Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix for: https://issues.apache.org/jira/browse/AMQ-3996 

Set the transportContext property if the certificates are available.

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1378372 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Timothy A. Bish 2012-08-28 22:41:02 +00:00
parent bcc9e02e93
commit 6175dc4639
1 changed files with 47 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
View File

@ -17,15 +17,6 @@
package org.apache.activemq.transport.nio; package org.apache.activemq.transport.nio;
import org.apache.activemq.command.Command;
import org.apache.activemq.openwire.OpenWireFormat;
import org.apache.activemq.thread.DefaultThreadPools;
import org.apache.activemq.util.IOExceptionSupport;
import org.apache.activemq.util.ServiceStopper;
import org.apache.activemq.wireformat.WireFormat;
import javax.net.SocketFactory;
import javax.net.ssl.*;
import java.io.DataInputStream; import java.io.DataInputStream;
import java.io.DataOutputStream; import java.io.DataOutputStream;
import java.io.EOFException; import java.io.EOFException;
@ -34,6 +25,22 @@ import java.net.Socket;
import java.net.URI; import java.net.URI;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import java.nio.ByteBuffer; import java.nio.ByteBuffer;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.apache.activemq.command.Command;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.openwire.OpenWireFormat;
import org.apache.activemq.thread.DefaultThreadPools;
import org.apache.activemq.util.IOExceptionSupport;
import org.apache.activemq.util.ServiceStopper;
import org.apache.activemq.wireformat.WireFormat;
public class NIOSSLTransport extends NIOTransport { public class NIOSSLTransport extends NIOTransport {
@ -227,7 +234,6 @@ public class NIOSSLTransport extends NIOTransport {
status = res.getStatus(); status = res.getStatus();
handshakeStatus = res.getHandshakeStatus(); handshakeStatus = res.getHandshakeStatus();
//TODO deal with BUFFER_OVERFLOW //TODO deal with BUFFER_OVERFLOW
if (status == SSLEngineResult.Status.CLOSED) { if (status == SSLEngineResult.Status.CLOSED) {
@ -274,6 +280,37 @@ public class NIOSSLTransport extends NIOTransport {
super.doStop(stopper); super.doStop(stopper);
} }
/**
* Overriding in order to add the client's certificates to ConnectionInfo
* Commmands.
*
* @param command The Command coming in.
*/
@Override
public void doConsume(Object command) {
if (command instanceof ConnectionInfo) {
ConnectionInfo connectionInfo = (ConnectionInfo)command;
connectionInfo.setTransportContext(getPeerCertificates());
}
super.doConsume(command);
}
/**
* @return peer certificate chain associated with the ssl socket
*/
public X509Certificate[] getPeerCertificates() {
X509Certificate[] clientCertChain = null;
try {
if (sslSession != null) {
clientCertChain = (X509Certificate[])sslSession.getPeerCertificates();
}
} catch (SSLPeerUnverifiedException e) {
}
return clientCertChain;
}
public boolean isNeedClientAuth() { public boolean isNeedClientAuth() {
return needClientAuth; return needClientAuth;
} }