1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.transport.ssl; |
12 | |
|
13 | |
import org.mule.DefaultMuleMessage; |
14 | |
import org.mule.api.endpoint.InboundEndpoint; |
15 | |
import org.mule.api.lifecycle.CreateException; |
16 | |
import org.mule.api.service.Service; |
17 | |
import org.mule.api.transport.Connector; |
18 | |
import org.mule.transport.AbstractMessageReceiver; |
19 | |
import org.mule.transport.tcp.TcpMessageReceiver; |
20 | |
|
21 | |
import java.io.IOException; |
22 | |
import java.net.Socket; |
23 | |
import java.security.cert.Certificate; |
24 | |
|
25 | |
import javax.net.ssl.HandshakeCompletedEvent; |
26 | |
import javax.net.ssl.HandshakeCompletedListener; |
27 | |
import javax.net.ssl.SSLPeerUnverifiedException; |
28 | |
import javax.net.ssl.SSLSocket; |
29 | |
import javax.resource.spi.work.Work; |
30 | |
|
31 | |
import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch; |
32 | |
import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit; |
33 | |
|
34 | |
|
35 | 612 | public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener |
36 | |
{ |
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
|
42 | 40 | private CountDownLatch handshakeComplete = new CountDownLatch(1); |
43 | |
private static final long HANDSHAKE_WAIT = 30000L; |
44 | |
private Certificate[] peerCertificateChain; |
45 | |
private Certificate[] localCertificateChain; |
46 | |
|
47 | |
public SslMessageReceiver(Connector connector, Service service, InboundEndpoint endpoint) |
48 | |
throws CreateException |
49 | |
{ |
50 | 40 | super(connector, service, endpoint); |
51 | 40 | } |
52 | |
|
53 | |
protected Work createWork(Socket socket) throws IOException |
54 | |
{ |
55 | 414 | return new SslWorker(socket, this); |
56 | |
} |
57 | |
|
58 | |
private void preRoute(DefaultMuleMessage message) throws Exception |
59 | |
{ |
60 | 612 | handshakeComplete.await(HANDSHAKE_WAIT, TimeUnit.MILLISECONDS); |
61 | 612 | if (0 != handshakeComplete.getCount()) |
62 | |
{ |
63 | 0 | throw new IllegalStateException("Handshake did not complete"); |
64 | |
} |
65 | 612 | if (peerCertificateChain != null) |
66 | |
{ |
67 | 0 | message.setProperty(SslConnector.PEER_CERTIFICATES, peerCertificateChain); |
68 | |
} |
69 | 612 | if (localCertificateChain != null) |
70 | |
{ |
71 | 612 | message.setProperty(SslConnector.LOCAL_CERTIFICATES, localCertificateChain); |
72 | |
} |
73 | 612 | } |
74 | |
|
75 | |
public void handshakeCompleted(HandshakeCompletedEvent event) |
76 | |
{ |
77 | |
try |
78 | |
{ |
79 | 414 | localCertificateChain = event.getLocalCertificates(); |
80 | |
try |
81 | |
{ |
82 | 414 | peerCertificateChain = event.getPeerCertificates(); |
83 | |
} |
84 | 414 | catch (SSLPeerUnverifiedException e) |
85 | |
{ |
86 | 414 | logger.debug("Cannot get peer certificate chain: "+ e.getMessage()); |
87 | 0 | } |
88 | |
} |
89 | |
finally |
90 | |
{ |
91 | 414 | handshakeComplete.countDown(); |
92 | 414 | } |
93 | 414 | } |
94 | |
|
95 | |
protected class SslWorker extends TcpWorker |
96 | |
{ |
97 | |
public SslWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException |
98 | 414 | { |
99 | 414 | super(socket, receiver); |
100 | 414 | ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this); |
101 | 414 | } |
102 | |
|
103 | |
protected void preRouteMuleMessage(DefaultMuleMessage message) throws Exception |
104 | |
{ |
105 | 612 | super.preRouteMuleMessage(message); |
106 | |
|
107 | 612 | preRoute(message); |
108 | 612 | } |
109 | |
|
110 | |
protected void shutdownSocket() throws IOException |
111 | |
{ |
112 | |
|
113 | 414 | } |
114 | |
} |
115 | |
|
116 | |
} |