View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.transport.ssl;
8   
9   import org.mule.api.MuleContext;
10  import org.mule.api.lifecycle.CreateException;
11  import org.mule.api.lifecycle.InitialisationException;
12  import org.mule.api.security.TlsDirectKeyStore;
13  import org.mule.api.security.TlsDirectTrustStore;
14  import org.mule.api.security.TlsIndirectKeyStore;
15  import org.mule.api.security.TlsProtocolHandler;
16  import org.mule.api.security.provider.SecurityProviderFactory;
17  import org.mule.api.security.tls.TlsConfiguration;
18  import org.mule.transport.tcp.TcpConnector;
19  import org.mule.transport.tcp.protocols.DirectProtocol;
20  
21  import java.io.IOException;
22  import java.net.ServerSocket;
23  import java.net.URI;
24  import java.security.Provider;
25  
26  import javax.net.ssl.KeyManagerFactory;
27  import javax.net.ssl.SSLServerSocket;
28  import javax.net.ssl.TrustManagerFactory;
29  
30  /**
31   * <code>SslConnector</code> provides a connector for SSL connections.
32   * Note that the *only* function of the code in this package is to configure and
33   * provide SSL enabled sockets.  All other logic is identical to TCP.
34   */
35  public class SslConnector extends TcpConnector
36          implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
37  {
38  
39      public static final String SSL = "ssl";
40      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
41      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
42  
43      // null initial keystore - see below
44      private TlsConfiguration tls = new TlsConfiguration(null);
45  
46      /**
47       * Timeout for establishing the SSL connection with the client.
48       */
49      private long sslHandshakeTimeout = 30000;
50  
51      public SslConnector(MuleContext context)
52      {
53          super(context);
54          setSocketFactory(new SslSocketFactory(tls));
55          setServerSocketFactory(new SslServerSocketFactory(tls));
56          setTcpProtocol(new DirectProtocol());
57          // setting this true causes problems as socket closes before handshake finishes
58          setValidateConnections(false);
59      }
60  
61      @Override
62      protected void doInitialise() throws InitialisationException
63      {
64          super.doInitialise();
65          // the original logic here was slightly different to other uses of the TlsSupport code -
66          // it appeared to be equivalent to switching anon by whether or not a keyStore was defined
67          // (which seems to make sense), so that is used here.
68          try
69          {
70              tls.initialise(null == getKeyStore(), TlsConfiguration.JSSE_NAMESPACE);
71          }
72          catch (CreateException e)
73          {
74              throw new InitialisationException(e, this);
75          }
76      }
77  
78      @Override
79      protected ServerSocket getServerSocket(URI uri) throws IOException
80      {
81          SSLServerSocket serverSocket = (SSLServerSocket) super.getServerSocket(uri);
82          serverSocket.setNeedClientAuth(isRequireClientAuthentication());
83          return serverSocket;
84      }
85  
86      @Override
87      public String getProtocol()
88      {
89          return SSL;
90      }
91  
92      public String getClientKeyStore()
93      {
94          return tls.getClientKeyStore();
95      }
96  
97      public String getClientKeyStorePassword()
98      {
99          return tls.getClientKeyStorePassword();
100     }
101 
102     public String getClientKeyStoreType()
103     {
104         return this.tls.getClientKeyStoreType();
105     }
106 
107     public String getKeyManagerAlgorithm()
108     {
109         return tls.getKeyManagerAlgorithm();
110     }
111 
112     public KeyManagerFactory getKeyManagerFactory()
113     {
114         return tls.getKeyManagerFactory();
115     }
116 
117     public String getKeyPassword()
118     {
119         return tls.getKeyPassword();
120     }
121 
122     public String getKeyStore()
123     {
124         return tls.getKeyStore();
125     }
126 
127     public String getKeyAlias()
128     {
129         return tls.getKeyAlias();
130     }
131 
132     public String getKeyStoreType()
133     {
134         return tls.getKeyStoreType();
135     }
136 
137     public String getProtocolHandler()
138     {
139         return tls.getProtocolHandler();
140     }
141 
