camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From davscl...@apache.org
Subject svn commit: r1477943 - in /camel/trunk/components/camel-netty/src: main/java/org/apache/camel/component/netty/ main/java/org/apache/camel/component/netty/ssl/ test/java/org/apache/camel/component/netty/
Date Wed, 01 May 2013 10:15:59 GMT
Author: davsclaus
Date: Wed May  1 10:15:58 2013
New Revision: 1477943

URL: http://svn.apache.org/r1477943
Log:
CAMEL-6331: netty SSL can load keystore and truststore from classpath

Added:
    camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLClasspathTest.java
      - copied, changed from r1477915, camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
Modified:
    camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
    camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
    camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyConfiguration.java
    camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
    camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java

Modified: camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java?rev=1477943&r1=1477942&r2=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
(original)
+++ camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
Wed May  1 10:15:58 2013
@@ -112,21 +112,31 @@ public class DefaultClientPipelineFactor
             engine.setUseClientMode(true);
             return new SslHandler(engine);
         } else {
-            if (producer.getConfiguration().getKeyStoreFile() == null) {
+            if (producer.getConfiguration().getKeyStoreFile() == null && producer.getConfiguration().getKeyStoreResource()
== null) {
                 LOG.debug("keystorefile is null");
             }
-            if (producer.getConfiguration().getTrustStoreFile() == null) {
+            if (producer.getConfiguration().getTrustStoreFile() == null && producer.getConfiguration().getTrustStoreResource()
== null) {
                 LOG.debug("truststorefile is null");
             }
             if (producer.getConfiguration().getPassphrase().toCharArray() == null) {
                 LOG.debug("passphrase is null");
             }
-            SSLEngineFactory sslEngineFactory = new SSLEngineFactory(
-                producer.getConfiguration().getKeyStoreFormat(),
-                producer.getConfiguration().getSecurityProvider(),
-                producer.getConfiguration().getKeyStoreFile(),
-                producer.getConfiguration().getTrustStoreFile(),
-                producer.getConfiguration().getPassphrase().toCharArray());
+            SSLEngineFactory sslEngineFactory;
+            if (producer.getConfiguration().getKeyStoreFile() != null || producer.getConfiguration().getTrustStoreFile()
!= null) {
+                sslEngineFactory = new SSLEngineFactory(
+                    producer.getConfiguration().getKeyStoreFormat(),
+                    producer.getConfiguration().getSecurityProvider(),
+                    producer.getConfiguration().getKeyStoreFile(),
+                    producer.getConfiguration().getTrustStoreFile(),
+                    producer.getConfiguration().getPassphrase().toCharArray());
+            } else {
+                sslEngineFactory = new SSLEngineFactory(producer.getContext().getClassResolver(),
+                        producer.getConfiguration().getKeyStoreFormat(),
+                        producer.getConfiguration().getSecurityProvider(),
+                        producer.getConfiguration().getKeyStoreResource(),
+                        producer.getConfiguration().getTrustStoreResource(),
+                        producer.getConfiguration().getPassphrase().toCharArray());
+            }
             SSLEngine sslEngine = sslEngineFactory.createClientSSLEngine();
             return new SslHandler(sslEngine);
         }

