Author: tabish
Date: Tue Aug 28 22:41:02 2012
New Revision: 1378372
URL: http://svn.apache.org/viewvc?rev=1378372&view=rev
Log:
fix for: https://issues.apache.org/jira/browse/AMQ-3996
Set the transportContext property if the certificates are available.
Modified:
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
Modified:
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
URL:
http://svn.apache.org/viewvc/activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java?rev=1378372&r1=1378371&r2=1378372&view=diff
==============================================================================
---
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
(original)
+++
activemq/trunk/activemq-core/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
Tue Aug 28 22:41:02 2012
@@ -17,15 +17,6 @@
package org.apache.activemq.transport.nio;
-import org.apache.activemq.command.Command;
-import org.apache.activemq.openwire.OpenWireFormat;
-import org.apache.activemq.thread.DefaultThreadPools;
-import org.apache.activemq.util.IOExceptionSupport;
-import org.apache.activemq.util.ServiceStopper;
-import org.apache.activemq.wireformat.WireFormat;
-
-import javax.net.SocketFactory;
-import javax.net.ssl.*;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
@@ -34,6 +25,22 @@ import java.net.Socket;
import java.net.URI;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
+import java.security.cert.X509Certificate;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+
+import org.apache.activemq.command.Command;
+import org.apache.activemq.command.ConnectionInfo;
+import org.apache.activemq.openwire.OpenWireFormat;
+import org.apache.activemq.thread.DefaultThreadPools;
+import org.apache.activemq.util.IOExceptionSupport;
+import org.apache.activemq.util.ServiceStopper;
+import org.apache.activemq.wireformat.WireFormat;
public class NIOSSLTransport extends NIOTransport {
@@ -227,7 +234,6 @@ public class NIOSSLTransport extends NIO
status = res.getStatus();
handshakeStatus = res.getHandshakeStatus();
-
//TODO deal with BUFFER_OVERFLOW
if (status == SSLEngineResult.Status.CLOSED) {
@@ -274,6 +280,37 @@ public class NIOSSLTransport extends NIO
super.doStop(stopper);
}
+ /**
+ * Overriding in order to add the client's certificates to ConnectionInfo
+ * Commmands.
+ *
+ * @param command The Command coming in.
+ */
+ @Override
+ public void doConsume(Object command) {
+ if (command instanceof ConnectionInfo) {
+ ConnectionInfo connectionInfo = (ConnectionInfo)command;
+ connectionInfo.setTransportContext(getPeerCertificates());
+ }
+ super.doConsume(command);
+ }
+
+ /**
+ * @return peer certificate chain associated with the ssl socket
+ */
+ public X509Certificate[] getPeerCertificates() {
+
+ X509Certificate[] clientCertChain = null;
+ try {
+ if (sslSession != null) {
+ clientCertChain =
(X509Certificate[])sslSession.getPeerCertificates();
+ }
+ } catch (SSLPeerUnverifiedException e) {
+ }
+
+ return clientCertChain;
+ }
+
public boolean isNeedClientAuth() {
return needClientAuth;
}
