Search in sources :

Example 31 with SelfSignedCertificate

use of io.netty.handler.ssl.util.SelfSignedCertificate in project netty by netty.

the class SecureChatServer method main.

public static void main(String[] args) throws Exception {
    SelfSignedCertificate ssc = new SelfSignedCertificate();
    SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
    EventLoopGroup bossGroup = new NioEventLoopGroup(1);
    EventLoopGroup workerGroup = new NioEventLoopGroup();
    try {
        ServerBootstrap b = new ServerBootstrap();
        b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new SecureChatServerInitializer(sslCtx));
        b.bind(PORT).sync().channel().closeFuture().sync();
    } finally {
        bossGroup.shutdownGracefully();
        workerGroup.shutdownGracefully();
    }
}
Also used : LoggingHandler(io.netty.handler.logging.LoggingHandler) SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) SslContext(io.netty.handler.ssl.SslContext)

Example 32 with SelfSignedCertificate

use of io.netty.handler.ssl.util.SelfSignedCertificate in project netty by netty.

the class Http2Server method configureTLS.

private static SslContext configureTLS() throws CertificateException, SSLException {
    SelfSignedCertificate ssc = new SelfSignedCertificate();
    ApplicationProtocolConfig apn = new ApplicationProtocolConfig(Protocol.ALPN, // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
    SelectorFailureBehavior.NO_ADVERTISE, // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
    SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1);
    return SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey(), null).ciphers(CIPHERS, SupportedCipherSuiteFilter.INSTANCE).applicationProtocolConfig(apn).build();
}
Also used : SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) ApplicationProtocolConfig(io.netty.handler.ssl.ApplicationProtocolConfig)

Example 33 with SelfSignedCertificate

use of io.netty.handler.ssl.util.SelfSignedCertificate in project netty by netty.

the class Http2Server method main.

public static void main(String[] args) throws Exception {
    // Configure SSL.
    final SslContext sslCtx;
    if (SSL) {
        SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
        SelfSignedCertificate ssc = new SelfSignedCertificate();
        sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(provider).ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE).applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN, // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
        SelectorFailureBehavior.NO_ADVERTISE, // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
        SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)).build();
    } else {
        sslCtx = null;
    }
    // Configure the server.
    EventLoopGroup group = new NioEventLoopGroup();
    try {
        ServerBootstrap b = new ServerBootstrap();
        b.option(ChannelOption.SO_BACKLOG, 1024);
        b.group(group).channel(NioServerSocketChannel.class).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new Http2ServerInitializer(sslCtx));
        Channel ch = b.bind(PORT).sync().channel();
        System.err.println("Open your HTTP/2-enabled web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/');
        ch.closeFuture().sync();
    } finally {
        group.shutdownGracefully();
    }
}
Also used : LoggingHandler(io.netty.handler.logging.LoggingHandler) SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) Channel(io.netty.channel.Channel) SslProvider(io.netty.handler.ssl.SslProvider) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) SslContext(io.netty.handler.ssl.SslContext) ApplicationProtocolConfig(io.netty.handler.ssl.ApplicationProtocolConfig)

Example 34 with SelfSignedCertificate

use of io.netty.handler.ssl.util.SelfSignedCertificate in project netty by netty.

the class PortUnificationServer method main.

public static void main(String[] args) throws Exception {
    // Configure SSL context
    SelfSignedCertificate ssc = new SelfSignedCertificate();
    final SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
    EventLoopGroup bossGroup = new NioEventLoopGroup(1);
    EventLoopGroup workerGroup = new NioEventLoopGroup();
    try {
        ServerBootstrap b = new ServerBootstrap();
        b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {

            @Override
            public void initChannel(SocketChannel ch) throws Exception {
                ch.pipeline().addLast(new PortUnificationServerHandler(sslCtx));
            }
        });
        // Bind and start to accept incoming connections.
        b.bind(PORT).sync().channel().closeFuture().sync();
    } finally {
        bossGroup.shutdownGracefully();
        workerGroup.shutdownGracefully();
    }
}
Also used : NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) LoggingHandler(io.netty.handler.logging.LoggingHandler) SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) SslContext(io.netty.handler.ssl.SslContext)

Example 35 with SelfSignedCertificate

use of io.netty.handler.ssl.util.SelfSignedCertificate in project netty by netty.

the class SSLEngineTest method testMultipleRecordsInOneBufferWithNonZeroPosition.

