties->getProperty("IceBox.PrintServicesReady");
if(!bundleName.empty())
{
cout << bundleName << " ready" << endl;
}
//
// Register "this" as a facet to the Admin object, and then create
// Admin object
//
try
{
_communicator->addAdminFacet(this, "IceBox.ServiceManager");
//
// Add a Properties facet for each service
//
for(vector<ServiceInfo>::iterator r = _services.begin(); r != _services.end(); ++r)
{
const ServiceInfo& info = *r;
CommunicatorPtr communicator = info.communicator != 0 ? info.communicator : _sharedCommunicator;
_communicator->addAdminFacet(new PropertiesAdminI(communicator->getProperties()),
"IceBox.Service." + info.name + ".Properties");
}
_communicator->getAdmin();
}
catch(const ObjectAdapterDeactivatedException&)
{
//
// Expected if the communicator has been shutdown.
//
}
if(adapter)
{
try
{
adapter->activate();
}
catch(const ObjectAdapterDeactivatedException&)
{
//
// Expected if the communicator has been shutdown.
//
}
}
}
catch(const FailureException& ex)
{
Error out(_logger);
out << ex.reason;
stopAll();
return false;
}
catch(const Exception& ex)
{
Error out(_logger);
out << "ServiceManager: " << ex;
stopAll();
return false;
}
return true;
}
void
Ice::ObjectAdapterI::initialize(const RouterPrx& router)
{
if(_noConfig)
{
_reference = _instance->referenceFactory()->create("dummy -t", "");
return;
}
PropertiesPtr properties = _instance->initializationData().properties;
StringSeq unknownProps;
bool noProps = filterProperties(unknownProps);
//
// Warn about unknown object adapter properties.
//
if(unknownProps.size() != 0 && properties->getPropertyAsIntWithDefault("Ice.Warn.UnknownProperties", 1) > 0)
{
Warning out(_instance->initializationData().logger);
out << "found unknown properties for object adapter `" << _name << "':";
for(unsigned int i = 0; i < unknownProps.size(); ++i)
{
out << "\n " << unknownProps[i];
}
}
try
{
//
// Make sure named adapter has some configuration
//
if(router == 0 && noProps)
{
InitializationException ex(__FILE__, __LINE__);
ex.reason = "object adapter `" + _name + "' requires configuration";
throw ex;
}
const_cast<string&>(_id) = properties->getProperty(_name + ".AdapterId");
const_cast<string&>(_replicaGroupId) = properties->getProperty(_name + ".ReplicaGroupId");
//
// Setup a reference to be used to get the default proxy options
// when creating new proxies. By default, create twoway proxies.
//
string proxyOptions = properties->getPropertyWithDefault(_name + ".ProxyOptions", "-t");
try
{
_reference = _instance->referenceFactory()->create("dummy " + proxyOptions, "");
}
catch(const ProxyParseException&)
{
InitializationException ex(__FILE__, __LINE__);
ex.reason = "invalid proxy options `" + proxyOptions + "' for object adapter `" + _name + "'";
throw ex;
}
int threadPoolSize = properties->getPropertyAsInt(_name + ".ThreadPool.Size");
int threadPoolSizeMax = properties->getPropertyAsInt(_name + ".ThreadPool.SizeMax");
bool hasPriority = properties->getProperty(_name + ".ThreadPool.ThreadPriority") != "";
//
// Create the per-adapter thread pool, if necessary. This is done before the creation of the incoming
// connection factory as the thread pool is needed during creation for the call to incFdsInUse.
//
if(threadPoolSize > 0 || threadPoolSizeMax > 0 || hasPriority)
{
_threadPool = new ThreadPool(_instance, _name + ".ThreadPool", 0);
}
_hasAcmTimeout = properties->getProperty(_name + ".ACM") != "";
if(_hasAcmTimeout)
{
_acmTimeout = properties->getPropertyAsInt(_name + ".ACM");
_instance->connectionMonitor()->checkIntervalForACM(_acmTimeout);
}
if(!router)
{
const_cast<RouterPrx&>(router) = RouterPrx::uncheckedCast(
_instance->proxyFactory()->propertyToProxy(_name + ".Router"));
}
if(router)
{
_routerInfo = _instance->routerManager()->get(router);
if(_routerInfo)
{
//
// Make sure this router is not already registered with another adapter.
//
if(_routerInfo->getAdapter())
{
throw AlreadyRegisteredException(__FILE__, __LINE__, "object adapter with router",
_instance->identityToString(router->ice_getIdentity()));
}
//
// Add the router's server proxy endpoints to this object
// adapter.
//
vector<EndpointIPtr> endpoints = _routerInfo->getServerEndpoints();
copy(endpoints.begin(), endpoints.end(), back_inserter(_routerEndpoints));
sort(_routerEndpoints.begin(), _routerEndpoints.end()); // Must be sorted.
_routerEndpoints.erase(unique(_routerEndpoints.begin(), _routerEndpoints.end()),
_routerEndpoints.end());
//
// Associate this object adapter with the router. This way,
// new outgoing connections to the router's client proxy will
// use this object adapter for callbacks.
//
_routerInfo->setAdapter(this);
//
// Also modify all existing outgoing connections to the
// router's client proxy to use this object adapter for
// callbacks.
//
_instance->outgoingConnectionFactory()->setRouterInfo(_routerInfo);
}
}
else
{
//
// Parse the endpoints, but don't store them in the adapter.
// The connection factory might change it, for example, to
// fill in the real port number.
//
vector<EndpointIPtr> endpoints = parseEndpoints(properties->getProperty(_name + ".Endpoints"), true);
for(vector<EndpointIPtr>::iterator p = endpoints.begin(); p != endpoints.end(); ++p)
{
IncomingConnectionFactoryPtr factory = new IncomingConnectionFactory(_instance, *p, this);
factory->initialize(_name);
_incomingConnectionFactories.push_back(factory);
}
if(endpoints.empty())
{
TraceLevelsPtr tl = _instance->traceLevels();
if(tl->network >= 2)
{
Trace out(_instance->initializationData().logger, tl->networkCat);
out << "created adapter `" << _name << "' without endpoints";
}
}
//
// Parse the published endpoints.
//
_publishedEndpoints = parsePublishedEndpoints();
}
if(!properties->getProperty(_name + ".Locator").empty())
{
setLocator(LocatorPrx::uncheckedCast(_instance->proxyFactory()->propertyToProxy(_name + ".Locator")));
}
else
{
setLocator(_instance->referenceFactory()->getDefaultLocator());
}
}
catch(...)
{
destroy();
throw;
}
}
void
IceServiceInstaller::install(const PropertiesPtr& properties)
{
_debug = properties->getPropertyAsInt("Debug") != 0;
initializeSid(properties->getPropertyWithDefault("ObjectName", "NT Authority\\LocalService"));
const string defaultDisplayName[] =
{
"IceGrid registry (" + _icegridInstanceName + ")",
"IceGrid node (" + _nodeName + " within " + _icegridInstanceName + ")",
"Glacier2 router (" + _glacier2InstanceName + ")"
};
const string defaultDescription[] =
{
"Location and deployment service for Ice applications",
"Starts and monitors Ice servers",
"Ice Firewall traversal service"
};
string displayName = properties->getPropertyWithDefault("DisplayName", defaultDisplayName[_serviceType]);
string description = properties->getPropertyWithDefault("Description", defaultDescription[_serviceType]);
string imagePath = properties->getProperty("ImagePath");
if(imagePath == "")
{
char buffer[MAX_PATH];
DWORD size = GetModuleFileName(0, buffer, MAX_PATH);
if(size == 0)
{
throw "Can't get full path to self: " + IceUtilInternal::errorToString(GetLastError());
}
imagePath = string(buffer, size);
imagePath.replace(imagePath.rfind('\\'), string::npos, "\\" + serviceTypeToLowerString(_serviceType) + ".exe");
}
else
{
imagePath = fixDirSeparator(imagePath);
}
if(!fileExists(imagePath))
{
throw imagePath + ": not found";
}
string dependency;
if(_serviceType == icegridregistry)
{
if(properties->getPropertyAsInt("DependOnRegistry") != 0)
{
throw "The IceGrid registry service can't depend on itself";
}
string registryDataDir = fixDirSeparator(_serviceProperties->getProperty("IceGrid.Registry.Data"));
if(registryDataDir == "")
{
throw "IceGrid.Registry.Data must be set in " + _configFile;
}
if(!IceUtilInternal::isAbsolutePath(registryDataDir))
{
throw "'" + registryDataDir + "' is a relative path; IceGrid.Registry.Data must be an absolute path";
}
if(!mkdir(registryDataDir))
{
grantPermissions(registryDataDir, SE_FILE_OBJECT, true, true);
}
}
else if(_serviceType == icegridnode)
{
string nodeDataDir = fixDirSeparator(_serviceProperties->getProperty("IceGrid.Node.Data"));
if(nodeDataDir == "")
{
throw "IceGrid.Node.Data must be set in " + _configFile;
}
if(!IceUtilInternal::isAbsolutePath(nodeDataDir))
{
throw "'" + nodeDataDir + "' is a relative path; IceGrid.Node.Data must be an absolute path";
}
if(!mkdir(nodeDataDir))
{
grantPermissions(nodeDataDir, SE_FILE_OBJECT, true, true);
}
grantPermissions("MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib", SE_REGISTRY_KEY, true);
if(properties->getPropertyAsInt("DependOnRegistry") != 0)
{
dependency = "icegridregistry." + _icegridInstanceName;
}
}
else if(_serviceType == glacier2router)
{
if(properties->getPropertyAsInt("DependOnRegistry") != 0)
{
if(_icegridInstanceName == "")
{
throw "Ice.Default.Locator must be set in " + _configFile + " when DependOnRegistry is not zero";
}
dependency = "icegridregistry." + _icegridInstanceName;
}
}
if(!_configFile.find("HKLM\\") == 0)
{
grantPermissions(_configFile);
}
string eventLog = properties->getProperty("EventLog");
if(eventLog == "")
{
eventLog = "Application";
}
else
{
addLog(eventLog);
}
string eventLogSource = _serviceProperties->getPropertyWithDefault("Ice.EventLog.Source", _serviceName);
addSource(eventLogSource, eventLog, getIceDLLPath(imagePath));
SC_HANDLE scm = OpenSCManager(0, 0, SC_MANAGER_ALL_ACCESS);
if(scm == 0)
{
DWORD res = GetLastError();
throw "Cannot open SCM: " + IceUtilInternal::errorToString(res);
}
string deps = dependency;
if(deps.empty())
{
const string candidates[] = { "netprofm", "Nla" };
const int candidatesLen = 2;
for(int i = 0; i < candidatesLen; ++i)
{
SC_HANDLE service = OpenService(scm, candidates[i].c_str(), GENERIC_READ);
if(service != 0)
{
deps = candidates[i];
CloseServiceHandle(service);
break; // for
}
}
}
deps += '\0'; // must be double-null terminated
string command = "\"" + imagePath + "\" --service " + _serviceName + " --Ice.Config=\"";
//
// Get the full path of config file.
