Updated Branches: refs/heads/camel-2.10.x f3de135d8 -> eb74917c0 refs/heads/camel-2.11.x 961fa420f -> 51501fd94 refs/heads/master 08d00707c -> 353495222
CAMEL-6417: camel-http4 can only support one instance of SSLContextParameters per component. Added validation to fail if trying to use a 2nd instance. Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/35349522 Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/35349522 Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/35349522 Branch: refs/heads/master Commit: 353495222dafacbe999679a8f7d16313638d3665 Parents: 08d0070 Author: Claus Ibsen <davscl...@apache.org> Authored: Mon Jun 3 10:59:34 2013 +0200 Committer: Claus Ibsen <davscl...@apache.org> Committed: Mon Jun 3 10:59:44 2013 +0200 ---------------------------------------------------------------------- .../camel/component/http4/HttpComponent.java | 19 ++++- .../apache/camel/component/http4/HttpsGetTest.java | 1 + ...tpsTwoDifferentSslContextParametersGetTest.java | 65 +++++++++++++++ 3 files changed, 84 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/35349522/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java index f860faa..36b7aee 100644 --- a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java +++ b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java @@ -27,6 +27,7 @@ import org.apache.camel.component.http4.helper.HttpHelper; import org.apache.camel.impl.HeaderFilterStrategyComponent; import org.apache.camel.spi.HeaderFilterStrategy; import org.apache.camel.util.IntrospectionSupport; +import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.jsse.SSLContextParameters; import org.apache.http.auth.params.AuthParamBean; @@ -71,6 +72,8 @@ public class HttpComponent extends HeaderFilterStrategyComponent { // It's MILLISECONDS, the default value is always keep alive protected long connectionTimeToLive = -1; + private volatile SSLContextParameters usedSslContextParams; + /** * Connects the URL specified on the endpoint to the specified processor. * @@ -302,6 +305,19 @@ public class HttpComponent extends HeaderFilterStrategyComponent { @SuppressWarnings("deprecation") protected void registerPort(boolean secure, X509HostnameVerifier x509HostnameVerifier, int port, SSLContextParameters sslContextParams) throws Exception { + if (usedSslContextParams == null) { + usedSslContextParams = sslContextParams; + } + + // we must use same SSLContextParameters for this component. + if (usedSslContextParams != sslContextParams) { + // use identity hashcode in exception message + Object previous = ObjectHelper.getIdentityHashCode(usedSslContextParams); + Object next = ObjectHelper.getIdentityHashCode(sslContextParams); + throw new IllegalArgumentException("Only same instance of SSLContextParameters is supported. Cannot use a different instance." + + " Previous instance hashcode: " + previous + ", New instance hashcode: " + next); + } + SchemeRegistry registry = clientConnectionManager.getSchemeRegistry(); if (secure) { SSLSocketFactory socketFactory; @@ -310,7 +326,7 @@ public class HttpComponent extends HeaderFilterStrategyComponent { } else { socketFactory = new SSLSocketFactory(sslContextParams.createSSLContext()); } - + socketFactory.setHostnameVerifier(x509HostnameVerifier); // must register both https and https4 registry.register(new Scheme("https", port, socketFactory)); @@ -460,6 +476,7 @@ public class HttpComponent extends HeaderFilterStrategyComponent { clientConnectionManager.shutdown(); clientConnectionManager = null; } + usedSslContextParams = null; super.doStop(); } } http://git-wip-us.apache.org/repos/asf/camel/blob/35349522/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java index 4541fb4..6776302 100644 --- a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java +++ b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsGetTest.java @@ -18,6 +18,7 @@ package org.apache.camel.component.http4; import org.apache.camel.Exchange; import org.apache.camel.Processor; +import org.apache.camel.builder.RouteBuilder; import org.apache.camel.component.http4.handler.BasicValidationHandler; import org.apache.camel.impl.JndiRegistry; import org.apache.http.conn.ssl.AllowAllHostnameVerifier; http://git-wip-us.apache.org/repos/asf/camel/blob/35349522/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java ---------------------------------------------------------------------- diff --git a/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java new file mode 100644 index 0000000..43c7a24 --- /dev/null +++ b/components/camel-http4/src/test/java/org/apache/camel/component/http4/HttpsTwoDifferentSslContextParametersGetTest.java @@ -0,0 +1,65 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.http4; + +import org.apache.camel.FailedToCreateRouteException; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.http.conn.ssl.AllowAllHostnameVerifier; +import org.junit.Test; + +public class HttpsTwoDifferentSslContextParametersGetTest extends BaseHttpsTest { + + @Override + protected JndiRegistry createRegistry() throws Exception { + JndiRegistry registry = super.createRegistry(); + registry.bind("x509HostnameVerifier", new AllowAllHostnameVerifier()); + registry.bind("sslContextParameters", new SSLContextParameters()); + registry.bind("sslContextParameters2", new SSLContextParameters()); + + return registry; + } + + @Override + public boolean isUseRouteBuilder() { + return false; + } + + @Test + public void httpsTwoDifferentSSLContextNotSupported() throws Exception { + context.addRoutes(new RouteBuilder() { + @Override + public void configure() throws Exception { + from("direct:foo") + .to("https4://127.0.0.1:" + getPort() + "/mail?x509HostnameVerifier=x509HostnameVerifier&sslContextParametersRef=sslContextParameters"); + + from("direct:bar") + .to("https4://127.0.0.1:" + getPort() + "/mail?x509HostnameVerifier=x509HostnameVerifier&sslContextParametersRef=sslContextParameters2"); + } + }); + try { + context.start(); + fail("Should have thrown exception"); + } catch (FailedToCreateRouteException e) { + IllegalArgumentException iae = (IllegalArgumentException) e.getCause().getCause(); + assertNotNull(iae); + assertTrue(iae.getMessage().startsWith("Only same instance of SSLContextParameters is supported.")); + } + } + +}
