Example 6 with SSLEngine
use of javax.net.ssl.SSLEngine in project jetty.project by eclipse.
the class SslBytesServerTest method init.
@Before
public void init() throws Exception {
threadPool = Executors.newCachedThreadPool();
server = new Server();
File keyStore = MavenTestingUtils.getTestResourceFile("keystore.jks");
sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(keyStore.getAbsolutePath());
sslContextFactory.setKeyStorePassword("storepwd");
HttpConnectionFactory httpFactory = new HttpConnectionFactory() {
@Override
public Connection newConnection(Connector connector, EndPoint endPoint) {
return configure(new HttpConnection(getHttpConfiguration(), connector, endPoint, getHttpCompliance(), isRecordHttpComplianceViolations()) {
@Override
protected HttpParser newHttpParser(HttpCompliance compliance) {
return new HttpParser(newRequestHandler(), getHttpConfiguration().getRequestHeaderSize(), compliance) {
@Override
public boolean parseNext(ByteBuffer buffer) {
httpParses.incrementAndGet();
return super.parseNext(buffer);
}
};
}
@Override
protected boolean onReadTimeout() {
final Runnable idleHook = SslBytesServerTest.this.idleHook;
if (idleHook != null)
idleHook.run();
return super.onReadTimeout();
}
}, connector, endPoint);
}
};
httpFactory.getHttpConfiguration().addCustomizer(new SecureRequestCustomizer());
SslConnectionFactory sslFactory = new SslConnectionFactory(sslContextFactory, httpFactory.getProtocol()) {
@Override
protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine) {
return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine) {
@Override
protected DecryptedEndPoint newDecryptedEndPoint() {
return new DecryptedEndPoint() {
@Override
public int fill(ByteBuffer buffer) throws IOException {
sslFills.incrementAndGet();
return super.fill(buffer);
}
@Override
public boolean flush(ByteBuffer... appOuts) throws IOException {
sslFlushes.incrementAndGet();
return super.flush(appOuts);
}
};
}
};
}
};
ServerConnector connector = new ServerConnector(server, null, null, null, 1, 1, sslFactory, httpFactory) {
@Override
protected ChannelEndPoint newEndPoint(SocketChannel channel, ManagedSelector selectSet, SelectionKey key) throws IOException {
ChannelEndPoint endp = super.newEndPoint(channel, selectSet, key);
serverEndPoint.set(endp);
return endp;
}
};
connector.setIdleTimeout(idleTimeout);
connector.setPort(0);
server.addConnector(connector);
server.setHandler(new AbstractHandler() {
@Override
public void handle(String target, Request request, HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws IOException, ServletException {
try {
request.setHandled(true);
String contentLength = request.getHeader("Content-Length");
if (contentLength != null) {
int length = Integer.parseInt(contentLength);
ServletInputStream input = httpRequest.getInputStream();
ServletOutputStream output = httpResponse.getOutputStream();
byte[] buffer = new byte[32 * 1024];
while (length > 0) {
int read = input.read(buffer);
if (read < 0)
throw new EOFException();
length -= read;
if (target.startsWith("/echo"))
output.write(buffer, 0, read);
}
}
} catch (IOException x) {
if (!(target.endsWith("suppress_exception")))
throw x;
}
}
});
server.start();
serverPort = connector.getLocalPort();
sslContext = sslContextFactory.getSslContext();
proxy = new SimpleProxy(threadPool, "localhost", serverPort);
proxy.start();
logger.info("proxy:{} <==> server:{}", proxy.getPort(), serverPort);
}
Also used :
ManagedSelector(org.eclipse.jetty.io.ManagedSelector)
ServerConnector(org.eclipse.jetty.server.ServerConnector)
Connector(org.eclipse.jetty.server.Connector)
SocketChannel(java.nio.channels.SocketChannel)
Server(org.eclipse.jetty.server.Server)
HttpConnection(org.eclipse.jetty.server.HttpConnection)
ChannelEndPoint(org.eclipse.jetty.io.ChannelEndPoint)
ServletOutputStream(javax.servlet.ServletOutputStream)
SSLEngine(javax.net.ssl.SSLEngine)
EndPoint(org.eclipse.jetty.io.EndPoint)
ChannelEndPoint(org.eclipse.jetty.io.ChannelEndPoint)
SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
ServerConnector(org.eclipse.jetty.server.ServerConnector)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
ServletInputStream(javax.servlet.ServletInputStream)
EOFException(java.io.EOFException)
HttpParser(org.eclipse.jetty.http.HttpParser)
SelectionKey(java.nio.channels.SelectionKey)
SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer)
HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory)
Request(org.eclipse.jetty.server.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
ByteBuffer(java.nio.ByteBuffer)
HttpCompliance(org.eclipse.jetty.http.HttpCompliance)
SslConnection(org.eclipse.jetty.io.ssl.SslConnection)
File(java.io.File)
Before(org.junit.Before)
Example 7 with SSLEngine
use of javax.net.ssl.SSLEngine in project jetty.project by eclipse.