//
if(!_configFile.find("HKLM\\") == 0)
{
char fullPath[MAX_PATH];
if(GetFullPathName(_configFile.c_str(), MAX_PATH, fullPath, 0) > MAX_PATH)
{
throw "Could not compute the full path of " + _configFile;
}
command += string(fullPath) + "\"";
}
else
{
command += _configFile + "\"";
}
bool autoStart = properties->getPropertyAsIntWithDefault("AutoStart", 1) != 0;
string password = properties->getProperty("Password");
SC_HANDLE service = CreateServiceW(
scm,
IceUtil::stringToWstring(_serviceName).c_str(),
IceUtil::stringToWstring(displayName).c_str(),
SERVICE_ALL_ACCESS,
SERVICE_WIN32_OWN_PROCESS,
autoStart ? SERVICE_AUTO_START : SERVICE_DEMAND_START,
SERVICE_ERROR_NORMAL,
IceUtil::stringToWstring(command).c_str(),
0,
0,
IceUtil::stringToWstring(deps).c_str(),
IceUtil::stringToWstring(_sidName).c_str(),
IceUtil::stringToWstring(password).c_str());
if(service == 0)
{
DWORD res = GetLastError();
CloseServiceHandle(scm);
throw "Cannot create service" + _serviceName + ": " + IceUtilInternal::errorToString(res);
}
//
// Set description
//
wstring uDescription = IceUtil::stringToWstring(description);
SERVICE_DESCRIPTIONW sd = { const_cast<wchar_t*>(uDescription.c_str()) };
if(!ChangeServiceConfig2W(service, SERVICE_CONFIG_DESCRIPTION, &sd))
{
DWORD res = GetLastError();
CloseServiceHandle(scm);
CloseServiceHandle(service);
throw "Cannot set description for service" + _serviceName + ": " + IceUtilInternal::errorToString(res);
}
CloseServiceHandle(scm);
CloseServiceHandle(service);
}
Ice::ObjectAdapter::ObjectAdapter(const InstancePtr& instance, const CommunicatorPtr& communicator,
const ObjectAdapterFactoryPtr& objectAdapterFactory,
const string& name, const string& endpointInfo,
#ifdef ICEE_HAS_ROUTER
const RouterPrx& router,
#endif
bool noConfig) :
_deactivated(false),
_instance(instance),
_communicator(communicator),
_objectAdapterFactory(objectAdapterFactory),
_servantManager(new ServantManager(instance, name)),
_activateOneOffDone(false),
_name(name),
#ifdef ICEE_HAS_LOCATOR
_id(instance->initializationData().properties->getProperty(name + ".AdapterId")),
_replicaGroupId(instance->initializationData().properties->getProperty(name + ".ReplicaGroupId")),
#endif
_waitForActivate(false),
_destroying(false),
_destroyed(false),
_noConfig(noConfig)
{
if(_noConfig)
{
_reference = _instance->referenceFactory()->create("dummy -t", "");
return;
}
PropertiesPtr properties = instance->initializationData().properties;
//
// Setup a reference to be used to get the default proxy options
// when creating new proxies. By default, create twoway proxies.
//
string proxyOptions = properties->getPropertyWithDefault(_name + ".ProxyOptions", "-t");
try
{
_reference = _instance->referenceFactory()->create("dummy " + proxyOptions, "");
}
catch(const ProxyParseException&)
{
InitializationException ex(__FILE__, __LINE__);
ex.reason = "invalid proxy options `" + proxyOptions + "' for object adapter `" + _name + "'";
throw ex;
}
__setNoDelete(true);
try
{
#ifdef ICEE_HAS_ROUTER
if(!router)
{
string routerStr = _instance->initializationData().properties->getProperty(_name + ".Router");
if(!routerStr.empty())
{
const_cast<RouterPrx&>(router) =
RouterPrx::uncheckedCast(_instance->proxyFactory()->stringToProxy(routerStr));
}
}
if(router)
{
_routerInfo = _instance->routerManager()->get(router);
if(_routerInfo)
{
//
// Make sure this router is not already registered with another adapter.
//
if(_routerInfo->getAdapter())
{
throw AlreadyRegisteredException(__FILE__, __LINE__, "object adapter with router",
_instance->identityToString(router->ice_getIdentity()));
}
//
// Add the router's server proxy endpoints to this object
// adapter.
//
vector<EndpointPtr> endpoints = _routerInfo->getServerEndpoints();
copy(endpoints.begin(), endpoints.end(), back_inserter(_routerEndpoints));
sort(_routerEndpoints.begin(), _routerEndpoints.end()); // Must be sorted.
_routerEndpoints.erase(unique(_routerEndpoints.begin(), _routerEndpoints.end()),
_routerEndpoints.end());
//
// Associate this object adapter with the router. This way,
// new outgoing connections to the router's client proxy will
// use this object adapter for callbacks.
//
_routerInfo->setAdapter(this);
//
// Also modify all existing outgoing connections to the
// router's client proxy to use this object adapter for
// callbacks.
//
_instance->outgoingConnectionFactory()->setRouterInfo(_routerInfo);
}
}
else
#endif
{
//
// Parse the endpoints, but don't store them in the adapter.
// The connection factory might change it, for example, to
// fill in the real port number.
//
vector<EndpointPtr> endpoints;
if(endpointInfo.empty())
{
endpoints =
parseEndpoints(_instance->initializationData().properties->getProperty(_name + ".Endpoints"), true);
}
else
{
endpoints = parseEndpoints(endpointInfo, true);
}
for(vector<EndpointPtr>::iterator p = endpoints.begin(); p != endpoints.end(); ++p)
{
_incomingConnectionFactories.push_back(new IncomingConnectionFactory(_instance, *p, this));
}
if(endpoints.empty())
{
TraceLevelsPtr tl = _instance->traceLevels();
if(tl->network >= 2)
{
Trace out(_instance->initializationData().logger, tl->networkCat);
out << "created adapter `" << name << "' without endpoints";
}
}
//
// Parse published endpoints.
//
_publishedEndpoints = parsePublishedEndpoints();
}
#ifdef ICEE_HAS_LOCATOR
string locator = _instance->initializationData().properties->getProperty(_name + ".Locator");
if(!locator.empty())
{
setLocator(LocatorPrx::uncheckedCast(_instance->proxyFactory()->stringToProxy(locator)));
}
else
{
setLocator(_instance->referenceFactory()->getDefaultLocator());
}
#endif
}
catch(...)
{
//
// There's no need to remove the adapter from the factory if
// creation fails. Furthermore, since this code is called with
// the factory mutex locked, we can't call removeObjectAdapter
// on the factory here so we clear the factory reference to
// ensure it won't be called by destroy().
//
_objectAdapterFactory = 0;
destroy();
__setNoDelete(false);
throw;
}
__setNoDelete(false);
}
void
ServiceI::start(
const string& name,
const CommunicatorPtr& communicator,
const StringSeq& /*args*/)
{
PropertiesPtr properties = communicator->getProperties();
validateProperties(name, properties, communicator->getLogger());
int id = properties->getPropertyAsIntWithDefault(name + ".NodeId", -1);
// If we are using a replicated deployment and if the topic
// manager thread pool max size is not set then ensure it is set
// to some suitably high number. This ensures no deadlocks in the
// replicated case due to call forwarding from replicas to
// coordinators.
if(id != -1 && properties->getProperty(name + ".TopicManager.ThreadPool.SizeMax").empty())
{
properties->setProperty(name + ".TopicManager.ThreadPool.SizeMax", "100");
}
Ice::ObjectAdapterPtr topicAdapter = communicator->createObjectAdapter(name + ".TopicManager");
Ice::ObjectAdapterPtr publishAdapter = communicator->createObjectAdapter(name + ".Publish");
//
// We use the name of the service for the name of the database environment.
//
string instanceName = properties->getPropertyWithDefault(name + ".InstanceName", "IceStorm");
Identity topicManagerId;
topicManagerId.category = instanceName;
topicManagerId.name = "TopicManager";
if(properties->getPropertyAsIntWithDefault(name+ ".Transient", 0) > 0)
{
_instance = new Instance(instanceName, name, communicator, publishAdapter, topicAdapter, 0);
try
{
TransientTopicManagerImplPtr manager = new TransientTopicManagerImpl(_instance);
_managerProxy = TopicManagerPrx::uncheckedCast(topicAdapter->add(manager, topicManagerId));
}
catch(const Ice::Exception& ex)
{
_instance = 0;
LoggerOutputBase s;
s << "exception while starting IceStorm service " << name << ":\n";
s << ex;
IceBox::FailureException e(__FILE__, __LINE__);
e.reason = s.str();
throw e;
}
topicAdapter->activate();
publishAdapter->activate();
return;
}
if(id == -1) // No replication.
{
_instance = new Instance(instanceName, name, communicator, publishAdapter, topicAdapter);
try
{
_manager = new TopicManagerImpl(_instance);
_managerProxy = TopicManagerPrx::uncheckedCast(topicAdapter->add(_manager->getServant(), topicManagerId));
}
catch(const Ice::Exception& ex)
{
_instance = 0;
LoggerOutputBase s;
s << "exception while starting IceStorm service " << name << ":\n";
s << ex;
IceBox::FailureException e(__FILE__, __LINE__);
e.reason = s.str();
throw e;
}
}
else
{
// Here we want to create a map of id -> election node
// proxies.
map<int, NodePrx> nodes;
string topicManagerAdapterId = properties->getProperty(name + ".TopicManager.AdapterId");
// We support two possible deployments. The first is a manual
// deployment, the second is IceGrid.
//
// Here we check for the manual deployment
const string prefix = name + ".Nodes.";
Ice::PropertyDict props = properties->getPropertiesForPrefix(prefix);
if(!props.empty())
{
for(Ice::PropertyDict::const_iterator p = props.begin(); p != props.end(); ++p)
{
int nodeid = atoi(p->first.substr(prefix.size()).c_str());
nodes[nodeid] = NodePrx::uncheckedCast(communicator->propertyToProxy(p->first));
}
}
else
{
// If adapter id's are defined for the topic manager or
// node adapters then we consider this an IceGrid based
// deployment.
string nodeAdapterId = properties->getProperty(name + ".Node.AdapterId");
// Validate first that the adapter ids match for the node
// and the topic manager otherwise some other deployment
// is being used.
const string suffix = ".TopicManager";
if(topicManagerAdapterId.empty() || nodeAdapterId.empty() ||
topicManagerAdapterId.replace(
topicManagerAdapterId.find(suffix), suffix.size(), ".Node") != nodeAdapterId)
{
Ice::Error error(communicator->getLogger());
error << "deployment error: `" << topicManagerAdapterId << "' prefix does not match `"
<< nodeAdapterId << "'";
throw IceBox::FailureException(__FILE__, __LINE__, "IceGrid deployment is incorrect");
}
// Determine the set of node id and node proxies.
