Search in sources :

Example 26 with StringDecoder

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.

the class NettyClientServerSslTest method testSslPinningForInvalidFingerprint.

@Test
public void testSslPinningForInvalidFingerprint() throws Exception {
    NettyProtocol protocol = new NoOpProtocol();
    Configuration config = createSslConfig();
    // pin the certificate based on internal cert
    config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test").replaceAll("[0-9A-Z]", "0"));
    NettyTestUtil.NettyServerAndClient serverAndClient;
    try (NetUtils.Port port = NetUtils.getAvailablePort()) {
        NettyConfig nettyConfig = createNettyConfig(config, port);
        serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
    }
    Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
    Channel ch = NettyTestUtil.connect(serverAndClient);
    ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
    assertFalse(ch.writeAndFlush("test").await().isSuccess());
    NettyTestUtil.shutdown(serverAndClient);
}
Also used : StringEncoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringEncoder) NetUtils(org.apache.flink.util.NetUtils) Configuration(org.apache.flink.configuration.Configuration) NettyServerAndClient(org.apache.flink.runtime.io.network.netty.NettyTestUtil.NettyServerAndClient) SocketChannel(org.apache.flink.shaded.netty4.io.netty.channel.socket.SocketChannel) Channel(org.apache.flink.shaded.netty4.io.netty.channel.Channel) StringDecoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder) Test(org.junit.Test) SSLUtilsTest(org.apache.flink.runtime.net.SSLUtilsTest)

Example 27 with StringDecoder

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.

the class NettyClientServerSslTest method testValidSslConnection.

private void testValidSslConnection(Configuration sslConfig) throws Exception {
    OneShotLatch serverChannelInitComplete = new OneShotLatch();
    final SslHandler[] serverSslHandler = new SslHandler[1];
    NettyProtocol protocol = new NoOpProtocol();
    NettyServerAndClient serverAndClient;
    try (NetUtils.Port port = NetUtils.getAvailablePort()) {
        NettyConfig nettyConfig = createNettyConfig(sslConfig, port);
        final NettyBufferPool bufferPool = new NettyBufferPool(1);
        final NettyServer server = NettyTestUtil.initServer(nettyConfig, bufferPool, sslHandlerFactory -> new TestingServerChannelInitializer(protocol, sslHandlerFactory, serverChannelInitComplete, serverSslHandler));
        final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
        serverAndClient = new NettyServerAndClient(server, client);
    }
    Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
    Channel ch = NettyTestUtil.connect(serverAndClient);
    SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
    assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
    assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());
    // should be able to send text data
    ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
    ch.writeAndFlush("test").sync();
    // session context is only be available after a session was setup -> this should be true
    // after data was sent
    serverChannelInitComplete.await();
    assertNotNull(serverSslHandler[0]);
    // verify server parameters
    assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
    assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
    SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
    assertNotNull("bug in unit test setup: session context not available", sessionContext);
    // note: can't verify session cache setting at the client - delegate to server instead (with
    // our own channel initializer)
    assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
    int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
    if (sessionTimeout != -1) {
        // session timeout config is in milliseconds but the context returns it in seconds
        assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
    } else {
        assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
    }
    NettyTestUtil.shutdown(serverAndClient);
}
Also used : SSLSessionContext(javax.net.ssl.SSLSessionContext) SocketChannel(org.apache.flink.shaded.netty4.io.netty.channel.socket.SocketChannel) Channel(org.apache.flink.shaded.netty4.io.netty.channel.Channel) StringDecoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder) SslHandler(org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler) StringEncoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringEncoder) NetUtils(org.apache.flink.util.NetUtils) OneShotLatch(org.apache.flink.core.testutils.OneShotLatch) NettyServerAndClient(org.apache.flink.runtime.io.network.netty.NettyTestUtil.NettyServerAndClient)

Example 28 with StringDecoder

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.

the class NettyClientServerSslTest method testSslPinningForValidFingerprint.

