Search in sources :

Example 1 with Patterns

use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.

the class BaseSSLContextParameters method getSSLEngineConfigurers.

/**
     * Returns the list of configurers to apply to an {@link SSLEngine} in order
     * to fully configure it in compliance with the provided configuration options.
     * The configurers are to be applied in the order in which they appear in the list.
     *
     * @param context the context that serves as the factory for {@code SSLEngine} instances
     * 
     * @return the needed configurers
     */
protected List<Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext context) {
    final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
    final Patterns enabledCipherSuitePatterns;
    final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
    if (this.getCipherSuitesFilter() != null) {
        enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
    } else {
        enabledCipherSuitePatterns = null;
    }
    ///
    final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
    final Patterns enabledSecureSocketProtocolsPatterns;
    final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
    if (this.getSecureSocketProtocolsFilter() != null) {
        enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
    } else {
        enabledSecureSocketProtocolsPatterns = null;
    }
    //
    final boolean allowPassthrough = getAllowPassthrough();
    //////
    Configurer<SSLEngine> sslEngineConfigurer = new Configurer<SSLEngine>() {

        @Override
        public SSLEngine configure(SSLEngine engine) {
            Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(engine.getSSLParameters().getCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_ENGINE_CIPHER_SUITE_LOG_MSG, new Object[] { engine, enabledCipherSuites, enabledCipherSuitePatterns, engine.getSSLParameters().getCipherSuites(), engine.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
            }
            engine.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
            Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(engine.getSSLParameters().getProtocols()), Arrays.asList(engine.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_ENGINE_PROTOCOL_LOG_MSG, new Object[] { engine, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, engine.getSSLParameters().getProtocols(), engine.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
            }
            engine.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
            return engine;
        }
    };
    List<Configurer<SSLEngine>> sslEngineConfigurers = new LinkedList<Configurer<SSLEngine>>();
    sslEngineConfigurers.add(sslEngineConfigurer);
    return sslEngineConfigurers;
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) CollectionHelper.collectionAsCommaDelimitedString(org.apache.camel.util.CollectionHelper.collectionAsCommaDelimitedString) Patterns(org.apache.camel.util.jsse.FilterParameters.Patterns) LinkedList(java.util.LinkedList)

Example 2 with Patterns

use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.

the class BaseSSLContextParameters method getSSLServerSocketFactorySSLServerSocketConfigurers.

/**
     * Returns the list of configurers to apply to an {@link SSLServerSocket} in order
     * to fully configure it in compliance with the provided configuration
     * options. These configurers are intended for sockets produced by a
     * {@link SSLServerSocketFactory}, see
     * {@link #getSSLSocketFactorySSLSocketConfigurers(SSLContext)} for
     * configurers related to sockets produced by a
     * {@link SSLSocketFactory}. The configurers are to be applied in
     * the order in which they appear in the list.
     * 
     * @param context the context that serves as the factory for
     *            {@code SSLServerSocketFactory} instances
     * @return the needed configurers
     */
protected List<Configurer<SSLServerSocket>> getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext context) {
    final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
    final Patterns enabledCipherSuitePatterns;
    final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
    if (this.getCipherSuitesFilter() != null) {
        enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
    } else {
        enabledCipherSuitePatterns = null;
    }
    ///
    final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
    final Patterns enabledSecureSocketProtocolsPatterns;
    final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
    if (this.getSecureSocketProtocolsFilter() != null) {
        enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
    } else {
        enabledSecureSocketProtocolsPatterns = null;
    }
    //
    final boolean allowPassthrough = getAllowPassthrough();
    //////
    Configurer<SSLServerSocket> sslServerSocketConfigurer = new Configurer<SSLServerSocket>() {

        @Override
        public SSLServerSocket configure(SSLServerSocket socket) {
            Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSupportedCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SERVER_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSupportedCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
            }
            socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
            Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSupportedProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SERVER_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSupportedProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
            }
            socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
            return socket;
        }
    };
    List<Configurer<SSLServerSocket>> sslServerSocketConfigurers = new LinkedList<Configurer<SSLServerSocket>>();
    sslServerSocketConfigurers.add(sslServerSocketConfigurer);
    return sslServerSocketConfigurers;
}
Also used : CollectionHelper.collectionAsCommaDelimitedString(org.apache.camel.util.CollectionHelper.collectionAsCommaDelimitedString) SSLServerSocket(javax.net.ssl.SSLServerSocket) Patterns(org.apache.camel.util.jsse.FilterParameters.Patterns) LinkedList(java.util.LinkedList)

Example 3 with Patterns

use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.

the class BaseSSLContextParameters method getSSLSocketFactorySSLSocketConfigurers.

/**
     * Returns the list of configurers to apply to an {@link SSLSocket} in order
     * to fully configure it in compliance with the provided configuration
     * options. These configurers are intended for sockets produced by a
     * {@link SSLSocketFactory}, see
     * {@link #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext)} for
     * configurers related to sockets produced by a
     * {@link SSLServerSocketFactory}. The configurers are to be applied in
     * the order in which they appear in the list.
     * 
     * @param context the context that serves as the factory for
     *            {@code SSLSocketFactory} instances
     *
     * @return the needed configurers
     */
protected List<Configurer<SSLSocket>> getSSLSocketFactorySSLSocketConfigurers(SSLContext context) {
    final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
    final Patterns enabledCipherSuitePatterns;
    final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
    if (this.getCipherSuitesFilter() != null) {
        enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
    } else {
        enabledCipherSuitePatterns = null;
    }
    ///
    final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
    final Patterns enabledSecureSocketProtocolsPatterns;
    final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
    if (this.getSecureSocketProtocolsFilter() != null) {
        enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
    } else {
        enabledSecureSocketProtocolsPatterns = null;
    }
    //
    final boolean allowPassthrough = getAllowPassthrough();
    //////
    Configurer<SSLSocket> sslSocketConfigurer = new Configurer<SSLSocket>() {

        @Override
        public SSLSocket configure(SSLSocket socket) {
            if (!getSNIHostNames().isEmpty()) {
                SSLParameters sslParameters = socket.getSSLParameters();
                sslParameters.setServerNames(getSNIHostNames());
                socket.setSSLParameters(sslParameters);
            }
            Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSSLParameters().getCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSSLParameters().getCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
            }
            socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
            Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSSLParameters().getProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
            if (LOG.isDebugEnabled()) {
                LOG.debug(SSL_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSSLParameters().getProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
            }
            socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
            return socket;
        }
    };
    List<Configurer<SSLSocket>> sslSocketConfigurers = new LinkedList<Configurer<SSLSocket>>();
    sslSocketConfigurers.add(sslSocketConfigurer);
    return sslSocketConfigurers;
}
Also used : SSLParameters(javax.net.ssl.SSLParameters) SSLSocket(javax.net.ssl.SSLSocket) CollectionHelper.collectionAsCommaDelimitedString(org.apache.camel.util.CollectionHelper.collectionAsCommaDelimitedString) Patterns(org.apache.camel.util.jsse.FilterParameters.Patterns) LinkedList(java.util.LinkedList)

Aggregations

LinkedList (java.util.LinkedList)3 CollectionHelper.collectionAsCommaDelimitedString (org.apache.camel.util.CollectionHelper.collectionAsCommaDelimitedString)3 Patterns (org.apache.camel.util.jsse.FilterParameters.Patterns)3 SSLEngine (javax.net.ssl.SSLEngine)1 SSLParameters (javax.net.ssl.SSLParameters)1 SSLServerSocket (javax.net.ssl.SSLServerSocket)1 SSLSocket (javax.net.ssl.SSLSocket)1