Return-Path: 
 <commits-return-19802-apmail-activemq-commits-archive=activemq.apache.org@activemq.apache.org>
X-Original-To: apmail-activemq-commits-archive@www.apache.org
Delivered-To: apmail-activemq-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id EFF22312
	for <apmail-activemq-commits-archive@www.apache.org>;
 Tue, 28 Aug 2012 22:41:49 +0000 (UTC)
Received: (qmail 15274 invoked by uid 500); 28 Aug 2012 22:41:49 -0000
Delivered-To: apmail-activemq-commits-archive@activemq.apache.org
Received: (qmail 15250 invoked by uid 500); 28 Aug 2012 22:41:49 -0000
Mailing-List: contact commits-help@activemq.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@activemq.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@activemq.apache.org>
List-Post: <mailto:commits@activemq.apache.org>
List-Id: <commits.activemq.apache.org>
Reply-To: dev@activemq.apache.org
Delivered-To: mailing list commits@activemq.apache.org
Received: (qmail 15243 invoked by uid 99); 28 Aug 2012 22:41:49 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Aug 2012 22:41:49 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Aug 2012 22:41:47 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id 508D22388A3F
	for <commits@activemq.apache.org>; Tue, 28 Aug 2012 22:41:03 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1378372 -
 /activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
Date: Tue, 28 Aug 2012 22:41:03 -0000
To: commits@activemq.apache.org
From: tabish@apache.org
X-Mailer: svnmailer-1.0.8-patched
Message-Id: <20120828224103.508D22388A3F@eris.apache.org>

Author: tabish
Date: Tue Aug 28 22:41:02 2012
New Revision: 1378372

URL: http://svn.apache.org/viewvc?rev=1378372&view=rev
Log:
fix for: https://issues.apache.org/jira/browse/AMQ-3996

Set the transportContext property if the certificates are available.

Modified:
    activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java

Modified: activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java?rev=1378372&r1=1378371&r2=1378372&view=diff
==============================================================================
--- activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java (original)
+++ activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java Tue Aug 28 22:41:02 2012
@@ -17,15 +17,6 @@
 
 package org.apache.activemq.transport.nio;
 
-import org.apache.activemq.command.Command;
-import org.apache.activemq.openwire.OpenWireFormat;
-import org.apache.activemq.thread.DefaultThreadPools;
-import org.apache.activemq.util.IOExceptionSupport;
-import org.apache.activemq.util.ServiceStopper;
-import org.apache.activemq.wireformat.WireFormat;
-
-import javax.net.SocketFactory;
-import javax.net.ssl.*;
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.EOFException;
@@ -34,6 +25,22 @@ import java.net.Socket;
 import java.net.URI;
 import java.net.UnknownHostException;
 import java.nio.ByteBuffer;
+import java.security.cert.X509Certificate;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+
+import org.apache.activemq.command.Command;
+import org.apache.activemq.command.ConnectionInfo;
+import org.apache.activemq.openwire.OpenWireFormat;
+import org.apache.activemq.thread.DefaultThreadPools;
+import org.apache.activemq.util.IOExceptionSupport;
+import org.apache.activemq.util.ServiceStopper;
+import org.apache.activemq.wireformat.WireFormat;
 
 public class NIOSSLTransport extends NIOTransport  {
 
@@ -227,7 +234,6 @@ public class NIOSSLTransport extends NIO
         status = res.getStatus();
         handshakeStatus = res.getHandshakeStatus();
 
-
         //TODO deal with BUFFER_OVERFLOW
 
         if (status == SSLEngineResult.Status.CLOSED) {
@@ -274,6 +280,37 @@ public class NIOSSLTransport extends NIO
         super.doStop(stopper);
     }
 
+    /**
+     * Overriding in order to add the client's certificates to ConnectionInfo
+     * Commmands.
+     *
+     * @param command The Command coming in.
+     */
+    @Override
+    public void doConsume(Object command) {
+        if (command instanceof ConnectionInfo) {
+            ConnectionInfo connectionInfo = (ConnectionInfo)command;
+            connectionInfo.setTransportContext(getPeerCertificates());
+        }
+        super.doConsume(command);
+    }
+
+    /**
+     * @return peer certificate chain associated with the ssl socket
+     */
+    public X509Certificate[] getPeerCertificates() {
+
+        X509Certificate[] clientCertChain = null;
+        try {
+            if (sslSession != null) {
+                clientCertChain = (X509Certificate[])sslSession.getPeerCertificates();
+            }
+        } catch (SSLPeerUnverifiedException e) {
+        }
+
+        return clientCertChain;
+    }
+
     public boolean isNeedClientAuth() {
         return needClientAuth;
     }