//
// This is determined by locating all topic manager
// replicas, and then working out the node for that
// replica.
//
// We work out the node id by removing the instance
// name. The node id must follow.
//
IceGrid::LocatorPrx locator = IceGrid::LocatorPrx::checkedCast(communicator->getDefaultLocator());
assert(locator);
IceGrid::QueryPrx query = locator->getLocalQuery();
Ice::ObjectProxySeq replicas = query->findAllReplicas(
communicator->stringToProxy(instanceName + "/TopicManager"));
for(Ice::ObjectProxySeq::const_iterator p = replicas.begin(); p != replicas.end(); ++p)
{
string adapterid = (*p)->ice_getAdapterId();
// Replace TopicManager with the node endpoint.
adapterid = adapterid.replace(adapterid.find(suffix), suffix.size(), ".Node");
// The adapter id must start with the instance name.
if(adapterid.find(instanceName) != 0)
{
Ice::Error error(communicator->getLogger());
error << "deployment error: `" << adapterid << "' does not start with `" << instanceName << "'";
throw IceBox::FailureException(__FILE__, __LINE__, "IceGrid deployment is incorrect");
}
// The node id follows. We find the first digit (the
// start of the node id, and then the end of the
// digits).
string::size_type start = instanceName.size();
while(start < adapterid.size() && !IceUtilInternal::isDigit(adapterid[start]))
{
++start;
}
string::size_type end = start;
while(end < adapterid.size() && IceUtilInternal::isDigit(adapterid[end]))
{
++end;
}
if(start == end)
{
// We must have at least one digit, otherwise there is
// some sort of deployment error.
Ice::Error error(communicator->getLogger());
error << "deployment error: node id does not follow instance name. instance name:"
<< instanceName << " adapter id: " << adapterid;
throw IceBox::FailureException(__FILE__, __LINE__, "IceGrid deployment is incorrect");
}
int nodeid = atoi(adapterid.substr(start, end-start).c_str());
ostringstream os;
os << "node" << nodeid;
Ice::Identity id;
id.category = instanceName;
id.name = os.str();
nodes[nodeid] = NodePrx::uncheckedCast((*p)->ice_adapterId(adapterid)->ice_identity(id));
}
}
if(nodes.size() < 3)
{
Ice::Error error(communicator->getLogger());
error << "Replication requires at least 3 Nodes";
throw IceBox::FailureException(__FILE__, __LINE__, "Replication requires at least 3 Nodes");
}
try
{
// If the node thread pool size is not set then initialize
// to the number of nodes + 1 and disable thread pool size
// warnings.
if(properties->getProperty(name + ".Node.ThreadPool.Size").empty())
{
ostringstream os;
os << nodes.size() + 1;
properties->setProperty(name + ".Node.ThreadPool.Size", os.str());
properties->setProperty(name + ".Node.ThreadPool.SizeWarn", "0");
}
if(properties->getProperty(name + ".Node.MessageSizeMax").empty())
{
properties->setProperty(name + ".Node.MessageSizeMax", "0"); // No limit on data exchanged internally
}
Ice::ObjectAdapterPtr nodeAdapter = communicator->createObjectAdapter(name + ".Node");
_instance = new Instance(instanceName, name, communicator, publishAdapter, topicAdapter,
nodeAdapter, nodes[id]);
_instance->observers()->setMajority(static_cast<unsigned int>(nodes.size())/2);
// Trace replication information.
TraceLevelsPtr traceLevels = _instance->traceLevels();
if(traceLevels->election > 0)
{
Ice::Trace out(traceLevels->logger, traceLevels->electionCat);
out << "I am node " << id << "\n";
for(map<int, NodePrx>::const_iterator p = nodes.begin(); p != nodes.end(); ++p)
{
out << "\tnode: " << p->first << " proxy: " << p->second->ice_toString() << "\n";
}
}
if(topicManagerAdapterId.empty())
{
// We're not using an IceGrid deployment. Here we need
// a proxy which is used to create proxies to the
// replicas later.
_managerProxy = TopicManagerPrx::uncheckedCast(topicAdapter->createProxy(topicManagerId));
}
else
{
// If we're using IceGrid deployment we need to create
// indirect proxies.
_managerProxy = TopicManagerPrx::uncheckedCast(topicAdapter->createIndirectProxy(topicManagerId));
}
_manager = new TopicManagerImpl(_instance);
topicAdapter->add(_manager->getServant(), topicManagerId);
ostringstream os; // The node object identity.
os << "node" << id;
Ice::Identity nodeid;
nodeid.category = instanceName;
nodeid.name = os.str();
NodeIPtr node = new NodeI(_instance, _manager, _managerProxy, id, nodes);
_instance->setNode(node);
nodeAdapter->add(node, nodeid);
nodeAdapter->activate();
node->start();
}
catch(const Ice::Exception& ex)
{
_instance = 0;
LoggerOutputBase s;
s << "exception while starting IceStorm service " << name << ":\n";
s << ex;
IceBox::FailureException e(__FILE__, __LINE__);
e.reason = s.str();
throw e;
}
}
topicAdapter->add(new FinderI(TopicManagerPrx::uncheckedCast(topicAdapter->createProxy(topicManagerId))),
communicator->stringToIdentity("IceStorm/Finder"));
topicAdapter->activate();
publishAdapter->activate();
}
//
// Setup the engine.
//
void
IceSSL::SecureTransportEngine::initialize()
{
IceUtil::Mutex::Lock lock(_mutex);
if(_initialized)
{
return;
}
SSLEngine::initialize();
const PropertiesPtr properties = communicator()->getProperties();
//
// Check for a default directory. We look in this directory for
// files mentioned in the configuration.
//
const string defaultDir = properties->getProperty("IceSSL.DefaultDir");
//
// Load the CA certificates used to authenticate peers into
// _certificateAuthorities array.
//
try
{
string caFile = properties->getProperty("IceSSL.CAs");
if(caFile.empty())
{
caFile = properties->getProperty("IceSSL.CertAuthFile");
}
if(!caFile.empty())
{
string resolved;
if(!checkPath(caFile, defaultDir, false, resolved))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: CA certificate file not found:\n" + caFile);
}
_certificateAuthorities.reset(loadCACertificates(resolved));
}
else if(properties->getPropertyAsInt("IceSSL.UsePlatformCAs") <= 0)
{
// Setup an empty list of Root CAs to not use the system root CAs.
_certificateAuthorities.reset(CFArrayCreate(0, 0, 0, 0));
}
}
catch(const CertificateReadException& ce)
{
throw PluginInitializationException(__FILE__, __LINE__, ce.reason);
}
const string password = properties->getProperty("IceSSL.Password");
const int passwordRetryMax = properties->getPropertyAsIntWithDefault("IceSSL.PasswordRetryMax", 3);
PasswordPromptPtr passwordPrompt = getPasswordPrompt();
string certFile = properties->getProperty("IceSSL.CertFile");
string keyFile = properties->getProperty("IceSSL.KeyFile");
string findCert = properties->getProperty("IceSSL.FindCert");
string keychain = properties->getProperty("IceSSL.Keychain");
string keychainPassword = properties->getProperty("IceSSL.KeychainPassword");
if(!certFile.empty())
{
vector<string> files;
if(!IceUtilInternal::splitString(certFile, IceUtilInternal::pathsep, files) || files.size() > 2)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: invalid value for IceSSL.CertFile:\n" + certFile);
}
vector<string> keyFiles;
if(!keyFile.empty())
{
if(!IceUtilInternal::splitString(keyFile, IceUtilInternal::pathsep, keyFiles) || keyFiles.size() > 2)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: invalid value for IceSSL.KeyFile:\n" + keyFile);
}
if(files.size() != keyFiles.size())
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: IceSSL.KeyFile does not agree with IceSSL.CertFile");
}
}
for(int i = 0; i < files.size(); ++i)
{
string file = files[i];
string keyFile = keyFiles.empty() ? "" : keyFiles[i];
string resolved;
if(!checkPath(file, defaultDir, false, resolved))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: certificate file not found:\n" + file);
}
file = resolved;
if(!keyFile.empty())
{
if(!checkPath(keyFile, defaultDir, false, resolved))
{
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: key file not found:\n" + keyFile);
}
keyFile = resolved;
}
try
{
_chain.reset(loadCertificateChain(file, keyFile, keychain, keychainPassword, password, passwordPrompt,
passwordRetryMax));
break;
}
catch(const CertificateReadException& ce)
{
//
// If this is the last certificate rethrow the exception as PluginInitializationException,
// otherwise try the next certificate.
//
if(i == files.size() - 1)
{
throw PluginInitializationException(__FILE__, __LINE__, ce.reason);
}
}
}
}
else if(!findCert.empty())
{
_chain.reset(findCertificateChain(keychain, keychainPassword, findCert));
}
//
// DiffieHellmanParams in DER format.
//
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
string dhFile = properties->getProperty("IceSSL.DHParams");
if(!dhFile.empty())
{
string resolved;
if(!checkPath(dhFile, defaultDir, false, resolved))
{
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: DH params file not found:\n" + dhFile);
}
readFile(resolved, _dhParams);
}
#endif
//
// Establish the cipher list.
