You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2013/10/02 16:41:02 UTC
git commit: CAMEL-6818: Fixed camel-netty/camel-netty-http SSLContext
issue race condition.
Updated Branches:
refs/heads/master d2bd97bd3 -> 3b6000795
CAMEL-6818: Fixed camel-netty/camel-netty-http SSLContext issue race condition.
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/3b600079
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/3b600079
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/3b600079
Branch: refs/heads/master
Commit: 3b6000795fdca657630470a49b73db869ed8a2ed
Parents: d2bd97b
Author: Claus Ibsen <da...@apache.org>
Authored: Wed Oct 2 16:40:28 2013 +0200
Committer: Claus Ibsen <da...@apache.org>
Committed: Wed Oct 2 16:40:28 2013 +0200
----------------------------------------------------------------------
.../netty/http/HttpClientPipelineFactory.java | 74 ++++++++++---------
.../netty/http/HttpServerPipelineFactory.java | 65 ++++++++---------
.../http/HttpServerSharedPipelineFactory.java | 67 +++++++++--------
.../netty/http/NettySharedHttpServerTest.java | 2 +
.../netty/DefaultClientPipelineFactory.java | 72 ++++++++++---------
.../netty/DefaultServerPipelineFactory.java | 76 ++++++++++----------
.../component/netty/ssl/SSLEngineFactory.java | 57 ++++-----------
7 files changed, 203 insertions(+), 210 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
index 14a63c8..fd20f89 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
@@ -20,6 +20,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.apache.camel.component.netty.ClientPipelineFactory;
+import org.apache.camel.component.netty.NettyConfiguration;
import org.apache.camel.component.netty.NettyProducer;
import org.apache.camel.component.netty.http.handlers.HttpClientChannelHandler;
import org.apache.camel.component.netty.ssl.SSLEngineFactory;
@@ -83,17 +84,49 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
}
private SSLContext createSSLContext(NettyProducer producer) throws Exception {
- if (!producer.getConfiguration().isSsl()) {
+ NettyConfiguration configuration = producer.getConfiguration();
+
+ if (!configuration.isSsl()) {
return null;
}
+ SSLContext answer;
+
// create ssl context once
- if (producer.getConfiguration().getSslContextParameters() != null) {
- SSLContext context = producer.getConfiguration().getSslContextParameters().createSSLContext();
- return context;
+ if (configuration.getSslContextParameters() != null) {
+ answer = configuration.getSslContextParameters().createSSLContext();
+ } else {
+ if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource() == null) {
+ LOG.debug("keystorefile is null");
+ }
+ if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource() == null) {
+ LOG.debug("truststorefile is null");
+ }
+ if (configuration.getPassphrase().toCharArray() == null) {
+ LOG.debug("passphrase is null");
+ }
+
+ SSLEngineFactory sslEngineFactory;
+ if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile() != null) {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ "file:" + configuration.getKeyStoreFile().getPath(),
+ "file:" + configuration.getTrustStoreFile().getPath(),
+ configuration.getPassphrase().toCharArray());
+ } else {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ configuration.getKeyStoreResource(),
+ configuration.getTrustStoreResource(),
+ configuration.getPassphrase().toCharArray());
+ }
}
- return null;
+ return answer;
}
private SslHandler configureClientSSLOnDemand() throws Exception {
@@ -107,36 +140,9 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
return new SslHandler(engine);
- } else {
- if (producer.getConfiguration().getKeyStoreFile() == null && producer.getConfiguration().getKeyStoreResource() == null) {
- LOG.debug("keystorefile is null");
- }
- if (producer.getConfiguration().getTrustStoreFile() == null && producer.getConfiguration().getTrustStoreResource() == null) {
- LOG.debug("truststorefile is null");
- }
- if (producer.getConfiguration().getPassphrase().toCharArray() == null) {
- LOG.debug("passphrase is null");
- }
- SSLEngineFactory sslEngineFactory;
- if (producer.getConfiguration().getKeyStoreFile() != null || producer.getConfiguration().getTrustStoreFile() != null) {
- sslEngineFactory = new SSLEngineFactory(
- producer.getConfiguration().getKeyStoreFormat(),
- producer.getConfiguration().getSecurityProvider(),
- producer.getConfiguration().getKeyStoreFile(),
- producer.getConfiguration().getTrustStoreFile(),
