1
2
3
4
5
6
7
8
9
10
11 package org.mule.providers.ssl;
12
13 import org.mule.impl.MuleMessage;
14 import org.mule.providers.AbstractMessageReceiver;
15 import org.mule.providers.tcp.TcpMessageReceiver;
16 import org.mule.umo.UMOComponent;
17 import org.mule.umo.endpoint.UMOEndpoint;
18 import org.mule.umo.lifecycle.InitialisationException;
19 import org.mule.umo.provider.UMOConnector;
20
21 import java.io.IOException;
22 import java.net.Socket;
23 import java.security.cert.Certificate;
24
25 import javax.net.ssl.HandshakeCompletedEvent;
26 import javax.net.ssl.HandshakeCompletedListener;
27 import javax.net.ssl.SSLPeerUnverifiedException;
28 import javax.net.ssl.SSLSocket;
29 import javax.resource.spi.work.Work;
30
31 import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch;
32 import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit;
33
34
35 public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener
36 {
37
38
39
40
41
42 private CountDownLatch handshakeComplete = new CountDownLatch(1);
43 private static final long HANDSHAKE_WAIT = 30000L;
44 private Certificate[] peerCertificateChain;
45 private Certificate[] localCertificateChain;
46
47 public SslMessageReceiver(UMOConnector connector, UMOComponent component, UMOEndpoint endpoint)
48 throws InitialisationException
49 {
50 super(connector, component, endpoint);
51 }
52
53 protected Work createWork(Socket socket) throws IOException
54 {
55 if (endpoint.isStreaming())
56 {
57 return new SslStreamWorker(socket, this);
58 }
59 else
60 {
61 return new SslWorker(socket, this);
62 }
63 }
64
65 private void preRoute(MuleMessage message) throws Exception
66 {
67 handshakeComplete.await(HANDSHAKE_WAIT, TimeUnit.MILLISECONDS);
68 if (0 != handshakeComplete.getCount())
69 {
70 throw new IllegalStateException("Handshake did not complete");
71 }
72 if(peerCertificateChain != null)
73 {
74 message.setProperty(SslConnector.PEER_CERTIFICATES, peerCertificateChain);
75 }
76 if(localCertificateChain != null)
77 {
78 message.setProperty(SslConnector.LOCAL_CERTIFICATES, localCertificateChain);
79 }
80 }
81
82 public void handshakeCompleted(HandshakeCompletedEvent event)
83 {
84 try
85 {
86 localCertificateChain = event.getLocalCertificates();
87 try
88 {
89 peerCertificateChain = event.getPeerCertificates();
90 }
91 catch (SSLPeerUnverifiedException e)
92 {
93 logger.debug("Cannot get peer certificate chain: "+ e.getMessage());
94 }
95 }
96 finally
97 {
98 handshakeComplete.countDown();
99 }
100 }
101
102 protected class SslWorker extends TcpWorker
103 {
104 public SslWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException
105 {
106 super(socket, receiver);
107 ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
108 }
109
110 protected void preRouteMuleMessage(MuleMessage message) throws Exception
111 {
112 super.preRouteMuleMessage(message);
113
114 preRoute(message);
115 }
116 }
117
118 protected class SslStreamWorker extends TcpStreamWorker
119 {
120 public SslStreamWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException
121 {
122 super(socket, receiver);
123 ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
124 }
125
126 protected void preRouteMuleMessage(MuleMessage message) throws Exception
127 {
128 super.preRouteMuleMessage(message);
129
130 preRoute(message);
131 }
132 }
133
134 }