Example 16 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class SSLFactoryTest method testSSLFactory.
@Test
public void testSSLFactory() throws Exception {
File trustStoreFile = File.createTempFile("truststore", ".jks");
SSLConfig sslConfig = new SSLConfig(TestSSLUtils.createSslProps("DC1,DC2,DC3", SSLFactory.Mode.SERVER, trustStoreFile, "server"));
SSLConfig clientSSLConfig = new SSLConfig(TestSSLUtils.createSslProps("DC1,DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client"));
SSLFactory sslFactory = new SSLFactory(sslConfig);
SSLContext sslContext = sslFactory.getSSLContext();
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
Assert.assertNotNull(socketFactory);
SSLServerSocketFactory serverSocketFactory = sslContext.getServerSocketFactory();
Assert.assertNotNull(serverSocketFactory);
SSLEngine serverSideSSLEngine = sslFactory.createSSLEngine("localhost", 9095, SSLFactory.Mode.SERVER);
TestSSLUtils.verifySSLConfig(sslContext, serverSideSSLEngine, false);
// client
sslFactory = new SSLFactory(clientSSLConfig);
sslContext = sslFactory.getSSLContext();
socketFactory = sslContext.getSocketFactory();
Assert.assertNotNull(socketFactory);
serverSocketFactory = sslContext.getServerSocketFactory();
Assert.assertNotNull(serverSocketFactory);
SSLEngine clientSideSSLEngine = sslFactory.createSSLEngine("localhost", 9095, SSLFactory.Mode.CLIENT);
TestSSLUtils.verifySSLConfig(sslContext, clientSideSSLEngine, true);
}
Also used :
SSLConfig(com.github.ambry.config.SSLConfig)
SSLEngine(javax.net.ssl.SSLEngine)
SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory)
SSLContext(javax.net.ssl.SSLContext)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
File(java.io.File)
Test(org.junit.Test)
Example 17 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class JdkSslFactoryTest method testSSLFactory.
/**
* Run sanity checks for {@link JdkSslFactory}.
* @throws Exception
*/
@Test
public void testSSLFactory() throws Exception {
TestSSLUtils.testSSLFactoryImpl(JdkSslFactory.class.getName());
// test features specific to JDK impls, like the PRNG algorithm config
File trustStoreFile = File.createTempFile("truststore", ".jks");
Properties props = new Properties();
TestSSLUtils.addSSLProperties(props, "DC1,DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client");
for (String prngAlgorithm : new String[] { "NativePRNGNonBlocking", "SHA1PRNG", "Windows-PRNG", "badbadinvalid" }) {
// First check if the algorithm is supported by the system/jdk/security provider.
boolean valid = true;
try {
SecureRandom.getInstance(prngAlgorithm);
} catch (NoSuchAlgorithmException e) {
valid = false;
}
props.put("ssl.secure.random.algorithm", prngAlgorithm);
SSLConfig config = new SSLConfig(new VerifiableProperties(props));
if (valid) {
JdkSslFactory jdkSslFactory = new JdkSslFactory(config);
assertNotNull("Invalid SSLContext", jdkSslFactory.getSSLContext());
} else {
TestUtils.assertException(NoSuchAlgorithmException.class, () -> new JdkSslFactory(config), null);
}
}
// leaving this prop empty should use the default impl.
props.put("ssl.secure.random.algorithm", "");
SSLConfig config = new SSLConfig(new VerifiableProperties(props));
JdkSslFactory jdkSslFactory = new JdkSslFactory(config);
assertNotNull("Invalid SSLContext", jdkSslFactory.getSSLContext());
}
Also used :
SSLConfig(com.github.ambry.config.SSLConfig)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Properties(java.util.Properties)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
File(java.io.File)
Test(org.junit.Test)
Example 18 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class NettySslHttp2FactoryTest method testHttp2SSLFactory.
/**
* Run sanity checks for {@link NettySslHttp2Factory}. Make sure no exception.
* @throws Exception
*/
@Test
public void testHttp2SSLFactory() throws Exception {
// server
File trustStoreFile = File.createTempFile("truststore", ".jks");
SSLConfig serverSslConfig = new SSLConfig(TestSSLUtils.createHttp2Props("DC1,DC2,DC3", SSLFactory.Mode.SERVER, trustStoreFile, "server"));
NettySslHttp2Factory sslFactory = Utils.getObj(NettySslHttp2Factory.class.getName(), serverSslConfig);
SSLEngine ssLEngine = sslFactory.createSSLEngine("localhost", 9095, SSLFactory.Mode.SERVER);
SSLConfig clientSSLConfig = new SSLConfig(TestSSLUtils.createHttp2Props("DC1,DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client"));
sslFactory = Utils.getObj(NettySslHttp2Factory.class.getName(), clientSSLConfig);
ssLEngine = sslFactory.createSSLEngine("localhost", 9095, SSLFactory.Mode.CLIENT);
}Example 19 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class FrontendIntegrationTest method setup.
/**
* Sets up an Ambry frontend server.
