Canonical hostnames in orb, realm adapter. isLocal extended

Signed-off-by: David Matějček <david.matejcek@omnifish.ee>

Author: dmatej

appserver/orb/orb-iiop/src/main/java/org/glassfish/enterprise/iiop/impl/OrbCreator.java

@@ -24,7 +24,6 @@
 import com.sun.corba.ee.spi.misc.ORBConstants;
 import com.sun.corba.ee.spi.orb.ORB;
 import com.sun.enterprise.module.HK2Module;
-import com.sun.enterprise.util.net.NetUtils;
 
 import java.lang.System.Logger;
 import java.util.ArrayList;
@@ -35,6 +34,7 @@
 
 import org.glassfish.api.admin.ProcessEnvironment.ProcessType;
 import org.glassfish.external.amx.AMXGlassfish;
+import org.glassfish.internal.api.ORBLocator;
 import org.glassfish.orb.admin.config.IiopListener;
 import org.glassfish.orb.admin.config.Orb;
 import org.jvnet.hk2.config.types.Property;
@@ -82,8 +82,6 @@ final class OrbCreator {
     private static final String SUN_GIOP_DEFAULT_FRAGMENT_SIZE = "8192";
     private static final String SUN_GIOP_DEFAULT_BUFFER_SIZE = "8192";
 
-    private static final String DEFAULT_ORB_INIT_HOST = NetUtils.getHostName();
-
     // This will only apply for stand-alone java clients, since
     // in the server the orb port comes from domain.xml, and in an appclient
     // the port is set from the sun-acc.xml. It's set to the same
@@ -362,16 +360,7 @@ static String evaluateInitialHost(Properties props, List<IiopListener> listeners
                 initialHost = listener.getAddress();
             }
         }
-        return initialHost == null ? DEFAULT_ORB_INIT_HOST : replaceAnyWithLocalHost(initialHost);
-    }
-
-    private static String replaceAnyWithLocalHost(String orbInitialHost) {
-        if (orbInitialHost.equals("0.0.0.0")
-            || orbInitialHost.equals("::")
-            || orbInitialHost.equals("::ffff:0.0.0.0")) {
-            return DEFAULT_ORB_INIT_HOST;
-        }
-        return orbInitialHost;
+        return ORBLocator.toConcreteHost(initialHost);
     }
 
 

appserver/orb/orb-iiop/src/main/java/org/glassfish/enterprise/iiop/impl/PEORBConfigurator.java

@@ -30,12 +30,8 @@
 import com.sun.corba.ee.spi.transport.Acceptor;
 import com.sun.corba.ee.spi.transport.TransportDefault;
 import com.sun.corba.ee.spi.transport.TransportManager;
-import com.sun.enterprise.util.net.NetUtils;
 
 import java.lang.System.Logger;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -49,6 +45,7 @@
 import org.glassfish.external.probe.provider.StatsProviderManager;
 import org.glassfish.grizzly.config.dom.Ssl;
 import org.glassfish.internal.api.Globals;
+import org.glassfish.internal.api.ORBLocator;
 import org.glassfish.orb.admin.config.IiopListener;
 import org.glassfish.pfl.dynamic.copyobject.spi.ObjectCopierFactory ;
 
@@ -62,8 +59,6 @@ public class PEORBConfigurator implements ORBConfigurator {
     private static final String SSL = "SSL";
     private static final String SSL_MUTUALAUTH = "SSL_MUTUALAUTH";
     private static final String IIOP_CLEAR_TEXT_CONNECTION = "IIOP_CLEAR_TEXT";
-    private static final String DEFAULT_ORB_INIT_HOST = NetUtils.getHostName();
-    private static final Set<String> ANY_ADDRS = new HashSet<>(Arrays.asList("0.0.0.0", "::", "::ffff:0.0.0.0"));
 
     @Override
     public synchronized void configure(DataCollector dc, ORB orb) {
@@ -131,7 +126,7 @@ private void createORBListeners(IIOPUtils iiopUtils, IiopListener[] iiopListener
             }
 
             boolean isLazy = Boolean.parseBoolean(iiopListener.getLazyInit());
-            String host = handleAddrAny(iiopListener.getAddress());
+            String host = ORBLocator.toConcreteHost(iiopListener.getAddress());
             int port = Integer.parseInt(iiopListener.getPort());
             boolean isSslListener = Boolean.parseBoolean(iiopListener.getSecurityEnabled()) && iiopListener.getSsl() != null;
             if (isSslListener) {
@@ -148,13 +143,6 @@ private void createORBListeners(IIOPUtils iiopUtils, IiopListener[] iiopListener
         }
     }
 