the class HttpClientTimeoutTest method testIdleTimeout.
@Test
public void testIdleTimeout() throws Throwable {
long timeout = 1000;
start(new TimeoutHandler(2 * timeout));
client.stop();
final AtomicBoolean sslIdle = new AtomicBoolean();
client = new HttpClient(new HttpClientTransportOverHTTP() {
@Override
public HttpDestination newHttpDestination(Origin origin) {
return new HttpDestinationOverHTTP(getHttpClient(), origin) {
@Override
protected ClientConnectionFactory newSslClientConnectionFactory(ClientConnectionFactory connectionFactory) {
HttpClient client = getHttpClient();
return new SslClientConnectionFactory(client.getSslContextFactory(), client.getByteBufferPool(), client.getExecutor(), connectionFactory) {
@Override
protected SslConnection newSslConnection(ByteBufferPool byteBufferPool, Executor executor, EndPoint endPoint, SSLEngine engine) {
return new SslConnection(byteBufferPool, executor, endPoint, engine) {
@Override
protected boolean onReadTimeout() {
sslIdle.set(true);
return super.onReadTimeout();
}
};
}
};
}
};
}
}, sslContextFactory);
client.setIdleTimeout(timeout);
client.start();
try {
client.newRequest("localhost", connector.getLocalPort()).scheme(scheme).send();
Assert.fail();
} catch (Exception x) {
Assert.assertFalse(sslIdle.get());
Assert.assertThat(x.getCause(), Matchers.instanceOf(TimeoutException.class));
}
}
Also used :
ByteBufferPool(org.eclipse.jetty.io.ByteBufferPool)
SSLEngine(javax.net.ssl.SSLEngine)
SslClientConnectionFactory(org.eclipse.jetty.io.ssl.SslClientConnectionFactory)
HttpClientTransportOverHTTP(org.eclipse.jetty.client.http.HttpClientTransportOverHTTP)
ClientConnectionFactory(org.eclipse.jetty.io.ClientConnectionFactory)
SslClientConnectionFactory(org.eclipse.jetty.io.ssl.SslClientConnectionFactory)
EndPoint(org.eclipse.jetty.io.EndPoint)
ServletException(javax.servlet.ServletException)
TimeoutException(java.util.concurrent.TimeoutException)
SocketTimeoutException(java.net.SocketTimeoutException)
IOException(java.io.IOException)
SslConnection(org.eclipse.jetty.io.ssl.SslConnection)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
Executor(java.util.concurrent.Executor)
HttpDestinationOverHTTP(org.eclipse.jetty.client.http.HttpDestinationOverHTTP)
Test(org.junit.Test)
Example 8 with SSLEngine
use of javax.net.ssl.SSLEngine in project jetty.project by eclipse.
the class ALPNClientConnectionFactory method newConnection.