//
const string ciphers = properties->getProperty("IceSSL.Ciphers");
CiphersHelper::initialize();
if(!ciphers.empty())
{
parseCiphers(ciphers);
}
if(securityTraceLevel() >= 1)
{
ostringstream os;
os << "enabling SSL ciphersuites:";
if(_ciphers.empty())
{
map<string, SSLCipherSuite> enabled = CiphersHelper::ciphers();
for(map<string, SSLCipherSuite>::const_iterator i = enabled.begin(); i != enabled.end(); ++i)
{
os << "\n " << i->first;
}
}
else
{
for(vector<SSLCipherSuite>::const_iterator i = _ciphers.begin(); i != _ciphers.end(); ++i)
{
os << "\n " << getCipherName(*i);
}
}
getLogger()->trace(securityTraceCategory(), os.str());
}
//
// Parse protocols
//
const string protocolVersionMax = properties->getProperty("IceSSL.ProtocolVersionMax");
if(!protocolVersionMax.empty())
{
_protocolVersionMax = parseProtocol(protocolVersionMax);
}
//
// The default min protocol version is set to TLS1.0 to avoid security issues with SSLv3
//
const string protocolVersionMin = properties->getPropertyWithDefault("IceSSL.ProtocolVersionMin", "tls1_0");
if(!protocolVersionMin.empty())
{
_protocolVersionMin = parseProtocol(protocolVersionMin);
}
_initialized = true;
}
bool
NodeService::startImpl(int argc, char* argv[], int& status)
{
bool nowarn = false;
bool readonly = false;
string initFromReplica;
string desc;
vector<string> targets;
for(int i = 1; i < argc; ++i)
{
if(strcmp(argv[i], "-h") == 0 || strcmp(argv[i], "--help") == 0)
{
usage(argv[0]);
status = EXIT_SUCCESS;
return false;
}
else if(strcmp(argv[i], "-v") == 0 || strcmp(argv[i], "--version") == 0)
{
print(ICE_STRING_VERSION);
status = EXIT_SUCCESS;
return false;
}
else if(strcmp(argv[i], "--nowarn") == 0)
{
nowarn = true;
}
else if(strcmp(argv[i], "--readonly") == 0)
{
readonly = true;
}
else if(strcmp(argv[i], "--initdb-from-replica") == 0)
{
if(i + 1 >= argc)
{
error("missing replica argument for option `" + string(argv[i]) + "'");
usage(argv[0]);
return false;
}
initFromReplica = argv[++i];
}
else if(strcmp(argv[i], "--deploy") == 0)
{
if(i + 1 >= argc)
{
error("missing descriptor argument for option `" + string(argv[i]) + "'");
usage(argv[0]);
return false;
}
desc = argv[++i];
while(i + 1 < argc && argv[++i][0] != '-')
{
targets.push_back(argv[i]);
}
}
else
{
error("invalid option: `" + string(argv[i]) + "'");
usage(argv[0]);
return false;
}
}
PropertiesPtr properties = communicator()->getProperties();
//
// Disable server idle time. Otherwise, the adapter would be
// shutdown prematurely and the deactivation would fail.
// Deactivation of the node relies on the object adapter
// to be active since it needs to terminate servers.
//
// TODO: implement Ice.ServerIdleTime in the activator
// termination listener instead?
//
properties->setProperty("Ice.ServerIdleTime", "0");
//
// Warn the user that setting Ice.ThreadPool.Server isn't useful.
//
if(!nowarn && properties->getPropertyAsIntWithDefault("Ice.ThreadPool.Server.Size", 0) > 0)
{
Warning out(communicator()->getLogger());
out << "setting `Ice.ThreadPool.Server.Size' is not useful, ";
out << "you should set individual adapter thread pools instead.";
}
setupThreadPool(properties, "IceGrid.Node.ThreadPool", 1, 100);
//
// Create the activator.
//
TraceLevelsPtr traceLevels = new TraceLevels(communicator(), "IceGrid.Node");
_activator = new Activator(traceLevels);
//
// Collocate the IceGrid registry if we need to.
//
if(properties->getPropertyAsInt("IceGrid.Node.CollocateRegistry") > 0)
{
_registry = new CollocatedRegistry(communicator(), _activator, nowarn, readonly, initFromReplica);
if(!_registry->start())
{
return false;
}
//
// Set the default locator property to point to the collocated
// locator (this property is passed by the activator to each
// activated server). The default locator is also needed by
// the node session manager.
//
if(properties->getProperty("Ice.Default.Locator").empty())
{
Identity locatorId;
locatorId.category = properties->getPropertyWithDefault("IceGrid.InstanceName", "IceGrid");
locatorId.name = "Locator";
string endpoints = properties->getProperty("IceGrid.Registry.Client.Endpoints");
string locPrx = "\"" + communicator()->identityToString(locatorId) + "\" :" + endpoints;
communicator()->setDefaultLocator(Ice::LocatorPrx::uncheckedCast(communicator()->stringToProxy(locPrx)));
properties->setProperty("Ice.Default.Locator", locPrx);
}
}
else if(properties->getProperty("Ice.Default.Locator").empty())
{
error("property `Ice.Default.Locator' is not set");
return false;
}
//
// Initialize the database environment (first setup the directory structure if needed).
//
string dataPath = properties->getProperty("IceGrid.Node.Data");
string dbPath;
if(dataPath.empty())
{
error("property `IceGrid.Node.Data' is not set");
return false;
}
else
{
if(!IceUtilInternal::directoryExists(dataPath))
{
FileException ex(__FILE__, __LINE__);
ex.path = dataPath;
ex.error = IceInternal::getSystemErrno();
ServiceError err(this);
err << "property `IceGrid.Node.Data' is set to an invalid path:\n" << ex;
return false;
}
//
// Creates subdirectories.
//
if(dataPath[dataPath.length() - 1] != '/')
{
dataPath += "/";
}
IcePatch2::createDirectory(dataPath + "servers");
IcePatch2::createDirectory(dataPath + "tmp");
IcePatch2::createDirectory(dataPath + "distrib");
#ifdef _WIN32
//
// Make sure these directories are not indexed by the Windows
// indexing service (which can cause random "Access Denied"
// errors if indexing runs at the same time as the node is
// creating/deleting files).
//
try
{
setNoIndexingAttribute(dataPath + "servers");
setNoIndexingAttribute(dataPath + "tmp");
setNoIndexingAttribute(dataPath + "distrib");
}
catch(const FileException& ex)
{
if(!nowarn)
{
Warning out(communicator()->getLogger());
out << "couldn't disable file indexing:\n" << ex;
}
}
#endif
}
//
// Check that required properties are set and valid.
//
if(properties->getProperty("IceGrid.Node.Endpoints").empty())
{
error("property `IceGrid.Node.Endpoints' is not set");
return false;
}
string name = properties->getProperty("IceGrid.Node.Name");
if(name.empty())
{
error("property `IceGrid.Node.Name' is not set");
return false;
}
//
// Setup the Freeze database environment home directory. The name of the database
// environment for the IceGrid node is the name of the node.
//
properties->setProperty("Freeze.DbEnv." + name + ".DbHome", dbPath);
//
// Create the node object adapter.
//
_adapter = communicator()->createObjectAdapter("IceGrid.Node");
//
// Setup the user account mapper if configured.
//
string mapperProperty = "IceGrid.Node.UserAccountMapper";
string mapperPropertyValue = properties->getProperty(mapperProperty);
UserAccountMapperPrx mapper;
if(!mapperPropertyValue.empty())
{
try
{
mapper = UserAccountMapperPrx::uncheckedCast(communicator()->propertyToProxy(mapperProperty));
}
catch(const std::exception& ex)
{
ServiceError err(this);
err << "user account mapper `" << mapperProperty << "' is invalid:\n" << ex;
return false;
}
}
else
{
string userAccountFileProperty = properties->getProperty("IceGrid.Node.UserAccounts");
if(!userAccountFileProperty.empty())
{
try
{
Ice::ObjectPrx object = _adapter->addWithUUID(new FileUserAccountMapperI(userAccountFileProperty));
object = object->ice_collocationOptimized(true);
mapper = UserAccountMapperPrx::uncheckedCast(object);
}
catch(const std::string& msg)
{
error(msg);
return false;
}
}
}
//
// Create a new timer to handle server activation/deactivation timeouts.
//
_timer = new IceUtil::Timer();
//
// The IceGrid instance name.
//
const string instanceName = communicator()->getDefaultLocator()->ice_getIdentity().category;
_sessions.reset(new NodeSessionManager(communicator()));
//
// Create the server factory. The server factory creates persistent objects
// for the server and server adapter. It also takes care of installing the
// evictors and object factories necessary to store these objects.
//
Identity id = communicator()->stringToIdentity(instanceName + "/Node-" + name);
NodePrx nodeProxy = NodePrx::uncheckedCast(_adapter->createProxy(id));
_node = new NodeI(_adapter, *_sessions, _activator, _timer, traceLevels, nodeProxy, name, mapper);
_adapter->add(_node, nodeProxy->ice_getIdentity());
_adapter->addServantLocator(new DefaultServantLocator(new NodeServerAdminRouter(_node)),
_node->getServerAdminCategory());
//
// Start the platform info thread if needed.
//
_node->getPlatformInfo().start();
//
// Ensures that the locator is reachable.
//
if(!nowarn)
{
try
{
communicator()->getDefaultLocator()->ice_timeout(1000)->ice_ping();
}
catch(const Ice::LocalException& ex)
{
Warning out(communicator()->getLogger());
out << "couldn't reach the IceGrid registry (this is expected ";
out << "if it's down, otherwise please check the value of the ";
out << "Ice.Default.Locator property):\n" << ex;
}
}
//
// Create the node sessions with the registries.
//
_sessions->create(_node);
//
// In some tests, we deploy icegridnodes using IceGrid:
//
if(properties->getProperty("Ice.Admin.Endpoints") != "")
{
//
// Replace Process facet and create Admin object
//
try
{
ProcessPtr origProcess = ProcessPtr::dynamicCast(communicator()->removeAdminFacet("Process"));
communicator()->addAdminFacet(new ProcessI(_activator, origProcess), "Process");
communicator()->getAdmin();
}
catch(const Ice::NotRegisteredException&)
{
//
// Some plug-in removed the Process facet, so we don't replace it.
// (unlikely error though)
//
}
}
//
// Start the activator.
//
_activator->start();
//
// Activate the adapter.
//
_adapter->activate();
//
// Notify the node session manager that the node can start
// accepting incoming connections.
//
_sessions->activate();
string bundleName = properties->getProperty("IceGrid.Node.PrintServersReady");
if(!bundleName.empty() || !desc.empty())
{
enableInterrupt();
if(!_sessions->waitForCreate())
{
//
// Create was interrupted, return true as if the service was
// correctly initiliazed to make sure it's properly stopped.
//
return true;
}
disableInterrupt();
}
//
// Deploy application if a descriptor is passed as a command-line option.
//
if(!desc.empty())
{
try
{
Ice::Identity regId;
regId.category = instanceName;
regId.name = "Registry";
RegistryPrx registry = RegistryPrx::checkedCast(communicator()->getDefaultLocator()->findObjectById(regId));
if(!registry)
{
throw "invalid registry";
}
registry = registry->ice_preferSecure(true); // Use SSL if available.
