Author: markt
Date: Thu Dec 1 11:17:38 2016
New Revision: 1772170
URL: http://svn.apache.org/viewvc?rev=1772170&view=rev
Log:
IPv6 improvements:
- use IPv6 by default if available on Windows with APR
- new option to configure whether APR with IPv6 also uses IPv4 on dual stack
systems
- improve unlock accept logic to better handle cases where only IPv4 or only
IPv6 are configured
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/http.xml
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Thu Dec
1 11:17:38 2016
@@ -16,6 +16,7 @@
*/
package org.apache.tomcat.util.net;
+import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.InetAddress;
import java.net.InetSocketAddress;
@@ -378,7 +379,19 @@ public abstract class AbstractEndpoint<S
public int getPort() { return port; }
public void setPort(int port ) { this.port=port; }
- public abstract int getLocalPort();
+
+ public final int getLocalPort() {
+ try {
+ InetSocketAddress localAddress = getLocalAddress();
+ if (localAddress == null) {
+ return -1;
+ }
+ return localAddress.getPort();
+ } catch (IOException ioe) {
+ return -1;
+ }
+ }
+
/**
* Address for the server socket.
@@ -387,6 +400,22 @@ public abstract class AbstractEndpoint<S
public InetAddress getAddress() { return address; }
public void setAddress(InetAddress address) { this.address = address; }
+
+ /**
+ * Obtain the network address the server socket is bound to. This primarily
+ * exists to enable the correct address to be used when unlocking the
server
+ * socket since it removes the guess-work involved if no address is
+ * specifically set.
+ *
+ * @return The network address that the server socket is listening on or
+ * null if the server socket is not currently bound.
+ *
+ * @throws IOException If there is a problem determining the currently
bound
+ * socket
+ */
+ protected abstract InetSocketAddress getLocalAddress() throws IOException;
+
+
/**
* Allows the server developer to specify the acceptCount (backlog) that
* should be used for server sockets. By default, this value
@@ -761,35 +790,40 @@ public abstract class AbstractEndpoint<S
return;
}
- InetSocketAddress saddr = null;
+ InetSocketAddress unlockAddress = null;
+ InetSocketAddress localAddress = null;
+ try {
+ localAddress = getLocalAddress();
+ } catch (IOException ioe) {
+ // TODO i18n
+ getLog().debug("Unable to determine local address for " +
getName(), ioe);
+ }
+ if (localAddress == null) {
+ // TODO i18n
+ getLog().warn("Failed to unlock acceptor for " + getName() + "
because the local address was not available.");
+ return;
+ }
+
try {
- // Need to create a connection to unlock the accept();
- if (address == null) {
- saddr = new InetSocketAddress("localhost", getLocalPort());
- } else if (address.isAnyLocalAddress()) {
+ if (localAddress.getAddress().isAnyLocalAddress()) {
// Need a local address of the same type (IPv4 or IPV6) as the
// configured bind address since the connector may be
configured
// to not map between types.
- InetAddress localAddress = null;
Enumeration<NetworkInterface> networkInterfaces =
NetworkInterface.getNetworkInterfaces();
- while (localAddress == null &&
networkInterfaces.hasMoreElements()) {
+ while (unlockAddress == null &&
networkInterfaces.hasMoreElements()) {
NetworkInterface networkInterface =
networkInterfaces.nextElement();
Enumeration<InetAddress> inetAddresses =
networkInterface.getInetAddresses();
- while (localAddress == null &&
inetAddresses.hasMoreElements()) {
+ while (unlockAddress == null &&
inetAddresses.hasMoreElements()) {
InetAddress inetAddress = inetAddresses.nextElement();
- if
(address.getClass().isAssignableFrom(inetAddress.getClass())) {
- localAddress = inetAddress;
+ if
(localAddress.getAddress().getClass().isAssignableFrom(inetAddress.getClass()))
{
+ unlockAddress = new InetSocketAddress(inetAddress,
localAddress.getPort());
}
}
}
- // Fall-back option
- if (localAddress == null) {
- saddr = new InetSocketAddress("localhost", getLocalPort());
- }
- saddr = new InetSocketAddress(localAddress, getLocalPort());
} else {
- saddr = new InetSocketAddress(address, getLocalPort());
+ unlockAddress = localAddress;
}
+
try (java.net.Socket s = new java.net.Socket()) {
int stmo = 2 * 1000;
int utmo = 2 * 1000;
@@ -800,9 +834,9 @@ public abstract class AbstractEndpoint<S
