bayserver-core 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/baykit/bayserver/agent/accept_handler.rb +97 -0
- data/lib/baykit/bayserver/agent/channel_listener.rb +35 -0
- data/lib/baykit/bayserver/agent/command_receiver.rb +75 -0
- data/lib/baykit/bayserver/agent/grand_agent.rb +319 -0
- data/lib/baykit/bayserver/agent/grand_agent_monitor.rb +217 -0
- data/lib/baykit/bayserver/agent/next_socket_action.rb +14 -0
- data/lib/baykit/bayserver/agent/non_blocking_handler.rb +433 -0
- data/lib/baykit/bayserver/agent/package.rb +3 -0
- data/lib/baykit/bayserver/agent/signal/signal_agent.rb +165 -0
- data/lib/baykit/bayserver/agent/signal/signal_proxy.rb +18 -0
- data/lib/baykit/bayserver/agent/signal/signal_sender.rb +99 -0
- data/lib/baykit/bayserver/agent/spin_handler.rb +140 -0
- data/lib/baykit/bayserver/agent/transporter/data_listener.rb +38 -0
- data/lib/baykit/bayserver/agent/transporter/package.rb +3 -0
- data/lib/baykit/bayserver/agent/transporter/plain_transporter.rb +55 -0
- data/lib/baykit/bayserver/agent/transporter/secure_transporter.rb +81 -0
- data/lib/baykit/bayserver/agent/transporter/spin_read_transporter.rb +111 -0
- data/lib/baykit/bayserver/agent/transporter/spin_write_transporter.rb +125 -0
- data/lib/baykit/bayserver/agent/transporter/transporter.rb +466 -0
- data/lib/baykit/bayserver/agent/upgrade_exception.rb +11 -0
- data/lib/baykit/bayserver/bay_dockers.rb +60 -0
- data/lib/baykit/bayserver/bay_exception.rb +12 -0
- data/lib/baykit/bayserver/bay_log.rb +148 -0
- data/lib/baykit/bayserver/bay_message.rb +20 -0
- data/lib/baykit/bayserver/bayserver.rb +529 -0
- data/lib/baykit/bayserver/bcf/bcf_document.rb +44 -0
- data/lib/baykit/bayserver/bcf/bcf_element.rb +30 -0
- data/lib/baykit/bayserver/bcf/bcf_key_val.rb +19 -0
- data/lib/baykit/bayserver/bcf/bcf_object.rb +15 -0
- data/lib/baykit/bayserver/bcf/bcf_parser.rb +180 -0
- data/lib/baykit/bayserver/bcf/package.rb +6 -0
- data/lib/baykit/bayserver/bcf/parse_exception.rb +15 -0
- data/lib/baykit/bayserver/config_exception.rb +25 -0
- data/lib/baykit/bayserver/constants.rb +8 -0
- data/lib/baykit/bayserver/docker/base/club_base.rb +117 -0
- data/lib/baykit/bayserver/docker/base/docker_base.rb +66 -0
- data/lib/baykit/bayserver/docker/base/inbound_data_listener.rb +89 -0
- data/lib/baykit/bayserver/docker/base/inbound_handler.rb +42 -0
- data/lib/baykit/bayserver/docker/base/inbound_ship.rb +341 -0
- data/lib/baykit/bayserver/docker/base/inbound_ship_store.rb +65 -0
- data/lib/baykit/bayserver/docker/base/port_base.rb +228 -0
- data/lib/baykit/bayserver/docker/base/reroute_base.rb +28 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_city_docker.rb +303 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_harbor_docker.rb +226 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_log_docker.rb +302 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_permission_docker.rb +242 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_secure_docker.rb +157 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_town_docker.rb +117 -0
- data/lib/baykit/bayserver/docker/built_in/built_in_trouble_docker.rb +57 -0
- data/lib/baykit/bayserver/docker/built_in/log_boat.rb +71 -0
- data/lib/baykit/bayserver/docker/built_in/log_item.rb +18 -0
- data/lib/baykit/bayserver/docker/built_in/log_item_factory.rb +18 -0
- data/lib/baykit/bayserver/docker/built_in/log_items.rb +287 -0
- data/lib/baykit/bayserver/docker/built_in/write_file_taxi.rb +101 -0
- data/lib/baykit/bayserver/docker/city.rb +22 -0
- data/lib/baykit/bayserver/docker/club.rb +45 -0
- data/lib/baykit/bayserver/docker/docker.rb +8 -0
- data/lib/baykit/bayserver/docker/harbor.rb +34 -0
