1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.transport.http; |
8 | |
|
9 | |
import org.mule.api.MessagingException; |
10 | |
import org.mule.api.MuleMessage; |
11 | |
import org.mule.api.construct.FlowConstruct; |
12 | |
import org.mule.api.endpoint.InboundEndpoint; |
13 | |
import org.mule.api.lifecycle.CreateException; |
14 | |
import org.mule.api.transport.Connector; |
15 | |
import org.mule.config.i18n.CoreMessages; |
16 | |
import org.mule.transport.ConnectException; |
17 | |
import org.mule.transport.http.i18n.HttpMessages; |
18 | |
import org.mule.util.StringUtils; |
19 | |
|
20 | |
import java.io.IOException; |
21 | |
import java.net.Socket; |
22 | |
import java.security.cert.Certificate; |
23 | |
|
24 | |
import javax.net.ssl.HandshakeCompletedEvent; |
25 | |
import javax.net.ssl.HandshakeCompletedListener; |
26 | |
import javax.net.ssl.SSLPeerUnverifiedException; |
27 | |
import javax.net.ssl.SSLSocket; |
28 | |
import javax.resource.spi.work.Work; |
29 | |
|
30 | |
import edu.emory.mathcs.backport.java.util.concurrent.CountDownLatch; |
31 | |
import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit; |
32 | |
|
33 | 0 | public class HttpsMessageReceiver extends HttpMessageReceiver |
34 | |
{ |
35 | |
public HttpsMessageReceiver(Connector connector, FlowConstruct flow, InboundEndpoint endpoint) |
36 | |
throws CreateException |
37 | |
{ |
38 | 0 | super(connector, flow, endpoint); |
39 | 0 | } |
40 | |
|
41 | |
@Override |
42 | |
protected void doConnect() throws ConnectException |
43 | |
{ |
44 | 0 | checkKeyStore(); |
45 | 0 | super.doConnect(); |
46 | 0 | } |
47 | |
|
48 | |
protected void checkKeyStore() throws ConnectException |
49 | |
{ |
50 | 0 | HttpsConnector httpsConnector = (HttpsConnector) connector; |
51 | 0 | String keyStore = httpsConnector.getKeyStore(); |
52 | 0 | if (StringUtils.isBlank(keyStore)) |
53 | |
{ |
54 | 0 | throw new ConnectException(CoreMessages.objectIsNull("tls-key-store"), this); |
55 | |
} |
56 | 0 | } |
57 | |
|
58 | |
@Override |
59 | |
protected Work createWork(Socket socket) throws IOException |
60 | |
{ |
61 | 0 | return new HttpsWorker(socket); |
62 | |
} |
63 | |
|
64 | |
private class HttpsWorker extends HttpWorker implements HandshakeCompletedListener |
65 | |
{ |
66 | |
private Certificate[] peerCertificateChain; |
67 | |
private Certificate[] localCertificateChain; |
68 | 0 | private final CountDownLatch latch = new CountDownLatch(1); |
69 | |
|
70 | |
public HttpsWorker(Socket socket) throws IOException |
71 | 0 | { |
72 | 0 | super(socket); |
73 | 0 | ((SSLSocket) socket).addHandshakeCompletedListener(this); |
74 | 0 | } |
75 | |
|
76 | |
@Override |
77 | |
protected void preRouteMessage(MuleMessage message) throws MessagingException |
78 | |
{ |
79 | |
try |
80 | |
{ |
81 | 0 | long timeout = ((HttpsConnector) getConnector()).getSslHandshakeTimeout(); |
82 | 0 | boolean handshakeComplete = latch.await(timeout, TimeUnit.MILLISECONDS); |
83 | 0 | if (!handshakeComplete) |
84 | |
{ |
85 | 0 | throw new MessagingException(HttpMessages.sslHandshakeDidNotComplete(), message); |
86 | |
} |
87 | |
} |
88 | 0 | catch (InterruptedException e) |
89 | |
{ |
90 | 0 | throw new MessagingException(HttpMessages.sslHandshakeDidNotComplete(), |
91 | |
message, e); |
92 | 0 | } |
93 | |
|
94 | 0 | super.preRouteMessage(message); |
95 | |
|
96 | 0 | if (peerCertificateChain != null) |
97 | |
{ |
98 | 0 | message.setOutboundProperty(HttpsConnector.PEER_CERTIFICATES, peerCertificateChain); |
99 | |
} |
100 | 0 | if (localCertificateChain != null) |
101 | |
{ |
102 | 0 | message.setOutboundProperty(HttpsConnector.LOCAL_CERTIFICATES, localCertificateChain); |
103 | |
} |
104 | 0 | } |
105 | |
|
106 | |
public void handshakeCompleted(HandshakeCompletedEvent event) |
107 | |
{ |
108 | |
try |
109 | |
{ |
110 | 0 | localCertificateChain = event.getLocalCertificates(); |
111 | |
try |
112 | |
{ |
113 | 0 | peerCertificateChain = event.getPeerCertificates(); |
114 | |
} |
115 | 0 | catch (SSLPeerUnverifiedException e) |
116 | |
{ |
117 | 0 | logger.debug("Cannot get peer certificate chain: "+ e.getMessage()); |
118 | 0 | } |
119 | |
} |
120 | |
finally |
121 | |
{ |
122 | 0 | latch.countDown(); |
123 | 0 | } |
124 | 0 | } |
125 | |
} |
126 | |
} |