Search in sources :

Example 36 with SslContext

use of io.netty.handler.ssl.SslContext in project CorfuDB by CorfuDB.

the class CorfuServer method main.

public static void main(String[] args) {
    serverRunning = true;
    // Parse the options given, using docopt.
    Map<String, Object> opts = new Docopt(USAGE).withVersion(GitRepositoryState.getRepositoryState().describe).parse(args);
    int port = Integer.parseInt((String) opts.get("<port>"));
    // Print a nice welcome message.
    AnsiConsole.systemInstall();
    printLogo();
    System.out.println(ansi().a("Welcome to ").fg(RED).a("CORFU ").fg(MAGENTA).a("SERVER").reset());
    System.out.println(ansi().a("Version ").a(Version.getVersionString()).a(" (").fg(BLUE).a(GitRepositoryState.getRepositoryState().commitIdAbbrev).reset().a(")"));
    System.out.println(ansi().a("Serving on port ").fg(WHITE).a(port).reset());
    System.out.println(ansi().a("Service directory: ").fg(WHITE).a((Boolean) opts.get("--memory") ? "MEMORY mode" : opts.get("--log-path")).reset());
    // Pick the correct logging level before outputting error messages.
    Logger root = (Logger) LoggerFactory.getLogger(Logger.ROOT_LOGGER_NAME);
    switch((String) opts.get("--log-level")) {
        case "ERROR":
            root.setLevel(Level.ERROR);
            break;
        case "WARN":
            root.setLevel(Level.WARN);
            break;
        case "INFO":
            root.setLevel(Level.INFO);
            break;
        case "DEBUG":
            root.setLevel(Level.DEBUG);
            break;
        case "TRACE":
            root.setLevel(Level.TRACE);
            break;
        default:
            root.setLevel(Level.INFO);
            log.warn("Level {} not recognized, defaulting to level INFO", opts.get("--log-level"));
    }
    log.debug("Started with arguments: " + opts);
    // Create the service directory if it does not exist.
    if (!(Boolean) opts.get("--memory")) {
        File serviceDir = new File((String) opts.get("--log-path"));
        if (!serviceDir.exists()) {
            if (serviceDir.mkdirs()) {
                log.info("Created new service directory at {}.", serviceDir);
            }
        } else if (!serviceDir.isDirectory()) {
            log.error("Service directory {} does not point to a directory. Aborting.", serviceDir);
            throw new RuntimeException("Service directory must be a directory!");
        }
    }
    // Now, we start the Netty router, and have it route to the correct port.
    router = new NettyServerRouter(opts);
    // Create a common Server Context for all servers to access.
    serverContext = new ServerContext(opts, router);
    // Add each role to the router.
    addSequencer();
    addLayoutServer();
    addLogUnit();
    addManagementServer();
    router.baseServer.setOptionsMap(opts);
    // Setup SSL if needed
    Boolean tlsEnabled = (Boolean) opts.get("--enable-tls");
    Boolean tlsMutualAuthEnabled = (Boolean) opts.get("--enable-tls-mutual-auth");
    if (tlsEnabled) {
        // Get the TLS cipher suites to enable
        String ciphs = (String) opts.get("--tls-ciphers");
        if (ciphs != null) {
            List<String> ciphers = Pattern.compile(",").splitAsStream(ciphs).map(String::trim).collect(Collectors.toList());
            enabledTlsCipherSuites = ciphers.toArray(new String[ciphers.size()]);
        }
        // Get the TLS protocols to enable
        String protos = (String) opts.get("--tls-protocols");
        if (protos != null) {
            List<String> protocols = Pattern.compile(",").splitAsStream(protos).map(String::trim).collect(Collectors.toList());
            enabledTlsProtocols = protocols.toArray(new String[protocols.size()]);
        }
        try {
            sslContext = TlsUtils.enableTls(TlsUtils.SslContextType.SERVER_CONTEXT, (String) opts.get("--keystore"), e -> {
                log.error("Could not load keys from the key store.");
                System.exit(1);
            }, (String) opts.get("--keystore-password-file"), e -> {
                log.error("Could not read the key store password file.");
                System.exit(1);
            }, (String) opts.get("--truststore"), e -> {
                log.error("Could not load keys from the trust store.");
                System.exit(1);
            }, (String) opts.get("--truststore-password-file"), e -> {
                log.error("Could not read the trust store password file.");
                System.exit(1);
            });
        } catch (Exception ex) {
            log.error("Could not build the SSL context");
            System.exit(1);
        }
    }
    Boolean saslPlainTextAuth = (Boolean) opts.get("--enable-sasl-plain-text-auth");
    // Create the event loops responsible for servicing inbound messages.
    EventLoopGroup bossGroup;
    EventLoopGroup workerGroup;
    EventExecutorGroup ee;
    bossGroup = new NioEventLoopGroup(1, new ThreadFactory() {

        final AtomicInteger threadNum = new AtomicInteger(0);

