activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tab...@apache.org
Subject svn commit: r1378372 - /activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
Date Tue, 28 Aug 2012 22:41:03 GMT
Author: tabish
Date: Tue Aug 28 22:41:02 2012
New Revision: 1378372

URL: http://svn.apache.org/viewvc?rev=1378372&view=rev
Log:
fix for: https://issues.apache.org/jira/browse/AMQ-3996

Set the transportContext property if the certificates are available.

Modified:
    activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java

Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java?rev=1378372&r1=1378371&r2=1378372&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
(original)
+++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
Tue Aug 28 22:41:02 2012
@@ -17,15 +17,6 @@
 
 package org.apache.activemq.transport.nio;
 
-import org.apache.activemq.command.Command;
-import org.apache.activemq.openwire.OpenWireFormat;
-import org.apache.activemq.thread.DefaultThreadPools;
-import org.apache.activemq.util.IOExceptionSupport;
-import org.apache.activemq.util.ServiceStopper;
-import org.apache.activemq.wireformat.WireFormat;
-
-import javax.net.SocketFactory;
-import javax.net.ssl.*;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.EOFException;
@@ -34,6 +25,22 @@ import java.net.Socket;
 import java.net.URI;
 import java.net.UnknownHostException;
 import java.nio.ByteBuffer;
+import java.security.cert.X509Certificate;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+
+import org.apache.activemq.command.Command;
+import org.apache.activemq.command.ConnectionInfo;
+import org.apache.activemq.openwire.OpenWireFormat;
+import org.apache.activemq.thread.DefaultThreadPools;
+import org.apache.activemq.util.IOExceptionSupport;
+import org.apache.activemq.util.ServiceStopper;
+import org.apache.activemq.wireformat.WireFormat;
 
 public class NIOSSLTransport extends NIOTransport  {
 
@@ -227,7 +234,6 @@ public class NIOSSLTransport extends NIO
         status = res.getStatus();
         handshakeStatus = res.getHandshakeStatus();
 
-
         //TODO deal with BUFFER_OVERFLOW
 
         if (status == SSLEngineResult.Status.CLOSED) {
@@ -274,6 +280,37 @@ public class NIOSSLTransport extends NIO
         super.doStop(stopper);
     }
 
+    /**
+     * Overriding in order to add the client's certificates to ConnectionInfo
+     * Commmands.
+     *
+     * @param command The Command coming in.
+     */
+    @Override
+    public void doConsume(Object command) {
+        if (command instanceof ConnectionInfo) {
+            ConnectionInfo connectionInfo = (ConnectionInfo)command;
+            connectionInfo.setTransportContext(getPeerCertificates());
+        }
+        super.doConsume(command);
+    }
+
+    /**
+     * @return peer certificate chain associated with the ssl socket
+     */
+    public X509Certificate[] getPeerCertificates() {
+
+        X509Certificate[] clientCertChain = null;
+        try {
+            if (sslSession != null) {
+                clientCertChain = (X509Certificate[])sslSession.getPeerCertificates();
+            }
+        } catch (SSLPeerUnverifiedException e) {
+        }
+
+        return clientCertChain;
+    }
+
     public boolean isNeedClientAuth() {
         return needClientAuth;
     }



Mime
View raw message