CAMEL-6417: camel-http4 can only support one instance of SSLContextParameters per component. Added validation to fail if trying to use a 2nd instance.
Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/eb74917c Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/eb74917c Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/eb74917c Branch: refs/heads/camel-2.10.x Commit: eb74917c0736d5f445e53a477d9ab4103d4d5adf Parents: f3de135 Author: Claus Ibsen <davscl...@apache.org> Authored: Mon Jun 3 10:59:34 2013 +0200 Committer: Claus Ibsen <davscl...@apache.org> Committed: Mon Jun 3 11:00:42 2013 +0200 ---------------------------------------------------------------------- .../camel/component/http4/HttpComponent.java | 19 ++++- .../apache/camel/component/http4/HttpsGetTest.java | 1 + ...tpsTwoDifferentSslContextParametersGetTest.java | 65 +++++++++++++++ 3 files changed, 84 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/eb74917c/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java index c46079c..e41c5de 100644 --- a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java +++ b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java @@ -26,6 +26,7 @@ import org.apache.camel.component.http4.helper.HttpHelper; import org.apache.camel.impl.HeaderFilterStrategyComponent; import org.apache.camel.spi.HeaderFilterStrategy; import org.apache.camel.util.IntrospectionSupport; +import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.jsse.SSLContextParameters; import org.apache.http.auth.params.AuthParamBean; @@ -69,6 +70,8 @@ public class HttpComponent extends HeaderFilterStrategyComponent { protected int maxTotalConnections = 200; protected int connectionsPerRoute = 20; + private volatile SSLContextParameters usedSslContextParams; + /** * Connects the URL specified on the endpoint to the specified processor. * @@ -281,6 +284,19 @@ public class HttpComponent extends HeaderFilterStrategyComponent { @SuppressWarnings("deprecation") protected void registerPort(boolean secure, X509HostnameVerifier x509HostnameVerifier, int port, SSLContextParameters sslContextParams) throws Exception { + if (usedSslContextParams == null) { + usedSslContextParams = sslContextParams; + } + + // we must use same SSLContextParameters for this component. + if (usedSslContextParams != sslContextParams) { + // use identity hashcode in exception message + Object previous = ObjectHelper.getIdentityHashCode(usedSslContextParams); + Object next = ObjectHelper.getIdentityHashCode(sslContextParams); + throw new IllegalArgumentException("Only same instance of SSLContextParameters is supported. Cannot use a different instance." + + " Previous instance hashcode: " + previous + ", New instance hashcode: " + next); + } + SchemeRegistry registry = clientConnectionManager.getSchemeRegistry(); if (secure) { SSLSocketFactory socketFactory; @@ -289,7 +305,7 @@ public class HttpComponent extends HeaderFilterStrategyComponent { } else { socketFactory = new SSLSocketFactory(sslContextParams.createSSLContext()); } - + socketFactory.setHostnameVerifier(x509HostnameVerifier); // must register both https and https4 registry.register(new Scheme("https", port, socketFactory)); @@ -433,6 +449,7 @@ public class HttpComponent extends HeaderFilterStrategyComponent { clientConnectionManager.shutdown(); clientConnectionManager = null; } + usedSslContextParams = null; super.doStop(); } } http://git-wip-us.apache.org/repos/asf/camel/blob/eb74917c/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java index 4541fb4..6776302 100644 --- a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java +++ b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java @@ -18,6 +18,7 @@ package org.apache.camel.component.http4; import org.apache.camel.Exchange; import org.apache.camel.Processor; +import org.apache.camel.builder.RouteBuilder; import org.apache.camel.component.http4.handler.BasicValidationHandler; import org.apache.camel.impl.JndiRegistry; import org.apache.http.conn.ssl.AllowAllHostnameVerifier; http://git-wip-us.apache.org/repos/asf/camel/blob/eb74917c/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java new file mode 100644 index 0000000..43c7a24 --- /dev/null +++ b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java @@ -0,0 +1,65 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.http4; + +import org.apache.camel.FailedToCreateRouteException; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.http.conn.ssl.AllowAllHostnameVerifier; +import org.junit.Test; + +public class HttpsTwoDifferentSslContextParametersGetTest extends BaseHttpsTest { + + @Override + protected JndiRegistry createRegistry() throws Exception { + JndiRegistry registry = super.createRegistry(); + registry.bind("x509HostnameVerifier", new AllowAllHostnameVerifier()); + registry.bind("sslContextParameters", new SSLContextParameters()); + registry.bind("sslContextParameters2", new SSLContextParameters()); + + return registry; + } + + @Override + public boolean isUseRouteBuilder() { + return false; + } + + @Test + public void httpsTwoDifferentSSLContextNotSupported() throws Exception { + context.addRoutes(new RouteBuilder() { + @Override + public void configure() throws Exception { + from("direct:foo") + .to("https4://127.0.0.1:" + getPort() + "/mail?x509HostnameVerifier=x509HostnameVerifier&sslContextParametersRef=sslContextParameters"); + + from("direct:bar") + .to("https4://127.0.0.1:" + getPort() + "/mail?x509HostnameVerifier=x509HostnameVerifier&sslContextParametersRef=sslContextParameters2"); + } + }); + try { + context.start(); + fail("Should have thrown exception"); + } catch (FailedToCreateRouteException e) { + IllegalArgumentException iae = (IllegalArgumentException) e.getCause().getCause(); + assertNotNull(iae); + assertTrue(iae.getMessage().startsWith("Only same instance of SSLContextParameters is supported.")); + } + } + +}
