Author: rgodfrey
Date: Sun May 31 23:54:35 2015
New Revision: 1682807
URL: http://svn.apache.org/r1682807
Log:
QPID-6538 : Record peer certificates for all AMQP protocols - not just 0-10
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java
qpid/java/trunk/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java?rev=1682807&r1=1682806&r2=1682807&view=diff
==============================================================================
---
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java
(original)
+++
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/protocol/MultiVersionProtocolEngine.java
Sun May 31 23:54:35 2015
@@ -24,6 +24,8 @@ package org.apache.qpid.server.protocol;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
+import java.security.Principal;
+import java.security.cert.Certificate;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
@@ -39,6 +41,7 @@ import org.apache.qpid.server.model.Prot
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.model.port.AmqpPort;
import org.apache.qpid.server.plugin.ProtocolEngineCreator;
+import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
import org.apache.qpid.server.util.Action;
import org.apache.qpid.transport.ByteBufferSender;
import org.apache.qpid.transport.network.NetworkConnection;
@@ -547,6 +550,14 @@ public class MultiVersionProtocolEngine
_delegate.setWorkListener(_workListener.get());
_header.flip();
_delegate.received(_header);
+
+ Certificate peerCertificate =
_network.getPeerCertificate();
+ if(peerCertificate != null &&
_port.getClientCertRecorder() != null)
+ {
+
((ManagedPeerCertificateTrustStore)(_port.getClientCertRecorder())).addCertificate(peerCertificate);
+ }
+
+
if(msg.hasRemaining())
{
_delegate.received(msg);
Modified:
qpid/java/trunk/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java
URL:
http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java?rev=1682807&r1=1682806&r2=1682807&view=diff
==============================================================================
---
qpid/java/trunk/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java
(original)
+++
qpid/java/trunk/broker-plugins/amqp-0-10-protocol/src/main/java/org/apache/qpid/server/protocol/v0_10/ServerConnection.java
Sun May 31 23:54:35 2015
@@ -52,7 +52,6 @@ import org.apache.qpid.server.protocol.A
import org.apache.qpid.server.protocol.AMQSessionModel;
import org.apache.qpid.server.protocol.SessionModelListener;
import org.apache.qpid.server.security.AuthorizationHolder;
-import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
import org.apache.qpid.server.stats.StatisticsCounter;
import org.apache.qpid.server.util.Action;
@@ -674,12 +673,7 @@ public class ServerConnection extends Co
public Principal getPeerPrincipal()
{
- Principal peerPrincipal = getNetworkConnection().getPeerPrincipal();
- if(peerPrincipal != null && getPort().getClientCertRecorder() != null)
- {
-
((ManagedPeerCertificateTrustStore)(getPort().getClientCertRecorder())).addCertificate(getNetworkConnection().getPeerCertificate());
- }
- return peerPrincipal;
+ return getNetworkConnection().getPeerPrincipal();
}
@Override
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
