Skip to content

Commit

Permalink
Merge pull request #3766 from wso2/ssl-patch
Browse files Browse the repository at this point in the history
Add web socket transport sender hostname verification
  • Loading branch information
DedunuKarunarathne authored Nov 11, 2024
2 parents dec1b05 + a5b4ea0 commit 72b10d5
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
import io.netty.handler.codec.http.websocketx.WebSocketVersion;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.description.Parameter;
Expand All @@ -48,7 +49,9 @@
import java.net.URI;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLParameters;
import javax.xml.namespace.QName;

public class WebsocketConnectionFactory {
Expand Down Expand Up @@ -220,7 +223,19 @@ public WebSocketClientHandler cacheNewConnection(final URI uri, final String sou
protected void initChannel(SocketChannel ch) {
ChannelPipeline p = ch.pipeline();
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(ch.alloc(), host, port));
SslHandler sslHandler = sslCtx.newHandler(ch.alloc(), host, port);
Parameter wsEnableHostnameVerification = transportOut
.getParameter(WebsocketConstants.WEBSOCKET_HOSTNAME_VERIFICATION_CONFIG);
if (wsEnableHostnameVerification != null
&& wsEnableHostnameVerification.getValue() != null
&& !wsEnableHostnameVerification.getValue().toString().isEmpty()
&& Boolean.parseBoolean(wsEnableHostnameVerification.getValue().toString())) {
SSLEngine sslEngine = sslHandler.engine();
SSLParameters sslParams = sslEngine.getSSLParameters();
sslParams.setEndpointIdentificationAlgorithm("HTTPS");
sslEngine.setSSLParameters(sslParams);
}
p.addLast(sslHandler);
}
p.addLast(new HttpClientCodec(), new HttpObjectAggregator(8192),
new WebSocketFrameAggregator(Integer.MAX_VALUE), handler);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ public class WebsocketConstants {

public static final String WEBSOCKET_CUSTOM_HEADER_PREFIX = "websocket.custom.header.";
public static final String WEBSOCKET_CUSTOM_HEADER_CONFIG = "ws.custom.header";
public static final String WEBSOCKET_HOSTNAME_VERIFICATION_CONFIG = "ws.client.enable.hostname.verification";

public static final String CONNECTION_TERMINATE = "connection.terminate";

Expand Down

0 comments on commit 72b10d5

Please sign in to comment.