- data/lib/baykit/bayserver/docker/log.rb +17 -0
- data/lib/baykit/bayserver/docker/package.rb +12 -0
- data/lib/baykit/bayserver/docker/permission.rb +18 -0
- data/lib/baykit/bayserver/docker/port.rb +39 -0
- data/lib/baykit/bayserver/docker/reroute.rb +17 -0
- data/lib/baykit/bayserver/docker/secure.rb +22 -0
- data/lib/baykit/bayserver/docker/send_file/directory_train.rb +123 -0
- data/lib/baykit/bayserver/docker/send_file/file_content_handler.rb +43 -0
- data/lib/baykit/bayserver/docker/send_file/send_file_docker.rb +71 -0
- data/lib/baykit/bayserver/docker/town.rb +30 -0
- data/lib/baykit/bayserver/docker/trouble.rb +17 -0
- data/lib/baykit/bayserver/docker/warp/package.rb +4 -0
- data/lib/baykit/bayserver/docker/warp/warp_data.rb +84 -0
- data/lib/baykit/bayserver/docker/warp/warp_data_listener.rb +112 -0
- data/lib/baykit/bayserver/docker/warp/warp_docker.rb +273 -0
- data/lib/baykit/bayserver/docker/warp/warp_handler.rb +38 -0
- data/lib/baykit/bayserver/docker/warp/warp_ship.rb +166 -0
- data/lib/baykit/bayserver/docker/warp/warp_ship_store.rb +111 -0
- data/lib/baykit/bayserver/http_exception.rb +33 -0
- data/lib/baykit/bayserver/mem_usage.rb +104 -0
- data/lib/baykit/bayserver/protocol/command.rb +21 -0
- data/lib/baykit/bayserver/protocol/command_handler.rb +9 -0
- data/lib/baykit/bayserver/protocol/command_packer.rb +49 -0
- data/lib/baykit/bayserver/protocol/command_unpacker.rb +13 -0
- data/lib/baykit/bayserver/protocol/package.rb +15 -0
- data/lib/baykit/bayserver/protocol/packet.rb +63 -0
- data/lib/baykit/bayserver/protocol/packet_factory.rb +13 -0
- data/lib/baykit/bayserver/protocol/packet_packer.rb +30 -0
- data/lib/baykit/bayserver/protocol/packet_part_accessor.rb +122 -0
- data/lib/baykit/bayserver/protocol/packet_store.rb +139 -0
- data/lib/baykit/bayserver/protocol/packet_unpacker.rb +17 -0
- data/lib/baykit/bayserver/protocol/protocol_exception.rb +17 -0
- data/lib/baykit/bayserver/protocol/protocol_handler.rb +64 -0
- data/lib/baykit/bayserver/protocol/protocol_handler_factory.rb +14 -0
- data/lib/baykit/bayserver/protocol/protocol_handler_store.rb +109 -0
- data/lib/baykit/bayserver/sink.rb +22 -0
- data/lib/baykit/bayserver/taxi/taxi.rb +38 -0
- data/lib/baykit/bayserver/taxi/taxi_runner.rb +31 -0
- data/lib/baykit/bayserver/tours/content_consume_listener.rb +20 -0
- data/lib/baykit/bayserver/tours/package.rb +4 -0
- data/lib/baykit/bayserver/tours/read_file_taxi.rb +102 -0
- data/lib/baykit/bayserver/tours/req_content_handler.rb +37 -0
- data/lib/baykit/bayserver/tours/send_file_train.rb +65 -0
- data/lib/baykit/bayserver/tours/send_file_yacht.rb +93 -0
- data/lib/baykit/bayserver/tours/tour.rb +195 -0
- data/lib/baykit/bayserver/tours/tour_req.rb +251 -0
- data/lib/baykit/bayserver/tours/tour_res.rb +400 -0
- data/lib/baykit/bayserver/tours/tour_store.rb +121 -0
- data/lib/baykit/bayserver/train/train.rb +54 -0
- data/lib/baykit/bayserver/train/train_runner.rb +32 -0
- data/lib/baykit/bayserver/util/byte_array.rb +54 -0
- data/lib/baykit/bayserver/util/byte_buffer.rb +13 -0
- data/lib/baykit/bayserver/util/cgi_util.rb +165 -0
- data/lib/baykit/bayserver/util/char_util.rb +22 -0
- data/lib/baykit/bayserver/util/cities.rb +45 -0
- data/lib/baykit/bayserver/util/class_util.rb +17 -0
- data/lib/baykit/bayserver/util/counter.rb +23 -0
- data/lib/baykit/bayserver/util/data_consume_listener.rb +13 -0
- data/lib/baykit/bayserver/util/executor_service.rb +81 -0
- data/lib/baykit/bayserver/util/groups.rb +110 -0
- data/lib/baykit/bayserver/util/gzip_compressor.rb +55 -0
- data/lib/baykit/bayserver/util/headers.rb +194 -0
- data/lib/baykit/bayserver/util/host_matcher.rb +48 -0
- data/lib/baykit/bayserver/util/http_status.rb +60 -0