@Override
public Connection newConnection(EndPoint endPoint, Map<String, Object> context) throws IOException {
SSLEngine sslEngine = (SSLEngine) context.get(SslClientConnectionFactory.SSL_ENGINE_CONTEXT_KEY);
getALPNProcessor().configure(sslEngine, protocols);
ContainerLifeCycle connector = (ContainerLifeCycle) context.get(ClientConnectionFactory.CONNECTOR_CONTEXT_KEY);
// Method addBean() has set semantic, so the listener is added only once.
connector.addBean(alpnListener);
ALPNClientConnection connection = new ALPNClientConnection(endPoint, executor, getClientConnectionFactory(), sslEngine, context, protocols);
return customize(connection, context);
}
Also used :
SSLEngine(javax.net.ssl.SSLEngine)
ContainerLifeCycle(org.eclipse.jetty.util.component.ContainerLifeCycle)
Example 9 with SSLEngine
use of javax.net.ssl.SSLEngine in project jetty.project by eclipse.
the class SslConnectionFactory method newConnection.
@Override
public Connection newConnection(Connector connector, EndPoint endPoint) {
SSLEngine engine = _sslContextFactory.newSSLEngine(endPoint.getRemoteAddress());
engine.setUseClientMode(false);
SslConnection sslConnection = newSslConnection(connector, endPoint, engine);
sslConnection.setRenegotiationAllowed(_sslContextFactory.isRenegotiationAllowed());
configure(sslConnection, connector, endPoint);
ConnectionFactory next = connector.getConnectionFactory(_nextProtocol);
EndPoint decryptedEndPoint = sslConnection.getDecryptedEndPoint();
Connection connection = next.newConnection(connector, decryptedEndPoint);
decryptedEndPoint.setConnection(connection);
return sslConnection;
}
Also used :
SslConnection(org.eclipse.jetty.io.ssl.SslConnection)
SSLEngine(javax.net.ssl.SSLEngine)
Connection(org.eclipse.jetty.io.Connection)
AbstractConnection(org.eclipse.jetty.io.AbstractConnection)
SslConnection(org.eclipse.jetty.io.ssl.SslConnection)
EndPoint(org.eclipse.jetty.io.EndPoint)
Example 10 with SSLEngine
use of javax.net.ssl.SSLEngine in project jetty.project by eclipse.
the class SslContextFactory method dump.
@Override
public void dump(Appendable out, String indent) throws IOException {
out.append(String.valueOf(this)).append(" trustAll=").append(Boolean.toString(_trustAll)).append(System.lineSeparator());
try {
/* Use a pristine SSLEngine (not one from this SslContextFactory).
* This will allow for proper detection and identification
* of JRE/lib/security/java.security level disabled features
*/
SSLEngine sslEngine = SSLContext.getDefault().createSSLEngine();
List<Object> selections = new ArrayList<>();
// protocols
selections.add(new SslSelectionDump("Protocol", sslEngine.getSupportedProtocols(), sslEngine.getEnabledProtocols(), getExcludeProtocols(), getIncludeProtocols()));
// ciphers
selections.add(new SslSelectionDump("Cipher Suite", sslEngine.getSupportedCipherSuites(), sslEngine.getEnabledCipherSuites(), getExcludeCipherSuites(), getIncludeCipherSuites()));
ContainerLifeCycle.dump(out, indent, selections);
} catch (NoSuchAlgorithmException ignore) {
LOG.ignore(ignore);
}
}
Also used :
SSLEngine(javax.net.ssl.SSLEngine)
ArrayList(java.util.ArrayList)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Aggregations
SSLEngine (javax.net.ssl.SSLEngine)494
IOException (java.io.IOException)97
SSLContext (javax.net.ssl.SSLContext)97
ByteBuffer (java.nio.ByteBuffer)91
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)75
SSLException (javax.net.ssl.SSLException)71
Test (org.junit.Test)64
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)54
SslHandler (io.netty.handler.ssl.SslHandler)52
SSLEngineResult (javax.net.ssl.SSLEngineResult)50
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)47
MethodSource (org.junit.jupiter.params.provider.MethodSource)44
SSLParameters (javax.net.ssl.SSLParameters)43
InetSocketAddress (java.net.InetSocketAddress)42
KeyManagementException (java.security.KeyManagementException)42
ReadOnlyBufferException (java.nio.ReadOnlyBufferException)35
KeyStore (java.security.KeyStore)28
Test (org.junit.jupiter.api.Test)22
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)21
Socket (java.net.Socket)21
