inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge 3.2 to HEAD:

Browse Source 
18450: Port of FTP data port configuration values. ETHREEOH-4103.
   18559: NFS fixes, NFS/FTP/CIFS config properties. ETHREEOH-4102, ETHREEOH-4101, ETHREEOH-4104 (partial)
   18642: Do not allow null NFS authentication type, core NFS/mount server code now allows null requests with null authentication type.



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18654 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Gary Spencer
2010-02-16 14:04:34 +00:00
parent 63d2319b42
commit 69568f130e
8 changed files with 251 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
config/alfresco/subsystems/fileServers/default/file-servers-context.xml
View File

@@ -183,9 +183,10 @@
</bean> </bean>
</property> </property>
<!-- <property name="sessionDebugFlags">
<property name="sessionDebugFlags"> <value>Negotiate,Socket</value> </property> <value>${cifs.sessionDebug}</value>
--> </property>
</bean> </bean>
<bean id="ftpServerConfig" class="org.alfresco.filesys.config.FTPConfigBean"> <bean id="ftpServerConfig" class="org.alfresco.filesys.config.FTPConfigBean">
@@ -209,10 +210,17 @@
<!-- FTP server debug settings --> <!-- FTP server debug settings -->
<!-- Enable 'log4j.logger.org.alfresco.fileserver=debug' in log4j.properties file --> <!-- Enable 'log4j.logger.org.alfresco.fileserver=debug' in log4j.properties file -->
<!-- <property name="debugFlags">
<property name="debugFlags"> <value>File,Search,Error,Directory,Info,DataPort</value> </property> <value>${ftp.sessionDebug}</value>
--> </property>
<!-- Data ports range -->
<property name="dataPortFrom">
<value>${ftp.dataPortFrom}</value>
</property>
<property name="dataPortTo">
<value>${ftp.dataPortTo}</value>
</property>
</bean> </bean>
<!--The configurable RPC user mappings - actually a post-processed composite property! --> <!--The configurable RPC user mappings - actually a post-processed composite property! -->
@@ -239,14 +247,50 @@
<value>${nfs.enabled}</value> <value>${nfs.enabled}</value>
</property> </property>
<property name="nfsServerPort">
<value>${nfs.nfsServerPort}</value>
</property>
<property name="mountServerPort">
<value>${nfs.mountServerPort}</value>
</property>
<!-- Setting a portMapper port of -1 stops the NFS and mount server registering with a portmapper -->
<property name="portMapperPort">
<value>${nfs.portMapperPort}</value>
</property>
<!-- Enable/disable the builtin portMapper service -->
<property name="portMapperEnabled">
<value>${nfs.portMapperEnabled}</value>
</property>
<!-- Map NFS user/group ids to Alfresco users --> <!-- Map NFS user/group ids to Alfresco users -->
<property name="rpcAuthenticator"> <property name="rpcAuthenticator">
<bean class="org.alfresco.filesys.auth.nfs.AlfrescoRpcAuthenticator"> <bean class="org.alfresco.filesys.auth.nfs.AlfrescoRpcAuthenticator">
<property name="userMappings"> <property name="userMappings">
<ref bean="nfs.user.mappings" /> <ref bean="nfs.user.mappings" />
</property> </property>
<property name="transactionService">
<ref bean="transactionService"/>
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponent"/>
</property>
</bean> </bean>
</property> </property>
<!-- NFS server debug settings -->
<!-- Enable 'log4j.logger.org.alfresco.fileserver=debug' in log4j.properties file -->
<property name="debugFlags">
<value>${nfs.sessionDebug}</value>
</property>
<property name="mountServerDebug">
<value>${nfs.mountServerDebug}</value>
</property>
</bean> </bean>
<bean id="filesystemContexts" class="org.springframework.beans.factory.config.ListFactoryBean"> <bean id="filesystemContexts" class="org.springframework.beans.factory.config.ListFactoryBean">

39
config/alfresco/subsystems/fileServers/default/file-servers.properties
View File

