Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix for: https://issues.apache.org/jira/browse/AMQ-4133 

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1402354 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Timothy A. Bish 2012-10-25 23:16:57 +00:00
parent 838206ff92
commit e6285b7426
5 changed files with 259 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransportFactory.java
View File

@ -18,7 +18,6 @@
package org.apache.activemq.transport.nio;
import java.io.IOException;
import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
@ -42,48 +41,35 @@ import org.slf4j.LoggerFactory;
public class NIOSSLTransportFactory extends NIOTransportFactory {
private static final Logger LOG = LoggerFactory.getLogger(NIOSSLTransportFactory.class);
SSLContext context;
protected SSLContext context;
protected TcpTransportServer createTcpTransportServer(URI location, ServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
return new TcpTransportServer(this, location, serverSocketFactory) {
protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
NIOSSLTransport transport = new NIOSSLTransport(format, socket);
if (context != null) {
transport.setSslContext(context);
}
return transport;
}
@Override
public boolean isSslServer() {
return true;
}
};
return new NIOSSLTransportServer(context, this, location, serverSocketFactory);
}
@Override
public TransportServer doBind(URI location) throws IOException {
if (SslContext.getCurrentSslContext() != null) {
try {
context = SslContext.getCurrentSslContext().getSSLContext();
} catch (Exception e) {
throw new IOException(e);
}
}
if (SslContext.getCurrentSslContext() != null) {
try {
context = SslContext.getCurrentSslContext().getSSLContext();
} catch (Exception e) {
throw new IOException(e);
}
}
return super.doBind(location);
}
/**
* Overriding to allow for proper configuration through reflection but delegate to get common
* configuration
* Overriding to allow for proper configuration through reflection but
* delegate to get common configuration
*/
public Transport compositeConfigure(Transport transport, WireFormat format, Map options) {
if (transport instanceof SslTransport) {
SslTransport sslTransport = (SslTransport)transport.narrow(SslTransport.class);
if (transport instanceof SslTransport) {
SslTransport sslTransport = (SslTransport) transport.narrow(SslTransport.class);
IntrospectionSupport.setProperties(sslTransport, options);
} else if (transport instanceof NIOSSLTransport) {
NIOSSLTransport sslTransport = (NIOSSLTransport)transport.narrow(NIOSSLTransport.class);
NIOSSLTransport sslTransport = (NIOSSLTransport) transport.narrow(NIOSSLTransport.class);
IntrospectionSupport.setProperties(sslTransport, options);
}
@ -109,7 +95,7 @@ public class NIOSSLTransportFactory extends NIOTransportFactory {
}
}
SocketFactory socketFactory = createSocketFactory();
return new SslTransport(wf, (SSLSocketFactory)socketFactory, location, localLocation, false);
return new SslTransport(wf, (SSLSocketFactory) socketFactory, location, localLocation, false);
}
/**
@ -120,7 +106,7 @@ public class NIOSSLTransportFactory extends NIOTransportFactory {
* @throws IOException
*/
protected SocketFactory createSocketFactory() throws IOException {
if( SslContext.getCurrentSslContext()!=null ) {
if (SslContext.getCurrentSslContext() != null) {
SslContext ctx = SslContext.getCurrentSslContext();
try {
return ctx.getSSLContext().getSocketFactory();

78
activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransportServer.java Normal file
View File

@ -0,0 +1,78 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.transport.nio;
import java.io.IOException;
import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
import javax.net.ServerSocketFactory;
import javax.net.ssl.SSLContext;
import org.apache.activemq.transport.Transport;
import org.apache.activemq.transport.tcp.TcpTransportFactory;
import org.apache.activemq.transport.tcp.TcpTransportServer;
import org.apache.activemq.wireformat.WireFormat;
public class NIOSSLTransportServer extends TcpTransportServer {
private SSLContext context;
public NIOSSLTransportServer(SSLContext context, TcpTransportFactory transportFactory, URI location, ServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
super(transportFactory, location, serverSocketFactory);
this.context = context;
}
private boolean needClientAuth;
private boolean wantClientAuth;
@Override
protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
NIOSSLTransport transport = new NIOSSLTransport(format, socket);
if (context != null) {
transport.setSslContext(context);
}
transport.setNeedClientAuth(needClientAuth);
transport.setWantClientAuth(wantClientAuth);
return transport;
}
@Override
public boolean isSslServer() {
return true;
}
public boolean isNeedClientAuth() {
return this.needClientAuth;
}
public void setNeedClientAuth(boolean value) {
this.needClientAuth = value;
}
public boolean isWantClientAuth() {
return this.wantClientAuth;
}
public void setWantClientAuth(boolean value) {
this.wantClientAuth = value;
}
}

19
activemq-core/src/main/java/org/apache/activemq/transport/stomp/StompNIOSSLTransportFactory.java
View File

