public static SecureDataNodeStarter.SecureResources GetSecureResources(Configuration
conf)
{
HttpConfig.Policy policy = DFSUtil.GetHttpPolicy(conf);
bool isSecure = UserGroupInformation.IsSecurityEnabled();
// Obtain secure port for data streaming to datanode
IPEndPoint streamingAddr = DataNode.GetStreamingAddr(conf);
int socketWriteTimeout = conf.GetInt(DFSConfigKeys.DfsDatanodeSocketWriteTimeoutKey
, HdfsServerConstants.WriteTimeout);
Socket ss = (socketWriteTimeout > 0) ? ServerSocketChannel.Open().Socket() : new
Socket();
ss.Bind(streamingAddr, 0);
// Check that we got the port we need
if (ss.GetLocalPort() != streamingAddr.Port)
{
throw new RuntimeException("Unable to bind on specified streaming port in secure "
+ "context. Needed " + streamingAddr.Port + ", got " + ss.GetLocalPort());
}
if (!SecurityUtil.IsPrivilegedPort(ss.GetLocalPort()) && isSecure)
{
throw new RuntimeException("Cannot start secure datanode with unprivileged RPC ports"
);
}
System.Console.Error.WriteLine("Opened streaming server at " + streamingAddr);
// Bind a port for the web server. The code intends to bind HTTP server to
// privileged port only, as the client can authenticate the server using
// certificates if they are communicating through SSL.
ServerSocketChannel httpChannel;
if (policy.IsHttpEnabled())
{
httpChannel = ServerSocketChannel.Open();
IPEndPoint infoSocAddr = DataNode.GetInfoAddr(conf);
httpChannel.Socket().Bind(infoSocAddr);
IPEndPoint localAddr = (IPEndPoint)httpChannel.Socket().LocalEndPoint;
if (localAddr.Port != infoSocAddr.Port)
{
throw new RuntimeException("Unable to bind on specified info port in secure " + "context. Needed "
+ streamingAddr.Port + ", got " + ss.GetLocalPort());
}
System.Console.Error.WriteLine("Successfully obtained privileged resources (streaming port = "
+ ss + " ) (http listener port = " + localAddr.Port + ")");
if (localAddr.Port > 1023 && isSecure)
{
throw new RuntimeException("Cannot start secure datanode with unprivileged HTTP ports"
);
}
System.Console.Error.WriteLine("Opened info server at " + infoSocAddr);
}
else
{
httpChannel = null;
}
return(new SecureDataNodeStarter.SecureResources(ss, httpChannel));
}
public TcpProxyServer(int port, Context context)
{
mSelector = Selector.Open();
mServerSocketChannel = ServerSocketChannel.Open();
mServerSocketChannel.ConfigureBlocking(false);
mServerSocketChannel.Socket().Bind(new InetSocketAddress(port));
mServerSocketChannel.Register(mSelector, Operations.Accept);
this.port = (short)mServerSocketChannel.Socket().LocalPort;
this.context = context;
Debug.Write($"AsyncTcpServer listen on {mServerSocketChannel.Socket().InetAddress.ToString()}:{this.port & 0xFFFF} success.\n");
}
/// <summary>Create a non-secure TcpPeerServer.</summary>
/// <param name="socketWriteTimeout">The Socket write timeout in ms.</param>
/// <param name="bindAddr">The address to bind to.</param>
/// <exception cref="System.IO.IOException"/>
public TcpPeerServer(int socketWriteTimeout, IPEndPoint bindAddr)
{
this.serverSocket = (socketWriteTimeout > 0) ? ServerSocketChannel.Open().Socket(
) : new Socket();
Server.Bind(serverSocket, bindAddr, 0);
}