@@ -1,6 +1,7 @@
filesystem.name=Alfresco filesystem.name=Alfresco
filesystem.acl.global.defaultAccessLevel= filesystem.acl.global.defaultAccessLevel=
### CIFS Server Configuration ###
cifs.enabled=true cifs.enabled=true
cifs.serverName=${localname}A cifs.serverName=${localname}A
cifs.domain= cifs.domain=
@@ -28,10 +29,44 @@ cifs.WINS.autoDetectEnabled=true
cifs.WINS.primary=1.2.3.4 cifs.WINS.primary=1.2.3.4
cifs.WINS.secondary=5.6.7.8 cifs.WINS.secondary=5.6.7.8
cifs.urlfile.prefix=http://${localname}:8080/alfresco/
# CIFS session debug flags (also enable org.alfresco.fileserver=debug logging level)
# Comma delimeted list of levels :-
# NETBIOS, STATE, RXDATA, TXDATA, DUMPDATA, NEGOTIATE, TREE, SEARCH, INFO, FILE, FILEIO, TRANSACT
# ECHO, ERROR, IPC, LOCK, PKTTYPE, DCERPC, STATECACHE, TIMING, NOTIFY, STREAMS, SOCKET, PKTPOOL
# PKTSTATS, THREADPOOL, BENCHMARK
cifs.sessionDebug=
### FTP Server Configuration ###
ftp.enabled=true ftp.enabled=true
ftp.port=21 ftp.port=21
ftp.ipv6.enabled=false ftp.ipv6.enabled=false
nfs.enabled=false # FTP data port range, a value of 0:0 disables the data port range and will use the next available port
# Valid range is 1024-65535
ftp.dataPortFrom=0
ftp.dataPortTo=0
cifs.urlfile.prefix=http://${localname}:8080/alfresco/ # FTP session debug flags (also enable org.alfresco.fileserver=debug logging level)
# Comma delimeted list of levels :-
# STATE, RXDATA, TXDATA, DUMPDATA, SEARCH, INFO, FILE, FILEIO, ERROR, PKTTYPE, TIMING, DATAPORT, DIRECTORY
ftp.sessionDebug=
### NFS Server Configuration ###
nfs.enabled=false
# Mount/NFS server ports, 0 will allocate next available port
nfs.mountServerPort=0
nfs.nfsServerPort=2049
# To disable NFS and mount server registering with a portmapper set nfs.portMapperPort to -1
nfs.portMapperPort=111
# Enable the builtin portmapper service
nfs.portMapperEnabled=false
# NFS session debug flags (also enable org.alfresco.fileserver=debug logging level)
# Comma delimeted list of levels :-
# RXDATA, TXDATA, DUMPDATA, SEARCH, INFO, FILE, FILEIO, ERROR, TIMING, DIRECTORY, SESSION
nfs.sessionDebug=
nfs.mountServerDebug=false

4
source/java/org/alfresco/filesys/AbstractServerConfigurationBean.java
View File

@@ -96,8 +96,8 @@ public abstract class AbstractServerConfigurationBean extends ServerConfiguratio
// FTP server debug type strings // FTP server debug type strings
protected static final String m_ftpDebugStr[] = { "STATE", "SEARCH", "INFO", "FILE", "FILEIO", "ERROR", "PKTTYPE", protected static final String m_ftpDebugStr[] = { "STATE", "RXDATA", "TXDATA", "DUMPDATA", "SEARCH", "INFO", "FILE", "FILEIO", "ERROR", "PKTTYPE",
"TIMING", "DATAPORT", "DIRECTORY" }; "TIMING", "DATAPORT", "DIRECTORY" };
// Default FTP server port // Default FTP server port