@ -29,28 +29,30 @@ import javax.net.ssl.SSLContext;
import org.apache.activemq.broker.SslContext;
import org.apache.activemq.transport.Transport;
import org.apache.activemq.transport.TransportServer;
import org.apache.activemq.transport.nio.NIOSSLTransportServer;
import org.apache.activemq.transport.tcp.TcpTransport;
import org.apache.activemq.transport.tcp.TcpTransportServer;
import org.apache.activemq.wireformat.WireFormat;
public class StompNIOSSLTransportFactory extends StompNIOTransportFactory {
SSLContext context;
protected SSLContext context;
@Override
protected TcpTransportServer createTcpTransportServer(URI location, ServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
return new TcpTransportServer(this, location, serverSocketFactory) {
return new NIOSSLTransportServer(context, this, location, serverSocketFactory) {
@Override
protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
StompNIOSSLTransport transport = new StompNIOSSLTransport(format, socket);
if (context != null) {
transport.setSslContext(context);
}
return transport;
}
@Override
public boolean isSslServer() {
return true;
transport.setNeedClientAuth(isNeedClientAuth());
transport.setWantClientAuth(isWantClientAuth());
return transport;
}
};
}
@ -62,7 +64,7 @@ public class StompNIOSSLTransportFactory extends StompNIOTransportFactory {
@Override
public TransportServer doBind(URI location) throws IOException {
if (SslContext.getCurrentSslContext() != null) {
if (SslContext.getCurrentSslContext() != null) {
try {
context = SslContext.getCurrentSslContext().getSSLContext();
} catch (Exception e) {
@ -71,5 +73,4 @@ public class StompNIOSSLTransportFactory extends StompNIOTransportFactory {
}
return super.doBind(location);
}
}

108
activemq-core/src/test/java/org/apache/activemq/bugs/AMQ4133Test.java Normal file
View File

@ -0,0 +1,108 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.bugs;
import java.io.File;
import java.net.Socket;
import junit.framework.TestCase;
import org.apache.activemq.broker.BrokerFactory;
import org.apache.activemq.broker.BrokerService;
import org.apache.activemq.transport.stomp.Stomp;
import org.apache.activemq.transport.stomp.StompConnection;
import org.apache.activemq.transport.stomp.StompFrame;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
public class AMQ4133Test {
protected String java_security_auth_login_config = "java.security.auth.login.config";
protected String xbean = "xbean:";
protected String confBase = "src/test/resources/org/apache/activemq/bugs/amq4126";
protected String certBase = "src/test/resources/org/apache/activemq/security";
protected String sep = File.separator;
protected String activemqXml = "InconsistentConnectorPropertiesBehaviour.xml";
protected BrokerService broker;
protected String oldLoginConf = null;
@Before
public void before() throws Exception {
if (System.getProperty(java_security_auth_login_config) != null) {
oldLoginConf = System.getProperty(java_security_auth_login_config);
}
System.setProperty(java_security_auth_login_config, confBase + sep + "login.config");
broker = BrokerFactory.createBroker(xbean + confBase + sep + activemqXml);
broker.start();
broker.waitUntilStarted();
}
@After
public void after() throws Exception {
if (broker != null) {
broker.stop();
broker.waitUntilStopped();
}
}
@Test
public void stompSSLTransportNeedClientAuthTrue() throws Exception {
stompConnectTo("localhost", broker.getConnectorByName("stomp+ssl").getConnectUri().getPort());
}
@Test
public void stompSSLNeedClientAuthTrue() throws Exception {
stompConnectTo("localhost", broker.getConnectorByName("stomp+ssl+special").getConnectUri().getPort());
}
@Test
public void stompNIOSSLTransportNeedClientAuthTrue() throws Exception {
stompConnectTo("localhost", broker.getConnectorByName("stomp+nio+ssl").getConnectUri().getPort());
}
@Test
public void stompNIOSSLNeedClientAuthTrue() throws Exception {
stompConnectTo("localhost", broker.getConnectorByName("stomp+nio+ssl+special").getConnectUri().getPort());
}
public Socket createSocket(String host, int port) throws Exception {
System.setProperty("javax.net.ssl.trustStore", certBase + sep + "broker1.ks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
System.setProperty("javax.net.ssl.trustStoreType", "jks");
System.setProperty("javax.net.ssl.keyStore", certBase + sep + "client.ks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.keyStoreType", "jks");
SocketFactory factory = SSLSocketFactory.getDefault();
return factory.createSocket(host, port);
}
public void stompConnectTo(String host, int port) throws Exception {
StompConnection stompConnection = new StompConnection();
stompConnection.open(createSocket(host, port));
stompConnection.sendFrame("CONNECT\n" + "\n" + Stomp.NULL);
StompFrame f = stompConnection.receive();
TestCase.assertEquals(f.getBody(), "CONNECTED", f.getAction());
stompConnection.close();
}
}

46
activemq-core/src/test/resources/org/apache/activemq/bugs/amq4126/InconsistentConnectorPropertiesBehaviour.xml Normal file
View File

@ -0,0 +1,46 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:amq="http://activemq.apache.org/schema/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
<broker xmlns="http://activemq.apache.org/schema/core" brokerName="broker" id="broker" useJmx="false" persistent="false">
<plugins>
<jaasDualAuthenticationPlugin configuration="activemq-domain" sslConfiguration="activemq-ssl-domain"/>
</plugins>
<sslContext>
<sslContext
keyStore="./src/test/resources/org/apache/activemq/security/broker1.ks" keyStorePassword="password"
trustStore="./src/test/resources/org/apache/activemq/security/client.ks" trustStorePassword="password"/>
</sslContext>
<transportConnectors>
<transportConnector name="stomp+ssl+special" uri="stomp+ssl://0.0.0.0:0?needClientAuth=true" />
<transportConnector name="stomp+ssl" uri="stomp+ssl://0.0.0.0:0?transport.needClientAuth=true" />
<transportConnector name="stomp+nio+ssl+special" uri="stomp+nio+ssl://0.0.0.0:0?needClientAuth=true" />
<transportConnector name="stomp+nio+ssl" uri="stomp+nio+ssl://0.0.0.0:0?transport.needClientAuth=true" />
</transportConnectors>
</broker>
</beans>