        @Override
        public Thread newThread(Runnable r) {
            Thread t = new Thread(r);
            t.setName("accept-" + threadNum.getAndIncrement());
            return t;
        }
    });
    workerGroup = new NioEventLoopGroup(Runtime.getRuntime().availableProcessors() * 2, new ThreadFactory() {

        final AtomicInteger threadNum = new AtomicInteger(0);

        @Override
        public Thread newThread(Runnable r) {
            Thread t = new Thread(r);
            t.setName("io-" + threadNum.getAndIncrement());
            return t;
        }
    });
    ee = new DefaultEventExecutorGroup(Runtime.getRuntime().availableProcessors() * 2, new ThreadFactory() {

        final AtomicInteger threadNum = new AtomicInteger(0);

        @Override
        public Thread newThread(Runnable r) {
            Thread t = new Thread(r);
            t.setName("event-" + threadNum.getAndIncrement());
            return t;
        }
    });
    try {
        ServerBootstrap b = new ServerBootstrap();
        b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).childOption(ChannelOption.SO_KEEPALIVE, true).childOption(ChannelOption.SO_REUSEADDR, true).childOption(ChannelOption.TCP_NODELAY, true).childOption(ChannelOption.ALLOCATOR, PooledByteBufAllocator.DEFAULT).childHandler(new ChannelInitializer<SocketChannel>() {

            @Override
            public void initChannel(io.netty.channel.socket.SocketChannel ch) throws Exception {
                if (tlsEnabled) {
                    SSLEngine engine = sslContext.newEngine(ch.alloc());
                    engine.setEnabledCipherSuites(enabledTlsCipherSuites);
                    engine.setEnabledProtocols(enabledTlsProtocols);
                    if (tlsMutualAuthEnabled) {
                        engine.setNeedClientAuth(true);
                    }
                    ch.pipeline().addLast("ssl", new SslHandler(engine));
                }
                ch.pipeline().addLast(new LengthFieldPrepender(4));
                ch.pipeline().addLast(new LengthFieldBasedFrameDecoder(Integer.MAX_VALUE, 0, 4, 0, 4));
                if (saslPlainTextAuth) {
                    ch.pipeline().addLast("sasl/plain-text", new PlainTextSaslNettyServer());
                }
                ch.pipeline().addLast(ee, new NettyCorfuMessageDecoder());
                ch.pipeline().addLast(ee, new NettyCorfuMessageEncoder());
                ch.pipeline().addLast(ee, router);
            }
        });
        ChannelFuture f = b.bind(port).sync();
        while (true) {
            try {
                f.channel().closeFuture().sync();
            } catch (InterruptedException ie) {
            }
        }
    } catch (InterruptedException ie) {
    } catch (Exception ex) {
        log.error("Corfu server shut down unexpectedly due to exception", ex);
    } finally {
        bossGroup.shutdownGracefully();
        workerGroup.shutdownGracefully();
    }
}
Also used : ChannelOption(io.netty.channel.ChannelOption) Getter(lombok.Getter) GitRepositoryState(org.corfudb.util.GitRepositoryState) LoggerFactory(org.slf4j.LoggerFactory) NettyCorfuMessageEncoder(org.corfudb.protocols.wireprotocol.NettyCorfuMessageEncoder) Docopt(org.docopt.Docopt) SSLEngine(javax.net.ssl.SSLEngine) PlainTextSaslNettyServer(org.corfudb.security.sasl.plaintext.PlainTextSaslNettyServer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) DefaultEventExecutorGroup(io.netty.util.concurrent.DefaultEventExecutorGroup) Map(java.util.Map) Color(org.fusesource.jansi.Ansi.Color) ThreadFactory(java.util.concurrent.ThreadFactory) SocketChannel(io.netty.channel.socket.SocketChannel) LengthFieldPrepender(io.netty.handler.codec.LengthFieldPrepender) TlsUtils(org.corfudb.security.tls.TlsUtils) Ansi.ansi(org.fusesource.jansi.Ansi.ansi) LengthFieldBasedFrameDecoder(io.netty.handler.codec.LengthFieldBasedFrameDecoder) NettyCorfuMessageDecoder(org.corfudb.protocols.wireprotocol.NettyCorfuMessageDecoder) EventLoopGroup(io.netty.channel.EventLoopGroup) ChannelInitializer(io.netty.channel.ChannelInitializer) SslContext(io.netty.handler.ssl.SslContext) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) PooledByteBufAllocator(io.netty.buffer.PooledByteBufAllocator) EventExecutorGroup(io.netty.util.concurrent.EventExecutorGroup) Collectors(java.util.stream.Collectors) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) File(java.io.File) ChannelFuture(io.netty.channel.ChannelFuture) Level(ch.qos.logback.classic.Level) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) AnsiConsole(org.fusesource.jansi.AnsiConsole) Logger(ch.qos.logback.classic.Logger) SslHandler(io.netty.handler.ssl.SslHandler) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) Pattern(java.util.regex.Pattern) Version(org.corfudb.util.Version) ThreadFactory(java.util.concurrent.ThreadFactory) SocketChannel(io.netty.channel.socket.SocketChannel) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) DefaultEventExecutorGroup(io.netty.util.concurrent.DefaultEventExecutorGroup) SSLEngine(javax.net.ssl.SSLEngine) NettyCorfuMessageEncoder(org.corfudb.protocols.wireprotocol.NettyCorfuMessageEncoder) Logger(ch.qos.logback.classic.Logger) LengthFieldPrepender(io.netty.handler.codec.LengthFieldPrepender) Docopt(org.docopt.Docopt) PlainTextSaslNettyServer(org.corfudb.security.sasl.plaintext.PlainTextSaslNettyServer) SocketChannel(io.netty.channel.socket.SocketChannel) LengthFieldBasedFrameDecoder(io.netty.handler.codec.LengthFieldBasedFrameDecoder) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) DefaultEventExecutorGroup(io.netty.util.concurrent.DefaultEventExecutorGroup) EventExecutorGroup(io.netty.util.concurrent.EventExecutorGroup) ChannelFuture(io.netty.channel.ChannelFuture) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) SslHandler(io.netty.handler.ssl.SslHandler) NettyCorfuMessageDecoder(org.corfudb.protocols.wireprotocol.NettyCorfuMessageDecoder) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) File(java.io.File)