IceGrid::AdminSessionPrx session;
if(communicator()->getProperties()->getPropertyAsInt("IceGridAdmin.AuthenticateUsingSSL"))
{
session = registry->createAdminSessionFromSecureConnection();
}
else
{
string id = communicator()->getProperties()->getProperty("IceGridAdmin.Username");
string password = communicator()->getProperties()->getProperty("IceGridAdmin.Password");
while(id.empty())
{
cout << "user id: " << flush;
getline(cin, id);
id = IceUtilInternal::trim(id);
}
if(password.empty())
{
cout << "password: "******"failed to deploy application `" << desc << "':\n" << ex;
}
catch(const AccessDeniedException& ex)
{
ServiceWarning warn(this);
warn << "failed to deploy application `" << desc << "':\n"
<< "registry database is locked by `" << ex.lockUserId << "'";
}
catch(const std::exception& ex)
{
ServiceWarning warn(this);
warn << "failed to deploy application `" << desc << "':\n" << ex;
}
catch(const string& reason)
{
ServiceWarning warn(this);
warn << "failed to deploy application `" << desc << "':\n" << reason;
}
}
if(!bundleName.empty())
{
print(bundleName + " ready");
}
return true;
}
bool
RegistryI::start(bool nowarn)
{
assert(_communicator);
PropertiesPtr properties = _communicator->getProperties();
//
// Initialize the database environment.
//
string dbPath = properties->getProperty("IceGrid.Registry.Data");
if(dbPath.empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Data' is not set";
return false;
}
else
{
struct stat filestat;
if(stat(dbPath.c_str(), &filestat) != 0 || !S_ISDIR(filestat.st_mode))
{
Error out(_communicator->getLogger());
SyscallException ex(__FILE__, __LINE__);
ex.error = getSystemErrno();
out << "property `IceGrid.Registry.Data' is set to an invalid path:\n" << ex;
return false;
}
}
//
// Check that required properties are set and valid.
//
if(properties->getProperty("IceGrid.Registry.Client.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Client.Endpoints' is not set";
return false;
}
if(properties->getProperty("IceGrid.Registry.Server.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Server.Endpoints' is not set";
return false;
}
if(properties->getProperty("IceGrid.Registry.Internal.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Internal.Endpoints' is not set";
return false;
}
if(!properties->getProperty("IceGrid.Registry.SessionManager.Endpoints").empty())
{
if(!nowarn)
{
Warning out(_communicator->getLogger());
out << "session manager endpoints `IceGrid.Registry.SessionManager.Endpoints' enabled";
}
}
properties->setProperty("Ice.PrintProcessId", "0");
properties->setProperty("Ice.ServerIdleTime", "0");
properties->setProperty("IceGrid.Registry.Client.AdapterId", "");
properties->setProperty("IceGrid.Registry.Server.AdapterId", "");
properties->setProperty("IceGrid.Registry.SessionManager.AdapterId", "");
properties->setProperty("IceGrid.Registry.Internal.AdapterId", "");
setupThreadPool(properties, "Ice.ThreadPool.Client", 1, 100);
setupThreadPool(properties, "IceGrid.Registry.Client.ThreadPool", 1, 10);
setupThreadPool(properties, "IceGrid.Registry.Server.ThreadPool", 1, 10);
setupThreadPool(properties, "IceGrid.Registry.SessionManager.ThreadPool", 1, 10);
setupThreadPool(properties, "IceGrid.Registry.Internal.ThreadPool", 1, 100);
_replicaName = properties->getPropertyWithDefault("IceGrid.Registry.ReplicaName", "Master");
_master = _replicaName == "Master";
_sessionTimeout = properties->getPropertyAsIntWithDefault("IceGrid.Registry.SessionTimeout", 30);
//
// Get the instance name
//
if(_master)
{
_instanceName = properties->getProperty("IceGrid.InstanceName");
if(_instanceName.empty())
{
if(_communicator->getDefaultLocator())
{
_instanceName = _communicator->getDefaultLocator()->ice_getIdentity().category;
}
else
{
_instanceName = "IceGrid";
}
}
}
else
{
if(properties->getProperty("Ice.Default.Locator").empty())
{
Error out(_communicator->getLogger());
out << "property `Ice.Default.Locator' is not set";
return false;
}
_instanceName = _communicator->getDefaultLocator()->ice_getIdentity().category;
}
//
// Ensure that nothing is running on this port. This is also
// useful to ensure that we don't run twice the same instance of
// the service too (which would cause the database environment of
// the already running instance to be "corrupted".)
//
try
{
string endpoints = properties->getProperty("IceGrid.Registry.Client.Endpoints");
string strPrx = _instanceName + "/Locator:" + endpoints;
_communicator->stringToProxy(strPrx)->ice_timeout(5000)->ice_ping();
Error out(_communicator->getLogger());
out << "an IceGrid registry is already running and listening on the client endpoints `" << endpoints << "'";
return false;
}
catch(const Ice::LocalException&)
{
}
properties->setProperty("Freeze.DbEnv.Registry.DbHome", dbPath);
properties->setProperty("Freeze.DbEnv.Registry.DbPrivate", "0");
//
// Create the reaper thread.
//
_reaper = new ReapThread();
_reaper->start();
//
// Create the internal registry object adapter.
//
ObjectAdapterPtr registryAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Internal");
registryAdapter->activate();
//
// Create the internal IceStorm service.
//
Identity registryTopicManagerId;
registryTopicManagerId.category = _instanceName;
registryTopicManagerId.name = "RegistryTopicManager";
_iceStorm = IceStorm::Service::create(_communicator,
registryAdapter,
registryAdapter,
"IceGrid.Registry",
registryTopicManagerId,
"Registry");
const IceStorm::TopicManagerPrx topicManager = _iceStorm->getTopicManager();
//
// Create the registry database.
//
_database = new Database(registryAdapter, topicManager, _instanceName, _traceLevels, getInfo());
_wellKnownObjects = new WellKnownObjectsManager(_database);
//
// Get the saved replica/node proxies and remove them from the
// database.
//
Ice::ObjectProxySeq proxies;
Ice::ObjectProxySeq::const_iterator p;
NodePrxSeq nodes;
proxies = _database->getInternalObjectsByType(Node::ice_staticId());
for(p = proxies.begin(); p != proxies.end(); ++p)
{
nodes.push_back(NodePrx::uncheckedCast(*p));
}
InternalRegistryPrxSeq replicas;
proxies = _database->getObjectsByType(InternalRegistry::ice_staticId());
for(p = proxies.begin(); p != proxies.end(); ++p)
{
replicas.push_back(InternalRegistryPrx::uncheckedCast(*p));
}
//
// NOTE: The internal registry object must be added only once the
// node/replica proxies are retrieved and removed from the
// database. Otherwise, if some replica/node register as soon as
// the internal registry is setup we might clear valid proxies.
//
InternalRegistryPrx internalRegistry = setupInternalRegistry(registryAdapter);
if(_master)
{
nodes = registerReplicas(internalRegistry, replicas, nodes);
registerNodes(internalRegistry, nodes);
}
else
{
InternalReplicaInfoPtr info = _platform.getInternalReplicaInfo();
_session.create(_replicaName, info, _database, _wellKnownObjects, internalRegistry);
registerNodes(internalRegistry, _session.getNodes(nodes));
}
ObjectAdapterPtr serverAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Server");
_clientAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Client");
ObjectAdapterPtr sessionManagerAdapter;
if(!properties->getProperty("IceGrid.Registry.SessionManager.Endpoints").empty())
{
sessionManagerAdapter = _communicator->createObjectAdapter("IceGrid.Registry.SessionManager");
}
Ice::Identity dummy;
dummy.name = "dummy";
_wellKnownObjects->addEndpoint("Client", _clientAdapter->createDirectProxy(dummy));
_wellKnownObjects->addEndpoint("Server", serverAdapter->createDirectProxy(dummy));
if(sessionManagerAdapter)
{
_wellKnownObjects->addEndpoint("SessionManager", sessionManagerAdapter->createDirectProxy(dummy));
}
_wellKnownObjects->addEndpoint("Internal", registryAdapter->createDirectProxy(dummy));
setupNullPermissionsVerifier(registryAdapter);
if(!setupUserAccountMapper(registryAdapter))
{
return false;
}
QueryPrx query = setupQuery(_clientAdapter);
RegistryPrx registry = setupRegistry(_clientAdapter);
Ice::LocatorRegistryPrx locatorRegistry = setupLocatorRegistry(serverAdapter);
LocatorPrx internalLocator = setupLocator(_clientAdapter, registryAdapter, locatorRegistry, registry, query);
//
// Add a default servant locator to the client object adapter. The
// default servant ensure that request on session objects are from
// the same connection as the connection that created the session.
//
_sessionServantLocator = new SessionServantLocatorI(_clientAdapter, _instanceName);
_clientAdapter->addServantLocator(_sessionServantLocator, "");
setupClientSessionFactory(registryAdapter, sessionManagerAdapter, internalLocator, nowarn);
setupAdminSessionFactory(registryAdapter, sessionManagerAdapter, internalLocator, nowarn);
_wellKnownObjects->finish();
if(_master)
{
_wellKnownObjects->registerAll();
}
else
{
_session.registerAllWellKnownObjects();
}
//
// We are ready to go!
//
serverAdapter->activate();
_clientAdapter->activate();
if(sessionManagerAdapter)
{
sessionManagerAdapter->activate();
}
return true;
}
bool
RegistryI::startImpl()
{
assert(_communicator);
PropertiesPtr properties = _communicator->getProperties();
//
// Check that required properties are set and valid.