Modified: camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java?rev=1477943&r1=1477942&r2=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
(original)
+++ camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
Wed May  1 10:15:58 2013
@@ -124,12 +124,31 @@ public class DefaultServerPipelineFactor
             engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
             return new SslHandler(engine);
         } else {
-            SSLEngineFactory sslEngineFactory = new SSLEngineFactory(
-                consumer.getConfiguration().getKeyStoreFormat(),
-                consumer.getConfiguration().getSecurityProvider(),
-                consumer.getConfiguration().getKeyStoreFile(), 
-                consumer.getConfiguration().getTrustStoreFile(), 
-                consumer.getConfiguration().getPassphrase().toCharArray());
+            if (consumer.getConfiguration().getKeyStoreFile() == null && consumer.getConfiguration().getKeyStoreResource()
== null) {
+                LOG.debug("keystorefile is null");
+            }
+            if (consumer.getConfiguration().getTrustStoreFile() == null && consumer.getConfiguration().getTrustStoreResource()
== null) {
+                LOG.debug("truststorefile is null");
+            }
+            if (consumer.getConfiguration().getPassphrase().toCharArray() == null) {
+                LOG.debug("passphrase is null");
+            }
+            SSLEngineFactory sslEngineFactory;
+            if (consumer.getConfiguration().getKeyStoreFile() != null || consumer.getConfiguration().getTrustStoreFile()
!= null) {
+                sslEngineFactory = new SSLEngineFactory(
+                        consumer.getConfiguration().getKeyStoreFormat(),
+                        consumer.getConfiguration().getSecurityProvider(),
+                        consumer.getConfiguration().getKeyStoreFile(),
+                        consumer.getConfiguration().getTrustStoreFile(),
+                        consumer.getConfiguration().getPassphrase().toCharArray());
+            } else {
+                sslEngineFactory = new SSLEngineFactory(consumer.getContext().getClassResolver(),
+                        consumer.getConfiguration().getKeyStoreFormat(),
+                        consumer.getConfiguration().getSecurityProvider(),
+                        consumer.getConfiguration().getKeyStoreResource(),
+                        consumer.getConfiguration().getTrustStoreResource(),
+                        consumer.getConfiguration().getPassphrase().toCharArray());
+            }
             SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
             sslEngine.setUseClientMode(false);
             sslEngine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());

Modified: camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyConfiguration.java
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyConfiguration.java?rev=1477943&r1=1477942&r2=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyConfiguration.java
(original)
+++ camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyConfiguration.java
Wed May  1 10:15:58 2013
@@ -57,6 +57,8 @@ public class NettyConfiguration implemen
     private String passphrase;
     private File keyStoreFile;
     private File trustStoreFile;
+    private String keyStoreResource;
+    private String trustStoreResource;
     private SslHandler sslHandler;
     private List<ChannelHandler> encoders = new ArrayList<ChannelHandler>();
     private List<ChannelHandler> decoders = new ArrayList<ChannelHandler>();
@@ -154,11 +156,13 @@ public class NettyConfiguration implemen
         setPort(uri.getPort());
 
         sslHandler = component.resolveAndRemoveReferenceParameter(parameters, "sslHandler",
SslHandler.class, sslHandler);
-        passphrase = component.resolveAndRemoveReferenceParameter(parameters, "passphrase",
String.class, passphrase);
+        passphrase = component.getAndRemoveParameter(parameters, "passphrase", String.class,
passphrase);
         keyStoreFormat = component.getAndRemoveParameter(parameters, "keyStoreFormat", String.class,
keyStoreFormat == null ? "JKS" : keyStoreFormat);
         securityProvider = component.getAndRemoveParameter(parameters, "securityProvider",
String.class, securityProvider == null ? "SunX509" : securityProvider);
         keyStoreFile = component.resolveAndRemoveReferenceParameter(parameters, "keyStoreFile",
File.class, keyStoreFile);
         trustStoreFile = component.resolveAndRemoveReferenceParameter(parameters, "trustStoreFile",
File.class, trustStoreFile);
+        keyStoreResource = component.getAndRemoveParameter(parameters, "keyStoreResource",
String.class, keyStoreResource);
+        trustStoreResource = component.getAndRemoveParameter(parameters, "trustStoreResource",
String.class, trustStoreResource);
         clientPipelineFactory = component.resolveAndRemoveReferenceParameter(parameters,
"clientPipelineFactory", ClientPipelineFactory.class, clientPipelineFactory);
         serverPipelineFactory = component.resolveAndRemoveReferenceParameter(parameters,
"serverPipelineFactory", ServerPipelineFactory.class, serverPipelineFactory);
 
@@ -427,22 +431,42 @@ public class NettyConfiguration implemen
         this.passphrase = passphrase;
     }
 
+    @Deprecated
     public File getKeyStoreFile() {
         return keyStoreFile;
     }
 