- data/lib/baykit/bayserver/util/http_util.rb +157 -0
- data/lib/baykit/bayserver/util/io_util.rb +32 -0
- data/lib/baykit/bayserver/util/ip_matcher.rb +67 -0
- data/lib/baykit/bayserver/util/key_val.rb +15 -0
- data/lib/baykit/bayserver/util/key_val_list_parser.rb +53 -0
- data/lib/baykit/bayserver/util/locale.rb +30 -0
- data/lib/baykit/bayserver/util/md5_password.rb +24 -0
- data/lib/baykit/bayserver/util/message.rb +56 -0
- data/lib/baykit/bayserver/util/mimes.rb +27 -0
- data/lib/baykit/bayserver/util/object_factory.rb +13 -0
- data/lib/baykit/bayserver/util/object_store.rb +74 -0
- data/lib/baykit/bayserver/util/postman.rb +35 -0
- data/lib/baykit/bayserver/util/reusable.rb +13 -0
- data/lib/baykit/bayserver/util/selector.rb +141 -0
- data/lib/baykit/bayserver/util/simple_buffer.rb +53 -0
- data/lib/baykit/bayserver/util/simple_inspect.rb +12 -0
- data/lib/baykit/bayserver/util/string_util.rb +73 -0
- data/lib/baykit/bayserver/util/sys_util.rb +138 -0
- data/lib/baykit/bayserver/util/url_decoder.rb +42 -0
- data/lib/baykit/bayserver/util/url_encoder.rb +19 -0
- data/lib/baykit/bayserver/util/valve.rb +15 -0
- data/lib/baykit/bayserver/version.rb +7 -0
- data/lib/baykit/bayserver/watercraft/boat.rb +43 -0
- data/lib/baykit/bayserver/watercraft/ship.rb +104 -0
- data/lib/baykit/bayserver/watercraft/yacht.rb +42 -0
- metadata +189 -0
@@ -0,0 +1,302 @@
|
|
1
|
+
require 'baykit/bayserver/agent/grand_agent'
|
2
|
+
require 'baykit/bayserver/agent/transporter/plain_transporter'
|
3
|
+
require 'baykit/bayserver/agent/transporter/spin_write_transporter'
|
4
|
+
require 'baykit/bayserver/docker/built_in/write_file_taxi'
|
5
|
+
require 'baykit/bayserver/docker/log'
|
6
|
+
require 'baykit/bayserver/docker/built_in/log_items'
|
7
|
+
require 'baykit/bayserver/docker/built_in/log_boat'
|
8
|
+
require 'baykit/bayserver/util/string_util'
|
9
|
+
|
10
|
+
module Baykit
|
11
|
+
module BayServer
|
12
|
+
module Docker
|
13
|
+
module BuiltIn
|
14
|
+
class BuiltInLogDocker < Baykit::BayServer::Docker::Base::DockerBase
|
15
|
+
include Baykit::BayServer::Docker::Log # implements
|
16
|
+
include Baykit::BayServer::Agent::Transporter
|
17
|
+
include Baykit::BayServer::Agent
|
18
|
+
include Baykit::BayServer::Util
|
19
|
+
|
20
|
+
include Baykit::BayServer::Bcf
|
21
|
+
|
22
|
+
class AgentListener
|
23
|
+
include Baykit::BayServer::Agent::GrandAgent::GrandAgentLifecycleListener # implements
|
24
|
+
include Baykit::BayServer::Agent::Transporter
|
25
|
+
|
26
|
+
attr :log_docker
|
27
|
+
|
28
|
+
def initialize(dkr)
|
29
|
+
@log_docker = dkr
|
30
|
+
end
|
31
|
+
|
32
|
+
def add(agt)
|
33
|
+
file_name = "#{@log_docker.file_prefix}_#{agt.agent_id}.#{@log_docker.file_ext}";
|
34
|
+
|
35
|
+
boat = LogBoat.new()
|
36
|
+
|
37
|
+
case @log_docker.log_write_method
|
38
|
+
when LOG_WRITE_METHOD_SELECT
|
39
|
+
tp = PlainTransporter.new(false, 0, true) # write only
|
40
|
+
tp.init(agt.non_blocking_handler, File.open(file_name, "a"), boat)
|
41
|
+
|
42
|
+
when LOG_WRITE_METHOD_SPIN
|
43
|
+
tp = SpinWriteTransporter.new()
|
44
|
+
tp.init(agt.spin_handler, File.open(file_name, "a"), boat)
|
45
|
+
|
46
|
+
when LOG_WRITE_METHOD_TAXI
|
47
|
+
tp = WriteFileTaxi.new()
|
48
|
+
tp.init(File.open(file_name, "a"), boat)
|
49
|
+
|
50
|
+
end
|
51
|
+
|
52
|
+
begin
|
53
|
+
boat.init(file_name, tp)
|
54
|
+
rescue IOError => e
|
55
|
+
BayLog.fatal(BayMessage.get(:INT_CANNOT_OPEN_LOG_FILE, file_name));
|
56
|
+
BayLog.fatal_e(e);
|
57
|
+
end
|
58
|
+
|
59
|
+
@log_docker.loggers[agt.agent_id] = boat
|
60
|
+
end
|
61
|
+
|
62
|
+
|
63
|
+
def remove(agt)
|
64
|
+
@log_docker.loggers.delete(agt.agent_id);