//
if(properties->getProperty("IceGrid.Registry.Client.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Client.Endpoints' is not set";
return false;
}
if(properties->getProperty("IceGrid.Registry.Server.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Server.Endpoints' is not set";
return false;
}
if(properties->getProperty("IceGrid.Registry.Internal.Endpoints").empty())
{
Error out(_communicator->getLogger());
out << "property `IceGrid.Registry.Internal.Endpoints' is not set";
return false;
}
if(!properties->getProperty("IceGrid.Registry.SessionManager.Endpoints").empty())
{
if(!_nowarn)
{
Warning out(_communicator->getLogger());
out << "session manager endpoints `IceGrid.Registry.SessionManager.Endpoints' enabled";
if(properties->getPropertyAsInt("IceGrid.Registry.SessionFilters") == 0)
{
out << " (with Glacier2 filters disabled)";
}
}
}
if(!properties->getProperty("IceGrid.Registry.AdminSessionManager.Endpoints").empty())
{
if(!_nowarn)
{
Warning out(_communicator->getLogger());
out << "administrative session manager endpoints `IceGrid.Registry.AdminSessionManager.Endpoints' enabled";
if(properties->getPropertyAsInt("IceGrid.Registry.AdminSessionFilters") == 0)
{
out << " (with Glacier2 filters disabled)";
}
}
}
properties->setProperty("Ice.PrintProcessId", "0");
properties->setProperty("Ice.ServerIdleTime", "0");
properties->setProperty("IceGrid.Registry.Client.AdapterId", "");
properties->setProperty("IceGrid.Registry.Server.AdapterId", "");
properties->setProperty("IceGrid.Registry.SessionManager.AdapterId", "");
properties->setProperty("IceGrid.Registry.Internal.AdapterId", "");
setupThreadPool(properties, "IceGrid.Registry.Client.ThreadPool", 1, 10);
setupThreadPool(properties, "IceGrid.Registry.Server.ThreadPool", 1, 10, true); // Serialize for admin callbacks
setupThreadPool(properties, "IceGrid.Registry.SessionManager.ThreadPool", 1, 10);
setupThreadPool(properties, "IceGrid.Registry.Internal.ThreadPool", 1, 100);
_replicaName = properties->getPropertyWithDefault("IceGrid.Registry.ReplicaName", "Master");
_master = _replicaName == "Master";
_sessionTimeout = properties->getPropertyAsIntWithDefault("IceGrid.Registry.SessionTimeout", 30);
if(!_master && properties->getProperty("Ice.Default.Locator").empty())
{
if(properties->getProperty("Ice.Default.Locator").empty())
{
Error out(_communicator->getLogger());
out << "property `Ice.Default.Locator' is not set";
return false;
}
}
//
// Get the instance name
//
if(_master)
{
_instanceName = properties->getProperty("IceGrid.InstanceName");
if(_instanceName.empty())
{
if(_communicator->getDefaultLocator())
{
_instanceName = _communicator->getDefaultLocator()->ice_getIdentity().category;
}
else
{
_instanceName = "IceGrid";
}
}
}
else
{
_instanceName = _communicator->getDefaultLocator()->ice_getIdentity().category;
}
//
// Ensure that nothing is running on this port. This is also
// useful to ensure that we don't run twice the same instance of
// the service too (which would cause the database environment of
// the already running instance to be "corrupted".)
//
try
{
string endpoints = properties->getProperty("IceGrid.Registry.Client.Endpoints");
string strPrx = _instanceName + "/Locator:" + endpoints;
_communicator->stringToProxy(strPrx)->ice_timeout(5000)->ice_ping();
Error out(_communicator->getLogger());
out << "an IceGrid registry is already running and listening on the client endpoints `" << endpoints << "'";
return false;
}
catch(const Ice::LocalException&)
{
}
//
// Create the reaper thread.
//
_reaper = new ReapThread();
_reaper->start();
//
// Create the internal registry object adapter.
//
ObjectAdapterPtr registryAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Internal");
registryAdapter->activate();
//
// Create the internal IceStorm service.
//
Identity registryTopicManagerId;
registryTopicManagerId.category = _instanceName;
registryTopicManagerId.name = "RegistryTopicManager";
_iceStorm = IceStormInternal::Service::create(_communicator,
registryAdapter,
registryAdapter,
"IceGrid.Registry",
registryTopicManagerId,
"Registry");
const IceStorm::TopicManagerPrx topicManager = _iceStorm->getTopicManager();
//
// Create the registry database.
//
DatabasePluginPtr plugin;
try
{
plugin = DatabasePluginPtr::dynamicCast(_communicator->getPluginManager()->getPlugin("DB"));
}
catch(const NotRegisteredException&)
{
}
if(!plugin)
{
Error out(_communicator->getLogger());
out << "no database plugin configured with `Ice.Plugin.DB' or plugin is not a database plugin";
return false;
}
_database = new Database(registryAdapter, topicManager, _instanceName, _traceLevels, getInfo(), plugin, _readonly);
_wellKnownObjects = new WellKnownObjectsManager(_database);
//
// Get the saved replica/node proxies.
//
ObjectProxySeq proxies;
ObjectProxySeq::const_iterator p;
NodePrxSeq nodes;
proxies = _database->getInternalObjectsByType(Node::ice_staticId());
for(p = proxies.begin(); p != proxies.end(); ++p)
{
nodes.push_back(NodePrx::uncheckedCast(*p));
}
InternalRegistryPrxSeq replicas;
proxies = _database->getObjectsByType(InternalRegistry::ice_staticId());
for(p = proxies.begin(); p != proxies.end(); ++p)
{
replicas.push_back(InternalRegistryPrx::uncheckedCast(*p));
}
//
// NOTE: The internal registry object must be added only once the
// node/replica proxies are retrieved. Otherwise, if some
// replica/node register as soon as the internal registry is setup
// we might clear valid proxies.
//
InternalRegistryPrx internalRegistry = setupInternalRegistry(registryAdapter);
if(_master)
{
nodes = registerReplicas(internalRegistry, replicas, nodes);
registerNodes(internalRegistry, nodes);
}
else
{
InternalReplicaInfoPtr info = _platform.getInternalReplicaInfo();
_session.create(_replicaName, info, _database, _wellKnownObjects, internalRegistry);
registerNodes(internalRegistry, _session.getNodes(nodes));
}
_serverAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Server");
_clientAdapter = _communicator->createObjectAdapter("IceGrid.Registry.Client");
Ice::Identity dummy;
dummy.name = "dummy";
_wellKnownObjects->addEndpoint("Client", _clientAdapter->createDirectProxy(dummy));
_wellKnownObjects->addEndpoint("Server", _serverAdapter->createDirectProxy(dummy));
_wellKnownObjects->addEndpoint("Internal", registryAdapter->createDirectProxy(dummy));
setupNullPermissionsVerifier(registryAdapter);
if(!setupUserAccountMapper(registryAdapter))
{
return false;
}
QueryPrx query = setupQuery(_clientAdapter);
RegistryPrx registry = setupRegistry(_clientAdapter);
Ice::LocatorRegistryPrx locatorRegistry = setupLocatorRegistry(_serverAdapter);
LocatorPrx internalLocator = setupLocator(_clientAdapter, registryAdapter, locatorRegistry, registry, query);
//
// Create the session servant manager. The session servant manager is responsible
// for managing sessions servants and to ensure that session servants are only
// accessed by the connection that created the session. The session servant manager
// also takes care of providing the router servant for server admin objects.
//
ObjectPtr serverAdminRouter = new RegistryServerAdminRouter(_database);
AdminCallbackRouterPtr adminCallbackRouter = new AdminCallbackRouter;
_servantManager = new SessionServantManager(_clientAdapter, _instanceName, true, getServerAdminCategory(),
serverAdminRouter, adminCallbackRouter);
_clientAdapter->addServantLocator(_servantManager, "");
_serverAdapter->addServantLocator(new DefaultServantLocator(adminCallbackRouter), "");
ObjectAdapterPtr sessionAdpt = setupClientSessionFactory(registryAdapter, internalLocator);
ObjectAdapterPtr admSessionAdpt = setupAdminSessionFactory(registryAdapter, serverAdminRouter, internalLocator);
_wellKnownObjects->finish();
if(_master)
{
_wellKnownObjects->registerAll();
}
else
{
_session.registerAllWellKnownObjects();
}
//
// We are ready to go!
//
_serverAdapter->activate();
_clientAdapter->activate();
if(sessionAdpt)
{
sessionAdpt->activate();
}
if(admSessionAdpt)
{
admSessionAdpt->activate();
}
return true;
}
IceInternal::DefaultsAndOverrides::DefaultsAndOverrides(const PropertiesPtr& properties) :
overrideTimeout(false),
overrideTimeoutValue(-1),
overrideConnectTimeout(false),
overrideConnectTimeoutValue(-1),
overrideCloseTimeout(false),
overrideCloseTimeoutValue(-1),
overrideCompress(false),
overrideCompressValue(false),
overrideSecure(false),
overrideSecureValue(false)
{
const_cast<string&>(defaultProtocol) = properties->getPropertyWithDefault("Ice.Default.Protocol", "tcp");
const_cast<string&>(defaultHost) = properties->getProperty("Ice.Default.Host");
string value;
value = properties->getProperty("Ice.Override.Timeout");
if(!value.empty())
{
const_cast<bool&>(overrideTimeout) = true;
const_cast<Int&>(overrideTimeoutValue) = properties->getPropertyAsInt("Ice.Override.Timeout");
}
value = properties->getProperty("Ice.Override.ConnectTimeout");
if(!value.empty())
{
const_cast<bool&>(overrideConnectTimeout) = true;
const_cast<Int&>(overrideConnectTimeoutValue) = properties->getPropertyAsInt("Ice.Override.ConnectTimeout");
}
value = properties->getProperty("Ice.Override.CloseTimeout");
if(!value.empty())
{
const_cast<bool&>(overrideCloseTimeout) = true;
const_cast<Int&>(overrideCloseTimeoutValue) = properties->getPropertyAsInt("Ice.Override.CloseTimeout");
}
value = properties->getProperty("Ice.Override.Compress");
if(!value.empty())
{
const_cast<bool&>(overrideCompress) = true;
const_cast<bool&>(overrideCompressValue) = properties->getPropertyAsInt("Ice.Override.Compress");
}
value = properties->getProperty("Ice.Override.Secure");
if(!value.empty())
{
const_cast<bool&>(overrideSecure) = true;
const_cast<bool&>(overrideSecureValue) = properties->getPropertyAsInt("Ice.Override.Secure");
}
const_cast<bool&>(defaultCollocationOptimization) =
properties->getPropertyAsIntWithDefault("Ice.Default.CollocationOptimized", 1) > 0;
value = properties->getPropertyWithDefault("Ice.Default.EndpointSelection", "Random");
if(value == "Random")
{
defaultEndpointSelection = Random;
}
else if(value == "Ordered")
{
defaultEndpointSelection = Ordered;
}
else
{
EndpointSelectionTypeParseException ex(__FILE__, __LINE__);
ex.str = "illegal value `" + value + "'; expected `Random' or `Ordered'";
