Skip to content

Commit

Permalink
feat(config): Port address and interface config to HarvestConfig. (ji…
Browse files Browse the repository at this point in the history 
…tsi#278)

* feat(config): Port allowed-addresses to HarvestConfig.

* feat(config): Port blocked-addresses to HarvestConfig.

* feat(config): Port allowed and blocked interfaces config to HarvestConfig.

* ref(harvest): Simplify handling the allowed interfaces.

* ref(harvest): Simplify handling allowed addresses.

* ref(NetworkUtils): Remove java <1.6 workarounds.
  • Loading branch information
@bgrozev
bgrozev committed May 22, 2024
1 parent d289f12 commit a53b402
Show file tree
Hide file tree
Showing 8 changed files with 215 additions and 664 deletions.
46 changes: 0 additions & 46 deletions src/main/java/org/ice4j/StackProperties.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,52 +120,6 @@ public class StackProperties
*/
public static final String NO_KEEP_ALIVES = "org.ice4j.NO_KEEP_ALIVES";

/**
* THIS PROPERTY IS CURRENTLY UNUSED. IF YOU WANT TO SPEED UP NOMINATIONS
* THEN CONSIDER SPEEDING UP TRANSACTION FAILURE FOR THE TIME BEING.
* The maximum number of milliseconds that we should wait for a check list
* to complete before nominating one of its valid pairs (unless there are
* none in which case we may have to wait until one appears or the whole
* list fails). Default value is <tt>-1</tt> which causes the nominator
* to wait until the check list completes or fails.
*/
public static final String NOMINATION_TIMER
= "org.ice4j.NOMINATION_TIMER";

/**
* The name of the allowed interfaces property which specifies the allowed
* interfaces for host candidate allocations.
*/
public static final String ALLOWED_INTERFACES
= "org.ice4j.ice.harvest.ALLOWED_INTERFACES";

/**
* The name of the allowed interfaces property which specifies the blocked
* interfaces for host candidate allocations.
*/
public static final String BLOCKED_INTERFACES
= "org.ice4j.ice.harvest.BLOCKED_INTERFACES";

/**
* The name of the property which specifies a ";"-separated list of IP
* addresses that are allowed to be used for host candidate allocations.
*
* NOTE: this is currently only supported by
* {@link org.ice4j.ice.harvest.TcpHarvester}.
*/
public static final String ALLOWED_ADDRESSES
= "org.ice4j.ice.harvest.ALLOWED_ADDRESSES";

/**
* The name of the property which specifies a ";"-separated list of IP
* addresses that are not allowed to be used for host candidate allocations.
*
* NOTE: this is currently only supported by
* {@link org.ice4j.ice.harvest.TcpHarvester}.
*/
public static final String BLOCKED_ADDRESSES
= "org.ice4j.ice.harvest.BLOCKED_ADDRESSES";

/**
* Returns the String value of the specified property (minus all
* encompassing whitespaces)and null in case no property value was mapped
Expand Down
90 changes: 0 additions & 90 deletions src/main/java/org/ice4j/ice/NetworkUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
*/
package org.ice4j.ice;

import java.lang.reflect.*;
import java.net.*;
import java.util.*;
import java.util.logging.*;
Expand Down Expand Up @@ -642,95 +641,6 @@ public static boolean isValidPortNumber(int port)
return MIN_PORT_NUMBER <= port && port <= MAX_PORT_NUMBER;
}

/**
* Determines whether or not the <tt>iface</tt> interface is a loopback
* interface. We use this method as a replacement to the
* <tt>NetworkInterface.isLoopback()</tt> method that only comes with
* java 1.6.
*
* @param iface the inteface that we'd like to determine as loopback or not.
*
* @return true if <tt>iface</tt> contains at least one loopback address
* and <tt>false</tt> otherwise.
*/
public static boolean isInterfaceLoopback(NetworkInterface iface)
{
try
{
Method method = iface.getClass().getMethod("isLoopback");

return (Boolean) method.invoke(iface);
}
catch(Throwable t)
{
//apparently we are not running in a JVM that supports the
//is Loopback method. we'll try another approach.
}
Enumeration<InetAddress> addresses = iface.getInetAddresses();

return addresses.hasMoreElements()
&& addresses.nextElement().isLoopbackAddress();
}