- producer.getConfiguration().getPassphrase().toCharArray());
- } else {
- sslEngineFactory = new SSLEngineFactory(producer.getContext().getClassResolver(),
- producer.getConfiguration().getKeyStoreFormat(),
- producer.getConfiguration().getSecurityProvider(),
- producer.getConfiguration().getKeyStoreResource(),
- producer.getConfiguration().getTrustStoreResource(),
- producer.getConfiguration().getPassphrase().toCharArray());
- }
- SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
- sslEngine.setUseClientMode(true);
- return new SslHandler(sslEngine);
}
+
+ return null;
}
}
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
index 3d6444a..8865fd3 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
@@ -19,11 +19,11 @@ package org.apache.camel.component.netty.http;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
+import org.apache.camel.CamelContext;
import org.apache.camel.component.netty.NettyConsumer;
import org.apache.camel.component.netty.NettyServerBootstrapConfiguration;
import org.apache.camel.component.netty.ServerPipelineFactory;
import org.apache.camel.component.netty.ssl.SSLEngineFactory;
-import org.apache.camel.spi.ClassResolver;
import org.apache.camel.util.ObjectHelper;
import org.jboss.netty.channel.ChannelHandler;
import org.jboss.netty.channel.ChannelPipeline;
@@ -54,7 +54,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
this.consumer = nettyConsumer;
this.configuration = nettyConsumer.getConfiguration();
try {
- this.sslContext = createSSLContext(consumer.getConfiguration());
+ this.sslContext = createSSLContext(consumer.getContext(), consumer.getConfiguration());
} catch (Exception e) {
throw ObjectHelper.wrapRuntimeCamelException(e);
}
@@ -74,7 +74,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
// Create a default pipeline implementation.
ChannelPipeline pipeline = Channels.pipeline();
- SslHandler sslHandler = configureServerSSLOnDemand(configuration);
+ SslHandler sslHandler = configureServerSSLOnDemand();
if (sslHandler != null) {
// must close on SSL exception
sslHandler.setCloseOnSSLException(true);
@@ -97,32 +97,16 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
return pipeline;
}
- private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration) throws Exception {
+ private SSLContext createSSLContext(CamelContext camelContext, NettyServerBootstrapConfiguration configuration) throws Exception {
if (!configuration.isSsl()) {
return null;
}
+ SSLContext answer;
+
// create ssl context once
if (configuration.getSslContextParameters() != null) {
- SSLContext context = configuration.getSslContextParameters().createSSLContext();
- return context;
- }
-
- return null;
- }
-
- private SslHandler configureServerSSLOnDemand(NettyServerBootstrapConfiguration configuration) throws Exception {
- if (!configuration.isSsl()) {
- return null;
- }
-
- if (configuration.getSslHandler() != null) {
- return configuration.getSslHandler();
- } else if (sslContext != null) {
- SSLEngine engine = sslContext.createSSLEngine();
- engine.setUseClientMode(false);
- engine.setNeedClientAuth(configuration.isNeedClientAuth());
- return new SslHandler(engine);
+ answer = configuration.getSslContextParameters().createSSLContext();
} else {
if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource() == null) {
LOG.debug("keystorefile is null");
@@ -133,28 +117,45 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
if (configuration.getPassphrase().toCharArray() == null) {
LOG.debug("passphrase is null");
}
+
SSLEngineFactory sslEngineFactory;
if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile() != null) {
- sslEngineFactory = new SSLEngineFactory(
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
configuration.getKeyStoreFormat(),
configuration.getSecurityProvider(),
- configuration.getKeyStoreFile(),
- configuration.getTrustStoreFile(),
+ "file:" + configuration.getKeyStoreFile().getPath(),
+ "file:" + configuration.getTrustStoreFile().getPath(),
configuration.getPassphrase().toCharArray());
} else {
- ClassResolver resolver = consumer != null ? consumer.getContext().getClassResolver() : null;
- sslEngineFactory = new SSLEngineFactory(resolver,
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
configuration.getKeyStoreFormat(),
configuration.getSecurityProvider(),
configuration.getKeyStoreResource(),
configuration.getTrustStoreResource(),
configuration.getPassphrase().toCharArray());
}
- SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
- sslEngine.setUseClientMode(false);
- sslEngine.setNeedClientAuth(configuration.isNeedClientAuth());
- return new SslHandler(sslEngine);
}
+
+ return answer;
+ }
+
+ private SslHandler configureServerSSLOnDemand() throws Exception {
+ if (!consumer.getConfiguration().isSsl()) {
+ return null;
+ }
+
+ if (consumer.getConfiguration().getSslHandler() != null) {
+ return consumer.getConfiguration().getSslHandler();
+ } else if (sslContext != null) {
+ SSLEngine engine = sslContext.createSSLEngine();
+ engine.setUseClientMode(false);
+ engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ return new SslHandler(engine);
+ }
+
+ return null;
}
private boolean supportCompressed() {
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
index ea24704..cca79bc 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
@@ -20,9 +20,9 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.apache.camel.component.netty.NettyConsumer;
-import org.apache.camel.component.netty.NettyServerBootstrapConfiguration;
import org.apache.camel.component.netty.ServerPipelineFactory;
import org.apache.camel.component.netty.ssl.SSLEngineFactory;
+import org.apache.camel.impl.DefaultClassResolver;
import org.apache.camel.spi.ClassResolver;
import org.apache.camel.util.ObjectHelper;
import org.jboss.netty.channel.ChannelPipeline;
@@ -52,9 +52,11 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
ClassResolver classResolver) {
this.configuration = configuration;
this.channelFactory = channelFactory;
- this.classResolver = classResolver;
+ // fallback and use default resolver
+ this.classResolver = classResolver != null ? classResolver : new DefaultClassResolver();
+
try {
- this.sslContext = createSSLContext(configuration);
+ this.sslContext = createSSLContext();
} catch (Exception e) {
throw ObjectHelper.wrapRuntimeCamelException(e);
}
@@ -74,7 +76,7 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
// Create a default pipeline implementation.
ChannelPipeline pipeline = Channels.pipeline();
- SslHandler sslHandler = configureServerSSLOnDemand(configuration);
+ SslHandler sslHandler = configureServerSSLOnDemand();
if (sslHandler != null) {
LOG.debug("Server SSL handler configured and added as an interceptor against the ChannelPipeline: {}", sslHandler);
pipeline.addLast("ssl", sslHandler);
@@ -94,31 +96,16 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
return pipeline;
}
- private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration) throws Exception {
+ private SSLContext createSSLContext() throws Exception {
if (!configuration.isSsl()) {
return null;
}
+ SSLContext answer;
+
// create ssl context once
if (configuration.getSslContextParameters() != null) {
- return configuration.getSslContextParameters().createSSLContext();
- }
-
- return null;
- }
-
- private SslHandler configureServerSSLOnDemand(NettyServerBootstrapConfiguration configuration) throws Exception {
- if (!configuration.isSsl()) {
- return null;
- }
-
- if (configuration.getSslHandler() != null) {
- return configuration.getSslHandler();
- } else if (sslContext != null) {
- SSLEngine engine = sslContext.createSSLEngine();
- engine.setUseClientMode(false);
- engine.setNeedClientAuth(configuration.isNeedClientAuth());
- return new SslHandler(engine);
+ answer = configuration.getSslContextParameters().createSSLContext();
} else {
if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource() == null) {
LOG.debug("keystorefile is null");
@@ -129,27 +116,45 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
if (configuration.getPassphrase().toCharArray() == null) {
LOG.debug("passphrase is null");
}
+
SSLEngineFactory sslEngineFactory;
if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile() != null) {
- sslEngineFactory = new SSLEngineFactory(
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(classResolver,
configuration.getKeyStoreFormat(),
configuration.getSecurityProvider(),
- configuration.getKeyStoreFile(),
- configuration.getTrustStoreFile(),
+ "file:" + configuration.getKeyStoreFile().getPath(),
+ "file:" + configuration.getTrustStoreFile().getPath(),
configuration.getPassphrase().toCharArray());
} else {
- sslEngineFactory = new SSLEngineFactory(classResolver,
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(classResolver,
configuration.getKeyStoreFormat(),
configuration.getSecurityProvider(),
configuration.getKeyStoreResource(),
configuration.getTrustStoreResource(),