@Test
public void testSslPinningForValidFingerprint() throws Exception {
    NettyProtocol protocol = new NoOpProtocol();
    Configuration config = createSslConfig();
    // pin the certificate based on internal cert
    config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test"));
    NettyTestUtil.NettyServerAndClient serverAndClient;
    try (NetUtils.Port port = NetUtils.getAvailablePort()) {
        NettyConfig nettyConfig = createNettyConfig(config, port);
        serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
    }
    Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
    Channel ch = NettyTestUtil.connect(serverAndClient);
    ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
    assertTrue(ch.writeAndFlush("test").await().isSuccess());
    NettyTestUtil.shutdown(serverAndClient);
}
Also used : StringEncoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringEncoder) NetUtils(org.apache.flink.util.NetUtils) Configuration(org.apache.flink.configuration.Configuration) NettyServerAndClient(org.apache.flink.runtime.io.network.netty.NettyTestUtil.NettyServerAndClient) SocketChannel(org.apache.flink.shaded.netty4.io.netty.channel.socket.SocketChannel) Channel(org.apache.flink.shaded.netty4.io.netty.channel.Channel) StringDecoder(org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder) Test(org.junit.Test) SSLUtilsTest(org.apache.flink.runtime.net.SSLUtilsTest)

Example 29 with StringDecoder

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project netty by netty.

the class SocketStartTlsTest method testStartTls.

private void testStartTls(ServerBootstrap sb, Bootstrap cb, SslContext serverCtx, SslContext clientCtx, boolean autoRead) throws Throwable {
    sb.childOption(ChannelOption.AUTO_READ, autoRead);
    cb.option(ChannelOption.AUTO_READ, autoRead);
    final EventExecutorGroup executor = SocketStartTlsTest.executor;
    SSLEngine sse = serverCtx.newEngine(PooledByteBufAllocator.DEFAULT);
    SSLEngine cse = clientCtx.newEngine(PooledByteBufAllocator.DEFAULT);
    final StartTlsServerHandler sh = new StartTlsServerHandler(sse, autoRead);
    final StartTlsClientHandler ch = new StartTlsClientHandler(cse, autoRead);
    sb.childHandler(new ChannelInitializer<Channel>() {

        @Override
        public void initChannel(Channel sch) throws Exception {
            ChannelPipeline p = sch.pipeline();
            p.addLast("logger", new LoggingHandler(LOG_LEVEL));
            p.addLast(new LineBasedFrameDecoder(64), new StringDecoder(), new StringEncoder());
            p.addLast(executor, sh);
        }
    });
    cb.handler(new ChannelInitializer<Channel>() {

        @Override
        public void initChannel(Channel sch) throws Exception {
            ChannelPipeline p = sch.pipeline();
            p.addLast("logger", new LoggingHandler(LOG_LEVEL));
            p.addLast(new LineBasedFrameDecoder(64), new StringDecoder(), new StringEncoder());
            p.addLast(executor, ch);
        }
    });
    Channel sc = sb.bind().sync().channel();
    Channel cc = cb.connect(sc.localAddress()).sync().channel();
    while (cc.isActive()) {
        if (sh.exception.get() != null) {
            break;
        }
        if (ch.exception.get() != null) {
            break;
        }
        try {
            Thread.sleep(50);
        } catch (InterruptedException e) {
        // Ignore.
        }
    }
    while (sh.channel.isActive()) {
        if (sh.exception.get() != null) {
            break;
        }
        if (ch.exception.get() != null) {
            break;
        }
        try {
            Thread.sleep(50);
        } catch (InterruptedException e) {
        // Ignore.
        }
    }
    sh.channel.close().awaitUninterruptibly();
    cc.close().awaitUninterruptibly();
    sc.close().awaitUninterruptibly();
    if (sh.exception.get() != null && !(sh.exception.get() instanceof IOException)) {
        throw sh.exception.get();
    }
    if (ch.exception.get() != null && !(ch.exception.get() instanceof IOException)) {
        throw ch.exception.get();
    }
    if (sh.exception.get() != null) {
        throw sh.exception.get();
    }
    if (ch.exception.get() != null) {
        throw ch.exception.get();
    }
}
Also used : DefaultEventExecutorGroup(io.netty.util.concurrent.DefaultEventExecutorGroup) EventExecutorGroup(io.netty.util.concurrent.EventExecutorGroup) LoggingHandler(io.netty.handler.logging.LoggingHandler) SSLEngine(javax.net.ssl.SSLEngine) Channel(io.netty.channel.Channel) LineBasedFrameDecoder(io.netty.handler.codec.LineBasedFrameDecoder) StringDecoder(io.netty.handler.codec.string.StringDecoder) IOException(java.io.IOException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) ChannelPipeline(io.netty.channel.ChannelPipeline) StringEncoder(io.netty.handler.codec.string.StringEncoder)