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
|
69
|
+
LOG_WRITE_METHOD_SELECT = 1
|
70
|
+
LOG_WRITE_METHOD_SPIN = 2
|
71
|
+
LOG_WRITE_METHOD_TAXI = 3
|
72
|
+
DEFAULT_LOG_WRITE_METHOD = LOG_WRITE_METHOD_TAXI
|
73
|
+
|
74
|
+
class << self
|
75
|
+
# Mapping table for format
|
76
|
+
attr :log_item_map
|
77
|
+
end
|
78
|
+
|
79
|
+
# Log send_file name parts
|
80
|
+
attr :file_prefix
|
81
|
+
attr :file_ext
|
82
|
+
|
83
|
+
# Logger for each agent.
|
84
|
+
# Map of Agent ID => LogBoat
|
85
|
+
attr :loggers
|
86
|
+
|
87
|
+
# Log format
|
88
|
+
attr :format
|
89
|
+
|
90
|
+
# Log items
|
91
|
+
attr :log_items
|
92
|
+
|
93
|
+
# Log write method
|
94
|
+
attr :log_write_method
|
95
|
+
|
96
|
+
def initialize
|
97
|
+
@loggers = {}
|
98
|
+
@format = nil
|
99
|
+
@log_items = []
|
100
|
+
@log_write_method = DEFAULT_LOG_WRITE_METHOD
|
101
|
+
end
|
102
|
+
|
103
|
+
def init(elm, parent)
|
104
|
+
super
|
105
|
+
p = elm.arg.rindex('.')
|
106
|
+
if p == nil
|
107
|
+
@file_prefix = elm.arg
|
108
|
+
@file_ext = ""
|
109
|
+
else
|
110
|
+
@file_prefix = elm.arg[0, p]
|
111
|
+
@file_ext = elm.arg[p+1 .. -1]
|
112
|
+
end
|
113
|
+
|
114
|
+
if @format == nil
|
115
|
+
raise ConfigException.new(elm.file_name, elm.line_no, BayMessage.get(:CFG_INVALID_LOG_FORMAT, ""))
|
116
|
+
end
|
117
|
+
|
118
|
+
if !File.absolute_path?(@file_prefix)
|
119
|
+
@file_prefix = BayServer.get_location @file_prefix
|
120
|
+
end
|
121
|
+
|
122
|
+
@loggers = Array.new(BayServer.harbor.grand_agents)
|
123
|
+
|
124
|
+
log_dir = File.dirname(@file_prefix)
|
125
|
+
if !File.directory?(log_dir)
|
126
|
+
Dir.mkdir(log_dir)
|
127
|
+
end
|
128
|
+
|
129
|
+
# Parse format
|
130
|
+
compile(@format, @log_items, elm.file_name, elm.line_no)
|
131
|
+
|
132
|
+
# Check log write method
|
133
|
+
if @log_write_method == LOG_WRITE_METHOD_SELECT and !SysUtil.support_select_file()
|
134
|
+
BayLog.warn(BayMessage.get(:CFG_LOG_WRITE_METHOD_SELECT_NOT_SUPPORTED))
|
135
|
+
@log_write_method = LOG_WRITE_METHOD_TAXI
|
136
|
+
end
|
137
|
+
|
138
|
+
if @log_write_method == LOG_WRITE_METHOD_SPIN and !SysUtil.support_nonblock_file_write()
|
139
|
+
BayLog.warn(BayMessage.get(:CFG_LOG_WRITE_METHOD_SPIN_NOT_SUPPORTED))
|
140
|
+
@log_write_method = LOG_WRITE_METHOD_TAXI
|
141
|
+
end
|
142
|
+
|
143
|
+
GrandAgent.add_lifecycle_listener(AgentListener.new(self));
|
144
|
+
end
|
145
|
+
|
146
|
+
def init_key_val(kv)
|
147
|
+
case kv.key.downcase
|
148
|
+
when "format"
|
149
|
+
@format = kv.value
|
150
|
+
when "logwritemethod"
|
151
|
+
case kv.value.downcase()
|
152
|
+
when "select"
|
153
|
+
@log_write_method = LOG_WRITE_METHOD_SELECT
|
154
|
+
when "spin"
|
155
|
+
@log_write_method = LOG_WRITE_METHOD_SPIN
|
156
|
+
when "taxi"
|
157
|
+
@log_write_method = LOG_WRITE_METHOD_TAXI
|
158
|
+
else
|
159
|
+
raise ConfigException.new(kv.file_name, kv.line_no, BayMessage.get(:CFG_INVALID_PARAMETER_VALUE, kv.value))
|
160
|
+
end
|
161
|
+
else
|
162
|
+
return false
|
163
|
+
end
|
164
|
+
true
|
165
|
+
end
|
166
|
+
|
167
|
+
def log(tour)
|
168
|
+
sb = StringUtil.alloc(0)
|
169
|
+
@log_items.each do |item|
|
170
|
+
item = item.get_item(tour).to_s
|
171
|
+
if item == nil
|
172
|
+
sb << "-"
|
173
|
+
else
|
174
|
+
sb << item
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
# If threre are message to write, write it
|
179
|
+
if sb.length > 0
|
180
|
+
get_logger(tour.ship.agent).log(sb)
|
181
|
+
end
|
182
|
+
end
|
183
|
+
|
184
|
+
private
|
185
|
+
|
186
|
+
def get_logger(agt)
|
187
|
+
return @loggers[agt.agent_id]
|
188
|
+
end
|
189
|
+
|
190
|
+
|
191
|
+
|
192
|
+
#
|
193
|
+
# Compile format pattern
|
194
|
+
#
|
