diff options
author | Martin Ritchie <ritchiem@apache.org> | 2007-02-14 15:40:47 +0000 |
---|---|---|
committer | Martin Ritchie <ritchiem@apache.org> | 2007-02-14 15:40:47 +0000 |
commit | c206a9ed35ac489ffc86b47fb6c8df69266a73fa (patch) | |
tree | 2f657e59ffa3072817b1820d5672dc7480222c09 /java/broker/src | |
parent | 80e9cae3e7fd6bb8216c0b0ddf74a51c48784814 (diff) | |
download | qpid-python-c206a9ed35ac489ffc86b47fb6c8df69266a73fa.tar.gz |
Applied QPID-6 SSL Options patch from Kevin Smith
git-svn-id: https://svn.apache.org/repos/asf/incubator/qpid/trunk/qpid@507584 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java/broker/src')
3 files changed, 48 insertions, 36 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/Main.java b/java/broker/src/main/java/org/apache/qpid/server/Main.java index 55009bbf49..37ac7b8b44 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/Main.java +++ b/java/broker/src/main/java/org/apache/qpid/server/Main.java @@ -327,7 +327,7 @@ public class Main implements ProtocolVersionList sconfig.setThreadModel(ReadWriteThreadModel.getInstance()); } - if (connectorConfig.enableNonSSL) + if (!connectorConfig.enableSSL) { AMQPFastProtocolHandler handler = new AMQPProtocolProvider().getHandler(); InetSocketAddress bindAddress; @@ -343,10 +343,9 @@ public class Main implements ProtocolVersionList _logger.info("Qpid.AMQP listening on non-SSL address " + bindAddress); } - if (connectorConfig.enableSSL) + else { AMQPFastProtocolHandler handler = new AMQPProtocolProvider().getHandler(); - handler.setUseSSL(true); try { acceptor.bind(new InetSocketAddress(connectorConfig.sslPort), diff --git a/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQPFastProtocolHandler.java b/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQPFastProtocolHandler.java index d7e6af0c29..76a293c161 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQPFastProtocolHandler.java +++ b/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQPFastProtocolHandler.java @@ -20,15 +20,8 @@ */ package org.apache.qpid.server.protocol; -import org.apache.qpid.AMQException; -import org.apache.qpid.codec.AMQCodecFactory; -import org.apache.qpid.framing.*; -import org.apache.qpid.server.exchange.ExchangeRegistry; -import org.apache.qpid.server.queue.QueueRegistry; -import org.apache.qpid.server.registry.ApplicationRegistry; -import org.apache.qpid.server.registry.IApplicationRegistry; -import org.apache.qpid.server.transport.ConnectorConfiguration; -import org.apache.qpid.ssl.BogusSSLContextFactory; +import java.io.IOException; + import org.apache.log4j.Logger; import org.apache.mina.common.ByteBuffer; import org.apache.mina.common.IdleStatus; @@ -37,8 +30,19 @@ import org.apache.mina.common.IoSession; import org.apache.mina.filter.SSLFilter; import org.apache.mina.filter.codec.ProtocolCodecFilter; import org.apache.mina.util.SessionUtil; - -import java.io.IOException; +import org.apache.qpid.AMQException; +import org.apache.qpid.codec.AMQCodecFactory; +import org.apache.qpid.framing.AMQDataBlock; +import org.apache.qpid.framing.AMQProtocolHeaderException; +import org.apache.qpid.framing.AMQShortString; +import org.apache.qpid.framing.ConnectionCloseBody; +import org.apache.qpid.framing.HeartbeatBody; +import org.apache.qpid.framing.ProtocolInitiation; +import org.apache.qpid.framing.ProtocolVersionList; +import org.apache.qpid.server.registry.ApplicationRegistry; +import org.apache.qpid.server.registry.IApplicationRegistry; +import org.apache.qpid.server.transport.ConnectorConfiguration; +import org.apache.qpid.ssl.SSLContextFactory; /** @@ -56,17 +60,14 @@ public class AMQPFastProtocolHandler extends IoHandlerAdapter implements Protoco private final IApplicationRegistry _applicationRegistry; - private boolean _useSSL; - public AMQPFastProtocolHandler(Integer applicationRegistryInstance) { - this(ApplicationRegistry.getInstance(applicationRegistryInstance)); + this(ApplicationRegistry.getInstance(applicationRegistryInstance)); } public AMQPFastProtocolHandler(IApplicationRegistry applicationRegistry) { _applicationRegistry = applicationRegistry; - _logger.debug("AMQPFastProtocolHandler created"); } @@ -89,16 +90,30 @@ public class AMQPFastProtocolHandler extends IoHandlerAdapter implements Protoco getConfiguredObject(ConnectorConfiguration.class); if (connectorConfig.enableExecutorPool) { - if (_useSSL) + if (connectorConfig.enableSSL) { + String keystorePath = connectorConfig.keystorePath; + String keystorePassword = connectorConfig.keystorePassword; + String certType = connectorConfig.certType; + SSLContextFactory sslContextFactory = new SSLContextFactory(keystorePath, keystorePassword, certType); protocolSession.getFilterChain().addAfter("AsynchronousReadFilter", "sslFilter", - new SSLFilter(BogusSSLContextFactory.getInstance(true))); + new SSLFilter(sslContextFactory.buildServerContext())); } protocolSession.getFilterChain().addBefore("AsynchronousWriteFilter", "protocolFilter", pcf); } else { - protocolSession.getFilterChain().addLast("protocolFilter", pcf); + protocolSession.getFilterChain().addLast("protocolFilter", pcf); + if (connectorConfig.enableSSL) + { + String keystorePath = connectorConfig.keystorePath; + String keystorePassword = connectorConfig.keystorePassword; + String certType = connectorConfig.certType; + SSLContextFactory sslContextFactory = new SSLContextFactory(keystorePath, keystorePassword, certType); + protocolSession.getFilterChain().addBefore("protocolFilter", "sslFilter", + new SSLFilter(sslContextFactory.buildServerContext())); + } + } } @@ -216,14 +231,4 @@ public class AMQPFastProtocolHandler extends IoHandlerAdapter implements Protoco _logger.debug("Message sent: " + object); } } - - public boolean isUseSSL() - { - return _useSSL; - } - - public void setUseSSL(boolean useSSL) - { - _useSSL = useSSL; - } } diff --git a/java/broker/src/main/java/org/apache/qpid/server/transport/ConnectorConfiguration.java b/java/broker/src/main/java/org/apache/qpid/server/transport/ConnectorConfiguration.java index ac164f0cab..12489ad70e 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/transport/ConnectorConfiguration.java +++ b/java/broker/src/main/java/org/apache/qpid/server/transport/ConnectorConfiguration.java @@ -70,13 +70,21 @@ public class ConnectorConfiguration defaultValue = "false") public boolean enableDirectBuffers; - @Configured(path = "connector.ssl", + @Configured(path = "connector.ssl.enabled", defaultValue = "false") public boolean enableSSL; - - @Configured(path = "connector.nonssl", - defaultValue = "true") - public boolean enableNonSSL; + + @Configured(path = "connector.ssl.keystorePath", + defaultValue = "none") + public String keystorePath; + + @Configured(path = "connector.ssl.keystorePassword", + defaultValue = "none") + public String keystorePassword; + + @Configured(path = "connector.ssl.certType", + defaultValue = "SunX509") + public String certType; public IoAcceptor createAcceptor() { |