1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.transport.ssl; |
12 | |
|
13 | |
import org.mule.api.MuleMessage; |
14 | |
import org.mule.api.construct.FlowConstruct; |
15 | |
import org.mule.api.endpoint.InboundEndpoint; |
16 | |
import org.mule.api.lifecycle.CreateException; |
17 | |
import org.mule.api.transport.Connector; |
18 | |
import org.mule.transport.AbstractMessageReceiver; |
19 | |
import org.mule.transport.tcp.TcpMessageReceiver; |
20 | |
|
21 | |
import java.io.IOException; |
22 | |
import java.net.Socket; |
23 | |
import java.security.cert.Certificate; |
24 | |
|
25 | |
import javax.net.ssl.HandshakeCompletedEvent; |
26 | |
import javax.net.ssl.HandshakeCompletedListener; |
27 | |
import javax.net.ssl.SSLPeerUnverifiedException; |
28 | |
import javax.net.ssl.SSLSocket; |
29 | |
import javax.resource.spi.work.Work; |
30 | |
|
31 | |
import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch; |
32 | |
import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit; |
33 | |
|
34 | |
|
35 | 0 | public class SslMessageReceiver extends TcpMessageReceiver implements HandshakeCompletedListener |
36 | |
{ |
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
|
42 | 0 | private CountDownLatch handshakeComplete = new CountDownLatch(1); |
43 | |
|
44 | |
private Certificate[] peerCertificateChain; |
45 | |
private Certificate[] localCertificateChain; |
46 | |
|
47 | |
public SslMessageReceiver(Connector connector, FlowConstruct flowConstruct, InboundEndpoint endpoint) |
48 | |
throws CreateException |
49 | |
{ |
50 | 0 | super(connector, flowConstruct, endpoint); |
51 | 0 | } |
52 | |
|
53 | |
protected Work createWork(Socket socket) throws IOException |
54 | |
{ |
55 | 0 | return new SslWorker(socket, this); |
56 | |
} |
57 | |
|
58 | |
private void preRoute(MuleMessage message) throws Exception |
59 | |
{ |
60 | 0 | long sslHandshakeTimeout = ((SslConnector) getConnector()).getSslHandshakeTimeout(); |
61 | 0 | boolean rc = handshakeComplete.await(sslHandshakeTimeout, TimeUnit.MILLISECONDS); |
62 | 0 | if (rc == false) |
63 | |
{ |
64 | 0 | throw new IllegalStateException("Handshake did not complete"); |
65 | |
} |
66 | |
|
67 | 0 | if (peerCertificateChain != null) |
68 | |
{ |
69 | 0 | message.setOutboundProperty(SslConnector.PEER_CERTIFICATES, peerCertificateChain); |
70 | |
} |
71 | 0 | if (localCertificateChain != null) |
72 | |
{ |
73 | 0 | message.setOutboundProperty(SslConnector.LOCAL_CERTIFICATES, localCertificateChain); |
74 | |
} |
75 | 0 | } |
76 | |
|
77 | |
public void handshakeCompleted(HandshakeCompletedEvent event) |
78 | |
{ |
79 | |
try |
80 | |
{ |
81 | 0 | localCertificateChain = event.getLocalCertificates(); |
82 | |
try |
83 | |
{ |
84 | 0 | peerCertificateChain = event.getPeerCertificates(); |
85 | |
} |
86 | 0 | catch (SSLPeerUnverifiedException e) |
87 | |
{ |
88 | 0 | logger.debug("Cannot get peer certificate chain: "+ e.getMessage()); |
89 | 0 | } |
90 | |
} |
91 | |
finally |
92 | |
{ |
93 | 0 | handshakeComplete.countDown(); |
94 | 0 | } |
95 | 0 | } |
96 | |
|
97 | |
protected class SslWorker extends TcpWorker |
98 | |
{ |
99 | |
public SslWorker(Socket socket, AbstractMessageReceiver receiver) throws IOException |
100 | 0 | { |
101 | 0 | super(socket, receiver); |
102 | 0 | ((SSLSocket) socket).addHandshakeCompletedListener(SslMessageReceiver.this); |
103 | 0 | } |
104 | |
|
105 | |
@Override |
106 | |
protected void preRouteMuleMessage(MuleMessage message) throws Exception |
107 | |
{ |
108 | 0 | super.preRouteMuleMessage(message); |
109 | |
|
110 | 0 | preRoute(message); |
111 | 0 | } |
112 | |
|
113 | |
@Override |
114 | |
protected void shutdownSocket() throws IOException |
115 | |
{ |
116 | |
|
117 | 0 | } |
118 | |
} |
119 | |
|
120 | |
} |