Add props for secure and websocket to red5.propeties. Simplify tomcat…

….server bean entry and allow secureEnable option to filter connector types

client/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-client</artifactId>

client/src/main/java/org/red5/client/Red5Client.java

@@ -18,7 +18,7 @@ public final class Red5Client {
     /**
      * Current server version with revision
      */
-    public static final String VERSION = "Red5 Client 2.0.10";
+    public static final String VERSION = "Red5 Client 2.0.11";
 
     /**
      * Create a new Red5Client object using the connection local to the current thread A bit of magic that lets you access the red5 scope

common/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-server-common</artifactId>
@@ -105,7 +105,7 @@
         <dependency>
             <groupId>net.engio</groupId>
             <artifactId>mbassador</artifactId>
-            <version>2.0.10</version>
+            <version>2.0.11</version>
         </dependency> -->
         <dependency>
             <groupId>junit</groupId>

common/src/main/java/org/red5/server/api/Red5.java

@@ -57,12 +57,12 @@ public final class Red5 {
     /**
      * Server version with revision
      */
-    public static final String VERSION = "Red5 Server 2.0.10";
+    public static final String VERSION = "Red5 Server 2.0.11";
 
     /**
      * Server version for fmsVer requests
      */
-    public static final String FMS_VERSION = "RED5/2,0,10,0";
+    public static final String FMS_VERSION = "RED5/2,0,11,0";
 
     /**
      * Server capabilities

io/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-io</artifactId>

pom.xml

@@ -24,7 +24,7 @@
     <name>Red5</name>
     <description>The Red5 server</description>
     <groupId>org.red5</groupId>
-    <version>2.0.10</version>
+    <version>2.0.11</version>
     <url>https://github.com/Red5/red5-server</url>
     <inceptionYear>2005</inceptionYear>
     <organization>

server/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-server</artifactId>

server/src/main/java/org/red5/server/tomcat/TomcatLoader.java

@@ -172,6 +172,11 @@ public boolean accept(File dir, String name) {
      */
     protected boolean websocketEnabled = true;
 
+    /**
+     * HTTPS/WSS feature
+     */
+    protected boolean secureEnabled;
+
     /**
      * Flag to indicate if we should await plugin loading
      */
@@ -406,6 +411,11 @@ public void start() throws ServletException {
             for (TomcatConnector tomcatConnector : connectors) {
                 // get the connector
                 Connector connector = tomcatConnector.getConnector();
+                // check for secure connector and skip it if secure is not enabled
+                if (!secureEnabled && connector.getSecure()) {
+                    log.debug("Skipping secure connector");
+                    continue;
+                }
                 // add new Connector to set of Connectors for embedded server, associated with Engine
                 if (!added) {
                     embedded.setConnector(connector);
@@ -856,6 +866,24 @@ public void setWebsocketEnabled(boolean websocketEnabled) {
         this.websocketEnabled = websocketEnabled;
     }
 
+    /**
+     * Returns enabled state of secure support.
+     *
+     * @return true if enabled and false otherwise
+     */
+    public boolean isSecureEnabled() {
+        return secureEnabled;
+    }
+
+    /**
+     * Set secure feature enabled / disabled.
+     *
+     * @param secureEnabled
+     */
+    public void setSecureEnabled(boolean secureEnabled) {
+        this.secureEnabled = secureEnabled;
+    }
+
     /**
      * Returns await plugin loading state.
      *

server/src/main/server/conf/jee-container.xml

@@ -5,17 +5,20 @@
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                            http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd">
 