-    private String handleAddrAny(String hostAddr) {
-        if (!ANY_ADDRS.contains(hostAddr)) {
-            return hostAddr;
-        }
-        return DEFAULT_ORB_INIT_HOST;
-    }
-
     private Acceptor addAcceptor(org.omg.CORBA.ORB orb, boolean isLazy, String host, String type, int port) {
         LOG.log(DEBUG, "addAcceptor(orb, isLazy={0}, host={1}, type={2}, port={3})", isLazy, host, type, port);
         ORB theOrb = (ORB) orb;

appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java

@@ -1079,7 +1079,18 @@ private List<String> getHostAndPort(HttpRequest request) throws IOException {
                 InetAddress[] localHostAdresses;
                 if (nwAddress == null || nwAddress.equals("0.0.0.0")) {
                     nwAddress = NetUtils.getCanonicalHostName();
-                    if (!nwAddress.equals(hostPort[0])) {
+                    if (nwAddress.equals(hostPort[0])) {
+                        // Host names are the same, compare the ports
+                        String nwPort = nwListener.getPort();
+                        // If the listener port is different from the port
+                        // in the Host header, then request is received by WS frontend
+                        if (nwPort.equals(hostPort[1])) {
+                            isWebServerRequest = false;
+                            breakFromLoop = true;
+                        } else {
+                            isWebServerRequest = true;
+                        }
+                    } else {
                         // compare the InetAddress objects
                         // only if the hostname in the header
                         // does not match with the hostname in the
@@ -1104,20 +1115,6 @@ private List<String> getHostAndPort(HttpRequest request) throws IOException {
                                 isWebServerRequest = true;
                             }
                         }
-                    } else {
-                        // Host names are the same, compare the ports
-                        String nwPort = nwListener.getPort();
-                        // If the listener port is different from the port
-                        // in the Host header, then request is received by WS frontend
-                        if (!nwPort.equals(hostPort[1])) {
-                            isWebServerRequest = true;
-
-                        } else {
-                            isWebServerRequest = false;
-                            breakFromLoop = true;
-
-                        }
-
                     }
                 }
                 if (breakFromLoop && !isWebServerRequest) {

appserver/transaction/jts/src/main/java/com/sun/jts/CosTransactions/DefaultTransactionService.java

@@ -219,7 +219,7 @@ public static void setServerName(Properties properties) {
             if (serverId != null) {
                 LOG.log(INFO,"Recoverable JTS instance, serverId = [{0}]",serverId);
             }
-            String serverName = "UnknownHost"/*#Frozen*/;
+            final String serverName;
             if (properties.getProperty(JTS_XA_SERVER_NAME) == null) {
                 serverName = NetUtils.getHostName();
             } else {

nucleus/cluster/admin/src/main/java/com/sun/enterprise/v3/admin/cluster/ValidateNodeCommand.java

@@ -281,16 +281,15 @@ private void validatePathSimple(String propname, String value, String configValu
 
     private void validateHostname(String propname, String value, String configValue) throws CommandValidationException {
         try {
-            // First do a simple case insensitve string comparison. If that
+            // First do a simple case insensitive string comparison. If that
             // matches then it's good enough for us.
             validateString(propname, value, configValue, true);
             return;
         } catch (CommandValidationException e) {
             // Strings don't match, but we could have a case of
-            // "sidewinder" and "sidewinder.us.oracle.com". NetUtils
-            // isEqual() handles this check.
+            // "sidewinder" and "sidewinder.us.oracle.com".
             if (!NetUtils.isSameHost(value, configValue)) {
-                // If they both refer to the localhost then consider them them same.
+                // If they both refer to the local host then consider them them same.
                 if (!NetUtils.isLocal(value) || !NetUtils.isLocal(configValue)) {
                     throw new CommandValidationException(
                         Strings.get("attribute.mismatch", name, propname, value, configValue));

nucleus/cluster/cli/src/main/java/com/sun/enterprise/admin/cli/cluster/CreateLocalInstanceFilesystemCommand.java

@@ -185,15 +185,15 @@ private void checkDASCoordinates() throws CommandException {
             // Check if hostName is valid by looking up its address
             InetAddress.getByName(DASHost);
         } catch (UnknownHostException e) {
-            String thisHost = NetUtils.getHostName();
+            String thisHost = NetUtils.getCanonicalHostName();
             String msg = Strings.get("Instance.DasHostUnknown", DASHost, thisHost);
             throw new CommandException(msg, e);
         }
 