* @throws Exception
*/
@BeforeClass
public static void setup() throws Exception {
ambryRestServer = new RestServer(FRONTEND_VERIFIABLE_PROPS, CLUSTER_MAP, new LoggingNotificationSystem(), SSLFactory.getNewInstance(new SSLConfig(FRONTEND_VERIFIABLE_PROPS)));
ambryRestServer.start();
plaintextNettyClient = new NettyClient("localhost", PLAINTEXT_SERVER_PORT, null);
sslNettyClient = new NettyClient("localhost", SSL_SERVER_PORT, SSLFactory.getNewInstance(new SSLConfig(SSL_CLIENT_VERIFIABLE_PROPS)));
}
Also used :
RestServer(com.github.ambry.rest.RestServer)
SSLConfig(com.github.ambry.config.SSLConfig)
NettyClient(com.github.ambry.rest.NettyClient)
LoggingNotificationSystem(com.github.ambry.commons.LoggingNotificationSystem)
BeforeClass(org.junit.BeforeClass)
Example 20 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class FrontendIntegrationTest method disableUndeleteTest.
/**
* Test when the undelete is disabled.
*/
@Test
public void disableUndeleteTest() throws Exception {
assumeTrue(!enableUndeleteTested);
enableUndeleteTested = true;
File trustStoreFile = File.createTempFile("truststore", ".jks");
trustStoreFile.deleteOnExit();
VerifiableProperties vprop = buildFrontendVProps(trustStoreFile, false, PLAINTEXT_SERVER_PORT + 100, SSL_SERVER_PORT + 100);
RestServer ambryRestServer = new RestServer(vprop, CLUSTER_MAP, new LoggingNotificationSystem(), SSLFactory.getNewInstance(new SSLConfig(vprop)));
ambryRestServer.start();
NettyClient plaintextNettyClient = new NettyClient("localhost", PLAINTEXT_SERVER_PORT + 100, null);
NettyClient sslNettyClient = new NettyClient("localhost", SSL_SERVER_PORT + 100, SSLFactory.getNewInstance(new SSLConfig(SSL_CLIENT_VERIFIABLE_PROPS)));
NettyClient nettyClient = useSSL ? sslNettyClient : plaintextNettyClient;
String blobId = "randomblobid";
HttpHeaders headers = new DefaultHttpHeaders();
headers.set(RestUtils.Headers.BLOB_ID, addClusterPrefix ? "/" + CLUSTER_NAME + blobId : blobId);
headers.set(RestUtils.Headers.SERVICE_ID, "updateBlobTtlAndVerify");
FullHttpRequest httpRequest = buildRequest(HttpMethod.PUT, "/" + Operations.UNDELETE, headers, null);
ResponseParts responseParts = nettyClient.sendRequest(httpRequest, null, null).get();
HttpResponse response = getHttpResponse(responseParts);
assertEquals("Unexpected response status", HttpResponseStatus.BAD_REQUEST, response.status());
plaintextNettyClient.close();
sslNettyClient.close();
ambryRestServer.shutdown();
}
Also used :
RestServer(com.github.ambry.rest.RestServer)
SSLConfig(com.github.ambry.config.SSLConfig)
NettyClient(com.github.ambry.rest.NettyClient)
HttpHeaders(io.netty.handler.codec.http.HttpHeaders)
DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders)
DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest)
FullHttpRequest(io.netty.handler.codec.http.FullHttpRequest)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
LoggingNotificationSystem(com.github.ambry.commons.LoggingNotificationSystem)
DefaultHttpHeaders(io.netty.handler.codec.http.DefaultHttpHeaders)
HttpResponse(io.netty.handler.codec.http.HttpResponse)
ResponseParts(com.github.ambry.rest.NettyClient.ResponseParts)
File(java.io.File)
Test(org.junit.Test)
Aggregations
SSLConfig (com.github.ambry.config.SSLConfig)30
VerifiableProperties (com.github.ambry.config.VerifiableProperties)16
File (java.io.File)15
ClusterMapConfig (com.github.ambry.config.ClusterMapConfig)13
Properties (java.util.Properties)13
ArrayList (java.util.ArrayList)10
BlobProperties (com.github.ambry.messageformat.BlobProperties)9
ClusterMap (com.github.ambry.clustermap.ClusterMap)8
DataNodeId (com.github.ambry.clustermap.DataNodeId)8
BlobId (com.github.ambry.commons.BlobId)8
SSLFactory (com.github.ambry.commons.SSLFactory)8
ClusterAgentsFactory (com.github.ambry.clustermap.ClusterAgentsFactory)7
ConnectionPoolConfig (com.github.ambry.config.ConnectionPoolConfig)7
BlockingChannelConnectionPool (com.github.ambry.network.BlockingChannelConnectionPool)7
MetricRegistry (com.codahale.metrics.MetricRegistry)6
AccountService (com.github.ambry.account.AccountService)6
Port (com.github.ambry.network.Port)6
IOException (java.io.IOException)6
MockClusterMap (com.github.ambry.clustermap.MockClusterMap)5
PartitionId (com.github.ambry.clustermap.PartitionId)5