195
|
+
def compile(str, items, file_name, line_no)
|
196
|
+
# Find control code
|
197
|
+
pos = str.index('%')
|
198
|
+
if pos != nil
|
199
|
+
text = str[0, pos]
|
200
|
+
items.append(LogItems::TextItem.new(text))
|
201
|
+
compile_ctl(str[pos + 1 .. -1], items, file_name, line_no)
|
202
|
+
else
|
203
|
+
items.append(LogItems::TextItem.new(str))
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
#
|
208
|
+
# Compile format pattern(Control code)
|
209
|
+
#
|
210
|
+
def compile_ctl(str, items, file_name, line_no)
|
211
|
+
param = nil
|
212
|
+
|
213
|
+
# if exists param
|
214
|
+
if str[0] == '{'
|
215
|
+
# find close bracket
|
216
|
+
pos = str.index '}'
|
217
|
+
if pos == nil
|
218
|
+
raise ConfigException.new(file_name, line_no, BayMessage.get(:CFG_INVALID_LOG_FORMAT, @format))
|
219
|
+
end
|
220
|
+
|
221
|
+
param = str[1, pos-1]
|
222
|
+
str = str[pos + 1 .. -1]
|
223
|
+
end
|
224
|
+
|
225
|
+
ctl_char = ""
|
226
|
+
error = false
|
227
|
+
|
228
|
+
if str.length == 0
|
229
|
+
error = true
|
230
|
+
end
|
231
|
+
|
232
|
+
if !error
|
233
|
+
# get control char
|
234
|
+
ctl_char = str[0, 1]
|
235
|
+
str = str[1 .. -1]
|
236
|
+
|
237
|
+
if ctl_char == ">"
|
238
|
+
if str.length == 0
|
239
|
+
error = true
|
240
|
+
else
|
241
|
+
ctl_char = str[0, 1]
|
242
|
+
str = str[1 .. -1]
|
243
|
+
end
|
244
|
+
end
|
245
|
+
end
|
246
|
+
|
247
|
+
fct = nil
|
248
|
+
if !error
|
249
|
+
fct = BuiltInLogDocker.log_item_map[ctl_char]
|
250
|
+
if fct == nil
|
251
|
+
error = true
|
252
|
+
end
|
253
|
+
end
|
254
|
+
|
255
|
+
if error
|
256
|
+
ConfigException.new(file_name, line_no,
|
257
|
+
BayMessage.get(:CFG_INVALID_LOG_FORMAT,
|
258
|
+
@format + " (unknown control code: '%" + ctl_char + "')"))
|
259
|
+
end
|
260
|
+
|
261
|
+
item = fct.new
|
262
|
+
item.init(param)
|
263
|
+
@log_items.append(item)
|
264
|
+
compile(str, items, file_name, line_no)
|
265
|
+
end
|
266
|
+
|
267
|
+
def self.make_map
|
268
|
+
@log_item_map = {}
|
269
|
+
@log_item_map["a"] = LogItems::RemoteIpItem
|
270
|
+
@log_item_map["A"] = LogItems::ServerIpItem
|
271
|
+
@log_item_map["b"] = LogItems::RequestBytesItem2
|
272
|
+
@log_item_map["B"] = LogItems::RequestBytesItem1
|
273
|
+
@log_item_map["c"] = LogItems::ConnectionStatusItem
|
274
|
+
@log_item_map["e"] = LogItems::NullItem
|
275
|
+
@log_item_map["h"] = LogItems::RemoteHostItem
|
276
|
+
@log_item_map["H"] = LogItems::ProtocolItem
|
277
|
+
@log_item_map["i"] = LogItems::RequestHeaderItem
|
278
|
+
@log_item_map["l"] = LogItems::RemoteLogItem
|
279
|
+
@log_item_map["m"] = LogItems::MethodItem
|
280
|
+
@log_item_map["n"] = LogItems::NullItem
|
281
|
+
@log_item_map["o"] = LogItems::ResponseHeaderItem
|
282
|
+
@log_item_map["p"] = LogItems::PortItem
|
283
|
+
@log_item_map["P"] = LogItems::NullItem
|
284
|
+
@log_item_map["q"] = LogItems::QueryStringItem
|
285
|
+
@log_item_map["r"] = LogItems::StartLineItem
|
286
|
+
@log_item_map["s"] = LogItems::StatusItem
|
287
|
+
@log_item_map[">s"] = LogItems::StatusItem
|
288
|
+
@log_item_map["t"] = LogItems::TimeItem
|
289
|
+
@log_item_map["T"] = LogItems::IntervalItem
|
290
|
+
@log_item_map["u"] = LogItems::RemoteUserItem
|
291
|
+
@log_item_map["U"] = LogItems::RequestUrlItem
|
292
|
+
@log_item_map["v"] = LogItems::ServerNameItem
|
293
|
+
@log_item_map["V"] = LogItems::NullItem
|
294
|
+
end
|
295
|
+
|
296
|
+
make_map()
|
297
|
+
|
298
|
+
end
|
299
|
+
end
|
300
|
+
end
|
301
|
+
end
|
302
|
+
end
|
@@ -0,0 +1,242 @@
|
|
1
|
+
require 'ipaddr'
|
2
|
+
|
3
|
+
require 'baykit/bayserver/http_exception'
|
4
|
+
require 'baykit/bayserver/bcf/package'
|
5
|
+
require 'baykit/bayserver/docker/permission'
|
