camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From davscl...@apache.org
Subject git commit: CAMEL-6818: Fixed camel-netty/camel-netty-http SSLContext issue race condition.
Date Wed, 02 Oct 2013 14:41:02 GMT
Updated Branches:
  refs/heads/master d2bd97bd3 -> 3b6000795


CAMEL-6818: Fixed camel-netty/camel-netty-http SSLContext issue race condition.


Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/3b600079
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/3b600079
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/3b600079

Branch: refs/heads/master
Commit: 3b6000795fdca657630470a49b73db869ed8a2ed
Parents: d2bd97b
Author: Claus Ibsen <davsclaus@apache.org>
Authored: Wed Oct 2 16:40:28 2013 +0200
Committer: Claus Ibsen <davsclaus@apache.org>
Committed: Wed Oct 2 16:40:28 2013 +0200

----------------------------------------------------------------------
 .../netty/http/HttpClientPipelineFactory.java   | 74 ++++++++++---------
 .../netty/http/HttpServerPipelineFactory.java   | 65 ++++++++---------
 .../http/HttpServerSharedPipelineFactory.java   | 67 +++++++++--------
 .../netty/http/NettySharedHttpServerTest.java   |  2 +
 .../netty/DefaultClientPipelineFactory.java     | 72 ++++++++++---------
 .../netty/DefaultServerPipelineFactory.java     | 76 ++++++++++----------
 .../component/netty/ssl/SSLEngineFactory.java   | 57 ++++-----------
 7 files changed, 203 insertions(+), 210 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
index 14a63c8..fd20f89 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
@@ -20,6 +20,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 
 import org.apache.camel.component.netty.ClientPipelineFactory;
+import org.apache.camel.component.netty.NettyConfiguration;
 import org.apache.camel.component.netty.NettyProducer;
 import org.apache.camel.component.netty.http.handlers.HttpClientChannelHandler;
 import org.apache.camel.component.netty.ssl.SSLEngineFactory;
@@ -83,17 +84,49 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
     }
 
     private SSLContext createSSLContext(NettyProducer producer) throws Exception {
-        if (!producer.getConfiguration().isSsl()) {
+        NettyConfiguration configuration = producer.getConfiguration();
+
+        if (!configuration.isSsl()) {
             return null;
         }
 
+        SSLContext answer;
+
         // create ssl context once
-        if (producer.getConfiguration().getSslContextParameters() != null) {
-            SSLContext context = producer.getConfiguration().getSslContextParameters().createSSLContext();
-            return context;
+        if (configuration.getSslContextParameters() != null) {
+            answer = configuration.getSslContextParameters().createSSLContext();
+        } else {
+            if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource()
== null) {
+                LOG.debug("keystorefile is null");
+            }
+            if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource()
== null) {
+                LOG.debug("truststorefile is null");
+            }
+            if (configuration.getPassphrase().toCharArray() == null) {
+                LOG.debug("passphrase is null");
+            }
+
+            SSLEngineFactory sslEngineFactory;
+            if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile()
!= null) {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        "file:" + configuration.getKeyStoreFile().getPath(),
+                        "file:" + configuration.getTrustStoreFile().getPath(),
+                        configuration.getPassphrase().toCharArray());
+            } else {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        configuration.getKeyStoreResource(),
+                        configuration.getTrustStoreResource(),
+                        configuration.getPassphrase().toCharArray());
+            }
         }
 