+    @Deprecated
     public void setKeyStoreFile(File keyStoreFile) {
         this.keyStoreFile = keyStoreFile;
     }
 
+    @Deprecated
     public File getTrustStoreFile() {
         return trustStoreFile;
     }
 
+    @Deprecated
     public void setTrustStoreFile(File trustStoreFile) {
         this.trustStoreFile = trustStoreFile;
     }
 
+    public String getKeyStoreResource() {
+        return keyStoreResource;
+    }
+
+    public void setKeyStoreResource(String keyStoreResource) {
+        this.keyStoreResource = keyStoreResource;
+    }
+
+    public String getTrustStoreResource() {
+        return trustStoreResource;
+    }
+
+    public void setTrustStoreResource(String trustStoreResource) {
+        this.trustStoreResource = trustStoreResource;
+    }
+
     public String getKeyStoreFormat() {
         return keyStoreFormat;
     }

Modified: camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java?rev=1477943&r1=1477942&r2=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
(original)
+++ camel/trunk/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
Wed May  1 10:15:58 2013
@@ -17,24 +17,67 @@
 package org.apache.camel.component.netty.ssl;
 
 import java.io.File;
+import java.io.InputStream;
 import java.security.KeyStore;
-
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.TrustManagerFactory;
 
 import org.apache.camel.converter.IOConverter;
+import org.apache.camel.spi.ClassResolver;
+import org.apache.camel.util.IOHelper;
+import org.apache.camel.util.ResourceHelper;
 
 public class SSLEngineFactory {
 
     private static final String SSL_PROTOCOL = "TLS";
     private static SSLContext sslContext;
-    
+
+    public SSLEngineFactory(ClassResolver classResolver, String keyStoreFormat, String securityProvider,
String keyStoreResource, String trustStoreResource, char[] passphrase) throws Exception {
+        KeyStore ks = KeyStore.getInstance(keyStoreFormat);
+
+        InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(classResolver,
keyStoreResource);
+        try {
+            ks.load(is, passphrase);
+        } finally {
+            IOHelper.close(is);
+        }
+
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
+        kmf.init(ks, passphrase);
+
+        sslContext = SSLContext.getInstance(SSL_PROTOCOL);
+
+        if (trustStoreResource != null) {
+            KeyStore ts = KeyStore.getInstance(keyStoreFormat);
+            is = ResourceHelper.resolveMandatoryResourceAsInputStream(classResolver, trustStoreResource);
+            try {
+                ts.load(is, passphrase);
+            } finally {
+                IOHelper.close(is);
+            }
+            TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
+            tmf.init(ts);
+            sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+        } else {
+            sslContext.init(kmf.getKeyManagers(), null, null);
+        }
+    }
+
+    /**
+     * Use {@link #SSLEngineFactory(org.apache.camel.spi.ClassResolver, String, String, String,
String, char[])}
+     */
+    @Deprecated
     public SSLEngineFactory(String keyStoreFormat, String securityProvider, File keyStoreFile,
File trustStoreFile, char[] passphrase) throws Exception {
         KeyStore ks = KeyStore.getInstance(keyStoreFormat);
 
-        ks.load(IOConverter.toInputStream(keyStoreFile), passphrase);
+        InputStream is = IOConverter.toInputStream(keyStoreFile);
+        try {
+            ks.load(is, passphrase);
+        } finally {
+            IOHelper.close(is);
+        }
 
         KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
         kmf.init(ks, passphrase);
@@ -42,9 +85,14 @@ public class SSLEngineFactory {
         sslContext = SSLContext.getInstance(SSL_PROTOCOL);
         
         if (trustStoreFile != null) { 
-            KeyStore ts = KeyStore.getInstance(keyStoreFormat); 
-            ts.load(IOConverter.toInputStream(trustStoreFile), passphrase); 
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);

+            KeyStore ts = KeyStore.getInstance(keyStoreFormat);
+            is = IOConverter.toInputStream(trustStoreFile);
+            try {
+                ts.load(is, passphrase);
+            } finally {
+                IOHelper.close(is);
+            }
+            TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
             tmf.init(ts); 
             sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 
         } else { 

