[camel] branch main updated: [CAMEL-16961]camel-netty:avoid using deprecated SSLSession.getPeerCertificateChain() method which is retired since JDK15

Wed, 15 Sep 2021 08:20:11 -0700 

This is an automated email from the ASF dual-hosted git repository.

ffang pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/main by this push:
     new 8e5cead  [CAMEL-16961]camel-netty:avoid using deprecated 
SSLSession.getPeerCertificateChain() method which is retired since JDK15
8e5cead is described below

commit 8e5cead58ad500eff8382cfcaf32748a734464ea
Author: Freeman Fang <freeman.f...@gmail.com>
AuthorDate: Wed Sep 15 11:19:24 2021 -0400

    [CAMEL-16961]camel-netty:avoid using deprecated 
SSLSession.getPeerCertificateChain() method which is retired since JDK15
---
 .../java/org/apache/camel/component/netty/NettyEndpoint.java  | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git 
a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
 
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
index a87443d..0b5163a 100644
--- 
a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
+++ 
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
@@ -18,10 +18,11 @@ package org.apache.camel.component.netty;
 
 import java.math.BigInteger;
 import java.security.Principal;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
 
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
-import javax.security.cert.X509Certificate;
 
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.handler.ssl.SslHandler;
@@ -138,9 +139,13 @@ public class NettyEndpoint extends DefaultEndpoint 
implements AsyncEndpoint {
      */
     protected void enrichWithClientCertInformation(SSLSession sslSession, 
Message message) {
         try {
-            X509Certificate[] certificates = 
sslSession.getPeerCertificateChain();
+
+            Certificate[] certificates = sslSession.getPeerCertificates();
             if (certificates != null && certificates.length > 0) {
-                X509Certificate cert = certificates[0];
+                if (!(certificates[0] instanceof X509Certificate)) {
+                    return;
+                }
+                X509Certificate cert = (X509Certificate) certificates[0];
 
                 Principal subject = cert.getSubjectDN();
                 if (subject != null) {

Reply via email to