configuration.getPassphrase().toCharArray());
}
- SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
- sslEngine.setUseClientMode(false);
- sslEngine.setNeedClientAuth(configuration.isNeedClientAuth());
- return new SslHandler(sslEngine);
}
+
+ return answer;
+ }
+
+ private SslHandler configureServerSSLOnDemand() throws Exception {
+ if (!configuration.isSsl()) {
+ return null;
+ }
+
+ if (configuration.getSslHandler() != null) {
+ return configuration.getSslHandler();
+ } else if (sslContext != null) {
+ SSLEngine engine = sslContext.createSSLEngine();
+ engine.setUseClientMode(false);
+ engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ return new SslHandler(engine);
+ }
+
+ return null;
}
}
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
index bf87b62..faa6aee 100644
--- a/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
+++ b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/NettySharedHttpServerTest.java
@@ -17,6 +17,7 @@
package org.apache.camel.component.netty.http;
import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.impl.DefaultClassResolver;
import org.apache.camel.impl.JndiRegistry;
import org.junit.Test;
@@ -27,6 +28,7 @@ public class NettySharedHttpServerTest extends BaseNettyTest {
@Override
protected JndiRegistry createRegistry() throws Exception {
nettySharedHttpServer = new DefaultNettySharedHttpServer();
+ nettySharedHttpServer.setClassResolver(new DefaultClassResolver());
NettySharedHttpServerBootstrapConfiguration configuration = new NettySharedHttpServerBootstrapConfiguration();
configuration.setPort(getPort());
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
index 28040d6..71c8a40 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
@@ -100,17 +100,49 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory {
}
private SSLContext createSSLContext(NettyProducer producer) throws Exception {
- if (!producer.getConfiguration().isSsl()) {
+ NettyConfiguration configuration = producer.getConfiguration();
+
+ if (!configuration.isSsl()) {
return null;
}
+ SSLContext answer;
+
// create ssl context once
- if (producer.getConfiguration().getSslContextParameters() != null) {
- SSLContext context = producer.getConfiguration().getSslContextParameters().createSSLContext();
- return context;
+ if (configuration.getSslContextParameters() != null) {
+ answer = configuration.getSslContextParameters().createSSLContext();
+ } else {
+ if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource() == null) {
+ LOG.debug("keystorefile is null");
+ }
+ if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource() == null) {
+ LOG.debug("truststorefile is null");
+ }
+ if (configuration.getPassphrase().toCharArray() == null) {
+ LOG.debug("passphrase is null");
+ }
+
+ SSLEngineFactory sslEngineFactory;
+ if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile() != null) {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ "file:" + configuration.getKeyStoreFile().getPath(),
+ "file:" + configuration.getTrustStoreFile().getPath(),
+ configuration.getPassphrase().toCharArray());
+ } else {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(producer.getContext().getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ configuration.getKeyStoreResource(),
+ configuration.getTrustStoreResource(),
+ configuration.getPassphrase().toCharArray());
+ }
}
- return null;
+ return answer;
}
private SslHandler configureClientSSLOnDemand() throws Exception {
@@ -124,35 +156,9 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
return new SslHandler(engine);
- } else {
- if (producer.getConfiguration().getKeyStoreFile() == null && producer.getConfiguration().getKeyStoreResource() == null) {
- LOG.debug("keystorefile is null");
- }
- if (producer.getConfiguration().getTrustStoreFile() == null && producer.getConfiguration().getTrustStoreResource() == null) {
- LOG.debug("truststorefile is null");
- }
- if (producer.getConfiguration().getPassphrase().toCharArray() == null) {
- LOG.debug("passphrase is null");
- }
- SSLEngineFactory sslEngineFactory;
- if (producer.getConfiguration().getKeyStoreFile() != null || producer.getConfiguration().getTrustStoreFile() != null) {
- sslEngineFactory = new SSLEngineFactory(
- producer.getConfiguration().getKeyStoreFormat(),
- producer.getConfiguration().getSecurityProvider(),
- producer.getConfiguration().getKeyStoreFile(),
- producer.getConfiguration().getTrustStoreFile(),
