qdr_terminus_t *qdr_terminus(pn_terminus_t *pn)
{
qdr_terminus_t *term = new_qdr_terminus_t();
ZERO(term);
term->properties = pn_data(0);
term->filter = pn_data(0);
term->outcomes = pn_data(0);
term->capabilities = pn_data(0);
if (pn) {
const char *addr = pn_terminus_get_address(pn);
if (addr && *addr)
term->address = qdr_field(addr);
term->durability = pn_terminus_get_durability(pn);
term->expiry_policy = pn_terminus_get_expiry_policy(pn);
term->timeout = pn_terminus_get_timeout(pn);
term->dynamic = pn_terminus_is_dynamic(pn);
term->distribution_mode = pn_terminus_get_distribution_mode(pn);
pn_data_copy(term->properties, pn_terminus_properties(pn));
pn_data_copy(term->filter, pn_terminus_filter(pn));
pn_data_copy(term->outcomes, pn_terminus_outcomes(pn));
pn_data_copy(term->capabilities, pn_terminus_capabilities(pn));
}
return term;
}
/**
* New Outgoing Link Handler
*/
static int router_outgoing_link_handler(void* context, dx_link_t *link)
{
dx_router_t *router = (dx_router_t*) context;
pn_link_t *pn_link = dx_link_pn(link);
const char *r_tgt = pn_terminus_get_address(pn_link_remote_target(pn_link));
sys_mutex_lock(router->lock);
dx_router_link_t *rlink = new_dx_router_link_t();
rlink->link = link;
DEQ_INIT(rlink->out_fifo);
dx_link_set_context(link, rlink);
dx_field_iterator_t *iter = dx_field_iterator_string(r_tgt, ITER_VIEW_NO_HOST);
int result = hash_insert(router->out_hash, iter, rlink);
dx_field_iterator_free(iter);
if (result == 0) {
pn_terminus_copy(pn_link_source(pn_link), pn_link_remote_source(pn_link));
pn_terminus_copy(pn_link_target(pn_link), pn_link_remote_target(pn_link));
pn_link_open(pn_link);
sys_mutex_unlock(router->lock);
dx_log(module, LOG_TRACE, "Registered new local address: %s", r_tgt);
return 0;
}
dx_log(module, LOG_TRACE, "Address '%s' not registered as it already exists", r_tgt);
pn_link_close(pn_link);
sys_mutex_unlock(router->lock);
return 0;
}
bool qd_policy_approve_amqp_receiver_link(pn_link_t *pn_link, qd_connection_t *qd_conn)
{
const char *hostip = qdpn_connector_hostip(qd_conn->pn_cxtr);
const char *app = pn_connection_remote_hostname(qd_connection_pn(qd_conn));
if (qd_conn->policy_settings->maxReceivers) {
if (qd_conn->n_receivers == qd_conn->policy_settings->maxReceivers) {
// Max sender limit specified and violated.
qd_log(qd_conn->server->qd->policy->log_source, QD_LOG_INFO,
"DENY AMQP Attach receiver for user '%s', host '%s', app '%s' based on maxReceivers limit",
qd_conn->user_id, hostip, app);
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
return false;
} else {
// max receiver limit not violated
}
} else {
// max receiver limit not specified
}
// Approve receiver link based on source
bool dynamic_src = pn_terminus_is_dynamic(pn_link_remote_source(pn_link));
if (dynamic_src) {
bool lookup = qd_conn->policy_settings->allowDynamicSrc;
qd_log(qd_conn->server->qd->policy->log_source, (lookup ? QD_LOG_TRACE : QD_LOG_INFO),
"%s AMQP Attach receiver dynamic source for user '%s', host '%s', app '%s',",
(lookup ? "ALLOW" : "DENY"), qd_conn->user_id, hostip, app);
// Dynamic source policy rendered the decision
if (!lookup) {
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
}
return lookup;
}
const char * source = pn_terminus_get_address(pn_link_remote_source(pn_link));
if (source && *source) {
// a source is specified
bool lookup = _qd_policy_approve_link_name(qd_conn->user_id, qd_conn->policy_settings->sources, source);
qd_log(qd_conn->server->qd->policy->log_source, (lookup ? QD_LOG_TRACE : QD_LOG_INFO),
"%s AMQP Attach receiver link '%s' for user '%s', host '%s', app '%s' based on link source name",
(lookup ? "ALLOW" : "DENY"), source, qd_conn->user_id, hostip, app);
if (!lookup) {
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
return false;
}
} else {
// A receiver with no remote source.