Example 30 with StringDecoder

use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project netty by netty.

the class FileServer method main.

public static void main(String[] args) throws Exception {
    // Configure SSL.
    final SslContext sslCtx;
    if (SSL) {
        SelfSignedCertificate ssc = new SelfSignedCertificate();
        sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
    } else {
        sslCtx = null;
    }
    // Configure the server.
    EventLoopGroup bossGroup = new NioEventLoopGroup(1);
    EventLoopGroup workerGroup = new NioEventLoopGroup();
    try {
        ServerBootstrap b = new ServerBootstrap();
        b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {

            @Override
            public void initChannel(SocketChannel ch) throws Exception {
                ChannelPipeline p = ch.pipeline();
                if (sslCtx != null) {
                    p.addLast(sslCtx.newHandler(ch.alloc()));
                }
                p.addLast(new StringEncoder(CharsetUtil.UTF_8), new LineBasedFrameDecoder(8192), new StringDecoder(CharsetUtil.UTF_8), new ChunkedWriteHandler(), new FileServerHandler());
            }
        });
        // Start the server.
        ChannelFuture f = b.bind(PORT).sync();
        // Wait until the server socket is closed.
        f.channel().closeFuture().sync();
    } finally {
        // Shut down all event loops to terminate all threads.
        bossGroup.shutdownGracefully();
        workerGroup.shutdownGracefully();
    }
}
Also used : ChannelFuture(io.netty.channel.ChannelFuture) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) LoggingHandler(io.netty.handler.logging.LoggingHandler) SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) LineBasedFrameDecoder(io.netty.handler.codec.LineBasedFrameDecoder) StringDecoder(io.netty.handler.codec.string.StringDecoder) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) ChannelPipeline(io.netty.channel.ChannelPipeline) StringEncoder(io.netty.handler.codec.string.StringEncoder) EventLoopGroup(io.netty.channel.EventLoopGroup) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) ChunkedWriteHandler(io.netty.handler.stream.ChunkedWriteHandler) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) SslContext(io.netty.handler.ssl.SslContext)

Aggregations

StringDecoder (io.netty.handler.codec.string.StringDecoder)63 StringEncoder (io.netty.handler.codec.string.StringEncoder)42 ChannelPipeline (io.netty.channel.ChannelPipeline)35 SocketChannel (io.netty.channel.socket.SocketChannel)27 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)21 ChannelFuture (io.netty.channel.ChannelFuture)18 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)16 DelimiterBasedFrameDecoder (io.netty.handler.codec.DelimiterBasedFrameDecoder)16 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)15 Bootstrap (io.netty.bootstrap.Bootstrap)14 EventLoopGroup (io.netty.channel.EventLoopGroup)14 LineBasedFrameDecoder (io.netty.handler.codec.LineBasedFrameDecoder)14 LengthFieldPrepender (io.netty.handler.codec.LengthFieldPrepender)13 LengthFieldBasedFrameDecoder (io.netty.handler.codec.LengthFieldBasedFrameDecoder)12 Channel (io.netty.channel.Channel)11 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)11 LoggingHandler (io.netty.handler.logging.LoggingHandler)8 ChannelHandler (io.netty.channel.ChannelHandler)6 IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)6 Test (org.junit.Test)6