-        return null;
+        return answer;
     }
 
     private SslHandler configureClientSSLOnDemand() throws Exception {
@@ -107,36 +140,9 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory
{
             SSLEngine engine = sslContext.createSSLEngine();
             engine.setUseClientMode(true);
             return new SslHandler(engine);
-        } else {
-            if (producer.getConfiguration().getKeyStoreFile() == null && producer.getConfiguration().getKeyStoreResource()
== null) {
-                LOG.debug("keystorefile is null");
-            }
-            if (producer.getConfiguration().getTrustStoreFile() == null && producer.getConfiguration().getTrustStoreResource()
== null) {
-                LOG.debug("truststorefile is null");
-            }
-            if (producer.getConfiguration().getPassphrase().toCharArray() == null) {
-                LOG.debug("passphrase is null");
-            }
-            SSLEngineFactory sslEngineFactory;
-            if (producer.getConfiguration().getKeyStoreFile() != null || producer.getConfiguration().getTrustStoreFile()
!= null) {
-                sslEngineFactory = new SSLEngineFactory(
-                        producer.getConfiguration().getKeyStoreFormat(),
-                        producer.getConfiguration().getSecurityProvider(),
-                        producer.getConfiguration().getKeyStoreFile(),
-                        producer.getConfiguration().getTrustStoreFile(),
-                        producer.getConfiguration().getPassphrase().toCharArray());
-            } else {
-                sslEngineFactory = new SSLEngineFactory(producer.getContext().getClassResolver(),
-                        producer.getConfiguration().getKeyStoreFormat(),
-                        producer.getConfiguration().getSecurityProvider(),
-                        producer.getConfiguration().getKeyStoreResource(),
-                        producer.getConfiguration().getTrustStoreResource(),
-                        producer.getConfiguration().getPassphrase().toCharArray());
-            }
-            SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
-            sslEngine.setUseClientMode(true);
-            return new SslHandler(sslEngine);
         }
+
+        return null;
     }
 
 }

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
index 3d6444a..8865fd3 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
@@ -19,11 +19,11 @@ package org.apache.camel.component.netty.http;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 
+import org.apache.camel.CamelContext;
 import org.apache.camel.component.netty.NettyConsumer;
 import org.apache.camel.component.netty.NettyServerBootstrapConfiguration;
 import org.apache.camel.component.netty.ServerPipelineFactory;
 import org.apache.camel.component.netty.ssl.SSLEngineFactory;
-import org.apache.camel.spi.ClassResolver;
 import org.apache.camel.util.ObjectHelper;
 import org.jboss.netty.channel.ChannelHandler;
 import org.jboss.netty.channel.ChannelPipeline;
@@ -54,7 +54,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
         this.consumer = nettyConsumer;
         this.configuration = nettyConsumer.getConfiguration();
         try {
-            this.sslContext = createSSLContext(consumer.getConfiguration());
+            this.sslContext = createSSLContext(consumer.getContext(), consumer.getConfiguration());
         } catch (Exception e) {
             throw ObjectHelper.wrapRuntimeCamelException(e);
         }
@@ -74,7 +74,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
         // Create a default pipeline implementation.
         ChannelPipeline pipeline = Channels.pipeline();
 
-        SslHandler sslHandler = configureServerSSLOnDemand(configuration);
+        SslHandler sslHandler = configureServerSSLOnDemand();
         if (sslHandler != null) {
             // must close on SSL exception
             sslHandler.setCloseOnSSLException(true);
@@ -97,32 +97,16 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
         return pipeline;
     }
 
-    private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration)
throws Exception {
+    private SSLContext createSSLContext(CamelContext camelContext, NettyServerBootstrapConfiguration
configuration) throws Exception {
         if (!configuration.isSsl()) {
             return null;
         }
 