Copied: camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLClasspathTest.java
(from r1477915, camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java)
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLClasspathTest.java?p2=camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLClasspathTest.java&p1=camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java&r1=1477915&r2=1477943&rev=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
(original)
+++ camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLClasspathTest.java
Wed May  1 10:15:58 2013
@@ -17,26 +17,14 @@
 
 package org.apache.camel.component.netty;
 
-import java.io.File;
-
 import org.apache.camel.Exchange;
 import org.apache.camel.Processor;
 import org.apache.camel.builder.RouteBuilder;
-import org.apache.camel.impl.JndiRegistry;
 import org.junit.Test;
 
-public class NettySSLTest extends BaseNettyTest {
+public class NettySSLClasspathTest extends BaseNettyTest {
 
     @Override
-    protected JndiRegistry createRegistry() throws Exception {
-        JndiRegistry registry = super.createRegistry();
-        registry.bind("password", "changeit");
-        registry.bind("ksf", new File("src/test/resources/keystore.jks"));
-        registry.bind("tsf", new File("src/test/resources/keystore.jks"));
-        return registry;
-    }
-    
-    @Override
     public boolean isUseRouteBuilder() {
         return false;
     }
@@ -50,7 +38,7 @@ public class NettySSLTest extends BaseNe
 
         context.addRoutes(new RouteBuilder() {
             public void configure() {
-                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=#password&keyStoreFile=#ksf&trustStoreFile=#tsf")
+                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreResource=classpath:keystore.jks&trustStoreResource=classpath:keystore.jks")
                     .process(new Processor() {
                         public void process(Exchange exchange) throws Exception {
                             exchange.getOut().setBody("When You Go Home, Tell Them Of Us
And Say, For Your Tomorrow, We Gave Our Today.");                           
@@ -61,7 +49,7 @@ public class NettySSLTest extends BaseNe
         context.start();
 
         String response = template.requestBody(
-                "netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=#password&keyStoreFile=#ksf&trustStoreFile=#tsf",
+                "netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreResource=classpath:keystore.jks&trustStoreResource=classpath:keystore.jks",
                 "Epitaph in Kohima, India marking the WWII Battle of Kohima and Imphal, Burma
Campaign - Attributed to John Maxwell Edmonds", String.class);
         assertEquals("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave
Our Today.", response);
     }

Modified: camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
URL: http://svn.apache.org/viewvc/camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java?rev=1477943&r1=1477942&r2=1477943&view=diff
==============================================================================
--- camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
(original)
+++ camel/trunk/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
Wed May  1 10:15:58 2013
@@ -30,7 +30,6 @@ public class NettySSLTest extends BaseNe
     @Override
     protected JndiRegistry createRegistry() throws Exception {
         JndiRegistry registry = super.createRegistry();
-        registry.bind("password", "changeit");
         registry.bind("ksf", new File("src/test/resources/keystore.jks"));
         registry.bind("tsf", new File("src/test/resources/keystore.jks"));
         return registry;
@@ -50,7 +49,7 @@ public class NettySSLTest extends BaseNe
 
         context.addRoutes(new RouteBuilder() {
             public void configure() {
-                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=#password&keyStoreFile=#ksf&trustStoreFile=#tsf")
+                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf")
                     .process(new Processor() {
                         public void process(Exchange exchange) throws Exception {
                             exchange.getOut().setBody("When You Go Home, Tell Them Of Us
And Say, For Your Tomorrow, We Gave Our Today.");                           
@@ -61,7 +60,7 @@ public class NettySSLTest extends BaseNe
         context.start();
 
         String response = template.requestBody(
-                "netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=#password&keyStoreFile=#ksf&trustStoreFile=#tsf",
+                "netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf",
                 "Epitaph in Kohima, India marking the WWII Battle of Kohima and Imphal, Burma
Campaign - Attributed to John Maxwell Edmonds", String.class);
         assertEquals("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave
Our Today.", response);
     }



Mime
View raw message