73
source/java/org/alfresco/filesys/ServerConfigurationBean.java
View File

@@ -1509,6 +1509,79 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean {
else else
throw new AlfrescoRuntimeException("FTP authenticator not specified"); throw new AlfrescoRuntimeException("FTP authenticator not specified");
// Check if a data port range has been specified
elem = config.getConfigElement("dataPorts");
if ( elem != null) {
// Split the value string into from and to range strings
StringTokenizer tok = new StringTokenizer( elem.getValue(), ":");
if ( tok.countTokens() != 2)
throw new InvalidConfigurationException( "Invalid FTP data port range, specify as 'n:n'");
String rangeFromStr = tok.nextToken();
String rangeToStr = tok.nextToken();
// Validate the from/to data port range values
int rangeFrom = -1;
int rangeTo = -1;
if ( rangeFromStr != null && rangeFromStr.length() > 0) {
// Validate the range string
try {
rangeFrom = Integer.parseInt(rangeFromStr);
}
catch (NumberFormatException ex) {
throw new InvalidConfigurationException("Invalid FTP range from value, " + rangeFromStr);
}
}
// Check for the to port range value
if ( rangeToStr != null && rangeToStr.length() > 0) {
// Validate the range string
try {
rangeTo = Integer.parseInt(rangeToStr);
}
catch (NumberFormatException ex) {
throw new InvalidConfigurationException("Invalid FTP range to value, " + rangeToStr);
}
}
// Validate the data port range values
if ( rangeFrom != 0 && rangeTo != 0) {
// Validate the FTp data port range
if ( rangeFrom == -1 || rangeTo == -1)
throw new InvalidConfigurationException("FTP data port range from/to must be specified");
if ( rangeFrom < 1024 || rangeFrom > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range from value, " + rangeFrom);
if ( rangeTo < 1024 || rangeTo > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range to value, " + rangeTo);
if ( rangeFrom >= rangeTo)
throw new InvalidConfigurationException("Invalid FTP data port range, " + rangeFrom + "-" + rangeTo);
// Set the FTP data port range
ftpConfig.setFTPDataPortLow(rangeFrom);
ftpConfig.setFTPDataPortHigh(rangeTo);
// Log the data port range
logger.info("FTP server data ports restricted to range " + rangeFrom + ":" + rangeTo);
}
}
} }
catch (InvalidConfigurationException ex) catch (InvalidConfigurationException ex)
{ {

15
source/java/org/alfresco/filesys/auth/nfs/AlfrescoRpcAuthenticator.java
View File

@@ -63,7 +63,7 @@ public class AlfrescoRpcAuthenticator implements RpcAuthenticator, InitializingB
private static final Log logger = LogFactory.getLog("org.alfresco.nfs.protocol.auth"); private static final Log logger = LogFactory.getLog("org.alfresco.nfs.protocol.auth");
// Authentication types aupported by this implementation // Authentication types supported by this implementation
private int[] _authTypes = { AuthType.Unix }; private int[] _authTypes = { AuthType.Unix };
@@ -136,17 +136,6 @@ public class AlfrescoRpcAuthenticator implements RpcAuthenticator, InitializingB
sessKey = new Long((((long) rpc.getClientAddress().hashCode()) << 32) + (gid << 16) + uid); sessKey = new Long((((long) rpc.getClientAddress().hashCode()) << 32) + (gid << 16) + uid);
} }
else if ( authType == AuthType.Null)
{
// Set the session key for the null authentication
sessKey = new Integer(rpc.getClientAddress().hashCode());
// DEBUG
if ( logger.isDebugEnabled())
logger.debug( "RpcAuth: Type=Null client=" + rpc.getClientAddress());
}
// Check if the session key is valid, if not then the authentication // Check if the session key is valid, if not then the authentication
// type is unsupported // type is unsupported
@@ -516,7 +505,7 @@ public class AlfrescoRpcAuthenticator implements RpcAuthenticator, InitializingB
} }
/** /**
* Create a transaction, this will be a wrteable transaction unless the system is in read-only mode. * Create a transaction, this will be a writable transaction unless the system is in read-only mode.
* *
* return UserTransaction * return UserTransaction
*/ */

41
source/java/org/alfresco/filesys/config/FTPConfigBean.java
View File

@@ -65,6 +65,11 @@ public class FTPConfigBean
/** Is IP v6 enabled? */ /** Is IP v6 enabled? */
private boolean ipv6Enabled; private boolean ipv6Enabled;
// Data port range
private int dataPortFrom;
private int dataPortTo;
/** /**
* Checks if is server enabled. * Checks if is server enabled.
* *
@@ -274,4 +279,40 @@ public class FTPConfigBean
{ {
this.ipv6Enabled = ipv6Enabled; this.ipv6Enabled = ipv6Enabled;
} }
/**
* Return the data port range from port
*
* @return int
*/
public int getDataPortFrom() {
return dataPortFrom;
}
/**
* Set the data port range from port
*
* @param fromPort int
*/
public void setDataPortFrom(int fromPort) {
dataPortFrom = fromPort;
}
/**
* Return the data port to range port
*
* @return int
*/
public int getDataPortTo() {
return dataPortTo;
}
/**
* Set the data port range to port
*
* @param toPort int
*/
public void setDataPortTo(int toPort) {
dataPortTo = toPort;
}
} }