s.setSoTimeout(stmo);
s.setSoLinger(getSocketProperties().getSoLingerOn(),getSocketProperties().getSoLingerTime());
if (getLog().isDebugEnabled()) {
- getLog().debug("About to unlock socket for:"+saddr);
+ getLog().debug("About to unlock socket for:" +
unlockAddress);
}
- s.connect(saddr,utmo);
+ s.connect(unlockAddress,utmo);
if (getDeferAccept()) {
/*
* In the case of a deferred accept / accept filters we
need to
@@ -817,7 +851,7 @@ public abstract class AbstractEndpoint<S
sw.flush();
}
if (getLog().isDebugEnabled()) {
- getLog().debug("Socket unlock completed for:"+saddr);
+ getLog().debug("Socket unlock completed for:" +
unlockAddress);
}
// Wait for upto 1000ms acceptor threads to unlock
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Thu
Dec 1 11:17:38 2016
@@ -16,6 +16,10 @@
*/
package org.apache.tomcat.util.net;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.channels.NetworkChannel;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
@@ -235,4 +239,21 @@ public abstract class AbstractJsseEndpoi
}
}
}
+
+
+ protected abstract NetworkChannel getServerSocket();
+
+
+ @Override
+ protected final InetSocketAddress getLocalAddress() throws IOException {
+ NetworkChannel serverSock = getServerSocket();
+ if (serverSock == null) {
+ return null;
+ }
+ SocketAddress sa = serverSock.getLocalAddress();
+ if (sa instanceof InetSocketAddress) {
+ return (InetSocketAddress) sa;
+ }
+ return null;
+ }
}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Thu Dec 1
11:17:38 2016
@@ -18,6 +18,7 @@ package org.apache.tomcat.util.net;
import java.io.EOFException;
import java.io.IOException;
+import java.net.InetSocketAddress;
import java.net.SocketTimeoutException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
@@ -127,6 +128,11 @@ public class AprEndpoint extends Abstrac
public boolean getDeferAccept() { return deferAccept; }
+ private boolean ipv6v6only = false;
+ public void setIpv6v6only(boolean ipv6v6only) { this.ipv6v6only =
ipv6v6only; }
+ public boolean getIpv6v6only() { return ipv6v6only; }
+
+
/**
* Size of the sendfile (= concurrent files which can be served).
*/
@@ -189,23 +195,32 @@ public class AprEndpoint extends Abstrac
}
- /**
- * Port in use.
- */
@Override
- public int getLocalPort() {
+ public InetSocketAddress getLocalAddress() throws IOException {
long s = serverSock;
if (s == 0) {
- return -1;
+ return null;
} else {
long sa;
try {
sa = Address.get(Socket.APR_LOCAL, s);
- Sockaddr addr = Address.getInfo(sa);
- return addr.port;
+ } catch (IOException ioe) {
+ // re-throw
+ throw ioe;
} catch (Exception e) {
- return -1;
+ // wrap
+ throw new IOException(e);
}
+ Sockaddr addr = Address.getInfo(sa);
+ if (addr.hostname == null) {
+ // any local address
+ if (addr.family == Socket.APR_INET6) {
+ return new InetSocketAddress("::", addr.port);
+ } else {
+ return new InetSocketAddress("0.0.0.0", addr.port);
+ }
+ }
+ return new InetSocketAddress(addr.hostname, addr.port);
}
}
@@ -288,8 +303,9 @@ public class AprEndpoint extends Abstrac
int family = Socket.APR_INET;
if (Library.APR_HAVE_IPV6) {
if (addressStr == null) {
- if (!OS.IS_BSD && !OS.IS_WIN32 && !OS.IS_WIN64)
+ if (!OS.IS_BSD) {
family = Socket.APR_UNSPEC;
+ }
} else if (addressStr.indexOf(':') >= 0) {
family = Socket.APR_UNSPEC;
}
@@ -304,6 +320,13 @@ public class AprEndpoint extends Abstrac
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
}
+ if (Library.APR_HAVE_IPV6) {
+ if (getIpv6v6only()) {
+ Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 1);
+ } else {
+ Socket.optSet(serverSock, Socket.APR_IPV6_V6ONLY, 0);
+ }
+ }
// Deal with the firewalls that tend to drop the inactive sockets
Socket.optSet(serverSock, Socket.APR_SO_KEEPALIVE, 1);
// Bind the server socket
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Thu Dec 1
11:17:38 2016
@@ -30,6 +30,7 @@ import java.nio.channels.AsynchronousSoc
import java.nio.channels.ClosedChannelException;
import java.nio.channels.CompletionHandler;
import java.nio.channels.FileChannel;
+import java.nio.channels.NetworkChannel;
import java.nio.channels.ReadPendingException;
import java.nio.channels.WritePendingException;
import java.nio.file.StandardOpenOption;
@@ -113,29 +114,6 @@ public class Nio2Endpoint extends Abstra
}
- /**
- * Port in use.
