use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.
the class BaseSSLContextParameters method getSSLEngineConfigurers.
/**
* Returns the list of configurers to apply to an {@link SSLEngine} in order
* to fully configure it in compliance with the provided configuration options.
* The configurers are to be applied in the order in which they appear in the list.
*
* @param context the context that serves as the factory for {@code SSLEngine} instances
*
* @return the needed configurers
*/
protected List<Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext context) {
final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
final Patterns enabledCipherSuitePatterns;
final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
if (this.getCipherSuitesFilter() != null) {
enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
} else {
enabledCipherSuitePatterns = null;
}
///
final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
final Patterns enabledSecureSocketProtocolsPatterns;
final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
if (this.getSecureSocketProtocolsFilter() != null) {
enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
} else {
enabledSecureSocketProtocolsPatterns = null;
}
//
final boolean allowPassthrough = getAllowPassthrough();
//////
Configurer<SSLEngine> sslEngineConfigurer = new Configurer<SSLEngine>() {
@Override
public SSLEngine configure(SSLEngine engine) {
Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(engine.getSSLParameters().getCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_ENGINE_CIPHER_SUITE_LOG_MSG, new Object[] { engine, enabledCipherSuites, enabledCipherSuitePatterns, engine.getSSLParameters().getCipherSuites(), engine.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
}
engine.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(engine.getSSLParameters().getProtocols()), Arrays.asList(engine.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_ENGINE_PROTOCOL_LOG_MSG, new Object[] { engine, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, engine.getSSLParameters().getProtocols(), engine.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
}
engine.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
return engine;
}
};
List<Configurer<SSLEngine>> sslEngineConfigurers = new LinkedList<Configurer<SSLEngine>>();
sslEngineConfigurers.add(sslEngineConfigurer);
return sslEngineConfigurers;
}
use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.
the class BaseSSLContextParameters method getSSLServerSocketFactorySSLServerSocketConfigurers.
/**
* Returns the list of configurers to apply to an {@link SSLServerSocket} in order
* to fully configure it in compliance with the provided configuration
* options. These configurers are intended for sockets produced by a
* {@link SSLServerSocketFactory}, see
* {@link #getSSLSocketFactorySSLSocketConfigurers(SSLContext)} for
* configurers related to sockets produced by a
* {@link SSLSocketFactory}. The configurers are to be applied in
* the order in which they appear in the list.
*
* @param context the context that serves as the factory for
* {@code SSLServerSocketFactory} instances
* @return the needed configurers
*/
protected List<Configurer<SSLServerSocket>> getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext context) {
final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
final Patterns enabledCipherSuitePatterns;
final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
if (this.getCipherSuitesFilter() != null) {
enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
} else {
enabledCipherSuitePatterns = null;
}
///
final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
final Patterns enabledSecureSocketProtocolsPatterns;
final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
if (this.getSecureSocketProtocolsFilter() != null) {
enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
} else {
enabledSecureSocketProtocolsPatterns = null;
}
//
final boolean allowPassthrough = getAllowPassthrough();
//////
Configurer<SSLServerSocket> sslServerSocketConfigurer = new Configurer<SSLServerSocket>() {
@Override
public SSLServerSocket configure(SSLServerSocket socket) {
Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSupportedCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SERVER_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSupportedCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
}
socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSupportedProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SERVER_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSupportedProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
}
socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
return socket;
}
};
List<Configurer<SSLServerSocket>> sslServerSocketConfigurers = new LinkedList<Configurer<SSLServerSocket>>();
sslServerSocketConfigurers.add(sslServerSocketConfigurer);
return sslServerSocketConfigurers;
}
use of org.apache.camel.util.jsse.FilterParameters.Patterns in project camel by apache.
the class BaseSSLContextParameters method getSSLSocketFactorySSLSocketConfigurers.