4
source/java/org/alfresco/filesys/config/NFSConfigBean.java
View File

@@ -199,7 +199,7 @@ public class NFSConfigBean
* *
* @return the nFS server port * @return the nFS server port
*/ */
public Integer getNFSServerPort() public Integer getNfsServerPort()
{ {
return NFSServerPort; return NFSServerPort;
} }
@@ -210,7 +210,7 @@ public class NFSConfigBean
* @param serverPort * @param serverPort
* the new nFS server port * the new nFS server port
*/ */
public void setNFSServerPort(Integer serverPort) public void setNfsServerPort(Integer serverPort)
{ {
NFSServerPort = serverPort; NFSServerPort = serverPort;
} }

47
source/java/org/alfresco/filesys/config/ServerConfigurationBean.java
View File

@@ -1304,6 +1304,38 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
else else
throw new AlfrescoRuntimeException("FTP authenticator not specified"); throw new AlfrescoRuntimeException("FTP authenticator not specified");
// Check if a data port range has been specified
if ( ftpConfigBean.getDataPortFrom() != 0 && ftpConfigBean.getDataPortTo() != 0) {
// Range check the data port values
int rangeFrom = ftpConfigBean.getDataPortFrom();
int rangeTo = ftpConfigBean.getDataPortTo();
if ( rangeFrom != 0 && rangeTo != 0) {
// Validate the FTP data port range
if ( rangeFrom < 1024 || rangeFrom > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range from value, " + rangeFrom);
if ( rangeTo < 1024 || rangeTo > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range to value, " + rangeTo);
if ( rangeFrom >= rangeTo)
throw new InvalidConfigurationException("Invalid FTP data port range, " + rangeFrom + "-" + rangeTo);
// Set the FTP data port range
ftpConfig.setFTPDataPortLow(rangeFrom);
ftpConfig.setFTPDataPortHigh(rangeTo);
// Log the data port range
logger.info("FTP server data ports restricted to range " + rangeFrom + ":" + rangeTo);
}
}
} }
catch (InvalidConfigurationException ex) catch (InvalidConfigurationException ex)
{ {
@@ -1386,8 +1418,13 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
if (portMapperPort != null) if (portMapperPort != null)
{ {
nfsConfig.setPortMapperPort(portMapperPort); nfsConfig.setPortMapperPort(portMapperPort);
if (nfsConfig.getPortMapperPort() <= 0 || nfsConfig.getPortMapperPort() >= 65535) if ( nfsConfig.getPortMapperPort() == -1) {
throw new AlfrescoRuntimeException("Port mapper server port out of valid range"); logger.info("NFS portmapper registration disabled");
}
else {
if (nfsConfig.getPortMapperPort() <= 0 || nfsConfig.getPortMapperPort() >= 65535)
throw new AlfrescoRuntimeException("Port mapper server port out of valid range");
}
} }
// Check for a mount server port // Check for a mount server port
@@ -1396,17 +1433,17 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
if (mountServerPort != null) if (mountServerPort != null)
{ {
nfsConfig.setMountServerPort(mountServerPort); nfsConfig.setMountServerPort(mountServerPort);
if (nfsConfig.getMountServerPort() <= 0 || nfsConfig.getMountServerPort() >= 65535) if (nfsConfig.getMountServerPort() < 0 || nfsConfig.getMountServerPort() >= 65535)
throw new AlfrescoRuntimeException("Mount server port out of valid range"); throw new AlfrescoRuntimeException("Mount server port out of valid range");
} }
// Check for an NFS server port // Check for an NFS server port
Integer nfsServerPort = nfsConfigBean.getNFSServerPort(); Integer nfsServerPort = nfsConfigBean.getNfsServerPort();
if (nfsServerPort != null) if (nfsServerPort != null)
{ {
nfsConfig.setNFSServerPort(nfsServerPort); nfsConfig.setNFSServerPort(nfsServerPort);
if (nfsConfig.getNFSServerPort() <= 0 || nfsConfig.getNFSServerPort() >= 65535) if (nfsConfig.getNFSServerPort() < 0 || nfsConfig.getNFSServerPort() >= 65535)
throw new AlfrescoRuntimeException("NFS server port out of valid range"); throw new AlfrescoRuntimeException("NFS server port out of valid range");
} }