         // See if DAS is reachable
         if (!NetUtils.isRunning(DASHost, DASPort)) {
             // DAS provided host and port
-            String thisHost = NetUtils.getHostName();
+            String thisHost = NetUtils.getCanonicalHostName();
             String msg = Strings.get("Instance.DasHostUnreachable", DASHost, Integer.toString(DASPort), thisHost);
             throw new CommandException(msg);
         }

nucleus/common/common-util/src/main/java/com/sun/enterprise/util/net/NetUtils.java

@@ -265,20 +265,13 @@ public static boolean isLocal(final String address) {
         if (LOCALHOST_IP.equals(address)) {
             return true;
         }
-
-        final String[] myIPs = getHostIPs();
-        for (String myIP : myIPs) {
-            if (address.equals(myIP)) {
+        try {
+            InetAddress inetAddress = InetAddress.getByName(address);
+            if (getHostNames().contains(inetAddress.getCanonicalHostName())) {
+                // if the address is same as the host name, it is considered local too
                 return true;
             }
-        }
-
-        if (getHostName().equals(address)) {
-            // if the address is same as the host name, it is considered local too
-            return true;
-        }
-        try {
-            return InetAddress.getByName(address).isLoopbackAddress();
+            return inetAddress.isLoopbackAddress();
         } catch (UnknownHostException e) {
             LOG.log(TRACE, "Unable to resolve the address.", e);
             return false;
@@ -368,8 +361,13 @@ public static InetAddress[] getHostAddresses() {
 
 
     /**
-     * @return resolved host name of the local host (see <code>hostname</code> command on linux) or
-     *         loopback hostname.
+     * Returns the host name of the local host (see <code>hostname</code> command on linux).
+     * If the host name cannot be resolved, loopback host name is returned.
+     * <p>
+     * The result should be resolvable from the same machine, but might be unknown
+     * to other hosts.
+     *
+     * @return host name of the local host or loopback hostname.
      */
     public static String getHostName() {
         try {
@@ -402,7 +400,6 @@ public static String getCanonicalHostName() {
      * @return list of autodetected host names except loopbacks and unresolvable host names. Never null.
      */
     public static List<String> getHostNames() {
-        ThrowingPredicate<NetworkInterface> isLoopback = NetworkInterface::isLoopback;
         ThrowingPredicate<InetAddress> isHostName = address -> {
             if (address.getCanonicalHostName().equals(address.getHostAddress())) {
                 return false;

nucleus/common/internal-api/src/main/java/org/glassfish/internal/api/ORBLocator.java

@@ -19,6 +19,8 @@
 
 import com.sun.enterprise.util.net.NetUtils;
 
+import java.util.Set;
+
 import org.jvnet.hk2.annotations.Contract;
 import org.omg.CORBA.ORB;
 
@@ -39,7 +41,13 @@ public interface ORBLocator {
     // but we can't reference ORBConstants from the naming bundle!
     String FOLB_CLIENT_GROUP_INFO_SERVICE = "FolbClientGroupInfoService";
 
-    String DEFAULT_ORB_INIT_HOST = NetUtils.getHostName();
+    /**
+     * Zero ip addresses, ANY host, wildcard addresses,
+     * and the IPv6 equivalent of the wildcard address.
+     */
+    Set<String> ANY_ADDRS = Set.of("0.0.0.0", "::", "::ffff:0.0.0.0");
+
+    String DEFAULT_ORB_INIT_HOST = NetUtils.getCanonicalHostName();
     String DEFAULT_ORB_INIT_PORT = "3700";
 
     // This property is true if SSL is required to be used by
@@ -61,4 +69,18 @@ public interface ORBLocator {
      * @return an initialized ORB instance
      */
     ORB getORB();
+
+    /**
+     * If null or from {@link #ANY_ADDRS} set, returns {@link #DEFAULT_ORB_INIT_HOST}.
+     * Returns the parameter otherwise.
+     *
+     * @param hostOrAny
+     * @return host name to use for ORB initialization
+     */
+    public static String toConcreteHost(String hostOrAny) {
+        if (hostOrAny == null || ANY_ADDRS.contains(hostOrAny)) {
+            return DEFAULT_ORB_INIT_HOST;
+        }
+        return hostOrAny;
+    }
 }