ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/projects/cms/source/server/uk/org/iscream/cms/server/filter/KeyManager.java
Revision: 1.6
Committed: Mon Feb 24 20:18:49 2003 UTC (21 years, 3 months ago) by tdb
Branch: MAIN
CVS Tags: HEAD
Changes since 1.5: +2 -2 lines
State: FILE REMOVED
Log Message: 
Fairly major commit. This will break the current version of ihost, but this
had to be done really to give Pete something to test the new ihost against.

The main change here is removal of the TCP Heartbeat functionality from the
filter. This meant the following features stopped working :-
  - Heartbeat testing
  - Configuration checking
  - Service checks

The heartbeat testing, specifically the monitor, now looks at the presence
of UDP packets instead. Before it just looked for the presence of a TCP
heartbeat packet, so the change their is fairly negligible. Of course this
means heartbeat testing now relies on the UDP working... but I don't see
this as a problem.

Configuration checking has been repositioned in to the filtermanager. This
is a backwards compatible change - the filtermanager should still perform
as it should for older hosts. But now there's an extra command to check the
configuration is up-to-date, with a similar format to the old TCP protocol
in the filter. (although we may optimise this soon)

The service checks are broken. This isn't a major issue for us as they were
pretty useless in the first place. The concept is good, but the checks are
just far too primitive. I expect at some point I'll work on a seperate
component that just monitors services, which will replace this function.

Further changes in the server include removal of the key checking code,
as this relied on a bolt on to the TCP heartbeat protocol to ship the
key. This got more akward than originally planned, so I'm happy to drop the
idea. In the long term we hope to replace this with a public key systems
for signing and even encryption.

Finally, general tidy up to remove other bits of code that check for
TCP heartbeat packets when they don't need to any more.

