1
2
3
4
5
6
7
8
9
10
11 package org.mule.transport.ssl;
12
13 import org.mule.DefaultMuleMessage;
14 import org.mule.api.endpoint.InboundEndpoint;
15 import org.mule.api.lifecycle.CreateException;
16 import org.mule.api.service.Service;
17 import org.mule.api.transport.Connector;
18 import org.mule.transport.AbstractMessageReceiver;
19 import org.mule.transport.tcp.TcpMessageReceiver;
20
21 import java.io.IOException;
22 import java.net.Socket;
23 import java.security.cert.Certificate;
24
25 import javax.net.ssl.HandshakeCompletedEvent;
26 import javax.net.ssl.HandshakeCompletedListener;
27 import javax.net.ssl.SSLPeerUnverifiedException;
28 import javax.net.ssl.SSLSocket;
29 import javax.resource.spi.work.Work;
30
31 import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch;
32 import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit;
33
34
35 public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener
36 {
37
38
39
40
41
42 private CountDownLatch handshakeComplete = new CountDownLatch(1);
43 private static final long HANDSHAKE_WAIT = 30000L;
44 private Certificate[] peerCertificateChain;
45 private Certificate[] localCertificateChain;
46
47 public SslMessageReceiver(Connector connector, Service service, InboundEndpoint endpoint)
48 throws CreateException
49 {
50 super(connector, service, endpoint);
51 }
52
53 protected Work createWork(Socket socket) throws IOException
54 {
55 return new SslWorker(socket, this);
56 }
57
58 private void preRoute(DefaultMuleMessage message) throws Exception
59 {
60 handshakeComplete.await(HANDSHAKE_WAIT, TimeUnit.MILLISECONDS);
61 if (0 != handshakeComplete.getCount())
62 {
63 throw new IllegalStateException("Handshake did not complete");
64 }
65 if (peerCertificateChain != null)
66 {
67 message.setProperty(SslConnector.PEER_CERTIFICATES, peerCertificateChain);
68 }
69 if (localCertificateChain != null)
70 {
71 message.setProperty(SslConnector.LOCAL_CERTIFICATES, localCertificateChain);
72 }
73 }
74
75 public void handshakeCompleted(HandshakeCompletedEvent event)
76 {
77 try
78 {
79 localCertificateChain = event.getLocalCertificates();
80 try
81 {
82 peerCertificateChain = event.getPeerCertificates();
83 }
84 catch (SSLPeerUnverifiedException e)
85 {
86 logger.debug("Cannot get peer certificate chain: "+ e.getMessage());
87 }
88 }
89 finally
90 {
91 handshakeComplete.countDown();
92 }
93 }
94
95 protected class SslWorker extends TcpWorker
96 {
97 public SslWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException
98 {
99 super(socket, receiver);
100 ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this);
101 }
102
103 protected void preRouteMuleMessage(DefaultMuleMessage message) throws Exception
104 {
105 super.preRouteMuleMessage(message);
106
107 preRoute(message);
108 }
109
110 protected void shutdownSocket() throws IOException
111 {
112
113 }
114 }
115
116 }