+        SSLContext answer;
+
         // create ssl context once
         if (configuration.getSslContextParameters() != null) {
-            SSLContext context = configuration.getSslContextParameters().createSSLContext();
-            return context;
-        }
-
-        return null;
-    }
-
-    private SslHandler configureServerSSLOnDemand(NettyServerBootstrapConfiguration configuration)
throws Exception {
-        if (!configuration.isSsl()) {
-            return null;
-        }
-
-        if (configuration.getSslHandler() != null) {
-            return configuration.getSslHandler();
-        } else if (sslContext != null) {
-            SSLEngine engine = sslContext.createSSLEngine();
-            engine.setUseClientMode(false);
-            engine.setNeedClientAuth(configuration.isNeedClientAuth());
-            return new SslHandler(engine);
+            answer = configuration.getSslContextParameters().createSSLContext();
         } else {
             if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource()
== null) {
                 LOG.debug("keystorefile is null");
@@ -133,28 +117,45 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory
{
             if (configuration.getPassphrase().toCharArray() == null) {
                 LOG.debug("passphrase is null");
             }
+
             SSLEngineFactory sslEngineFactory;
             if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile()
!= null) {
-                sslEngineFactory = new SSLEngineFactory(
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
                         configuration.getKeyStoreFormat(),
                         configuration.getSecurityProvider(),
-                        configuration.getKeyStoreFile(),
-                        configuration.getTrustStoreFile(),
+                        "file:" + configuration.getKeyStoreFile().getPath(),
+                        "file:" + configuration.getTrustStoreFile().getPath(),
                         configuration.getPassphrase().toCharArray());
             } else {
-                ClassResolver resolver = consumer != null ? consumer.getContext().getClassResolver()
: null;
-                sslEngineFactory = new SSLEngineFactory(resolver,
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
                         configuration.getKeyStoreFormat(),
                         configuration.getSecurityProvider(),
                         configuration.getKeyStoreResource(),
                         configuration.getTrustStoreResource(),
                         configuration.getPassphrase().toCharArray());
             }
-            SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
-            sslEngine.setUseClientMode(false);
-            sslEngine.setNeedClientAuth(configuration.isNeedClientAuth());
-            return new SslHandler(sslEngine);
         }
+
+        return answer;
+    }
+
+    private SslHandler configureServerSSLOnDemand() throws Exception {
+        if (!consumer.getConfiguration().isSsl()) {
+            return null;
+        }
+
+        if (consumer.getConfiguration().getSslHandler() != null) {
+            return consumer.getConfiguration().getSslHandler();
+        } else if (sslContext != null) {
+            SSLEngine engine = sslContext.createSSLEngine();
+            engine.setUseClientMode(false);
+            engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+            return new SslHandler(engine);
+        }
+
+        return null;
     }
 
     private boolean supportCompressed() {

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
index ea24704..cca79bc 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
@@ -20,9 +20,9 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 
 import org.apache.camel.component.netty.NettyConsumer;
-import org.apache.camel.component.netty.NettyServerBootstrapConfiguration;
 import org.apache.camel.component.netty.ServerPipelineFactory;
 import org.apache.camel.component.netty.ssl.SSLEngineFactory;
+import org.apache.camel.impl.DefaultClassResolver;
 import org.apache.camel.spi.ClassResolver;
 import org.apache.camel.util.ObjectHelper;
 import org.jboss.netty.channel.ChannelPipeline;
@@ -52,9 +52,11 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory
{
                                            ClassResolver classResolver) {
         this.configuration = configuration;
         this.channelFactory = channelFactory;
-        this.classResolver = classResolver;
+        // fallback and use default resolver
+        this.classResolver = classResolver != null ? classResolver : new DefaultClassResolver();
+
         try {
-            this.sslContext = createSSLContext(configuration);
+            this.sslContext = createSSLContext();
         } catch (Exception e) {
             throw ObjectHelper.wrapRuntimeCamelException(e);
         }
@@ -74,7 +76,7 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory
{
         // Create a default pipeline implementation.
         ChannelPipeline pipeline = Channels.pipeline();
 
-        SslHandler sslHandler = configureServerSSLOnDemand(configuration);
+        SslHandler sslHandler = configureServerSSLOnDemand();
         if (sslHandler != null) {
             LOG.debug("Server SSL handler configured and added as an interceptor against
the ChannelPipeline: {}", sslHandler);
             pipeline.addLast("ssl", sslHandler);
@@ -94,31 +96,16 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory
{
         return pipeline;
     }
 
-    private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration)
throws Exception {
+    private SSLContext createSSLContext() throws Exception {
         if (!configuration.isSsl()) {
             return null;
         }
 