throw ex;
}
const_cast<int&>(defaultLocatorCacheTimeout) =
properties->getPropertyAsIntWithDefault("Ice.Default.LocatorCacheTimeout", -1);
const_cast<bool&>(defaultPreferSecure) =
properties->getPropertyAsIntWithDefault("Ice.Default.PreferSecure", 0) > 0;
value = properties->getPropertyWithDefault("Ice.Default.EncodingVersion", encodingVersionToString(currentEncoding));
defaultEncoding = stringToEncodingVersion(value);
checkSupportedEncoding(defaultEncoding);
bool slicedFormat = properties->getPropertyAsIntWithDefault("Ice.Default.SlicedFormat", 0) > 0;
const_cast<FormatType&>(defaultFormat) = slicedFormat ? SlicedFormat : CompactFormat;
}
IceInternal::DefaultsAndOverrides::DefaultsAndOverrides(const PropertiesPtr& properties, const LoggerPtr& logger) :
overrideTimeout(false),
overrideTimeoutValue(-1),
overrideConnectTimeout(false),
overrideConnectTimeoutValue(-1),
overrideCloseTimeout(false),
overrideCloseTimeoutValue(-1),
overrideCompress(false),
overrideCompressValue(false),
overrideSecure(false),
overrideSecureValue(false)
{
const_cast<string&>(defaultProtocol) = properties->getPropertyWithDefault("Ice.Default.Protocol", "tcp");
const_cast<string&>(defaultHost) = properties->getProperty("Ice.Default.Host");
string value;
#ifndef ICE_OS_WINRT
value = properties->getProperty("Ice.Default.SourceAddress");
if(!value.empty())
{
const_cast<Address&>(defaultSourceAddress) = getNumericAddress(value);
if(!isAddressValid(defaultSourceAddress))
{
InitializationException ex(__FILE__, __LINE__);
ex.reason = "invalid IP address set for Ice.Default.SourceAddress: `" + value + "'";
throw ex;
}
}
#endif
value = properties->getProperty("Ice.Override.Timeout");
if(!value.empty())
{
const_cast<bool&>(overrideTimeout) = true;
const_cast<Int&>(overrideTimeoutValue) = properties->getPropertyAsInt("Ice.Override.Timeout");
if(overrideTimeoutValue < 1 && overrideTimeoutValue != -1)
{
const_cast<Int&>(overrideTimeoutValue) = -1;
Warning out(logger);
out << "invalid value for Ice.Override.Timeout `" << properties->getProperty("Ice.Override.Timeout")
<< "': defaulting to -1";
}
}
value = properties->getProperty("Ice.Override.ConnectTimeout");
if(!value.empty())
{
const_cast<bool&>(overrideConnectTimeout) = true;
const_cast<Int&>(overrideConnectTimeoutValue) = properties->getPropertyAsInt("Ice.Override.ConnectTimeout");
if(overrideConnectTimeoutValue < 1 && overrideConnectTimeoutValue != -1)
{
const_cast<Int&>(overrideConnectTimeoutValue) = -1;
Warning out(logger);
out << "invalid value for Ice.Override.ConnectTimeout `"
<< properties->getProperty("Ice.Override.ConnectTimeout") << "': defaulting to -1";
}
}
value = properties->getProperty("Ice.Override.CloseTimeout");
if(!value.empty())
{
const_cast<bool&>(overrideCloseTimeout) = true;
const_cast<Int&>(overrideCloseTimeoutValue) = properties->getPropertyAsInt("Ice.Override.CloseTimeout");
if(overrideCloseTimeoutValue < 1 && overrideCloseTimeoutValue != -1)
{
const_cast<Int&>(overrideCloseTimeoutValue) = -1;
Warning out(logger);
out << "invalid value for Ice.Override.CloseTimeout `"
<< properties->getProperty("Ice.Override.CloseTimeout") << "': defaulting to -1";
}
}
value = properties->getProperty("Ice.Override.Compress");
if(!value.empty())
{
const_cast<bool&>(overrideCompress) = true;
const_cast<bool&>(overrideCompressValue) = properties->getPropertyAsInt("Ice.Override.Compress") > 0;
}
value = properties->getProperty("Ice.Override.Secure");
if(!value.empty())
{
const_cast<bool&>(overrideSecure) = true;
const_cast<bool&>(overrideSecureValue) = properties->getPropertyAsInt("Ice.Override.Secure") > 0;
}
const_cast<bool&>(defaultCollocationOptimization) =
properties->getPropertyAsIntWithDefault("Ice.Default.CollocationOptimized", 1) > 0;
value = properties->getPropertyWithDefault("Ice.Default.EndpointSelection", "Random");
if(value == "Random")
{
defaultEndpointSelection = Random;
}
else if(value == "Ordered")
{
defaultEndpointSelection = Ordered;
}
else
{
EndpointSelectionTypeParseException ex(__FILE__, __LINE__);
ex.str = "illegal value `" + value + "'; expected `Random' or `Ordered'";
throw ex;
}
const_cast<int&>(defaultTimeout) =
properties->getPropertyAsIntWithDefault("Ice.Default.Timeout", 60000);
if(defaultTimeout < 1 && defaultTimeout != -1)
{
const_cast<Int&>(defaultTimeout) = 60000;
Warning out(logger);
out << "invalid value for Ice.Default.Timeout `" << properties->getProperty("Ice.Default.Timeout")
<< "': defaulting to 60000";
}
const_cast<int&>(defaultInvocationTimeout) =
properties->getPropertyAsIntWithDefault("Ice.Default.InvocationTimeout", -1);
if(defaultInvocationTimeout < 1 && defaultInvocationTimeout != -1 && defaultInvocationTimeout != -2)
{
const_cast<Int&>(defaultInvocationTimeout) = -1;
Warning out(logger);
out << "invalid value for Ice.Default.InvocationTimeout `"
<< properties->getProperty("Ice.Default.InvocationTimeout") << "': defaulting to -1";
}
const_cast<int&>(defaultLocatorCacheTimeout) =
properties->getPropertyAsIntWithDefault("Ice.Default.LocatorCacheTimeout", -1);
if(defaultLocatorCacheTimeout < -1)
{
const_cast<Int&>(defaultLocatorCacheTimeout) = -1;
Warning out(logger);
out << "invalid value for Ice.Default.LocatorCacheTimeout `"
<< properties->getProperty("Ice.Default.LocatorCacheTimeout") << "': defaulting to -1";
}
const_cast<bool&>(defaultPreferSecure) =
properties->getPropertyAsIntWithDefault("Ice.Default.PreferSecure", 0) > 0;
value = properties->getPropertyWithDefault("Ice.Default.EncodingVersion", encodingVersionToString(currentEncoding));
defaultEncoding = stringToEncodingVersion(value);
checkSupportedEncoding(defaultEncoding);
bool slicedFormat = properties->getPropertyAsIntWithDefault("Ice.Default.SlicedFormat", 0) > 0;
const_cast<FormatType&>(defaultFormat) = slicedFormat ? SlicedFormat : CompactFormat;
}
int
Client::run(int argc, char* argv[])
{
IceUtilInternal::Options opts;
opts.addOpt("h", "help");
opts.addOpt("v", "version");
vector<string> commands;
try
{
commands = opts.parse(argc, const_cast<const char**>(argv));
}
catch(const IceUtilInternal::BadOptException& e)
{
cerr << e.reason << endl;
usage();
return EXIT_FAILURE;
}
if(opts.isSet("help"))
{
usage();
return EXIT_SUCCESS;
}
if(opts.isSet("version"))
{
cout << ICE_STRING_VERSION << endl;
return EXIT_SUCCESS;
}
if(commands.empty())
{
usage();
return EXIT_FAILURE;
}
ObjectPrxPtr base = communicator()->propertyToProxy("IceBoxAdmin.ServiceManager.Proxy");
if(base == 0)
{
//
// The old deprecated way to retrieve the service manager proxy
//
PropertiesPtr properties = communicator()->getProperties();
Identity managerIdentity;
managerIdentity.category = properties->getPropertyWithDefault("IceBox.InstanceName", "IceBox");
managerIdentity.name = "ServiceManager";
string managerProxy;
if(properties->getProperty("Ice.Default.Locator").empty())
{
string managerEndpoints = properties->getProperty("IceBox.ServiceManager.Endpoints");
if(managerEndpoints.empty())
{
cerr << appName() << ": property `IceBoxAdmin.ServiceManager.Proxy' is not set" << endl;
return EXIT_FAILURE;
}
managerProxy = "\"" + communicator()->identityToString(managerIdentity) + "\" :" + managerEndpoints;
}
else
{
string managerAdapterId = properties->getProperty("IceBox.ServiceManager.AdapterId");
if(managerAdapterId.empty())
{
cerr << appName() << ": property `IceBoxAdmin.ServiceManager.Proxy' is not set" << endl;
return EXIT_FAILURE;
}
managerProxy = "\"" + communicator()->identityToString(managerIdentity) + "\" @" + managerAdapterId;
}
base = communicator()->stringToProxy(managerProxy);
}
IceBox::ServiceManagerPrxPtr manager = ICE_CHECKED_CAST(IceBox::ServiceManagerPrx, base);
if(!manager)
{
cerr << appName() << ": `" << base << "' is not an IceBox::ServiceManager" << endl;
return EXIT_FAILURE;
}
Ice::SliceChecksumDict serverChecksums = manager->getSliceChecksums();
Ice::SliceChecksumDict localChecksums = Ice::sliceChecksums();
for(Ice::SliceChecksumDict::const_iterator p = localChecksums.begin(); p != localChecksums.end(); ++p)
{
Ice::SliceChecksumDict::const_iterator q = serverChecksums.find(p->first);
if(q == serverChecksums.end())
{
cerr << appName() << ": server is using unknown Slice type `" << q->first << "'" << endl;
}
else if(p->second != q->second)
{
cerr << appName() << ": server is using a different Slice definition of `" << q->first << "'" << endl;
}
}
for(vector<string>::const_iterator r = commands.begin(); r != commands.end(); ++r)
{
if((*r) == "shutdown")
{
manager->shutdown();
}
else if((*r) == "start")
{
if(++r == commands.end())
{
cerr << appName() << ": no service name specified." << endl;
return EXIT_FAILURE;
}
try
{
manager->startService(*r);
}
catch(const IceBox::NoSuchServiceException&)
{
cerr << appName() << ": unknown service `" << *r << "'" << endl;
return EXIT_FAILURE;
}
catch(const IceBox::AlreadyStartedException&)
{
cerr << appName() << ": service already started." << endl;
}
}
else if((*r) == "stop")
{
if(++r == commands.end())
{
cerr << appName() << ": no service name specified." << endl;
return EXIT_FAILURE;
}
try
{
manager->stopService(*r);
}
catch(const IceBox::NoSuchServiceException&)
{
cerr << appName() << ": unknown service `" << *r << "'" << endl;
return EXIT_FAILURE;
}
catch(const IceBox::AlreadyStoppedException&)
{
cerr << appName() << ": service already stopped." << endl;
}
}
else
{
cerr << appName() << ": unknown command `" << *r << "'" << endl;
usage();
return EXIT_FAILURE;
}
}
return EXIT_SUCCESS;
}
void
SChannelEngine::initialize()
{
Mutex::Lock lock(_mutex);
if(_initialized)
{
return;
}
SSLEngine::initialize();
const string prefix = "IceSSL.";
const PropertiesPtr properties = communicator()->getProperties();
//
// Protocols selects which protocols to enable, by default we only enable TLS1.0
// TLS1.1 and TLS1.2 to avoid security issues with SSLv3
//
vector<string> defaultProtocols;
defaultProtocols.push_back("tls1_0");
defaultProtocols.push_back("tls1_1");
defaultProtocols.push_back("tls1_2");
const_cast<DWORD&>(_protocols) =
parseProtocols(properties->getPropertyAsListWithDefault(prefix + "Protocols", defaultProtocols));
//
// Check for a default directory. We look in this directory for
// files mentioned in the configuration.