6
|
+
require 'baykit/bayserver/util/groups'
|
7
|
+
require 'baykit/bayserver/util/headers'
|
8
|
+
require 'baykit/bayserver/util/http_status'
|
9
|
+
require 'baykit/bayserver/util/host_matcher'
|
10
|
+
require 'baykit/bayserver/util/ip_matcher'
|
11
|
+
|
12
|
+
|
13
|
+
module Baykit
|
14
|
+
module BayServer
|
15
|
+
module Docker
|
16
|
+
module BuiltIn
|
17
|
+
class BuiltInPermissionDocker < Baykit::BayServer::Docker::Base::DockerBase
|
18
|
+
include Permission # import
|
19
|
+
|
20
|
+
include Baykit::BayServer
|
21
|
+
include Baykit::BayServer::Bcf
|
22
|
+
include Baykit::BayServer::Util
|
23
|
+
|
24
|
+
class CheckItem
|
25
|
+
attr :matcher
|
26
|
+
attr :admit
|
27
|
+
|
28
|
+
def initialize(matcher, admit)
|
29
|
+
@matcher = matcher
|
30
|
+
@admit = admit
|
31
|
+
end
|
32
|
+
|
33
|
+
def socket_admitted(skt)
|
34
|
+
matcher.match_socket(skt) == @admit
|
35
|
+
end
|
36
|
+
|
37
|
+
def tour_admitted(tur)
|
38
|
+
matcher.match_tour(tur) == @admit
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
module PermissionMatcher # interface
|
43
|
+
|
44
|
+
def match_socket(skt)
|
45
|
+
raise NotImplementedError()
|
46
|
+
end
|
47
|
+
|
48
|
+
def match_tour(tur)
|
49
|
+
raise NotImplementedError()
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
|
54
|
+
class HostPermissionMatcher
|
55
|
+
include Baykit::BayServer::Util
|
56
|
+
include PermissionMatcher # implements
|
57
|
+
|
58
|
+
attr :mch
|
59
|
+
|
60
|
+
def initialize(hostPtn)
|
61
|
+
@mch = HostMatcher.new(hostPtn)
|
62
|
+
end
|
63
|
+
|
64
|
+
def match_socket(skt)
|
65
|
+
return @mch.match(skt.remote_address.getnameinfo[0])
|
66
|
+
end
|
67
|
+
|
68
|
+
def match_tour(tur)
|
69
|
+
return @mch.match(tur.req.remote_host())
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
class IpPermissionMatcher
|
74
|
+
include Baykit::BayServer::Util
|
75
|
+
include PermissionMatcher # implements
|
76
|
+
|
77
|
+
attr :mch
|
78
|
+
|
79
|
+
def initialize(ip_desc)
|
80
|
+
@mch = IpMatcher.new(ip_desc)
|
81
|
+
end
|
82
|
+
|
83
|
+
def match_socket(skt)
|
84
|
+
return @mch.match(@mch.get_ip_addr(skt.remote_address.ip_address))
|
85
|
+
end
|
86
|
+
|
87
|
+
def match_tour(tur)
|
88
|
+
begin
|
89
|
+
return @mch.match(IPAddr.new(tur.req.remote_address))
|
90
|
+
rescue => e
|
91
|
+
BayLog.error_e(e)
|
92
|
+
false
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
end
|
97
|
+
|
98
|
+
attr :check_list
|
99
|
+
attr :groups
|
100
|
+
|
101
|
+
def initialize
|
102
|
+
@check_list = []
|
103
|
+
@groups = []
|
104
|
+
end
|
105
|
+
|
106
|
+
def init(elm, parent)
|
107
|
+
super
|
108
|
+
end
|
109
|
+
|
110
|
+
def init_key_val(kv)
|
111
|
+
case kv.key.downcase
|
112
|
+
when "admit", "allow"
|
113
|
+
parse_value(kv).each do |permission_matcher|
|
114
|
+
@check_list.append(CheckItem.new(permission_matcher, true))
|
115
|
+
end
|
116
|
+
|
117
|
+
when "refuse", "deny"
|
118
|
+
parse_value(kv).each do |permission_matcher|
|
119
|
+
@check_list.append(CheckItem.new(permission_matcher, false))
|
120
|
+
end
|
121
|
+
|
122
|
+
when "group"
|
123
|
+
kv.value.split(" ").each do |group_name|
|
124
|
+
g = BayServer.harbor.groups.get_group(group_name)
|
125
|
+
if g == nil
|
126
|
+
raise ConfigException.new(kv.file_name, kv.line_no, BayMessage.get(:CFG_GROUP_NOT_FOUND, group_name))
|
127
|
+
end
|
128
|
+
@groups.append(g)
|
129
|
+
end
|
130
|
+
|
131
|
+
else
|
132
|
+
raise ConfigException.new(kv.file_name, kv.line_no, BayMessage.get(:CFG_INVALID_PERMISSION_DESCRIPTION, kv.value))
|
133
|
+
|
134
|
+
end
|
135
|
+
|
136
|
+
return true
|
137
|
+
end
|
138
|
+
|
139
|
+
def socket_admitted(skt)
|
140
|
+
# Check remote host
|
