Search in sources :

Example 96 with SslContext

use of io.netty.handler.ssl.SslContext in project rest.li by linkedin.

the class TestHttp2AlpnHandler method testChannelCloseBeforeNegotiation.

@Test(timeOut = 10000)
@SuppressWarnings("unchecked")
public void testChannelCloseBeforeNegotiation() throws Exception {
    SslContext sslContext = Mockito.mock(SslContext.class);
    Http2StreamCodec http2StreamCodec = Mockito.mock(Http2StreamCodec.class);
    Http2AlpnHandler handler = new Http2AlpnHandler(sslContext, http2StreamCodec, true, Integer.MAX_VALUE);
    EmbeddedChannel channel = new EmbeddedChannel(handler);
    RequestWithCallback request = Mockito.mock(RequestWithCallback.class);
    TimeoutAsyncPoolHandle handle = Mockito.mock(TimeoutAsyncPoolHandle.class);
    TimeoutTransportCallback callback = Mockito.mock(TimeoutTransportCallback.class);
    Mockito.when(request.handle()).thenReturn(handle);
    Mockito.when(request.callback()).thenReturn(callback);
    // Write should not succeed before negotiation completes
    Assert.assertFalse(channel.writeOutbound(request));
    Assert.assertFalse(channel.finish());
    // Synchronously waiting for channel to close
    channel.close().sync();
    Mockito.verify(request).handle();
    Mockito.verify(request).callback();
    Mockito.verify(handle).dispose();
    Mockito.verify(callback).onResponse(Mockito.any(TransportResponse.class));
}
Also used : RequestWithCallback(com.linkedin.r2.transport.common.bridge.common.RequestWithCallback) TimeoutTransportCallback(com.linkedin.r2.transport.http.client.TimeoutTransportCallback) EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel) TransportResponse(com.linkedin.r2.transport.common.bridge.common.TransportResponse) SslContext(io.netty.handler.ssl.SslContext) TimeoutAsyncPoolHandle(com.linkedin.r2.transport.http.client.TimeoutAsyncPoolHandle) Test(org.testng.annotations.Test)

Example 97 with SslContext

use of io.netty.handler.ssl.SslContext in project rest.li by linkedin.

the class TestHttp2AlpnHandler method testWriteBeforeNegotiation.

@Test
public void testWriteBeforeNegotiation() throws Exception {
    SslContext sslContext = Mockito.mock(SslContext.class);
    Http2StreamCodec http2StreamCodec = Mockito.mock(Http2StreamCodec.class);
    Http2AlpnHandler handler = new Http2AlpnHandler(sslContext, http2StreamCodec, true, Integer.MAX_VALUE);
    EmbeddedChannel channel = new EmbeddedChannel(handler);
    // Write should not succeed before negotiation completes
    RequestWithCallback request = Mockito.mock(RequestWithCallback.class);
    Assert.assertFalse(channel.writeOutbound(request));
    Assert.assertFalse(channel.finish());
}
Also used : RequestWithCallback(com.linkedin.r2.transport.common.bridge.common.RequestWithCallback) EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel) SslContext(io.netty.handler.ssl.SslContext) Test(org.testng.annotations.Test)

Example 98 with SslContext

use of io.netty.handler.ssl.SslContext in project pravega by pravega.

the class TLSHelper method newServerSslContext.

/**
 * Creates a new instance of {@link SslContext}.
 *
 * @param certificateFile the PEM-encoded server certificate file
 * @param serverKeyFile the PEM-encoded file containing the server's encrypted private key
 * @param tlsProtocolVersion version of TLS protocol
 * @return a {@link SslContext} built from the specified {@code pathToCertificateFile} and {@code pathToServerKeyFile}
 * @throws NullPointerException if either {@code certificateFile} or {@code serverKeyFile} is null
 * @throws IllegalStateException if either {@code certificateFile} or {@code serverKeyFile} doesn't exist or is unreadable.
 * @throws RuntimeException if there is a failure in building the {@link SslContext}
 */
public static SslContext newServerSslContext(File certificateFile, File serverKeyFile, String[] tlsProtocolVersion) {
    Preconditions.checkNotNull(certificateFile);
    Preconditions.checkNotNull(serverKeyFile);
    Preconditions.checkNotNull(tlsProtocolVersion);
    ensureExistAndAreReadable(certificateFile, serverKeyFile);
    try {
        SslContext result = SslContextBuilder.forServer(certificateFile, serverKeyFile).protocols(tlsProtocolVersion).build();
        log.debug("Done creating a new SSL Context for the server.");
        return result;
    } catch (SSLException e) {
        throw new RuntimeException(e);
    }
}
Also used : SSLException(javax.net.ssl.SSLException) SslContext(io.netty.handler.ssl.SslContext)

Example 99 with SslContext

use of io.netty.handler.ssl.SslContext in project pravega by pravega.

the class PravegaConnectionListenerTest method testUsesPollingMonitorForSymbolicLinks.

