Example 1 with ClientTlsProtocolNegotiator
use of io.grpc.netty.ProtocolNegotiators.ClientTlsProtocolNegotiator in project grpc-java by grpc.
the class ProtocolNegotiatorsTest method clientTlsHandler_firesNegotiation.
@Test
public void clientTlsHandler_firesNegotiation() throws Exception {
SelfSignedCertificate cert = new SelfSignedCertificate("authority");
SslContext clientSslContext = GrpcSslContexts.configure(SslContextBuilder.forClient().trustManager(cert.cert())).build();
SslContext serverSslContext = GrpcSslContexts.configure(SslContextBuilder.forServer(cert.key(), cert.cert())).build();
FakeGrpcHttp2ConnectionHandler gh = FakeGrpcHttp2ConnectionHandler.newHandler();
ClientTlsProtocolNegotiator pn = new ClientTlsProtocolNegotiator(clientSslContext, null);
WriteBufferingAndExceptionHandler clientWbaeh = new WriteBufferingAndExceptionHandler(pn.newHandler(gh));
SocketAddress addr = new LocalAddress("addr");
ChannelHandler sh = ProtocolNegotiators.serverTls(serverSslContext).newHandler(FakeGrpcHttp2ConnectionHandler.noopHandler());
WriteBufferingAndExceptionHandler serverWbaeh = new WriteBufferingAndExceptionHandler(sh);
Channel s = new ServerBootstrap().childHandler(serverWbaeh).group(group).channel(LocalServerChannel.class).bind(addr).sync().channel();
Channel c = new Bootstrap().handler(clientWbaeh).channel(LocalChannel.class).group(group).register().sync().channel();
ChannelFuture write = c.writeAndFlush(NettyClientHandler.NOOP_MESSAGE);
c.connect(addr).sync();
write.sync();
boolean completed = gh.negotiated.await(TIMEOUT_SECONDS, TimeUnit.SECONDS);
if (!completed) {
assertTrue("failed to negotiated", write.await(TIMEOUT_SECONDS, TimeUnit.SECONDS));
// sync should fail if we are in this block.
write.sync();
throw new AssertionError("neither wrote nor negotiated");
}
c.close();
s.close();
pn.close();
assertThat(gh.securityInfo).isNotNull();
assertThat(gh.securityInfo.tls).isNotNull();
assertThat(gh.attrs.get(GrpcAttributes.ATTR_SECURITY_LEVEL)).isEqualTo(SecurityLevel.PRIVACY_AND_INTEGRITY);
assertThat(gh.attrs.get(Grpc.TRANSPORT_ATTR_SSL_SESSION)).isInstanceOf(SSLSession.class);
// This is not part of the ClientTls negotiation, but shows that the negotiation event happens
// in the right order.
assertThat(gh.attrs.get(Grpc.TRANSPORT_ATTR_REMOTE_ADDR)).isEqualTo(addr);
}
Also used :
ChannelFuture(io.netty.channel.ChannelFuture)
ClientTlsProtocolNegotiator(io.grpc.netty.ProtocolNegotiators.ClientTlsProtocolNegotiator)
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
LocalAddress(io.netty.channel.local.LocalAddress)
LocalServerChannel(io.netty.channel.local.LocalServerChannel)
Channel(io.netty.channel.Channel)
LocalChannel(io.netty.channel.local.LocalChannel)
EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel)
ChannelHandler(io.netty.channel.ChannelHandler)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
LocalServerChannel(io.netty.channel.local.LocalServerChannel)
Bootstrap(io.netty.bootstrap.Bootstrap)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
SocketAddress(java.net.SocketAddress)
InetSocketAddress(java.net.InetSocketAddress)
SslContext(io.netty.handler.ssl.SslContext)
Test(org.junit.Test)
Aggregations
ClientTlsProtocolNegotiator (io.grpc.netty.ProtocolNegotiators.ClientTlsProtocolNegotiator)1
Bootstrap (io.netty.bootstrap.Bootstrap)1
ServerBootstrap (io.netty.bootstrap.ServerBootstrap)1
Channel (io.netty.channel.Channel)1
ChannelFuture (io.netty.channel.ChannelFuture)1
ChannelHandler (io.netty.channel.ChannelHandler)1
EmbeddedChannel (io.netty.channel.embedded.EmbeddedChannel)1
LocalAddress (io.netty.channel.local.LocalAddress)1
LocalChannel (io.netty.channel.local.LocalChannel)1
LocalServerChannel (io.netty.channel.local.LocalServerChannel)1
SslContext (io.netty.handler.ssl.SslContext)1
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)1
InetSocketAddress (java.net.InetSocketAddress)1
SocketAddress (java.net.SocketAddress)1
Test (org.junit.Test)1