//
string defaultDir = properties->getProperty(prefix + "DefaultDir");
int passwordRetryMax = properties->getPropertyAsIntWithDefault(prefix + "PasswordRetryMax", 3);
PasswordPromptPtr passwordPrompt = getPasswordPrompt();
setPassword(properties->getProperty(prefix + "Password"));
string ciphers = properties->getProperty(prefix + "Ciphers");
if(!ciphers.empty())
{
parseCiphers(ciphers);
}
if(securityTraceLevel() >= 1)
{
ostringstream os;
os << "enabling SSL ciphersuites:";
if(_ciphers.empty())
{
for(int i = 0; i < supportedCiphersSize; ++i)
{
os << "\n " << getCipherName(supportedCiphers[i]);
}
}
else
{
for(vector<ALG_ID>::const_iterator i = _ciphers.begin(); i != _ciphers.end(); ++i)
{
os << "\n " << getCipherName(*i);
}
}
getLogger()->trace(securityTraceCategory(), os.str());
}
string certStore = properties->getPropertyWithDefault(prefix + "CertStore", "CurrentUser");
if(certStore != "CurrentUser" && certStore != "LocalMachine")
{
getLogger()->warning("Invalid IceSSL.CertStore value `" + certStore + "' adjusted to `CurrentUser'");
certStore = "CurrentUser";
}
//
// Create trusted CA store with contents of CertAuthFile
//
string caFile = properties->getProperty(prefix + "CertAuthFile");
if(!caFile.empty())
{
_rootStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 0, 0);
if(!_rootStore)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error creating in memory certificate store:\n" + lastErrorToString());
}
if(!checkPath(caFile, defaultDir, false))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: CA certificate file not found:\n" + caFile);
}
addCertificateToStore(caFile, _rootStore);
//
// Create a chain engine that uses our Trusted Root Store
//
#ifdef __MINGW32__
CertChainEngineConfig config;
memset(&config, 0, sizeof(CertChainEngineConfig));
config.cbSize = sizeof(CertChainEngineConfig);
#else
CERT_CHAIN_ENGINE_CONFIG config;
memset(&config, 0, sizeof(CERT_CHAIN_ENGINE_CONFIG));
config.cbSize = sizeof(CERT_CHAIN_ENGINE_CONFIG);
#endif
config.hExclusiveRoot = _rootStore;
//
// Build the chain using the LocalMachine registry location as opposed
// to the CurrentUser location.
//
if(certStore == "LocalMachine")
{
config.dwFlags = CERT_CHAIN_USE_LOCAL_MACHINE_STORE;
}
#ifdef __MINGW32__
if(!CertCreateCertificateChainEngine(reinterpret_cast<CERT_CHAIN_ENGINE_CONFIG*>(&config), &_chainEngine))
#else
if(!CertCreateCertificateChainEngine(&config, &_chainEngine))
#endif
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error creating certificate chain engine:\n" + lastErrorToString());
}
}
else
{
_chainEngine = (certStore == "LocalMachine") ? HCCE_LOCAL_MACHINE : HCCE_CURRENT_USER;
}
//
// Import the application certificate and private keys.
//
string keySet = properties->getPropertyWithDefault(prefix + "KeySet", "DefaultKeySet");
if(keySet != "DefaultKeySet" && keySet != "UserKeySet" && keySet != "MachineKeySet")
{
getLogger()->warning("Invalid IceSSL.KeySet value `" + keySet + "' adjusted to `DefaultKeySet'");
keySet = "DefaultKeySet";
}
DWORD importFlags = (keySet == "MachineKeySet") ? CRYPT_MACHINE_KEYSET : CRYPT_USER_KEYSET;
string certFile = properties->getProperty(prefix + "CertFile");
string keyFile = properties->getPropertyWithDefault(prefix + "KeyFile", certFile);
if(!certFile.empty())
{
vector<string> certFiles;
if(!splitString(certFile, IceUtilInternal::pathsep, certFiles) || certFiles.size() > 2)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: invalid value for " + prefix + "CertFile:\n" + certFile);
}
vector<string> keyFiles;
if(!splitString(keyFile, IceUtilInternal::pathsep, keyFiles) || keyFiles.size() > 2)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: invalid value for " + prefix + "KeyFile:\n" + keyFile);
}
if(certFiles.size() != keyFiles.size())
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: " + prefix + "KeyFile does not agree with " + prefix + "CertFile");
}
for(size_t i = 0; i < certFiles.size(); ++i)
{
string certFile = certFiles[i];
if(!checkPath(certFile, defaultDir, false))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: certificate file not found:\n" + certFile);
}
vector<char> buffer;
readFile(certFile, buffer);
CRYPT_DATA_BLOB pfxBlob;
pfxBlob.cbData = static_cast<DWORD>(buffer.size());
pfxBlob.pbData = reinterpret_cast<BYTE*>(&buffer[0]);
HCERTSTORE store = 0;
PCCERT_CONTEXT cert = 0;
int err = 0;
int count = 0;
do
{
string s = password(false);
store = PFXImportCertStore(&pfxBlob, stringToWstring(s).c_str(), importFlags);
err = store ? 0 : GetLastError();
}
while(err == ERROR_INVALID_PASSWORD && passwordPrompt && ++count < passwordRetryMax);
if(store)
{
_stores.push_back(store);
cert = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0, CERT_FIND_ANY, 0, cert);
if(!cert)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: certificate error:\n" + lastErrorToString());
}
_certs.push_back(cert);
continue;
}
assert(err);
if(err != CRYPT_E_BAD_ENCODE)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error decoding certificate:\n" + lastErrorToString());
}
//
// Try to load certificate & key as PEM files.
//
err = 0;
keyFile = keyFiles[i];
if(!checkPath(keyFile, defaultDir, false))
{
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: key file not found:\n" + keyFile);
}
readFile(keyFile, buffer);
vector<BYTE> outBuffer;
outBuffer.resize(buffer.size());
DWORD outLength = static_cast<DWORD>(buffer.size());
//
// Convert the PEM encoded buffer to DER binary format.
//
if(!CryptStringToBinary(&buffer[0], static_cast<DWORD>(buffer.size()), CRYPT_STRING_BASE64HEADER,
&outBuffer[0], &outLength, 0, 0))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error decoding key:\n" + lastErrorToString());
}
PCRYPT_PRIVATE_KEY_INFO keyInfo = 0;
BYTE* key = 0;
HCRYPTKEY hKey = 0;
try
{
DWORD decodedLength = 0;
if(!CryptDecodeObjectEx(X509_ASN_ENCODING, PKCS_PRIVATE_KEY_INFO, &outBuffer[0], outLength,
CRYPT_DECODE_ALLOC_FLAG, 0, &keyInfo, &decodedLength))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error decoding key:\n" + lastErrorToString());
}
//
// Check that we are using a RSA Key
//
if(strcmp(keyInfo->Algorithm.pszObjId, szOID_RSA_RSA))
{
throw PluginInitializationException(__FILE__, __LINE__,
string("IceSSL: error unknow key algorithm: `") + keyInfo->Algorithm.pszObjId + "'");
}
//
// Create a new RSA key set to store our key
//
const wstring keySetName = stringToWstring(generateUUID());
HCRYPTPROV cryptProv = 0;
DWORD contextFlags = (keySet == "MachineKeySet") ? CRYPT_MACHINE_KEYSET | CRYPT_NEWKEYSET :
CRYPT_NEWKEYSET;
if(!CryptAcquireContextW(&cryptProv, keySetName.c_str(), MS_DEF_PROV_W, PROV_RSA_FULL, contextFlags))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error acquiring cryptographic context:\n" + lastErrorToString());
}
//
// Decode the private key BLOB
//
if(!CryptDecodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY,
keyInfo->PrivateKey.pbData, keyInfo->PrivateKey.cbData,
CRYPT_DECODE_ALLOC_FLAG, 0, &key, &outLength))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error decoding key:\n" + lastErrorToString());
}
LocalFree(keyInfo);
keyInfo = 0;
//
// Import the private key
//
if(!CryptImportKey(cryptProv, key, outLength, 0, 0, &hKey))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error importing key:\n" + lastErrorToString());
}
LocalFree(key);
key = 0;
CryptDestroyKey(hKey);
hKey = 0;
//
// Create a new memory store to place the certificate
//
store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 0, 0);
if(!store)
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error creating certificate store:\n" + lastErrorToString());
}
addCertificateToStore(certFile, store, &cert);
//
// Associate key & certificate
//
CRYPT_KEY_PROV_INFO keyProvInfo;
memset(&keyProvInfo, 0, sizeof(keyProvInfo));
keyProvInfo.pwszContainerName = const_cast<wchar_t*>(keySetName.c_str());
keyProvInfo.pwszProvName = const_cast<wchar_t*>(MS_DEF_PROV_W);
keyProvInfo.dwProvType = PROV_RSA_FULL;
keyProvInfo.dwKeySpec = AT_KEYEXCHANGE;
if(!CertSetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo))
{
throw PluginInitializationException(__FILE__, __LINE__,
"IceSSL: error seting certificate property:\n" + lastErrorToString());
}
_certs.push_back(cert);
_stores.push_back(store);
}
catch(...)
{
if(keyInfo)
{
LocalFree(keyInfo);
}
if(key)
{
LocalFree(key);
}
if(hKey)
{
CryptDestroyKey(hKey);
}
if(cert)
{
CertFreeCertificateContext(cert);
}
if(store)
{
CertCloseStore(store, 0);
}
throw;
}
}
_allCerts.insert(_allCerts.end(), _certs.begin(), _certs.end());
}
const string findPrefix = prefix + "FindCert.";
map<string, string> certProps = properties->getPropertiesForPrefix(findPrefix);
if(!certProps.empty())
{
for(map<string, string>::const_iterator i = certProps.begin(); i != certProps.end(); ++i)
{
const string name = i->first;
const string val = i->second;
if(!val.empty())
{
string storeSpec = name.substr(findPrefix.size());
vector<PCCERT_CONTEXT> certs = findCertificates(name, storeSpec, val, _stores);
_allCerts.insert(_allCerts.end(), certs.begin(), certs.end());
}
}
if(_allCerts.empty())
{
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: no certificates found");
}
}
_initialized = true;
}