@Test
public void testUsesPollingMonitorForSymbolicLinks() {
    String pathToCertificateFile = "../../../config/" + SecurityConfigDefaults.TLS_SERVER_CERT_FILE_NAME;
    String pathToKeyFile = "../../../config/" + SecurityConfigDefaults.TLS_SERVER_PRIVATE_KEY_FILE_NAME;
    @Cleanup PravegaConnectionListener listener = new PravegaConnectionListener(true, true, "whatever", -1, mock(StreamSegmentStore.class), mock(TableStore.class), SegmentStatsRecorder.noOp(), TableSegmentStatsRecorder.noOp(), new PassingTokenVerifier(), "dummy-tls-certificate-path", "dummy-tls-key-path", true, NoOpScheduledExecutor.get(), SecurityConfigDefaults.TLS_PROTOCOL_VERSION);
    AtomicReference<SslContext> dummySslCtx = new AtomicReference<>(null);
    FileModificationMonitor monitor = listener.prepareCertificateMonitor(true, pathToCertificateFile, pathToKeyFile, dummySslCtx);
    assertTrue("Unexpected type of FileModificationMonitor", monitor instanceof FileModificationPollingMonitor);
}
Also used : StreamSegmentStore(io.pravega.segmentstore.contracts.StreamSegmentStore) FileModificationMonitor(io.pravega.common.io.filesystem.FileModificationMonitor) PassingTokenVerifier(io.pravega.segmentstore.server.host.delegationtoken.PassingTokenVerifier) FileModificationPollingMonitor(io.pravega.common.io.filesystem.FileModificationPollingMonitor) AtomicReference(java.util.concurrent.atomic.AtomicReference) Cleanup(lombok.Cleanup) TableStore(io.pravega.segmentstore.contracts.tables.TableStore) SslContext(io.netty.handler.ssl.SslContext) Test(org.junit.Test)

Example 100 with SslContext

use of io.netty.handler.ssl.SslContext in project pravega by pravega.

the class PravegaConnectionListenerTest method testUsesEventWatcherForNonSymbolicLinks.

@Test
public void testUsesEventWatcherForNonSymbolicLinks() {
    String pathToCertificateFile = "../../../config/" + SecurityConfigDefaults.TLS_SERVER_CERT_FILE_NAME;
    String pathToKeyFile = "../../../config/" + SecurityConfigDefaults.TLS_SERVER_PRIVATE_KEY_FILE_NAME;
    @Cleanup PravegaConnectionListener listener = new PravegaConnectionListener(true, true, "whatever", -1, mock(StreamSegmentStore.class), mock(TableStore.class), SegmentStatsRecorder.noOp(), TableSegmentStatsRecorder.noOp(), new PassingTokenVerifier(), "dummy-tls-certificate-path", "dummy-tls-key-path", true, NoOpScheduledExecutor.get(), SecurityConfigDefaults.TLS_PROTOCOL_VERSION);
    AtomicReference<SslContext> dummySslCtx = new AtomicReference<>(null);
    FileModificationMonitor monitor = listener.prepareCertificateMonitor(pathToCertificateFile, pathToKeyFile, dummySslCtx);
    assertTrue("Unexpected type of FileModificationMonitor", monitor instanceof FileModificationEventWatcher);
}
Also used : StreamSegmentStore(io.pravega.segmentstore.contracts.StreamSegmentStore) FileModificationMonitor(io.pravega.common.io.filesystem.FileModificationMonitor) PassingTokenVerifier(io.pravega.segmentstore.server.host.delegationtoken.PassingTokenVerifier) AtomicReference(java.util.concurrent.atomic.AtomicReference) FileModificationEventWatcher(io.pravega.common.io.filesystem.FileModificationEventWatcher) Cleanup(lombok.Cleanup) TableStore(io.pravega.segmentstore.contracts.tables.TableStore) SslContext(io.netty.handler.ssl.SslContext) Test(org.junit.Test)

Aggregations

SslContext (io.netty.handler.ssl.SslContext)200 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)63 EventLoopGroup (io.netty.channel.EventLoopGroup)52 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)50 Test (org.junit.Test)48 Channel (io.netty.channel.Channel)43 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)41 SSLException (javax.net.ssl.SSLException)40 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)36 Bootstrap (io.netty.bootstrap.Bootstrap)35 LoggingHandler (io.netty.handler.logging.LoggingHandler)35 SocketChannel (io.netty.channel.socket.SocketChannel)34 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)33 SslHandler (io.netty.handler.ssl.SslHandler)26 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)25 ChannelPipeline (io.netty.channel.ChannelPipeline)23 InetSocketAddress (java.net.InetSocketAddress)23 ChannelFuture (io.netty.channel.ChannelFuture)21 File (java.io.File)21 CertificateException (java.security.cert.CertificateException)20