/**
* Determines, if possible, whether or not the <tt>iface</tt> interface is
* up. We use this method so that we could use {@link
* java.net.NetworkInterface}'s <tt>isUp()</tt> when running a JVM that
* supports it and return a default value otherwise.
*
* @param iface the interface that we'd like to determine as Up or Down.
*
* @return <tt>false</tt> if <tt>iface</tt> is known to be down and
* <tt>true</tt> if the <tt>iface</tt> is Up or in case we couldn't
* determine.
*/
public static boolean isInterfaceUp(NetworkInterface iface)
{
try
{
Method method = iface.getClass().getMethod("isUp");

return (Boolean) method.invoke(iface);
}
catch(Throwable t)
{
//apparently we are not running in a JVM that supports the
//isUp method. returning default value.
}

return true;
}

/**
* Determines, if possible, whether or not the <tt>iface</tt> interface is
* a virtual interface (e.g. VPN, MIPv6 tunnel, etc.) or not. We use this
* method so that we could use {@link java.net.NetworkInterface}'s
* <tt>isVirtual()</tt> when running a JVM that supports it and return a
* default value otherwise.
*
* @param iface the interface that we'd like to determine as virtual or not.
*
* @return <tt>true</tt> if <tt>iface</tt> is known to be a virtual
* interface and <tt>false</tt> if the <tt>iface</tt> is not virtual or in
* case we couldn't determine.
*/
public static boolean isInterfaceVirtual(NetworkInterface iface)
{
try
{
Method method = iface.getClass().getMethod("isVirtual");

return (Boolean) method.invoke(iface);
}
catch(Throwable t)
{
//apparently we are not running in a JVM that supports the
//isVirtual method. returning default value.
}

return false;
}

/**
* Returns a <tt>String</tt> that is guaranteed not to contain an address
* scope specified (i.e. removes the %scopeID at the end of IPv6 addresses
Expand Down
112 changes: 11 additions & 101 deletions src/main/java/org/ice4j/ice/harvest/AbstractTcpListener.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
package org.ice4j.ice.harvest;

import org.ice4j.*;
import org.ice4j.ice.*;
import org.ice4j.socket.*;

import java.io.*;
Expand Down Expand Up @@ -87,11 +86,8 @@ private static List<TransportAddress> getLocalAddresses(

for (NetworkInterface iface : interfaces)
{
if (NetworkUtils.isInterfaceLoopback(iface)
|| !NetworkUtils.isInterfaceUp(iface)
|| !HostCandidateHarvester.isInterfaceAllowed(iface))
if (!HostCandidateHarvester.isInterfaceAllowed(iface))
{
//this one is obviously not going to do
continue;
}