+        SSLContext answer;
+
         // create ssl context once
         if (configuration.getSslContextParameters() != null) {
-            return configuration.getSslContextParameters().createSSLContext();
-        }
-
-        return null;
-    }
-
-    private SslHandler configureServerSSLOnDemand(NettyServerBootstrapConfiguration configuration)
throws Exception {
-        if (!configuration.isSsl()) {
-            return null;
-        }
-
-        if (configuration.getSslHandler() != null) {
-            return configuration.getSslHandler();
-        } else if (sslContext != null) {
-            SSLEngine engine = sslContext.createSSLEngine();
-            engine.setUseClientMode(false);
-            engine.setNeedClientAuth(configuration.isNeedClientAuth());
-            return new SslHandler(engine);
+            answer = configuration.getSslContextParameters().createSSLContext();
         } else {
             if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource()
== null) {
                 LOG.debug("keystorefile is null");
@@ -129,27 +116,45 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory
{
             if (configuration.getPassphrase().toCharArray() == null) {
                 LOG.debug("passphrase is null");
             }
+
             SSLEngineFactory sslEngineFactory;
             if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile()
!= null) {
-                sslEngineFactory = new SSLEngineFactory(
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(classResolver,
                         configuration.getKeyStoreFormat(),
                         configuration.getSecurityProvider(),
-                        configuration.getKeyStoreFile(),
-                        configuration.getTrustStoreFile(),
+                        "file:" + configuration.getKeyStoreFile().getPath(),
+                        "file:" + configuration.getTrustStoreFile().getPath(),
                         configuration.getPassphrase().toCharArray());
             } else {
-                sslEngineFactory = new SSLEngineFactory(classResolver,
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(classResolver,
                         configuration.getKeyStoreFormat(),
                         configuration.getSecurityProvider(),
                         configuration.getKeyStoreResource(),
                         configuration.getTrustStoreResource(),
                         configuration.getPassphrase().toCharArray());
             }
-            SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
-            sslEngine.setUseClientMode(false);
-            sslEngine.setNeedClientAuth(configuration.isNeedClientAuth());
-            return new SslHandler(sslEngine);
         }
+
+        return answer;
+    }
+
+    private SslHandler configureServerSSLOnDemand() throws Exception {
+        if (!configuration.isSsl()) {
+            return null;
+        }
+
+        if (configuration.getSslHandler() != null) {
+            return configuration.getSslHandler();
+        } else if (sslContext != null) {
+            SSLEngine engine = sslContext.createSSLEngine();
+            engine.setUseClientMode(false);
+            engine.setNeedClientAuth(configuration.isNeedClientAuth());
+            return new SslHandler(engine);
+        }
+
+        return null;
     }
 
 }

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
index bf87b62..faa6aee 100644
--- a/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
+++ b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
@@ -17,6 +17,7 @@
 package org.apache.camel.component.netty.http;
 
 import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.impl.DefaultClassResolver;
 import org.apache.camel.impl.JndiRegistry;
 import org.junit.Test;
 
@@ -27,6 +28,7 @@ public class NettySharedHttpServerTest extends BaseNettyTest {
     @Override
     protected JndiRegistry createRegistry() throws Exception {
         nettySharedHttpServer = new DefaultNettySharedHttpServer();
+        nettySharedHttpServer.setClassResolver(new DefaultClassResolver());
 
         NettySharedHttpServerBootstrapConfiguration configuration = new NettySharedHttpServerBootstrapConfiguration();
         configuration.setPort(getPort());

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
index 28040d6..71c8a40 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
@@ -100,17 +100,49 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory
 {
     }
 
     private SSLContext createSSLContext(NettyProducer producer) throws Exception {
-        if (!producer.getConfiguration().isSsl()) {
+        NettyConfiguration configuration = producer.getConfiguration();
+
+        if (!configuration.isSsl()) {
             return null;
         }
 