Example 37 with SslContext

use of io.netty.handler.ssl.SslContext in project pravega by pravega.

the class ConnectionFactoryImpl method establishConnection.

@Override
public CompletableFuture<ClientConnection> establishConnection(PravegaNodeUri location, ReplyProcessor rp) {
    Preconditions.checkNotNull(location);
    Exceptions.checkNotClosed(closed.get(), this);
    final SslContext sslCtx;
    if (clientConfig.isEnableTls()) {
        try {
            SslContextBuilder sslCtxFactory = SslContextBuilder.forClient();
            if (Strings.isNullOrEmpty(clientConfig.getTrustStore())) {
                sslCtxFactory = sslCtxFactory.trustManager(FingerprintTrustManagerFactory.getInstance(FingerprintTrustManagerFactory.getDefaultAlgorithm()));
            } else {
                sslCtxFactory = SslContextBuilder.forClient().trustManager(new File(clientConfig.getTrustStore()));
            }
            sslCtx = sslCtxFactory.build();
        } catch (SSLException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    } else {
        sslCtx = null;
    }
    AppendBatchSizeTracker batchSizeTracker = new AppendBatchSizeTrackerImpl();
    ClientConnectionInboundHandler handler = new ClientConnectionInboundHandler(location.getEndpoint(), rp, batchSizeTracker);
    Bootstrap b = new Bootstrap();
    b.group(group).channel(nio ? NioSocketChannel.class : EpollSocketChannel.class).option(ChannelOption.TCP_NODELAY, true).handler(new ChannelInitializer<SocketChannel>() {