- */
- @Override
- public int getLocalPort() {
- AsynchronousServerSocketChannel ssc = serverSock;
- if (ssc == null) {
- return -1;
- } else {
- try {
- SocketAddress sa = ssc.getLocalAddress();
- if (sa instanceof InetSocketAddress) {
- return ((InetSocketAddress) sa).getPort();
- } else {
- return -1;
- }
- } catch (IOException e) {
- return -1;
- }
- }
- }
-
-
// --------------------------------------------------------- Public Methods
/**
@@ -405,6 +383,12 @@ public class Nio2Endpoint extends Abstra
}
+ @Override
+ protected NetworkChannel getServerSocket() {
+ return serverSock;
+ }
+
+
// --------------------------------------------------- Acceptor Inner Class
/**
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Thu Dec 1
11:17:38 2016
@@ -22,12 +22,12 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
-import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.nio.ByteBuffer;
import java.nio.channels.CancelledKeyException;
import java.nio.channels.FileChannel;
+import java.nio.channels.NetworkChannel;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.nio.channels.ServerSocketChannel;
@@ -176,25 +176,6 @@ public class NioEndpoint extends Abstrac
}
- /**
- * Port in use.
- */
- @Override
- public int getLocalPort() {
- ServerSocketChannel ssc = serverSock;
- if (ssc == null) {
- return -1;
- } else {
- ServerSocket s = ssc.socket();
- if (s == null) {
- return -1;
- } else {
- return s.getLocalPort();
- }
- }
- }
-
-
// --------------------------------------------------------- Public Methods
/**
* Number of keep-alive sockets.
@@ -416,6 +397,12 @@ public class NioEndpoint extends Abstrac
}
+ @Override
+ protected NetworkChannel getServerSocket() {
+ return serverSock;
+ }
+
+
// --------------------------------------------------- Acceptor Inner Class
/**
* The background thread that listens for incoming TCP/IP connections and
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Dec 1 11:17:38 2016
@@ -177,6 +177,19 @@
of a specific type such as <code>0.0.0.0</code> or <code>::</code>.
(markt)
</fix>
+ <add>
+ Add a new configuration option, <code>ipv6v6only</code> to the APR
+ connectors that allows them to be configure to only accept IPv6
+ connections when configured with an IPv6 address rather than the
+ default which is to accept IPv4 connections as well if the operating
+ system uses a dual network stack. (markt)
+ </add>
+ <fix>
+ Improve the logic that unlocks the acceptor thread so a better choice
is
+ made for the address to connect to when a connector is configured for
+ any local port. This reduces the likelihood of the unlock failing.
+ (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Web applications">
Modified: tomcat/trunk/webapps/docs/config/http.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1772170&r1=1772169&r2=1772170&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Thu Dec 1 11:17:38 2016
@@ -311,10 +311,16 @@
</attribute>
<attribute name="address" required="false">
- <p>For servers with more than one IP address, this attribute
- specifies which address will be used for listening on the specified
- port. By default, this port will be used on all IP addresses
- associated with the server.</p>
+ <p>For servers with more than one IP address, this attribute specifies
+ which address will be used for listening on the specified port. By
+ default, the connector will listen all local addresses. Unless the JVM is
+ configured otherwise using system properties, the Java based connectors
+ (NIO, NIO2) will listen on both IPv4 and IPv6 addresses when configured
+ with either <code>0.0.0.0</code> or <code>::</code>. The APR/native
+ connector will only listen on IPv4 addresses if configured with
+ <code>0.0.0.0</code> and will listen on IPv6 addresses (and optionally
+ IPv4 addresses depending on the setting of <strong>ipv6onlyv6</strong>)
if
+ configured with <code>::</code>.</p>
</attribute>
<attribute name="allowedTrailerHeaders" required="false">
@@ -926,6 +932,13 @@
otherwise it is <code>false</code>.</p>
</attribute>
+ <attribute name="ipv6v6only" required="false">
+ <p>If listening on an IPv6 address on a dual stack system, should the
+ connector only listen on the IPv6 address? If not specified the default
+ is <code>false</code> and the connector will listen on the IPv6 address
+ and the equivalent IPv4 address if present.</p>
+ </attribute>
+
<attribute name="pollerThreadCount" required="false">
<p>Number of threads used to poll kept alive connections. On Windows
the
default is chosen so that the sockets managed by each thread is
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