-    <!--
-    The tomcat connectors may be blocking or non-blocking. Select between either option via the protocol property.
-        Blocking I/O:
-            <property name="protocol" value="org.apache.coyote.http11.Http11Protocol" />
-        Non-blocking I/O:
-            <property name="protocol" value="org.apache.coyote.http11.Http11Nio2Protocol" />
-     -->
-    <!-- Tomcat without SSL enabled -->
+    <!-- Transports for HTTP/S and WS/S 
+        The tomcat connectors may be blocking or non-blocking. Select between either option via the protocol property.
+            Blocking I/O:
+                <property name="protocol" value="org.apache.coyote.http11.Http11Protocol" />
+            Non-blocking I/O:
+                <property name="protocol" value="org.apache.coyote.http11.Http11Nio2Protocol" />
+            
+        Connection properties available for TomcatConnector in Red5 2.0.10:
+            protocols="TLSv1.2,TLSv1.3"
+            ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+    -->
     <bean id="tomcat.server" class="org.red5.server.tomcat.TomcatLoader" depends-on="context.loader" lazy-init="true">
-        <property name="awaitPlugins" value="false" />
-        <property name="websocketEnabled" value="true" />
+        <property name="secureEnabled" value="${secure.enabled}" />
+        <property name="websocketEnabled" value="${websocket.enabled}" />
         <property name="webappFolder" value="${red5.root}/webapps" />
         <property name="connectors">
             <list>
@@ -28,68 +31,42 @@
                             <entry key="maxHttpHeaderSize" value="${http.max_headers_size}"/>
                             <entry key="maxKeepAliveRequests" value="${http.max_keep_alive_requests}"/>
                             <entry key="keepAliveTimout" value="-1"/>
+                            <entry key="useExecutor" value="true"/>
+                            <entry key="maxThreads" value="${http.max_threads}"/>
+                            <entry key="acceptCount" value="100"/>
+                            <entry key="acceptorThreadCount" value="${http.acceptor_thread_count}"/>
+                            <entry key="processorCache" value="${http.processor_cache}"/>
+                            <entry key="connectionTimeout" value="20000"/>
+                            <entry key="maxConnections" value="-1"/>
+                            <entry key="relaxedQueryChars" value="[,]"/>
+                            <entry key="useLowerCaseHeaders" value="false"/>
                         </map>
                     </property>
                 </bean>
-            </list>
-        </property>
-        <property name="baseHost">
-           <bean class="org.apache.catalina.core.StandardHost">
-               <property name="name" value="${http.host}" />
-           </bean>
-        </property>
-        <property name="valves">
-            <list>
-                <bean id="valve.access" class="org.apache.catalina.valves.AccessLogValve">
-                    <property name="directory" value="log" />
-                    <property name="prefix" value="${http.host}_access." />
-                    <property name="suffix" value=".log" />
-                    <property name="pattern" value="common" />
-                    <property name="rotatable" value="true" />
-                </bean>
-            </list>
-        </property>
-    </bean>
-
-    <!-- Tomcat with SSL enabled -->
-<!--
-    <bean id="tomcat.server" class="org.red5.server.tomcat.TomcatLoader" depends-on="context.loader" lazy-init="true">
-        <property name="websocketEnabled" value="true" />
-        <property name="webappFolder" value="${red5.root}/webapps" />
-        <property name="connectors">
-            <list>
-                <bean name="httpConnector" class="org.red5.server.tomcat.TomcatConnector">
-                    <property name="protocol" value="org.apache.coyote.http11.Http11Nio2Protocol" />
-                    <property name="address" value="${http.host}:${http.port}" />
-                    <property name="redirectPort" value="${https.port}" />
-                </bean>
                 <bean name="httpsConnector" class="org.red5.server.tomcat.TomcatConnector">
                     <property name="secure" value="true" />
                     <property name="protocol" value="org.apache.coyote.http11.Http11Nio2Protocol" />
                     <property name="address" value="${http.host}:${https.port}" />
                     <property name="redirectPort" value="${http.port}" />
                     <property name="connectionProperties">
                         <map>
-                            <entry key="port" value="${https.port}" />
-                            <entry key="redirectPort" value="${http.port}" />
-
-                            <entry key="SSLEnabled" value="true" />
-                            <entry key="sslProtocol" value="TLS" />
+                            <entry key="keystoreType" value="JKS" />
                             <entry key="keystoreFile" value="${rtmps.keystorefile}" />
                             <entry key="keystorePass" value="${rtmps.keystorepass}" />
+                            <entry key="truststoreType" value="JKS" />
                             <entry key="truststoreFile" value="${rtmps.truststorefile}" />
                             <entry key="truststorePass" value="${rtmps.truststorepass}" />
-                            <entry key="clientAuth" value="false" />
-                            <entry key="allowUnsafeLegacyRenegotiation" value="true" />
-
+                            <entry key="allowUnsafeLegacyRenegotiation" value="false" />
                             <entry key="maxHttpHeaderSize" value="${http.max_headers_size}"/>
                             <entry key="maxKeepAliveRequests" value="${http.max_keep_alive_requests}"/>
                             <entry key="keepAliveTimout" value="-1"/>
-
                             <entry key="useExecutor" value="true"/>
                             <entry key="maxThreads" value="${http.max_threads}"/>
                             <entry key="acceptorThreadCount" value="${http.acceptor_thread_count}"/>
                             <entry key="processorCache" value="${http.processor_cache}"/>
+                            <entry key="connectionTimeout" value="20000"/>
+                            <entry key="relaxedQueryChars" value="[,]"/>
+                            <entry key="useLowerCaseHeaders" value="false"/>
                         </map>
                     </property>
                 </bean>
@@ -100,7 +77,17 @@
                 <property name="name" value="${http.host}" />
             </bean>
         </property>
+        <property name="valves">
+            <list>
+                <bean id="valve.access" class="org.apache.catalina.valves.AccessLogValve">
+                    <property name="directory" value="log" />
+                    <property name="prefix" value="${http.host}_access" />
+                    <property name="suffix" value=".log" />
+                    <property name="pattern" value="common" />
+                    <property name="rotatable" value="true" />
+                </bean>
+            </list>
+        </property>
     </bean>
--->
 
 </beans>

server/src/main/server/conf/red5.properties

@@ -12,6 +12,8 @@ http.max_keep_alive_requests=-1
 http.max_threads=2000
 http.acceptor_thread_count=100
 http.processor_cache=200
+secure.enabled=false
+websocket.enabled=true
 
 # RTMP
 rtmp.host=0.0.0.0

service/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-service</artifactId>

servlet/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.red5</groupId>
         <artifactId>red5-parent</artifactId>
-        <version>2.0.10</version>
+        <version>2.0.11</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
     <artifactId>red5-servlet</artifactId>