+        SSLContext answer;
+
         // create ssl context once
-        if (producer.getConfiguration().getSslContextParameters() != null) {
-            SSLContext context = producer.getConfiguration().getSslContextParameters().createSSLContext();
-            return context;
+        if (configuration.getSslContextParameters() != null) {
+            answer = configuration.getSslContextParameters().createSSLContext();
+        } else {
+            if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource()
== null) {
+                LOG.debug("keystorefile is null");
+            }
+            if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource()
== null) {
+                LOG.debug("truststorefile is null");
+            }
+            if (configuration.getPassphrase().toCharArray() == null) {
+                LOG.debug("passphrase is null");
+            }
+
+            SSLEngineFactory sslEngineFactory;
+            if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile()
!= null) {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        "file:" + configuration.getKeyStoreFile().getPath(),
+                        "file:" + configuration.getTrustStoreFile().getPath(),
+                        configuration.getPassphrase().toCharArray());
+            } else {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        configuration.getKeyStoreResource(),
+                        configuration.getTrustStoreResource(),
+                        configuration.getPassphrase().toCharArray());
+            }
         }
 
-        return null;
+        return answer;
     }
 
     private SslHandler configureClientSSLOnDemand() throws Exception {
@@ -124,35 +156,9 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory
 {
             SSLEngine engine = sslContext.createSSLEngine();
             engine.setUseClientMode(true);
             return new SslHandler(engine);
-        } else {
-            if (producer.getConfiguration().getKeyStoreFile() == null && producer.getConfiguration().getKeyStoreResource()
== null) {
-                LOG.debug("keystorefile is null");
-            }
-            if (producer.getConfiguration().getTrustStoreFile() == null && producer.getConfiguration().getTrustStoreResource()
== null) {
-                LOG.debug("truststorefile is null");
-            }
-            if (producer.getConfiguration().getPassphrase().toCharArray() == null) {
-                LOG.debug("passphrase is null");
-            }
-            SSLEngineFactory sslEngineFactory;
-            if (producer.getConfiguration().getKeyStoreFile() != null || producer.getConfiguration().getTrustStoreFile()
!= null) {
-                sslEngineFactory = new SSLEngineFactory(
-                    producer.getConfiguration().getKeyStoreFormat(),
-                    producer.getConfiguration().getSecurityProvider(),
-                    producer.getConfiguration().getKeyStoreFile(),
-                    producer.getConfiguration().getTrustStoreFile(),
-                    producer.getConfiguration().getPassphrase().toCharArray());
-            } else {
-                sslEngineFactory = new SSLEngineFactory(producer.getContext().getClassResolver(),
-                        producer.getConfiguration().getKeyStoreFormat(),
-                        producer.getConfiguration().getSecurityProvider(),
-                        producer.getConfiguration().getKeyStoreResource(),
-                        producer.getConfiguration().getTrustStoreResource(),
-                        producer.getConfiguration().getPassphrase().toCharArray());
-            }
-            SSLEngine sslEngine = sslEngineFactory.createClientSSLEngine();
-            return new SslHandler(sslEngine);
         }
+
+        return null;
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
index 99b3be9..4df0394 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
@@ -20,6 +20,7 @@ import java.util.List;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 
+import org.apache.camel.CamelContext;
 import org.apache.camel.component.netty.handlers.ServerChannelHandler;
 import org.apache.camel.component.netty.ssl.SSLEngineFactory;
 import org.apache.camel.util.ObjectHelper;
@@ -37,10 +38,11 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory
{
     private NettyConsumer consumer;
     private SSLContext sslContext;
 