        @Override
        public void initChannel(SocketChannel ch) throws Exception {
            ChannelPipeline p = ch.pipeline();
            if (sslCtx != null) {
                SslHandler sslHandler = sslCtx.newHandler(ch.alloc(), location.getEndpoint(), location.getPort());
                if (clientConfig.isValidateHostName()) {
                    SSLEngine sslEngine = sslHandler.engine();
                    SSLParameters sslParameters = sslEngine.getSSLParameters();
                    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
                    sslEngine.setSSLParameters(sslParameters);
                }
                p.addLast(sslHandler);
            }
            // p.addLast(new LoggingHandler(LogLevel.INFO));
            p.addLast(new ExceptionLoggingHandler(location.getEndpoint()), new CommandEncoder(batchSizeTracker), new LengthFieldBasedFrameDecoder(WireCommands.MAX_WIRECOMMAND_SIZE, 4, 4), new CommandDecoder(), handler);
        }
    });
    // Start the client.
    CompletableFuture<ClientConnection> connectionComplete = new CompletableFuture<>();
    try {
        b.connect(location.getEndpoint(), location.getPort()).addListener(new ChannelFutureListener() {

            @Override
            public void operationComplete(ChannelFuture future) {
                if (future.isSuccess()) {
                    // since ChannelFuture is complete future.channel() is not a blocking call.
                    Channel ch = future.channel();
                    log.debug("Connect operation completed for channel:{}, local address:{}, remote address:{}", ch.id(), ch.localAddress(), ch.remoteAddress());
                    // Once a channel is closed the channel group implementation removes it.
                    allChannels.add(ch);
                    connectionComplete.complete(handler);
                } else {
                    connectionComplete.completeExceptionally(new ConnectionFailedException(future.cause()));
                }
            }
        });
    } catch (Exception e) {
        connectionComplete.completeExceptionally(new ConnectionFailedException(e));
    }
    // check if channel is registered.
    CompletableFuture<Void> channelRegisteredFuture = new CompletableFuture<>();
    handler.completeWhenRegistered(channelRegisteredFuture);
    return connectionComplete.thenCombine(channelRegisteredFuture, (clientConnection, v) -> clientConnection);
}
Also used : NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) EpollSocketChannel(io.netty.channel.epoll.EpollSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) SSLEngine(javax.net.ssl.SSLEngine) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CommandEncoder(io.pravega.shared.protocol.netty.CommandEncoder) SSLException(javax.net.ssl.SSLException) CompletableFuture(java.util.concurrent.CompletableFuture) SSLParameters(javax.net.ssl.SSLParameters) ExceptionLoggingHandler(io.pravega.shared.protocol.netty.ExceptionLoggingHandler) Bootstrap(io.netty.bootstrap.Bootstrap) EpollSocketChannel(io.netty.channel.epoll.EpollSocketChannel) LengthFieldBasedFrameDecoder(io.netty.handler.codec.LengthFieldBasedFrameDecoder) SslContext(io.netty.handler.ssl.SslContext) ChannelFuture(io.netty.channel.ChannelFuture) AppendBatchSizeTracker(io.pravega.shared.protocol.netty.AppendBatchSizeTracker) CommandDecoder(io.pravega.shared.protocol.netty.CommandDecoder) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) EpollSocketChannel(io.netty.channel.epoll.EpollSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) Channel(io.netty.channel.Channel) ChannelFutureListener(io.netty.channel.ChannelFutureListener) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException) SSLException(javax.net.ssl.SSLException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ChannelPipeline(io.netty.channel.ChannelPipeline) SslHandler(io.netty.handler.ssl.SslHandler) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) File(java.io.File) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException)

Example 38 with SslContext

use of io.netty.handler.ssl.SslContext in project pravega by pravega.

the class ConnectionFactoryImplTest method setUp.

@Before
public void setUp() throws Exception {
    // Configure SSL.
    port = TestUtils.getAvailableListenPort();
    final SslContext sslCtx;
    if (ssl) {
        try {
            sslCtx = SslContextBuilder.forServer(new File("../config/cert.pem"), new File("../config/key.pem")).build();
        } catch (SSLException e) {
            throw new RuntimeException(e);
        }
    } else {
        sslCtx = null;
    }
    boolean nio = false;
    EventLoopGroup bossGroup;
    EventLoopGroup workerGroup;
    try {
        bossGroup = new EpollEventLoopGroup(1);
        workerGroup = new EpollEventLoopGroup();
    } catch (ExceptionInInitializerError | UnsatisfiedLinkError | NoClassDefFoundError e) {
        nio = true;
        bossGroup = new NioEventLoopGroup(1);
        workerGroup = new NioEventLoopGroup();
    }
    ServerBootstrap b = new ServerBootstrap();
    b.group(bossGroup, workerGroup).channel(nio ? NioServerSocketChannel.class : EpollServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {

        @Override
        public void initChannel(SocketChannel ch) throws Exception {
            ChannelPipeline p = ch.pipeline();
            if (sslCtx != null) {
                SslHandler handler = sslCtx.newHandler(ch.alloc());
                SSLEngine sslEngine = handler.engine();
                SSLParameters sslParameters = sslEngine.getSSLParameters();
                sslParameters.setEndpointIdentificationAlgorithm("LDAPS");
                sslEngine.setSSLParameters(sslParameters);
                p.addLast(handler);
            }
        }
    });
    // Start the server.
    serverChannel = b.bind("localhost", port).awaitUninterruptibly().channel();
}
Also used : EpollServerSocketChannel(io.netty.channel.epoll.EpollServerSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) LoggingHandler(io.netty.handler.logging.LoggingHandler) SSLEngine(javax.net.ssl.SSLEngine) SSLException(javax.net.ssl.SSLException) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException) SSLException(javax.net.ssl.SSLException) ChannelPipeline(io.netty.channel.ChannelPipeline) SslHandler(io.netty.handler.ssl.SslHandler) EpollEventLoopGroup(io.netty.channel.epoll.EpollEventLoopGroup) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) SSLParameters(javax.net.ssl.SSLParameters) EpollEventLoopGroup(io.netty.channel.epoll.EpollEventLoopGroup) File(java.io.File) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) SslContext(io.netty.handler.ssl.SslContext) Before(org.junit.Before)

Example 39 with SslContext

use of io.netty.handler.ssl.SslContext in project web3sdk by FISCO-BCOS.

the class ChannelConnections method startListen.

public void startListen(Integer port) {
    if (running) {
        logger.debug("服务已启动");
        return;
    }
    logger.debug("初始化connections listen");
    EventLoopGroup bossGroup = new NioEventLoopGroup();
    EventLoopGroup workerGroup = new NioEventLoopGroup();
    final ChannelConnections selfService = this;
    final ThreadPoolTaskExecutor selfThreadPool = threadPool;
    try {
        serverBootstrap.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {

            @Override
            public void initChannel(SocketChannel ch) throws Exception {
                KeyStore ks = KeyStore.getInstance("JKS");
                ResourcePatternResolver resolver = new PathMatchingResourcePatternResolver();
                Resource keystoreResource = resolver.getResource(getClientKeystorePath());
                Resource caResource = resolver.getResource(getCaCertPath());
                ks.load(keystoreResource.getInputStream(), getKeystorePassWord().toCharArray());
                /*
                	 * 每次连接使用新的handler
                	 * 连接信息从socketChannel中获取
                	 */
                ChannelHandler handler = new ChannelHandler();
                handler.setConnections(selfService);
                handler.setIsServer(true);
                handler.setThreadPool(selfThreadPool);
                SslContext sslCtx = SslContextBuilder.forServer((PrivateKey) ks.getKey("client", getClientCertPassWord().toCharArray()), (X509Certificate) ks.getCertificate("client")).trustManager(caResource.getFile()).build();
                ch.pipeline().addLast(sslCtx.newHandler(ch.alloc()), new LengthFieldBasedFrameDecoder(1024 * 1024 * 4, 0, 4, -4, 0), new IdleStateHandler(idleTimeout, idleTimeout, idleTimeout, TimeUnit.MILLISECONDS), handler);
            }
        });
        ChannelFuture future = serverBootstrap.bind(port);
        future.get();
        running = true;
    } catch (Exception e) {
        logger.error("系统错误", e);
    }
}
Also used : ChannelFuture(io.netty.channel.ChannelFuture) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) LoggingHandler(io.netty.handler.logging.LoggingHandler) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) PathMatchingResourcePatternResolver(org.springframework.core.io.support.PathMatchingResourcePatternResolver) ResourcePatternResolver(org.springframework.core.io.support.ResourcePatternResolver) PrivateKey(java.security.PrivateKey) Resource(org.springframework.core.io.Resource) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) IdleStateHandler(io.netty.handler.timeout.IdleStateHandler) ThreadPoolTaskExecutor(org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor) PathMatchingResourcePatternResolver(org.springframework.core.io.support.PathMatchingResourcePatternResolver) LengthFieldBasedFrameDecoder(io.netty.handler.codec.LengthFieldBasedFrameDecoder) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) SslContext(io.netty.handler.ssl.SslContext)

Example 40 with SslContext

use of io.netty.handler.ssl.SslContext in project vert.x by eclipse.