- producer.getConfiguration().getPassphrase().toCharArray());
- } else {
- sslEngineFactory = new SSLEngineFactory(producer.getContext().getClassResolver(),
- producer.getConfiguration().getKeyStoreFormat(),
- producer.getConfiguration().getSecurityProvider(),
- producer.getConfiguration().getKeyStoreResource(),
- producer.getConfiguration().getTrustStoreResource(),
- producer.getConfiguration().getPassphrase().toCharArray());
- }
- SSLEngine sslEngine = sslEngineFactory.createClientSSLEngine();
- return new SslHandler(sslEngine);
}
+
+ return null;
}
@Override
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
index 99b3be9..4df0394 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
@@ -20,6 +20,7 @@ import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
+import org.apache.camel.CamelContext;
import org.apache.camel.component.netty.handlers.ServerChannelHandler;
import org.apache.camel.component.netty.ssl.SSLEngineFactory;
import org.apache.camel.util.ObjectHelper;
@@ -37,10 +38,11 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
private NettyConsumer consumer;
private SSLContext sslContext;
+ @Deprecated
public DefaultServerPipelineFactory(NettyServerBootstrapConfiguration configuration) {
this.consumer = null;
try {
- this.sslContext = createSSLContext(configuration);
+ this.sslContext = createSSLContext(null, configuration);
} catch (Exception e) {
throw ObjectHelper.wrapRuntimeCamelException(e);
}
@@ -53,7 +55,7 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
public DefaultServerPipelineFactory(NettyConsumer consumer) {
this.consumer = consumer;
try {
- this.sslContext = createSSLContext(consumer.getConfiguration());
+ this.sslContext = createSSLContext(consumer.getContext(), consumer.getConfiguration());
} catch (Exception e) {
throw ObjectHelper.wrapRuntimeCamelException(e);
}
@@ -116,18 +118,48 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
pipeline.addLast(name, handler);
}
- private SSLContext createSSLContext(NettyServerBootstrapConfiguration configuration) throws Exception {
+ private SSLContext createSSLContext(CamelContext camelContext, NettyServerBootstrapConfiguration configuration) throws Exception {
if (!configuration.isSsl()) {
return null;
}
+ SSLContext answer;
+
// create ssl context once
if (configuration.getSslContextParameters() != null) {
- SSLContext context = configuration.getSslContextParameters().createSSLContext();
- return context;
+ answer = configuration.getSslContextParameters().createSSLContext();
+ } else {
+ if (configuration.getKeyStoreFile() == null && configuration.getKeyStoreResource() == null) {
+ LOG.debug("keystorefile is null");
+ }
+ if (configuration.getTrustStoreFile() == null && configuration.getTrustStoreResource() == null) {
+ LOG.debug("truststorefile is null");
+ }
+ if (configuration.getPassphrase().toCharArray() == null) {
+ LOG.debug("passphrase is null");
+ }
+
+ SSLEngineFactory sslEngineFactory;
+ if (configuration.getKeyStoreFile() != null || configuration.getTrustStoreFile() != null) {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ "file:" + configuration.getKeyStoreFile().getPath(),
+ "file:" + configuration.getTrustStoreFile().getPath(),
+ configuration.getPassphrase().toCharArray());
+ } else {
+ sslEngineFactory = new SSLEngineFactory();
+ answer = sslEngineFactory.createSSLContext(camelContext.getClassResolver(),
+ configuration.getKeyStoreFormat(),
+ configuration.getSecurityProvider(),
+ configuration.getKeyStoreResource(),
+ configuration.getTrustStoreResource(),
+ configuration.getPassphrase().toCharArray());
+ }
}
- return null;
+ return answer;
}
private SslHandler configureServerSSLOnDemand() throws Exception {
@@ -142,37 +174,9 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
return new SslHandler(engine);
- } else {
- if (consumer.getConfiguration().getKeyStoreFile() == null && consumer.getConfiguration().getKeyStoreResource() == null) {
- LOG.debug("keystorefile is null");
- }
- if (consumer.getConfiguration().getTrustStoreFile() == null && consumer.getConfiguration().getTrustStoreResource() == null) {
- LOG.debug("truststorefile is null");
- }
- if (consumer.getConfiguration().getPassphrase().toCharArray() == null) {
- LOG.debug("passphrase is null");
- }
- SSLEngineFactory sslEngineFactory;
- if (consumer.getConfiguration().getKeyStoreFile() != null || consumer.getConfiguration().getTrustStoreFile() != null) {
- sslEngineFactory = new SSLEngineFactory(
