001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017
018package org.apache.activemq.transport.nio;
019
020import org.apache.activemq.broker.SslContext;
021import org.apache.activemq.transport.Transport;
022import org.apache.activemq.transport.TransportServer;
023import org.apache.activemq.transport.tcp.SslTransport;
024import org.apache.activemq.transport.tcp.SslTransportFactory;
025import org.apache.activemq.transport.tcp.TcpTransport;
026import org.apache.activemq.transport.tcp.TcpTransportServer;
027import org.apache.activemq.util.IOExceptionSupport;
028import org.apache.activemq.util.IntrospectionSupport;
029import org.apache.activemq.wireformat.WireFormat;
030import org.slf4j.Logger;
031import org.slf4j.LoggerFactory;
032
033import javax.net.ServerSocketFactory;
034import javax.net.SocketFactory;
035import javax.net.ssl.SSLContext;
036import javax.net.ssl.SSLSocketFactory;
037import java.io.IOException;
038import java.net.Socket;
039import java.net.URI;
040import java.net.URISyntaxException;
041import java.net.UnknownHostException;
042import java.util.Map;
043
044public class NIOSSLTransportFactory extends NIOTransportFactory {
045    private static final Logger LOG = LoggerFactory.getLogger(NIOSSLTransportFactory.class);
046     SSLContext context;
047
048    protected TcpTransportServer createTcpTransportServer(URI location, ServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
049        return new TcpTransportServer(this, location, serverSocketFactory) {
050            protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
051                NIOSSLTransport transport = new NIOSSLTransport(format, socket);
052                if (context != null) {
053                    transport.setSslContext(context);
054                }
055                return transport;
056            }
057        };
058    }
059
060    @Override
061    public TransportServer doBind(URI location) throws IOException {
062         if (SslContext.getCurrentSslContext() != null) {
063             try {
064                 context = SslContext.getCurrentSslContext().getSSLContext();
065             } catch (Exception e) {
066                 throw new IOException(e);
067             }
068         }
069        return super.doBind(location);
070    }
071
072
073    /**
074     * Overriding to allow for proper configuration through reflection but delegate to get common
075     * configuration
076     */
077    public Transport compositeConfigure(Transport transport, WireFormat format, Map options) {
078        if (transport instanceof SslTransport)  {
079            SslTransport sslTransport = (SslTransport)transport.narrow(SslTransport.class);
080            IntrospectionSupport.setProperties(sslTransport, options);
081        } else if (transport instanceof NIOSSLTransport) {
082            NIOSSLTransport sslTransport = (NIOSSLTransport)transport.narrow(NIOSSLTransport.class);
083            IntrospectionSupport.setProperties(sslTransport, options);
084        }
085
086        return super.compositeConfigure(transport, format, options);
087    }
088
089    /**
090     * Overriding to use SslTransports.
091     */
092    protected Transport createTransport(URI location, WireFormat wf) throws UnknownHostException, IOException {
093
094        URI localLocation = null;
095        String path = location.getPath();
096        // see if the path is a local URI location
097        if (path != null && path.length() > 0) {
098            int localPortIndex = path.indexOf(':');
099            try {
100                Integer.parseInt(path.substring(localPortIndex + 1, path.length()));
101                String localString = location.getScheme() + ":/" + path;
102                localLocation = new URI(localString);
103            } catch (Exception e) {
104                LOG.warn("path isn't a valid local location for SslTransport to use", e);
105            }
106        }
107        SocketFactory socketFactory = createSocketFactory();
108        return new SslTransport(wf, (SSLSocketFactory)socketFactory, location, localLocation, false);
109    }
110
111    /**
112     * Creates a new SSL SocketFactory. The given factory will use user-provided
113     * key and trust managers (if the user provided them).
114     *
115     * @return Newly created (Ssl)SocketFactory.
116     * @throws IOException
117     */
118    protected SocketFactory createSocketFactory() throws IOException {
119        if( SslContext.getCurrentSslContext()!=null ) {
120            SslContext ctx = SslContext.getCurrentSslContext();
121            try {
122                return ctx.getSSLContext().getSocketFactory();
123            } catch (Exception e) {
124                throw IOExceptionSupport.create(e);
125            }
126        } else {
127            return SSLSocketFactory.getDefault();
128        }
129
130    }
131
132}