the class SSLEngineTest method doTest.

private void doTest(SSLEngineOptions engine, boolean useAlpn, HttpVersion version, String error, String expectedSslContext, boolean expectCause) {
    server.close();
    HttpServerOptions options = new HttpServerOptions().setSslEngineOptions(engine).setPort(DEFAULT_HTTP_PORT).setHost(DEFAULT_HTTP_HOST).setKeyCertOptions(Cert.SERVER_PEM.get()).setSsl(true).setUseAlpn(useAlpn);
    try {
        server = vertx.createHttpServer(options);
    } catch (VertxException e) {
        e.printStackTrace();
        if (error == null) {
            fail(e);
        } else {
            assertEquals(error, e.getMessage());
            if (expectCause) {
                assertNotSame(e, e.getCause());
            }
        }
        return;
    }
    server.requestHandler(req -> {
        assertEquals(req.version(), version);
        assertTrue(req.isSSL());
        req.response().end();
    });
    server.listen(onSuccess(s -> {
        HttpServerImpl impl = (HttpServerImpl) s;
        SSLHelper sslHelper = impl.getSslHelper();
        SslContext ctx = sslHelper.getContext((VertxInternal) vertx);
        switch(expectedSslContext) {
            case "jdk":
                assertTrue(ctx instanceof JdkSslContext);
                break;
            case "openssl":
                assertTrue(ctx instanceof OpenSslContext);
                break;
        }
        client = vertx.createHttpClient(new HttpClientOptions().setSslEngineOptions(engine).setSsl(true).setUseAlpn(useAlpn).setTrustAll(true).setProtocolVersion(version));
        client.getNow(DEFAULT_HTTP_PORT, DEFAULT_HTTP_HOST, "/somepath", resp -> {
            assertEquals(200, resp.statusCode());
            testComplete();
        });
    }));
    await();
}
Also used : VertxException(io.vertx.core.VertxException) HttpServerImpl(io.vertx.core.http.impl.HttpServerImpl) SSLEngineOptions(io.vertx.core.net.SSLEngineOptions) VertxInternal(io.vertx.core.impl.VertxInternal) JdkSslContext(io.netty.handler.ssl.JdkSslContext) SslContext(io.netty.handler.ssl.SslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext) Test(org.junit.Test) Cert(io.vertx.test.core.tls.Cert) SSLHelper(io.vertx.core.net.impl.SSLHelper) OpenSSLEngineOptions(io.vertx.core.net.OpenSSLEngineOptions) HttpTestBase(io.vertx.test.core.HttpTestBase) HttpVersion(io.vertx.core.http.HttpVersion) HttpServerOptions(io.vertx.core.http.HttpServerOptions) HttpClientOptions(io.vertx.core.http.HttpClientOptions) JdkSSLEngineOptions(io.vertx.core.net.JdkSSLEngineOptions) SSLHelper(io.vertx.core.net.impl.SSLHelper) VertxInternal(io.vertx.core.impl.VertxInternal) JdkSslContext(io.netty.handler.ssl.JdkSslContext) VertxException(io.vertx.core.VertxException) OpenSslContext(io.netty.handler.ssl.OpenSslContext) HttpServerOptions(io.vertx.core.http.HttpServerOptions) HttpClientOptions(io.vertx.core.http.HttpClientOptions) HttpServerImpl(io.vertx.core.http.impl.HttpServerImpl) JdkSslContext(io.netty.handler.ssl.JdkSslContext) SslContext(io.netty.handler.ssl.SslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext)

Aggregations

SslContext (io.netty.handler.ssl.SslContext)68 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)41 EventLoopGroup (io.netty.channel.EventLoopGroup)38 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)24 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)23 LoggingHandler (io.netty.handler.logging.LoggingHandler)22 Channel (io.netty.channel.Channel)21 SocketChannel (io.netty.channel.socket.SocketChannel)20 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)19 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)19 Bootstrap (io.netty.bootstrap.Bootstrap)17 File (java.io.File)14 ChannelFuture (io.netty.channel.ChannelFuture)13 ChannelPipeline (io.netty.channel.ChannelPipeline)13 Test (org.junit.Test)10 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)8 LengthFieldBasedFrameDecoder (io.netty.handler.codec.LengthFieldBasedFrameDecoder)6 ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)5 EpollEventLoopGroup (io.netty.channel.epoll.EpollEventLoopGroup)4 SslHandler (io.netty.handler.ssl.SslHandler)4