diff --git a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslServerSocketFactory.java b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslServerSocketFactory.java index 97634fdd2a..eaf45d4d5b 100644 --- a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslServerSocketFactory.java +++ b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslServerSocketFactory.java @@ -6,8 +6,6 @@ import javax.net.ssl.X509KeyManager; import java.io.IOException; -import java.net.InetAddress; -import java.net.ServerSocket; import java.security.KeyStore; // Wrap JSSEKeyManager with our own key manager so we can control handing out certificates @@ -37,22 +35,4 @@ protected KeyStore getKeystore(final String type, final String provider, final S System.setProperty("javax.net.ssl.keyStore", keyStorePath); return KeyStoreHelper.getInstance().getKeyStore(); } - - @Override - public ServerSocket createSocket (final int port) throws IOException - { - return new SniDecorator().addSni(super.createSocket(port)); - } - - @Override - public ServerSocket createSocket (final int port, final int backlog) throws IOException - { - return new SniDecorator().addSni(super.createSocket(port, backlog)); - } - - @Override - public ServerSocket createSocket (final int port, final int backlog, final InetAddress ifAddress) throws IOException - { - return new SniDecorator().addSni(super.createSocket(port, backlog, ifAddress)); - } } diff --git a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/SniDecorator.java b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/SniDecorator.java deleted file mode 100644 index 566b3eb31c..0000000000 --- a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/SniDecorator.java +++ /dev/null @@ -1,25 +0,0 @@ -package com.comcast.cdn.traffic_control.traffic_router.protocol; - -import javax.net.ssl.SNIMatcher; -import javax.net.ssl.SSLParameters; -import javax.net.ssl.SSLServerSocket; -import java.net.ServerSocket; -import java.util.ArrayList; -import java.util.Collection; - -import static javax.net.ssl.SNIHostName.createSNIMatcher; - -public class SniDecorator { - public ServerSocket addSni(final ServerSocket socket) { - if (!(socket instanceof SSLServerSocket)) { - return socket; - } - - final Collection matchers = new ArrayList<>(1); - matchers.add(createSNIMatcher("www\\.example\\.(com|org)")); - - final SSLParameters sslParameters = ((SSLServerSocket) socket).getSSLParameters(); - sslParameters.setSNIMatchers(matchers); - return socket; - } -} diff --git a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/LanguidState.java b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/LanguidState.java index d6e809f593..c7213938d6 100644 --- a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/LanguidState.java +++ b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/util/LanguidState.java @@ -31,6 +31,7 @@ public class LanguidState { private TrafficRouterManager trafficRouterManager; private int port = 0; private int apiPort = 0; + private int securePort = 0; public void init() { if (trafficRouterManager == null || trafficRouterManager.getTrafficRouter() == null) { @@ -57,23 +58,32 @@ public void init() { for (final String key : JSONObject.getNames(routers)) { final JSONObject routerJson = routers.optJSONObject(key); - if (hostname.equalsIgnoreCase(key)) { // this is us - if (routerJson.has("port")) { - setPort(routerJson.optInt("port")); - } - - if (routerJson.has("api.port")) { - setApiPort(routerJson.optInt("api.port")); - trafficRouterManager.setApiPort(apiPort); - } - - break; + if (! hostname.equalsIgnoreCase(key)) { + continue; } + + initPorts(routerJson); + break; } setReady(true); } + private void initPorts(final JSONObject routerJson) { + if (routerJson.has("port")) { + setPort(routerJson.optInt("port")); + } + + if (routerJson.has("api.port")) { + setApiPort(routerJson.optInt("api.port")); + trafficRouterManager.setApiPort(apiPort); + } + + if (routerJson.has("secure.port")) { + setSecurePort(routerJson.optInt("secure.port")); + } + } + public boolean isReady() { return ready; } @@ -105,4 +115,12 @@ public TrafficRouterManager getTrafficRouterManager() { public void setTrafficRouterManager(final TrafficRouterManager trafficRouterManager) { this.trafficRouterManager = trafficRouterManager; } + + public int getSecurePort() { + return securePort; + } + + public void setSecurePort(final int securePort) { + this.securePort = securePort; + } } diff --git a/traffic_router/core/src/main/opt/tomcat/conf/server.xml b/traffic_router/core/src/main/opt/tomcat/conf/server.xml index f2473c23e8..c2bb79529e 100644 --- a/traffic_router/core/src/main/opt/tomcat/conf/server.xml +++ b/traffic_router/core/src/main/opt/tomcat/conf/server.xml @@ -38,7 +38,7 @@ + connectionTimeout="20000" mbeanPath="traffic-router:name=languidState" readyAttribute="Ready" portAttribute="SecurePort"/>