qd_log(qd_conn->server->qd->policy->log_source, QD_LOG_TRACE,
"DENY AMQP Attach receiver link '' for user '%s', host '%s', app '%s'",
qd_conn->user_id, hostip, app);
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
return false;
}
// Approved
return true;
}
static void setup_outgoing_link(qd_container_t *container, pn_link_t *pn_link)
{
sys_mutex_lock(container->lock);
qd_node_t *node = 0;
const char *source = pn_terminus_get_address(pn_link_remote_source(pn_link));
qd_field_iterator_t *iter;
// TODO - Extract the name from the structured source
if (source) {
iter = qd_address_iterator_string(source, ITER_VIEW_NODE_ID);
qd_hash_retrieve(container->node_map, iter, (void*) &node);
qd_field_iterator_free(iter);
}
sys_mutex_unlock(container->lock);
if (node == 0) {
if (container->default_node)
node = container->default_node;
else {
pn_condition_t *cond = pn_link_condition(pn_link);
pn_condition_set_name(cond, "amqp:not-found");
pn_condition_set_description(cond, "Source node does not exist");
pn_link_close(pn_link);
return;
}
}
qd_link_t *link = new_qd_link_t();
if (!link) {
pn_condition_t *cond = pn_link_condition(pn_link);
pn_condition_set_name(cond, "amqp:internal-error");
pn_condition_set_description(cond, "Insufficient memory");
pn_link_close(pn_link);
return;
}
link->pn_sess = pn_link_session(pn_link);
link->pn_link = pn_link;
link->direction = QD_OUTGOING;
link->context = 0;
link->node = node;
link->remote_snd_settle_mode = pn_link_remote_snd_settle_mode(pn_link);
link->drain_mode = pn_link_get_drain(pn_link);
link->close_sess_with_link = false;
//
// Keep the borrowed references
//
pn_incref(pn_link);
pn_incref(link->pn_sess);
pn_link_set_context(pn_link, link);
node->ntype->outgoing_handler(node->context, link);
}
bool qd_policy_approve_amqp_sender_link(pn_link_t *pn_link, qd_connection_t *qd_conn)
{
const char *hostip = qdpn_connector_hostip(qd_conn->pn_cxtr);
const char *app = pn_connection_remote_hostname(qd_connection_pn(qd_conn));
if (qd_conn->policy_settings->maxSenders) {
if (qd_conn->n_senders == qd_conn->policy_settings->maxSenders) {
// Max sender limit specified and violated.
qd_log(qd_conn->server->qd->policy->log_source, QD_LOG_INFO,
"DENY AMQP Attach sender for user '%s', host '%s', app '%s' based on maxSenders limit",
qd_conn->user_id, hostip, app);
_qd_policy_deny_amqp_sender_link(pn_link, qd_conn);
return false;
} else {
// max sender limit not violated
}
} else {
// max sender limit not specified
}
// Approve sender link based on target
const char * target = pn_terminus_get_address(pn_link_remote_target(pn_link));
bool lookup;
if (target && *target) {
// a target is specified
lookup = _qd_policy_approve_link_name(qd_conn->user_id, qd_conn->policy_settings->targets, target);
qd_log(qd_conn->server->qd->policy->log_source, (lookup ? QD_LOG_TRACE : QD_LOG_INFO),
"%s AMQP Attach sender link '%s' for user '%s', host '%s', app '%s' based on link target name",
(lookup ? "ALLOW" : "DENY"), target, qd_conn->user_id, hostip, app);
if (!lookup) {
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
return false;
}
} else {
// A sender with no remote target.