142     public Provider getProvider()
143     {
144         return tls.getProvider();
145     }
146 
147     public SecurityProviderFactory getSecurityProviderFactory()
148     {
149         return tls.getSecurityProviderFactory();
150     }
151 
152     public String getSslType()
153     {
154         return tls.getSslType();
155     }
156 
157     public String getKeyStorePassword()
158     {
159         return tls.getKeyStorePassword();
160     }
161 
162     public String getTrustManagerAlgorithm()
163     {
164         return tls.getTrustManagerAlgorithm();
165     }
166 
167     public TrustManagerFactory getTrustManagerFactory()
168     {
169         return tls.getTrustManagerFactory();
170     }
171 
172     public String getTrustStore()
173     {
174         return tls.getTrustStore();
175     }
176 
177     public String getTrustStorePassword()
178     {
179         return tls.getTrustStorePassword();
180     }
181 
182     public String getTrustStoreType()
183     {
184         return tls.getTrustStoreType();
185     }
186 
187     public boolean isExplicitTrustStoreOnly()
188     {
189         return tls.isExplicitTrustStoreOnly();
190     }
191 
192     public boolean isRequireClientAuthentication()
193     {
194         return tls.isRequireClientAuthentication();
195     }
196 
197     public void setClientKeyStore(String clientKeyStore) throws IOException
198     {
199         tls.setClientKeyStore(clientKeyStore);
200     }
201 
202     public void setClientKeyStorePassword(String clientKeyStorePassword)
203     {
204         tls.setClientKeyStorePassword(clientKeyStorePassword);
205     }
206 
207     public void setClientKeyStoreType(String clientKeyStoreType)
208     {
209         this.tls.setClientKeyStoreType(clientKeyStoreType);
210     }
211 
212     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
213     {
214         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
215     }
216 
217     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
218     {
219         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
220     }
221 
222     public void setKeyPassword(String keyPassword)
223     {
224         tls.setKeyPassword(keyPassword);
225     }
226 
227     public void setKeyStore(String keyStore) throws IOException
228     {
229         tls.setKeyStore(keyStore);
230     }
231 
232     public void setKeyAlias(String alias)
233     {
234         tls.setKeyAlias(alias);
235     }
236 
237     public void setKeyStoreType(String keystoreType)
238     {
239         tls.setKeyStoreType(keystoreType);
240     }
241 
242     public void setProtocolHandler(String protocolHandler)
243     {
244         tls.setProtocolHandler(protocolHandler);
245     }
246 
247     public void setProvider(Provider provider)
248     {
249         tls.setProvider(provider);
250     }
251 
252     public void setRequireClientAuthentication(boolean requireClientAuthentication)
253     {
254         tls.setRequireClientAuthentication(requireClientAuthentication);
255     }
256 
257     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
258     {
259         tls.setSecurityProviderFactory(spFactory);
260     }
261 
262     public void setSslType(String sslType)
263     {
264         tls.setSslType(sslType);
265     }
266 
267     public void setKeyStorePassword(String storePassword)
268     {
269         tls.setKeyStorePassword(storePassword);
270     }
271 
272     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
273     {
274         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
275     }
276 
277     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
278     {
279         tls.setTrustManagerFactory(trustManagerFactory);
280     }
281 
282     public void setTrustStore(String trustStore) throws IOException
283     {
284         tls.setTrustStore(trustStore);
285     }
286 
287     public void setTrustStorePassword(String trustStorePassword)
288     {
289         tls.setTrustStorePassword(trustStorePassword);
290     }
291 
292     public void setTrustStoreType(String trustStoreType)
293     {
294         tls.setTrustStoreType(trustStoreType);
295     }
296 
297     public long getSslHandshakeTimeout()
298     {
299         return sslHandshakeTimeout;
300     }
301 
302     public void setSslHandshakeTimeout(long sslHandshakeTimeout)
303     {
304         this.sslHandshakeTimeout = sslHandshakeTimeout;
305     }
306 
307 }