+    @Deprecated
     public DefaultServerPipelineFactory(NettyServerBootstrapConfiguration configuration)
{
         this.consumer = null;
         try {
-            this.sslContext = createSSLContext(configuration);
+            this.sslContext = createSSLContext(null, configuration);
         } catch (Exception e) {
             throw ObjectHelper.wrapRuntimeCamelException(e);
         }
@@ -53,7 +55,7 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory
{
     public DefaultServerPipelineFactory(NettyConsumer consumer) {
         this.consumer = consumer;
         try {
-            this.sslContext = createSSLContext(consumer.getConfiguration());
+            this.sslContext = createSSLContext(consumer.getContext(), consumer.getConfiguration());
         } catch (Exception e) {
             throw ObjectHelper.wrapRuntimeCamelException(e);
         }
@@ -116,18 +118,48 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory
{
         pipeline.addLast(name, handler);
     }
 
-    private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration)
throws Exception {
+    private SSLContext createSSLContext(CamelContext camelContext, NettyServerBootstrapConfiguration
configuration) throws Exception {
         if (!configuration.isSsl()) {
             return null;
         }
 
+        SSLContext answer;
+
         // create ssl context once
         if (configuration.getSslContextParameters() != null) {
-            SSLContext context = configuration.getSslContextParameters().createSSLContext();
-            return context;
+            answer = configuration.getSslContextParameters().createSSLContext();
+        } else {
+            if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource()
== null) {
+                LOG.debug("keystorefile is null");
+            }
+            if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource()
== null) {
+                LOG.debug("truststorefile is null");
+            }
+            if (configuration.getPassphrase().toCharArray() == null) {
+                LOG.debug("passphrase is null");
+            }
+
+            SSLEngineFactory sslEngineFactory;
+            if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile()
!= null) {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        "file:" + configuration.getKeyStoreFile().getPath(),
+                        "file:" + configuration.getTrustStoreFile().getPath(),
+                        configuration.getPassphrase().toCharArray());
+            } else {
+                sslEngineFactory = new SSLEngineFactory();
+                answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
+                        configuration.getKeyStoreFormat(),
+                        configuration.getSecurityProvider(),
+                        configuration.getKeyStoreResource(),
+                        configuration.getTrustStoreResource(),
+                        configuration.getPassphrase().toCharArray());
+            }
         }
 
-        return null;
+        return answer;
     }
 
     private SslHandler configureServerSSLOnDemand() throws Exception {
@@ -142,37 +174,9 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory
{
             engine.setUseClientMode(false);
             engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
             return new SslHandler(engine);
-        } else {
-            if (consumer.getConfiguration().getKeyStoreFile() == null && consumer.getConfiguration().getKeyStoreResource()
== null) {
-                LOG.debug("keystorefile is null");
-            }
-            if (consumer.getConfiguration().getTrustStoreFile() == null && consumer.getConfiguration().getTrustStoreResource()
== null) {
-                LOG.debug("truststorefile is null");
-            }
-            if (consumer.getConfiguration().getPassphrase().toCharArray() == null) {
-                LOG.debug("passphrase is null");
-            }
-            SSLEngineFactory sslEngineFactory;
-            if (consumer.getConfiguration().getKeyStoreFile() != null || consumer.getConfiguration().getTrustStoreFile()
!= null) {
-                sslEngineFactory = new SSLEngineFactory(
-                        consumer.getConfiguration().getKeyStoreFormat(),
-                        consumer.getConfiguration().getSecurityProvider(),
-                        consumer.getConfiguration().getKeyStoreFile(),
-                        consumer.getConfiguration().getTrustStoreFile(),
-                        consumer.getConfiguration().getPassphrase().toCharArray());
-            } else {
-                sslEngineFactory = new SSLEngineFactory(consumer.getContext().getClassResolver(),
-                        consumer.getConfiguration().getKeyStoreFormat(),
-                        consumer.getConfiguration().getSecurityProvider(),
-                        consumer.getConfiguration().getKeyStoreResource(),
-                        consumer.getConfiguration().getTrustStoreResource(),
-                        consumer.getConfiguration().getPassphrase().toCharArray());
-            }
-            SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
-            sslEngine.setUseClientMode(false);
-            sslEngine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
-            return new SslHandler(sslEngine);
         }
+
+        return null;
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
index 67fb1e2..1e3a515 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
@@ -16,7 +16,6 @@
  */
 package org.apache.camel.component.netty.ssl;
 