Expand Down Expand Up @@ -153,8 +149,8 @@ private static List<TransportAddress> getLocalAddresses(
* interfaces.
*
* @param port the port to listen on.
* @throws IOException when {@link StackProperties#ALLOWED_ADDRESSES} or
* {@link StackProperties#BLOCKED_ADDRESSES} contains invalid values, or
* @throws IOException when {@link HarvestConfig#getAllowedAddresses()} or
* {@link HarvestConfig#getBlockedAddresses()} contains invalid values, or
* if an I/O error occurs.
*/
public AbstractTcpListener(int port)
Expand All @@ -170,8 +166,8 @@ public AbstractTcpListener(int port)
*
* @param port the port to listen on.
* @param interfaces the interfaces to listen on.
* @throws IOException when {@link StackProperties#ALLOWED_ADDRESSES} or
* {@link StackProperties#BLOCKED_ADDRESSES} contains invalid values, or
* @throws IOException when {@link HarvestConfig#getAllowedAddresses()} or
* {@link HarvestConfig#getBlockedAddresses()} contains invalid values, or
* if an I/O error occurs.
*/
public AbstractTcpListener(int port, List<NetworkInterface> interfaces)
Expand All @@ -185,8 +181,8 @@ public AbstractTcpListener(int port, List<NetworkInterface> interfaces)
* specified list of <tt>TransportAddress</tt>es.
*
* @param transportAddresses the transport addresses to listen on.
* @throws IOException when {@link StackProperties#ALLOWED_ADDRESSES} or
* {@link StackProperties#BLOCKED_ADDRESSES} contains invalid values, or
* @throws IOException when {@link HarvestConfig#getAllowedAddresses()} or
* {@link HarvestConfig#getBlockedAddresses()} contains invalid values, or
* if an I/O error occurs.
*/
public AbstractTcpListener(List<TransportAddress> transportAddresses)
Expand All @@ -202,104 +198,18 @@ public AbstractTcpListener(List<TransportAddress> transportAddresses)
* allocation.
*
* @param transportAddresses the list of addresses to add.
* @throws IOException when {@link StackProperties#ALLOWED_ADDRESSES} or
* {@link StackProperties#BLOCKED_ADDRESSES} contains invalid values.
* @throws IOException when {@link HarvestConfig#getAllowedAddresses()} or
* {@link HarvestConfig#getBlockedAddresses()} contains invalid values.
*/
protected void addLocalAddresses(List<TransportAddress> transportAddresses)
throws IOException
{
// White list from the configuration
String[] allowedAddressesStr
= StackProperties.getStringArray(StackProperties.ALLOWED_ADDRESSES,
";");
InetAddress[] allowedAddresses = null;

if (allowedAddressesStr != null)
{
allowedAddresses = new InetAddress[allowedAddressesStr.length];
for (int i = 0; i < allowedAddressesStr.length; i++)
{
allowedAddresses[i] = InetAddress.getByName(allowedAddressesStr[i]);
}
}

// Black list from the configuration
String[] blockedAddressesStr
= StackProperties.getStringArray(StackProperties.BLOCKED_ADDRESSES,
";");
InetAddress[] blockedAddresses = null;

if (blockedAddressesStr != null)
{
blockedAddresses = new InetAddress[blockedAddressesStr.length];
for (int i = 0; i < blockedAddressesStr.length; i++)
{
blockedAddresses[i]
= InetAddress.getByName(blockedAddressesStr[i]);
}
}

for (TransportAddress transportAddress : transportAddresses)
{
InetAddress address = transportAddress.getAddress();

if (address.isLoopbackAddress())
if (HostCandidateHarvester.isAddressAllowed(transportAddress.getAddress()))
{
//loopback again
continue;
localAddresses.add(transportAddress);
}

if (!config.useIpv6() && (address instanceof Inet6Address))
continue;

if (!config.useLinkLocalAddresses() && address.isLinkLocalAddress())
{
logger.info("Not using link-local address " + address +" for TCP candidates.");
continue;
}

if (allowedAddresses != null)
{
boolean found = false;

for (InetAddress allowedAddress : allowedAddresses)
{
if (allowedAddress.equals(address))
{
found = true;
break;
}
}
if (!found)
{
logger.info("Not using " + address +" for TCP candidates, "
+ "because it is not in the allowed list.");
continue;
}
}

if (blockedAddresses != null)
{
boolean found = false;

for (InetAddress blockedAddress : blockedAddresses)
{
if (blockedAddress.equals(address))
{
found = true;
break;
}
}
if (found)
{
logger.info("Not using " + address + " for TCP candidates, "
+ "because it is in the blocked list.");
continue;
}
}

// Passed all checks
localAddresses.add(transportAddress);
}
}

Expand Down
3 changes: 1 addition & 2 deletions src/main/java/org/ice4j/ice/harvest/AbstractUdpListener.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,7 @@ public abstract class AbstractUdpListener
public static List<TransportAddress> getAllowedAddresses(int port)
{
List<TransportAddress> addresses = new LinkedList<>();
for (InetAddress address
: HostCandidateHarvester.getAllAllowedAddresses())
for (InetAddress address : HostCandidateHarvester.getAllAllowedAddresses())
{
addresses.add(new TransportAddress(address, port, Transport.UDP));
}
Expand Down
Loading

0 comments on commit a53b402

Please sign in to comment.