File Contents

# User Rev Content
1 tdb 1.3 /*
2     * i-scream central monitoring system
3 tdb 1.4 * http://www.i-scream.org.uk
4 tdb 1.3 * Copyright (C) 2000-2002 i-scream
5     *
6     * This program is free software; you can redistribute it and/or
7     * modify it under the terms of the GNU General Public License
8     * as published by the Free Software Foundation; either version 2
9     * of the License, or (at your option) any later version.
10     *
11     * This program is distributed in the hope that it will be useful,
12     * but WITHOUT ANY WARRANTY; without even the implied warranty of
13     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14     * GNU General Public License for more details.
15     *
16     * You should have received a copy of the GNU General Public License
17     * along with this program; if not, write to the Free Software
18     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19     */
20    
21 tdb 1.1 //---PACKAGE DECLARATION---
22     package uk.org.iscream.cms.server.filter;
23    
24     //---IMPORTS---
25 tdb 1.5 import uk.org.iscream.cms.util.*;
26 tdb 1.1 import uk.org.iscream.cms.server.core.*;
27     import uk.org.iscream.cms.server.componentmanager.*;
28     import java.util.Random;
29     import java.util.HashMap;
30    
31     /**
32     * Acts as a store and checking mechanism for host keys.
33     *
34 tdb 1.2 * @author $Author: tdb $
35 tdb 1.6 * @version $Id: KeyManager.java,v 1.5 2003/02/05 16:43:47 tdb Exp $
36 tdb 1.1 */
37     public class KeyManager {
38    
39     //---FINAL ATTRIBUTES---
40    
41     /**
42     * The current CVS revision of this class
43     */
44 tdb 1.6 public final String REVISION = "$Revision: 1.5 $";
45 tdb 1.1
46     /**
47     * The set of characters to be used for our keys
48     */
49     private final char[] KEYSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789".toCharArray();
50    
51     /**
52 tdb 1.2 * Default key length
53 tdb 1.1 */
54 tdb 1.2 public static final int DEFKEYLEN = 15;
55 tdb 1.1
56     //---STATIC METHODS---
57    
58     /**
59     * Return a reference to the single class.
60     * Construct it if it does not already exist, otherwise just return the reference.
61     */
62     public synchronized static KeyManager getInstance() {
63     if (_instance == null){
64     _instance = new KeyManager();
65     }
66     return _instance;
67     }
68    
69     //---CONSTRUCTORS---
70    
71     /**
72     * Private constructor to avoid external construction.
73     */
74     private KeyManager() {
75 tdb 1.2 try {
76     String keylen = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.KeyLength");
77     _keylen = Integer.parseInt(keylen);
78     }
79     catch (PropertyNotFoundException e) {
80     _keylen = DEFKEYLEN;
81     _logger.write(toString(), Logger.WARNING, "No key length found, using default of " +_keylen+ " : " + e);
82     }
83     catch (NumberFormatException e) {
84     _keylen = DEFKEYLEN;
85     _logger.write(toString(), Logger.WARNING, "Malformed key length found, using default of " +_keylen+ " : " + e);
86     }
87 tdb 1.1 }
88    
89     //---PUBLIC METHODS---
90    
91     /**
92     * Add or replace a key.
93     *
94     * @param host the hostname to add a key for
95     * @param key the key to add
96     */
97     public synchronized void addKey(String host, String key) {
98     _keys.put(host, key);
99     }
100    
101     /**
102     * Check if a given key is currently valid.
103     * Will respond negatively if the key doesn't match,
104     * or if no key is found (and EnforceHostAuth is on).
105     *
106     * @param host the hostname to check the key for
107     * @param key the key to check
108     * @return whether the check was successful
109     */
110     public synchronized boolean checkKey(String host, String key) {
111     Object o = _keys.get(host);
112     if(o != null) {
113     // if our key isn't null, we want to make
114     // sure it matches that given
115     String ourKey = (String) o;
116     return ourKey.equals(key);
117     }
118     else {
119     // default to enforcing host auth
120     boolean enforceHostAuth = true;
121     try {
122     // try to get see what's in the config
123     String enforce = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.EnforceHostAuth");
124     enforceHostAuth = (Integer.parseInt(enforce) == 1);
125     }
126     catch(PropertyNotFoundException e) {
127     // if it's not set, not enforced
128     _logger.write(toString(), Logger.WARNING, "EnforceHostAuth property not found: " + e);
129     enforceHostAuth = false;
130     }
131     catch(NumberFormatException e) {
132     // if it's not a number, not enforced
133     _logger.write(toString(), Logger.WARNING, "EnforceHostAuth property malformed: " + e);
134     enforceHostAuth = false;
135     }
136     // if enforceHostAuth is true we want to fail the check
137     // and vice-versa
138     return !enforceHostAuth;
139     }
140     }
141    
142     /**
143     * Generate a random key with length KEYLEN.
144     *
145     * @return a random key as a String
146     */
147     public String genKey() {
148     Random r = new Random();
149     StringBuffer s = new StringBuffer();
150 tdb 1.2 for(int i=0; i < _keylen; i++) {
151 tdb 1.1 s.append(KEYSET[r.nextInt(KEYSET.length)]);
152     }
153     return s.toString();
154     }
155    
156     /**
157     * Overrides the {@link java.lang.Object#toString() Object.toString()}
158     * method to provide clean logging (every class should have this).
159     *
160 tdb 1.5 * This uses the uk.org.iscream.cms.util.NameFormat class
161 tdb 1.1 * to format the toString()
162     *
163     * @return the name of this class and its CVS revision
164     */
165     public String toString() {
166     return FormatName.getName(
167     _name,
168     getClass().getName(),
169     REVISION);
170     }
171    
172     //---PRIVATE METHODS---
173    
174     //---ACCESSOR/MUTATOR METHODS---
175    
176     //---ATTRIBUTES---
177    
178     /**
179     * This holds the current keys for
180     * the hosts we're authenticating
181     */
182     private HashMap _keys = new HashMap();
183 tdb 1.2
184     /**
185     * The length of our keys
186     */
187     private int _keylen;
188 tdb 1.1
189     /**
190     * This holds a reference to the
191     * system logger that is being used.
192     */
193     private Logger _logger = ReferenceManager.getInstance().getLogger();
194    
195     /**
196     * This is the friendly identifier of the
197     * component this class is running in.
198     * eg, a Filter may be called "filter1",
199     * If this class does not have an owning
200     * component, a name from the configuration
201     * can be placed here. This name could also
202     * be changed to null for utility classes.
203     */
204     private String _name = FilterMain.NAME;
205    
206     //---STATIC ATTRIBUTES---
207    
208     /**
209     * A reference to the single instance of this class
210     */
211     private static KeyManager _instance;
212    
213     }