@Test
public void testMultipleRecordsInOneBufferWithNonZeroPosition() throws Exception {
    SelfSignedCertificate cert = new SelfSignedCertificate();
    clientSslCtx = SslContextBuilder.forClient().trustManager(cert.cert()).sslProvider(sslClientProvider()).build();
    SSLEngine client = clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);
    serverSslCtx = SslContextBuilder.forServer(cert.certificate(), cert.privateKey()).sslProvider(sslServerProvider()).build();
    SSLEngine server = serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);
    try {
        // Choose buffer size small enough that we can put multiple buffers into one buffer and pass it into the
        // unwrap call without exceed MAX_ENCRYPTED_PACKET_LENGTH.
        ByteBuffer plainClientOut = allocateBuffer(1024);
        ByteBuffer plainServerOut = allocateBuffer(server.getSession().getApplicationBufferSize());
        ByteBuffer encClientToServer = allocateBuffer(client.getSession().getPacketBufferSize());
        int positionOffset = 1;
        // We need to be able to hold 2 records + positionOffset
        ByteBuffer combinedEncClientToServer = allocateBuffer(encClientToServer.capacity() * 2 + positionOffset);
        combinedEncClientToServer.position(positionOffset);
        handshake(client, server);
        plainClientOut.limit(plainClientOut.capacity());
        SSLEngineResult result = client.wrap(plainClientOut, encClientToServer);
        assertEquals(plainClientOut.capacity(), result.bytesConsumed());
        assertTrue(result.bytesProduced() > 0);
        encClientToServer.flip();
        // Copy the first record into the combined buffer
        combinedEncClientToServer.put(encClientToServer);
        plainClientOut.clear();
        encClientToServer.clear();
        result = client.wrap(plainClientOut, encClientToServer);
        assertEquals(plainClientOut.capacity(), result.bytesConsumed());
        assertTrue(result.bytesProduced() > 0);
        encClientToServer.flip();
        int encClientToServerLen = encClientToServer.remaining();
        // Copy the first record into the combined buffer
        combinedEncClientToServer.put(encClientToServer);
        encClientToServer.clear();
        combinedEncClientToServer.flip();
        combinedEncClientToServer.position(positionOffset);
        // Ensure we have the first record and a tiny amount of the second record in the buffer
        combinedEncClientToServer.limit(combinedEncClientToServer.limit() - (encClientToServerLen - positionOffset));
        result = server.unwrap(combinedEncClientToServer, plainServerOut);
        assertEquals(encClientToServerLen, result.bytesConsumed());
        assertTrue(result.bytesProduced() > 0);
    } finally {
        cert.delete();
        cleanupClientSslEngine(client);
        cleanupServerSslEngine(server);
    }
}
Also used : SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) SSLEngineResult(javax.net.ssl.SSLEngineResult) SSLEngine(javax.net.ssl.SSLEngine) ByteBuffer(java.nio.ByteBuffer) Test(org.junit.Test)

Aggregations

SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)63 Test (org.junit.Test)32 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)28 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)26 EventLoopGroup (io.netty.channel.EventLoopGroup)25 SSLEngine (javax.net.ssl.SSLEngine)25 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)21 LoggingHandler (io.netty.handler.logging.LoggingHandler)19 SslContext (io.netty.handler.ssl.SslContext)19 Channel (io.netty.channel.Channel)17 ByteBuffer (java.nio.ByteBuffer)11 SSLEngineResult (javax.net.ssl.SSLEngineResult)10 Bootstrap (io.netty.bootstrap.Bootstrap)9 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)7 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)7 ChannelFuture (io.netty.channel.ChannelFuture)6 ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)6 EmbeddedChannel (io.netty.channel.embedded.EmbeddedChannel)6 SocketChannel (io.netty.channel.socket.SocketChannel)6 File (java.io.File)6