// This happens all the time with anonymous relay
lookup = qd_conn->policy_settings->allowAnonymousSender;
qd_log(qd_conn->server->qd->policy->log_source, (lookup ? QD_LOG_TRACE : QD_LOG_INFO),
"%s AMQP Attach anonymous sender for user '%s', host '%s', app '%s'",
(lookup ? "ALLOW" : "DENY"), qd_conn->user_id, hostip, app);
if (!lookup) {
_qd_policy_deny_amqp_receiver_link(pn_link, qd_conn);
return false;
}
}
// Approved
return true;
}
/**
* Link Detached Handler
*/
static int router_link_detach_handler(void* context, dx_link_t *link, int closed)
{
dx_router_t *router = (dx_router_t*) context;
pn_link_t *pn_link = dx_link_pn(link);
const char *r_tgt = pn_terminus_get_address(pn_link_remote_target(pn_link));
dx_link_item_t *item;
sys_mutex_lock(router->lock);
if (pn_link_is_sender(pn_link)) {
item = DEQ_HEAD(router->out_links);
dx_field_iterator_t *iter = dx_field_iterator_string(r_tgt, ITER_VIEW_NO_HOST);
dx_router_link_t *rlink;
if (iter) {
int result = hash_retrieve(router->out_hash, iter, (void*) &rlink);
if (result == 0) {
dx_field_iterator_reset(iter, ITER_VIEW_NO_HOST);
hash_remove(router->out_hash, iter);
free_dx_router_link_t(rlink);
dx_log(module, LOG_TRACE, "Removed local address: %s", r_tgt);
}
dx_field_iterator_free(iter);
}
}
else
item = DEQ_HEAD(router->in_links);
while (item) {
if (item->link == link) {
if (pn_link_is_sender(pn_link))
DEQ_REMOVE(router->out_links, item);
else
DEQ_REMOVE(router->in_links, item);
free_dx_link_item_t(item);
break;
}
item = item->next;
}
sys_mutex_unlock(router->lock);
return 0;
}
std::string terminus::address() const {
const char *addr = pn_terminus_get_address(object_);
return addr ? std::string(addr) : std::string();
}
std::string terminus::address() const {
const char *addr = pn_terminus_get_address(pn_cast(this));
return addr ? std::string(addr) : std::string();
}
/**
* Inbound Delivery Handler
*/
static void AMQP_rx_handler(void* context, qd_link_t *link, pn_delivery_t *pnd)
{
qd_router_t *router = (qd_router_t*) context;
pn_link_t *pn_link = qd_link_pn(link);
qdr_link_t *rlink = (qdr_link_t*) qd_link_get_context(link);
qdr_delivery_t *delivery = 0;
qd_message_t *msg;
//
// Receive the message into a local representation. If the returned message
// pointer is NULL, we have not yet received a complete message.
//
// Note: In the link-routing case, consider cutting the message through. There's
// no reason to wait for the whole message to be received before starting to
// send it.
//
msg = qd_message_receive(pnd);
if (!msg)
return;
//
// Consume the delivery.
//
pn_link_advance(pn_link);
//
// If there's no router link, free the message and finish. It's likely that the link
// is closing.
//
if (!rlink) {
qd_message_free(msg);
return;
}
//
// Handle the link-routed case
//
if (qdr_link_is_routed(rlink)) {
pn_delivery_tag_t dtag = pn_delivery_tag(pnd);
delivery = qdr_link_deliver_to_routed_link(rlink, msg, pn_delivery_settled(pnd), (uint8_t*) dtag.start, dtag.size);
if (delivery) {
if (pn_delivery_settled(pnd))
pn_delivery_settle(pnd);
else {
pn_delivery_set_context(pnd, delivery);
qdr_delivery_set_context(delivery, pnd);
qdr_delivery_incref(delivery);
}
}
return;
}
//
// Determine if the incoming link is anonymous. If the link is addressed,
// there are some optimizations we can take advantage of.
//
bool anonymous_link = qdr_link_is_anonymous(rlink);
//
// Determine if the user of this connection is allowed to proxy the
// user_id of messages. A message user_id is proxied when the
// property value differs from the authenticated user name of the connection.
// If the user is not allowed to proxy the user_id then the message user_id
// must be blank or it must be equal to the connection user name.
//
bool check_user = false;
qd_connection_t *conn = qd_link_connection(link);
if (conn->policy_settings)
check_user = !conn->policy_settings->allowUserIdProxy;
//
// Validate the content of the delivery as an AMQP message. This is done partially, only
// to validate that we can find the fields we need to route the message.
