Example 1 with TransportException
use of org.apache.qpid.server.transport.TransportException in project qpid-broker-j by apache.
the class SSLUtil method verifyHostname.
public static void verifyHostname(final String hostnameExpected, final X509Certificate cert) {
try {
SortedSet<String> names = getNamesFromCert(cert);
if (names.isEmpty()) {
throw new TransportException("SSL hostname verification failed. Certificate for did not contain CN or DNS subjectAlt");
}
boolean match = verifyHostname(hostnameExpected, names);
if (!match) {
throw new TransportException("SSL hostname verification failed." + " Expected : " + hostnameExpected + " Found in cert : " + names);
}
} catch (InvalidNameException e) {
Principal p = cert.getSubjectDN();
String dn = p.getName();
throw new TransportException("SSL hostname verification failed. Could not parse name " + dn, e);
} catch (CertificateParsingException e) {
throw new TransportException("SSL hostname verification failed. Could not parse certificate: " + e.getMessage(), e);
}
}
Also used :
CertificateParsingException(java.security.cert.CertificateParsingException)
InvalidNameException(javax.naming.InvalidNameException)
TransportException(org.apache.qpid.server.transport.TransportException)
Principal(java.security.Principal)
Example 2 with TransportException
use of org.apache.qpid.server.transport.TransportException in project qpid-broker-j by apache.
the class SSLUtilTest method doNameMatchingTest.
private void doNameMatchingTest(byte[] keystoreBytes, List<String> validAddresses, List<String> invalidAddresses) throws Exception {
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new ByteArrayInputStream(keystoreBytes), "password".toCharArray());
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new ByteArrayInputStream(TRUSTSTORE), "password".toCharArray());
for (String validAddress : validAddresses) {
try {
SSLUtil.verifyHostname(getSSLEngineAfterHandshake(keyStore, trustStore, validAddress, 5672), validAddress);
} catch (TransportException e) {
fail("The address " + validAddress + " should validate but does not");
}
}
for (String invalidAddress : invalidAddresses) {
try {
SSLUtil.verifyHostname(getSSLEngineAfterHandshake(keyStore, trustStore, invalidAddress, 5672), invalidAddress);
fail("The address " + invalidAddress + " should not validate but it does");
} catch (TransportException e) {
// pass
}
}
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyStore(java.security.KeyStore)
TransportException(org.apache.qpid.server.transport.TransportException)
Example 3 with TransportException
use of org.apache.qpid.server.transport.TransportException in project qpid-broker-j by apache.
the class AMQPConnection_0_8Impl method closed.
@Override
public void closed() {
try {
try {
if (!_orderlyClose.get()) {
completeAndCloseAllChannels();
}
} finally {
performDeleteTasks();
final NamedAddressSpace virtualHost = getAddressSpace();
if (virtualHost != null) {
virtualHost.deregisterConnection(this);
}
}
} catch (ConnectionScopedRuntimeException | TransportException e) {
LOGGER.error("Could not close protocol engine", e);
} finally {
markTransportClosed();
}
}
Also used :
ConnectionScopedRuntimeException(org.apache.qpid.server.util.ConnectionScopedRuntimeException)
NamedAddressSpace(org.apache.qpid.server.model.NamedAddressSpace)
TransportException(org.apache.qpid.server.transport.TransportException)
Aggregations
TransportException (org.apache.qpid.server.transport.TransportException)3
ByteArrayInputStream (java.io.ByteArrayInputStream)1
KeyStore (java.security.KeyStore)1
Principal (java.security.Principal)1
CertificateParsingException (java.security.cert.CertificateParsingException)1
InvalidNameException (javax.naming.InvalidNameException)1
NamedAddressSpace (org.apache.qpid.server.model.NamedAddressSpace)1
ConnectionScopedRuntimeException (org.apache.qpid.server.util.ConnectionScopedRuntimeException)1