141
|
+
isOk = true
|
142
|
+
@check_list.each do |chk|
|
143
|
+
if chk.admit
|
144
|
+
if chk.socket_admitted(skt)
|
145
|
+
isOk = true
|
146
|
+
break
|
147
|
+
end
|
148
|
+
else
|
149
|
+
if !chk.socket_admitted(skt)
|
150
|
+
isOk = false
|
151
|
+
break
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
156
|
+
if !isOk
|
157
|
+
BayLog.error("Permission error: socket not admitted: %s", skt)
|
158
|
+
raise HttpException.new HttpStatus::FORBIDDEN
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
162
|
+
|
163
|
+
def tour_admitted(tur)
|
164
|
+
# Check remote host
|
165
|
+
is_ok = true
|
166
|
+
@check_list.each do |chk|
|
167
|
+
if chk.admit
|
168
|
+
if chk.tour_admitted(tur)
|
169
|
+
is_ok = true
|
170
|
+
break
|
171
|
+
end
|
172
|
+
else
|
173
|
+
if !chk.tour_admitted(tur)
|
174
|
+
is_ok = false
|
175
|
+
break
|
176
|
+
end
|
177
|
+
end
|
178
|
+
end
|
179
|
+
|
180
|
+
if !is_ok
|
181
|
+
raise HttpException.new(HttpStatus::FORBIDDEN, tur.req.uri)
|
182
|
+
end
|
183
|
+
|
184
|
+
if @groups.empty?
|
185
|
+
return
|
186
|
+
end
|
187
|
+
|
188
|
+
# Check member
|
189
|
+
is_ok = false
|
190
|
+
if tur.req.remote_user != nil
|
191
|
+
@groups.each do |grp|
|
192
|
+
if grp.validate(tur.req.remote_user, tur.req.remote_pass)
|
193
|
+
is_ok = true
|
194
|
+
break
|
195
|
+
end
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
if !is_ok
|
200
|
+
tur.res.headers.set(Headers::WWW_AUTHENTICATE, "Basic realm=\"Auth\"")
|
201
|
+
raise HttpException.new(HttpStatus::UNAUTHORIZED)
|
202
|
+
end
|
203
|
+
end
|
204
|
+
|
205
|
+
|
206
|
+
private
|
207
|
+
def parse_value(kv)
|
208
|
+
items = kv.value.split(" ")
|
209
|
+
type = nil
|
210
|
+
match_str = []
|
211
|
+
items.length.times do |i|
|
212
|
+
if i == 0
|
213
|
+
type = items[i]
|
214
|
+
else
|
215
|
+
match_str.append(items[i])
|
216
|
+
end
|
217
|
+
end
|
218
|
+
|
219
|
+
if match_str.empty?
|
220
|
+
raise ConfigException.new(kv.file_name, kv.line_no, BayMessage.get(:CFG_INVALID_PERMISSION_DESCRIPTION, kv.value))
|
221
|
+
end
|
222
|
+
|
223
|
+
permission_manager_list = []
|
224
|
+
if type.casecmp?("host")
|
225
|
+
match_str.each do |m|
|
226
|
+
permission_manager_list.append(HostPermissionMatcher.new(m))
|
227
|
+
end
|
228
|
+
elsif type.casecmp?("ip")
|
229
|
+
match_str.each do |m|
|
230
|
+
permission_manager_list.append(IpPermissionMatcher.new(m))
|
231
|
+
end
|
232
|
+
else
|
233
|
+
raise ConfigException.new(kv.file_name, kv.line_no, BayMessage.get(:CFG_INVALID_PERMISSION_DESCRIPTION, kv.value))
|
234
|
+
end
|
235
|
+
return permission_manager_list
|
236
|
+
end
|
237
|
+
end
|
238
|
+
end
|
239
|
+
end
|
240
|
+
end
|
241
|
+
end
|
242
|
+
|
@@ -0,0 +1,157 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
|
3
|
+
require 'baykit/bayserver/bcf/package'
|
4
|
+
require 'baykit/bayserver/agent/transporter/secure_transporter'
|
5
|
+
|
6
|
+
require 'baykit/bayserver/docker/secure'
|
7
|
+
require 'baykit/bayserver/util/string_util'
|
8
|
+
|
9
|
+
module Baykit
|
10
|
+
module BayServer
|
11
|
+
module Docker
|
12
|
+
module BuiltIn
|
13
|
+
class BuiltInSecureDocker < Baykit::BayServer::Docker::Base::DockerBase
|
14
|
+
include Baykit::BayServer::Docker::Secure # implements
|
15
|
+
|
16
|
+
include Baykit::BayServer::Bcf
|
17
|
+
include Baykit::BayServer::Agent::Transporter
|
18
|
+
include Baykit::BayServer::Util
|
19
|
+
include OpenSSL
|
20
|
+
|
21
|
+
DEFAULT_CLIENT_AUTH = false
|
22
|
+
DEFAULT_SSL_PROTOCOL = "TLS"
|
23
|
+
|
24
|
+
# SSL setting
|
25
|
+
attr :key_store
|
26
|
+
attr :key_store_pass
|
27
|
+
attr :client_auth
|
28
|
+
attr :ssl_protocol
|
29
|
+
attr :key_file
|
30
|
+
attr :cert_file