//
// If the link is anonymous, we must validate through the message properties to find the
// 'to' field. If the link is not anonymous, we don't need the 'to' field as we will be
// using the address from the link target.
//
qd_message_depth_t validation_depth = (anonymous_link || check_user) ? QD_DEPTH_PROPERTIES : QD_DEPTH_MESSAGE_ANNOTATIONS;
bool valid_message = qd_message_check(msg, validation_depth);
if (valid_message) {
if (check_user) {
// This connection must not allow proxied user_id
qd_iterator_t *userid_iter = qd_message_field_iterator(msg, QD_FIELD_USER_ID);
if (userid_iter) {
// The user_id property has been specified
if (qd_iterator_remaining(userid_iter) > 0) {
// user_id property in message is not blank
if (!qd_iterator_equal(userid_iter, (const unsigned char *)conn->user_id)) {
// This message is rejected: attempted user proxy is disallowed
qd_log(router->log_source, QD_LOG_DEBUG, "Message rejected due to user_id proxy violation. User:%s", conn->user_id);
pn_link_flow(pn_link, 1);
pn_delivery_update(pnd, PN_REJECTED);
pn_delivery_settle(pnd);
qd_message_free(msg);
qd_iterator_free(userid_iter);
return;
}
}
qd_iterator_free(userid_iter);
}
}
qd_parsed_field_t *in_ma = qd_message_message_annotations(msg);
qd_bitmask_t *link_exclusions;
bool strip = qdr_link_strip_annotations_in(rlink);
qd_iterator_t *ingress_iter = router_annotate_message(router, in_ma, msg, &link_exclusions, strip);
if (anonymous_link) {
qd_iterator_t *addr_iter = 0;
int phase = 0;
//
// If the message has delivery annotations, get the to-override field from the annotations.
//
if (in_ma) {
qd_parsed_field_t *ma_to = qd_parse_value_by_key(in_ma, QD_MA_TO);
if (ma_to) {
addr_iter = qd_iterator_dup(qd_parse_raw(ma_to));
phase = qd_message_get_phase_annotation(msg);
}
}
//
// Still no destination address? Use the TO field from the message properties.
//
if (!addr_iter)
addr_iter = qd_message_field_iterator(msg, QD_FIELD_TO);
if (addr_iter) {
qd_iterator_reset_view(addr_iter, ITER_VIEW_ADDRESS_HASH);
if (phase > 0)
qd_iterator_annotate_phase(addr_iter, '0' + (char) phase);
delivery = qdr_link_deliver_to(rlink, msg, ingress_iter, addr_iter, pn_delivery_settled(pnd),
link_exclusions);
}
} else {
const char *term_addr = pn_terminus_get_address(qd_link_remote_target(link));
if (!term_addr)
term_addr = pn_terminus_get_address(qd_link_source(link));
if (term_addr) {
qd_composed_field_t *to_override = qd_compose_subfield(0);
qd_compose_insert_string(to_override, term_addr);
qd_message_set_to_override_annotation(msg, to_override);
int phase = qdr_link_phase(rlink);
if (phase != 0)
qd_message_set_phase_annotation(msg, phase);
}
delivery = qdr_link_deliver(rlink, msg, ingress_iter, pn_delivery_settled(pnd), link_exclusions);
}
if (delivery) {
if (pn_delivery_settled(pnd))
pn_delivery_settle(pnd);
else {
pn_delivery_set_context(pnd, delivery);
qdr_delivery_set_context(delivery, pnd);
qdr_delivery_incref(delivery);
}
} else {
//
// The message is now and will always be unroutable because there is no address.
//
pn_link_flow(pn_link, 1);
pn_delivery_update(pnd, PN_REJECTED);
pn_delivery_settle(pnd);
qd_message_free(msg);
}
//
// Rules for delivering messages:
//
// For addressed (non-anonymous) links:
// to-override must be set (done in the core?)
// uses qdr_link_deliver to hand over to the core
//
// For anonymous links:
// If there's a to-override in the annotations, use that address
// Or, use the 'to' field in the message properties
//
} else {
//
// Message is invalid. Reject the message and don't involve the router core.
//
pn_link_flow(pn_link, 1);
pn_delivery_update(pnd, PN_REJECTED);
pn_delivery_settle(pnd);
qd_message_free(msg);
}
}