/**
* Returns the list of configurers to apply to an {@link SSLSocket} in order
* to fully configure it in compliance with the provided configuration
* options. These configurers are intended for sockets produced by a
* {@link SSLSocketFactory}, see
* {@link #getSSLServerSocketFactorySSLServerSocketConfigurers(SSLContext)} for
* configurers related to sockets produced by a
* {@link SSLServerSocketFactory}. The configurers are to be applied in
* the order in which they appear in the list.
*
* @param context the context that serves as the factory for
* {@code SSLSocketFactory} instances
*
* @return the needed configurers
*/
protected List<Configurer<SSLSocket>> getSSLSocketFactorySSLSocketConfigurers(SSLContext context) {
final List<String> enabledCipherSuites = this.getCipherSuites() == null ? null : this.parsePropertyValues(this.getCipherSuites().getCipherSuite());
final Patterns enabledCipherSuitePatterns;
final Patterns defaultEnabledCipherSuitePatterns = this.getDefaultCipherSuitesFilter().getPatterns();
if (this.getCipherSuitesFilter() != null) {
enabledCipherSuitePatterns = this.getCipherSuitesFilter().getPatterns();
} else {
enabledCipherSuitePatterns = null;
}
///
final List<String> enabledSecureSocketProtocols = this.getSecureSocketProtocols() == null ? null : this.parsePropertyValues(this.getSecureSocketProtocols().getSecureSocketProtocol());
final Patterns enabledSecureSocketProtocolsPatterns;
final Patterns defaultEnabledSecureSocketProtocolsPatterns = this.getDefaultSecureSocketProcotolFilter().getPatterns();
if (this.getSecureSocketProtocolsFilter() != null) {
enabledSecureSocketProtocolsPatterns = this.getSecureSocketProtocolsFilter().getPatterns();
} else {
enabledSecureSocketProtocolsPatterns = null;
}
//
final boolean allowPassthrough = getAllowPassthrough();
//////
Configurer<SSLSocket> sslSocketConfigurer = new Configurer<SSLSocket>() {
@Override
public SSLSocket configure(SSLSocket socket) {
if (!getSNIHostNames().isEmpty()) {
SSLParameters sslParameters = socket.getSSLParameters();
sslParameters.setServerNames(getSNIHostNames());
socket.setSSLParameters(sslParameters);
}
Collection<String> filteredCipherSuites = BaseSSLContextParameters.this.filter(enabledCipherSuites, Arrays.asList(socket.getSSLParameters().getCipherSuites()), Arrays.asList(socket.getEnabledCipherSuites()), enabledCipherSuitePatterns, defaultEnabledCipherSuitePatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SOCKET_CIPHER_SUITE_LOG_MSG, new Object[] { socket, enabledCipherSuites, enabledCipherSuitePatterns, socket.getSSLParameters().getCipherSuites(), socket.getEnabledCipherSuites(), defaultEnabledCipherSuitePatterns, filteredCipherSuites });
}
socket.setEnabledCipherSuites(filteredCipherSuites.toArray(new String[filteredCipherSuites.size()]));
Collection<String> filteredSecureSocketProtocols = BaseSSLContextParameters.this.filter(enabledSecureSocketProtocols, Arrays.asList(socket.getSSLParameters().getProtocols()), Arrays.asList(socket.getEnabledProtocols()), enabledSecureSocketProtocolsPatterns, defaultEnabledSecureSocketProtocolsPatterns, !allowPassthrough);
if (LOG.isDebugEnabled()) {
LOG.debug(SSL_SOCKET_PROTOCOL_LOG_MSG, new Object[] { socket, enabledSecureSocketProtocols, enabledSecureSocketProtocolsPatterns, socket.getSSLParameters().getProtocols(), socket.getEnabledProtocols(), defaultEnabledSecureSocketProtocolsPatterns, filteredSecureSocketProtocols });
}
socket.setEnabledProtocols(filteredSecureSocketProtocols.toArray(new String[filteredSecureSocketProtocols.size()]));
return socket;
}
};
List<Configurer<SSLSocket>> sslSocketConfigurers = new LinkedList<Configurer<SSLSocket>>();
sslSocketConfigurers.add(sslSocketConfigurer);
return sslSocketConfigurers;
}
Aggregations