|
31
|
+
attr :certs
|
32
|
+
attr :certs_pass
|
33
|
+
attr :trace_ssl
|
34
|
+
attr :sslctx
|
35
|
+
attr :app_protocols
|
36
|
+
|
37
|
+
def initialize
|
38
|
+
@client_auth = DEFAULT_CLIENT_AUTH
|
39
|
+
@ssl_protocol = DEFAULT_SSL_PROTOCOL
|
40
|
+
@app_protocols = []
|
41
|
+
end
|
42
|
+
|
43
|
+
######################################################
|
44
|
+
# Implements Docker
|
45
|
+
######################################################
|
46
|
+
|
47
|
+
def init(elm, parent)
|
48
|
+
super
|
49
|
+
|
50
|
+
if (@key_store == nil) && ((@key_file == nil) || (@cert_file == nil))
|
51
|
+
raise ConfigException.new(elm.file_name, elm.line_no, "Key file or cert file is not specified")
|
52
|
+
end
|
53
|
+
|
54
|
+
begin
|
55
|
+
init_ssl()
|
56
|
+
rescue ConfigException => e
|
57
|
+
raise e
|
58
|
+
rescue => e
|
59
|
+
BayLog.error_e(e)
|
60
|
+
raise ConfigException.new(elm.file_name, elm.line_no, BayMessage.get(:CFG_SSL_INIT_ERROR, e.message))
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
######################################################
|
65
|
+
# Implements DockerBase
|
66
|
+
######################################################
|
67
|
+
|
68
|
+
def init_key_val(kv)
|
69
|
+
case kv.key.downcase
|
70
|
+
when "key"
|
71
|
+
@key_file = get_file_path(kv.value)
|
72
|
+
when "cert"
|
73
|
+
@cert_file = get_file_path(kv.value)
|
74
|
+
when "keystore"
|
75
|
+
@key_store = get_file_path(kv.value)
|
76
|
+
when "keystorepass"
|
77
|
+
@key_store_pass = kv.value
|
78
|
+
when "clientauth"
|
79
|
+
@client_auth = StringUtil.parse_bool(kv.value)
|
80
|
+
when "sslprotocol"
|
81
|
+
@ssl_protocol = kv.value
|
82
|
+
when "trustcerts"
|
83
|
+
@certs = get_file_path(kv.value)
|
84
|
+
when "certspass"
|
85
|
+
@certs_pass = kv.value
|
86
|
+
when "tracessl"
|
87
|
+
@trace_ssl = StringUtil.parse_bool(kv.value)
|
88
|
+
else
|
89
|
+
return false
|
90
|
+
end
|
91
|
+
return true
|
92
|
+
end
|
93
|
+
|
94
|
+
|
95
|
+
######################################################
|
96
|
+
# Implements Secure
|
97
|
+
######################################################
|
98
|
+
|
99
|
+
def set_app_protocols(protocols)
|
100
|
+
@app_protocols = protocols
|
101
|
+
@sslctx.alpn_select_cb = lambda do |protocols|
|
102
|
+
if protocols.include?("h2")
|
103
|
+
return "h2"
|
104
|
+
elsif protocols.include?("http/1.1")
|
105
|
+
return "http/1.1"
|
106
|
+
else
|
107
|
+
return protocols.first
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
def create_transporter(buf_size)
|
113
|
+
SecureTransporter.new(@sslctx, true, buf_size, @trace_ssl)
|
114
|
+
end
|
115
|
+
|
116
|
+
def reload_cert()
|
117
|
+
init_ssl()
|
118
|
+
end
|
119
|
+
|
120
|
+
def init_ssl()
|
121
|
+
BayLog.debug("%s init ssl", self)
|
122
|
+
@sslctx = SSL::SSLContext.new
|
123
|
+
|
124
|
+
if @key_store == nil
|
125
|
+
if @cert_file != nil
|
126
|
+
@sslctx.cert = X509::Certificate.new(File.read(@cert_file))
|
127
|
+
end
|
128
|
+
if @key_file != nil
|
129
|
+
@sslctx.key = PKey::RSA.new(File.read(@key_file))
|
130
|
+
end
|
131
|
+
else
|
132
|
+
p12 = OpenSSL::PKCS12.new(File.read(@key_store), @key_store_pass)
|
133
|
+
@sslctx.cert = p12.certificate
|
134
|
+
@sslctx.key = p12.key
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|
138
|
+
|
139
|
+
private
|
140
|
+
|
141
|
+
def get_file_path(file)
|
142
|
+
if !File.absolute_path?(file)
|
143
|
+
file = BayServer.bserv_home + "/" + file
|
144
|
+
end
|
145
|
+
|
146
|
+
if !File.file?(file)
|
147
|
+
raise RuntimeError.new("File not found: #{file}")
|
148
|
+
end
|
149
|
+
|
150
|
+
file
|
151
|
+
end
|
152
|
+
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|