-import java.io.File;
 import java.io.InputStream;
 import java.security.KeyStore;
 import javax.net.ssl.KeyManagerFactory;
@@ -24,17 +23,20 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.TrustManagerFactory;
 
-import org.apache.camel.converter.IOConverter;
 import org.apache.camel.spi.ClassResolver;
 import org.apache.camel.util.IOHelper;
 import org.apache.camel.util.ResourceHelper;
 
-public class SSLEngineFactory {
+public final class SSLEngineFactory {
 
     private static final String SSL_PROTOCOL = "TLS";
-    private static SSLContext sslContext;
 
-    public SSLEngineFactory(ClassResolver classResolver, String keyStoreFormat, String securityProvider,
String keyStoreResource, String trustStoreResource, char[] passphrase) throws Exception {
+    public SSLEngineFactory() {
+    }
+
+    public SSLContext createSSLContext(ClassResolver classResolver, String keyStoreFormat,
String securityProvider,
+                                       String keyStoreResource, String trustStoreResource,
char[] passphrase) throws Exception {
+        SSLContext answer;
         KeyStore ks = KeyStore.getInstance(keyStoreFormat);
 
         InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(classResolver,
keyStoreResource);
@@ -47,7 +49,7 @@ public class SSLEngineFactory {
         KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
         kmf.init(ks, passphrase);
 
-        sslContext = SSLContext.getInstance(SSL_PROTOCOL);
+        answer = SSLContext.getInstance(SSL_PROTOCOL);
 
         if (trustStoreResource != null) {
             KeyStore ts = KeyStore.getInstance(keyStoreFormat);
@@ -59,55 +61,22 @@ public class SSLEngineFactory {
             }
             TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
             tmf.init(ts);
-            sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+            answer.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
         } else {
-            sslContext.init(kmf.getKeyManagers(), null, null);
-        }
-    }
-
-    /**
-     * Use {@link #SSLEngineFactory(org.apache.camel.spi.ClassResolver, String, String, String,
String, char[])}
-     */
-    @Deprecated
-    public SSLEngineFactory(String keyStoreFormat, String securityProvider, File keyStoreFile,
File trustStoreFile, char[] passphrase) throws Exception {
-        KeyStore ks = KeyStore.getInstance(keyStoreFormat);
-
-        InputStream is = IOConverter.toInputStream(keyStoreFile);
-        try {
-            ks.load(is, passphrase);
-        } finally {
-            IOHelper.close(is);
+            answer.init(kmf.getKeyManagers(), null, null);
         }
 
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
-        kmf.init(ks, passphrase);
-
-        sslContext = SSLContext.getInstance(SSL_PROTOCOL);
-        
-        if (trustStoreFile != null) { 
-            KeyStore ts = KeyStore.getInstance(keyStoreFormat);
-            is = IOConverter.toInputStream(trustStoreFile);
-            try {
-                ts.load(is, passphrase);
-            } finally {
-                IOHelper.close(is);
-            }
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
-            tmf.init(ts); 
-            sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 
-        } else { 
-            sslContext.init(kmf.getKeyManagers(), null, null); 
-        }
+        return answer;
     }
 
-    public SSLEngine createServerSSLEngine() {
+    public SSLEngine createServerSSLEngine(SSLContext sslContext) {
         SSLEngine serverEngine = sslContext.createSSLEngine();
         serverEngine.setUseClientMode(false);
         serverEngine.setNeedClientAuth(true);
         return serverEngine;
     }
 
-    public SSLEngine createClientSSLEngine() {
+    public SSLEngine createClientSSLEngine(SSLContext sslContext) {
         SSLEngine clientEngine = sslContext.createSSLEngine();
         clientEngine.setUseClientMode(true);
         return clientEngine;


Mime
View raw message