View Javadoc

1   /*
2    * $Id: SslMessageReceiver.java 9936 2007-11-28 19:05:33Z aperepel $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.providers.ssl;
12  
13  import org.mule.impl.MuleMessage;
14  import org.mule.providers.AbstractMessageReceiver;
15  import org.mule.providers.tcp.TcpMessageReceiver;
16  import org.mule.umo.UMOComponent;
17  import org.mule.umo.endpoint.UMOEndpoint;
18  import org.mule.umo.lifecycle.InitialisationException;
19  import org.mule.umo.provider.UMOConnector;
20  
21  import java.io.IOException;
22  import java.net.Socket;
23  import java.security.cert.Certificate;
24  
25  import javax.net.ssl.HandshakeCompletedEvent;
26  import javax.net.ssl.HandshakeCompletedListener;
27  import javax.net.ssl.SSLPeerUnverifiedException;
28  import javax.net.ssl.SSLSocket;
29  import javax.resource.spi.work.Work;
30  
31  import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch;
32  import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit;
33  
34  
35  public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener
36  {
37  
38      // we must wait for handshake to complete before sending message, as the callback
39      // sets important properties.  the wait period is arbitrary, but the two threads
40      // are approximately synchronized (handshake completes before/at same time as
41      // message is received) so value should not be critical
42      private CountDownLatch handshakeComplete = new CountDownLatch(1);
43      private static final long HANDSHAKE_WAIT = 30000L;
44      private Certificate[] peerCertificateChain;
45      private Certificate[] localCertificateChain;
46  
47      public SslMessageReceiver(UMOConnector connector, UMOComponent component, UMOEndpoint endpoint)
48              throws InitialisationException
49      {
50          super(connector, component, endpoint);
51      }
52  
53      protected Work createWork(Socket socket) throws IOException
54      {
55          if (endpoint.isStreaming())
56          {
57              return new SslStreamWorker(socket, this);
58          }
59          else
60          {
61              return new SslWorker(socket, this);
62          }
63      }
64  
65      private void preRoute(MuleMessage message) throws Exception
66      {
67          handshakeComplete.await(HANDSHAKE_WAIT, TimeUnit.MILLISECONDS);
68          if (0 != handshakeComplete.getCount())
69          {
70              throw new IllegalStateException("Handshake did not complete");
71          }
72          if(peerCertificateChain != null)
73          {
74              message.setProperty(SslConnector.PEER_CERTIFICATES, peerCertificateChain);
75          }
76          if(localCertificateChain != null)
77          {
78              message.setProperty(SslConnector.LOCAL_CERTIFICATES, localCertificateChain);
79          }
80      }
81  
82      public void handshakeCompleted(HandshakeCompletedEvent event)
83      {
84          try
85          {
86              localCertificateChain = event.getLocalCertificates();
87              try
88              {
89                  peerCertificateChain = event.getPeerCertificates();
90              }
91              catch (SSLPeerUnverifiedException e)
92              {
93                  logger.debug("Cannot get peer certificate chain: "+ e.getMessage());
94              }
95          }
96          finally
97          {
98              handshakeComplete.countDown();
99          }
100     }
101 
102     protected class SslWorker extends TcpWorker
103     {
104         public SslWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException
105         {
106             super(socket, receiver);
107             ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
108         }
109 
110         protected void preRouteMuleMessage(MuleMessage message) throws Exception
111         {
112             super.preRouteMuleMessage(message);
113 
114             preRoute(message);
115         }
116     }
117 
118     protected class SslStreamWorker extends TcpStreamWorker
119     {
120         public SslStreamWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException
121         {
122             super(socket, receiver);
123             ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
124         }
125 
126         protected void preRouteMuleMessage(MuleMessage message) throws Exception
127         {
128             super.preRouteMuleMessage(message);
129             
130             preRoute(message);
131         }
132     }
133 
134 }