- consumer.getConfiguration().getKeyStoreFormat(),
- consumer.getConfiguration().getSecurityProvider(),
- consumer.getConfiguration().getKeyStoreFile(),
- consumer.getConfiguration().getTrustStoreFile(),
- consumer.getConfiguration().getPassphrase().toCharArray());
- } else {
- sslEngineFactory = new SSLEngineFactory(consumer.getContext().getClassResolver(),
- consumer.getConfiguration().getKeyStoreFormat(),
- consumer.getConfiguration().getSecurityProvider(),
- consumer.getConfiguration().getKeyStoreResource(),
- consumer.getConfiguration().getTrustStoreResource(),
- consumer.getConfiguration().getPassphrase().toCharArray());
- }
- SSLEngine sslEngine = sslEngineFactory.createServerSSLEngine();
- sslEngine.setUseClientMode(false);
- sslEngine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
- return new SslHandler(sslEngine);
}
+
+ return null;
}
@Override
http://git-wip-us.apache.org/repos/asf/camel/blob/3b600079/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
index 67fb1e2..1e3a515 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/ssl/SSLEngineFactory.java
@@ -16,7 +16,6 @@
*/
package org.apache.camel.component.netty.ssl;
-import java.io.File;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
@@ -24,17 +23,20 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;
-import org.apache.camel.converter.IOConverter;
import org.apache.camel.spi.ClassResolver;
import org.apache.camel.util.IOHelper;
import org.apache.camel.util.ResourceHelper;
-public class SSLEngineFactory {
+public final class SSLEngineFactory {
private static final String SSL_PROTOCOL = "TLS";
- private static SSLContext sslContext;
- public SSLEngineFactory(ClassResolver classResolver, String keyStoreFormat, String securityProvider, String keyStoreResource, String trustStoreResource, char[] passphrase) throws Exception {
+ public SSLEngineFactory() {
+ }
+
+ public SSLContext createSSLContext(ClassResolver classResolver, String keyStoreFormat, String securityProvider,
+ String keyStoreResource, String trustStoreResource, char[] passphrase) throws Exception {
+ SSLContext answer;
KeyStore ks = KeyStore.getInstance(keyStoreFormat);
InputStream is = ResourceHelper.resolveMandatoryResourceAsInputStream(classResolver, keyStoreResource);
@@ -47,7 +49,7 @@ public class SSLEngineFactory {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
kmf.init(ks, passphrase);
- sslContext = SSLContext.getInstance(SSL_PROTOCOL);
+ answer = SSLContext.getInstance(SSL_PROTOCOL);
if (trustStoreResource != null) {
KeyStore ts = KeyStore.getInstance(keyStoreFormat);
@@ -59,55 +61,22 @@ public class SSLEngineFactory {
}
TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
tmf.init(ts);
- sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+ answer.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
} else {
- sslContext.init(kmf.getKeyManagers(), null, null);
- }
- }
-
- /**
- * Use {@link #SSLEngineFactory(org.apache.camel.spi.ClassResolver, String, String, String, String, char[])}
- */
- @Deprecated
- public SSLEngineFactory(String keyStoreFormat, String securityProvider, File keyStoreFile, File trustStoreFile, char[] passphrase) throws Exception {
- KeyStore ks = KeyStore.getInstance(keyStoreFormat);
-
- InputStream is = IOConverter.toInputStream(keyStoreFile);
- try {
- ks.load(is, passphrase);
- } finally {
- IOHelper.close(is);
+ answer.init(kmf.getKeyManagers(), null, null);
}
- KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
- kmf.init(ks, passphrase);
-
- sslContext = SSLContext.getInstance(SSL_PROTOCOL);
-
- if (trustStoreFile != null) {
- KeyStore ts = KeyStore.getInstance(keyStoreFormat);
- is = IOConverter.toInputStream(trustStoreFile);
- try {
- ts.load(is, passphrase);
- } finally {
- IOHelper.close(is);
- }
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider);
- tmf.init(ts);
- sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
- } else {
- sslContext.init(kmf.getKeyManagers(), null, null);
- }
+ return answer;
}
- public SSLEngine createServerSSLEngine() {
+ public SSLEngine createServerSSLEngine(SSLContext sslContext) {
SSLEngine serverEngine = sslContext.createSSLEngine();
serverEngine.setUseClientMode(false);
serverEngine.setNeedClientAuth(true);
return serverEngine;
}
- public SSLEngine createClientSSLEngine() {
+ public SSLEngine createClientSSLEngine(SSLContext sslContext) {
SSLEngine clientEngine = sslContext.createSSLEngine();
clientEngine.setUseClientMode(true);
return clientEngine;