use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.
the class NettyClientServerSslTest method testSslPinningForInvalidFingerprint.
@Test
public void testSslPinningForInvalidFingerprint() throws Exception {
NettyProtocol protocol = new NoOpProtocol();
Configuration config = createSslConfig();
// pin the certificate based on internal cert
config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test").replaceAll("[0-9A-Z]", "0"));
NettyTestUtil.NettyServerAndClient serverAndClient;
try (NetUtils.Port port = NetUtils.getAvailablePort()) {
NettyConfig nettyConfig = createNettyConfig(config, port);
serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
}
Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
Channel ch = NettyTestUtil.connect(serverAndClient);
ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
assertFalse(ch.writeAndFlush("test").await().isSuccess());
NettyTestUtil.shutdown(serverAndClient);
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.
the class NettyClientServerSslTest method testValidSslConnection.
private void testValidSslConnection(Configuration sslConfig) throws Exception {
OneShotLatch serverChannelInitComplete = new OneShotLatch();
final SslHandler[] serverSslHandler = new SslHandler[1];
NettyProtocol protocol = new NoOpProtocol();
NettyServerAndClient serverAndClient;
try (NetUtils.Port port = NetUtils.getAvailablePort()) {
NettyConfig nettyConfig = createNettyConfig(sslConfig, port);
final NettyBufferPool bufferPool = new NettyBufferPool(1);
final NettyServer server = NettyTestUtil.initServer(nettyConfig, bufferPool, sslHandlerFactory -> new TestingServerChannelInitializer(protocol, sslHandlerFactory, serverChannelInitComplete, serverSslHandler));
final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
serverAndClient = new NettyServerAndClient(server, client);
}
Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
Channel ch = NettyTestUtil.connect(serverAndClient);
SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());
// should be able to send text data
ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
ch.writeAndFlush("test").sync();
// session context is only be available after a session was setup -> this should be true
// after data was sent
serverChannelInitComplete.await();
assertNotNull(serverSslHandler[0]);
// verify server parameters
assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
assertNotNull("bug in unit test setup: session context not available", sessionContext);
// note: can't verify session cache setting at the client - delegate to server instead (with
// our own channel initializer)
assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
if (sessionTimeout != -1) {
// session timeout config is in milliseconds but the context returns it in seconds
assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
} else {
assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
}
NettyTestUtil.shutdown(serverAndClient);
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project flink by apache.
the class NettyClientServerSslTest method testSslPinningForValidFingerprint.
@Test
public void testSslPinningForValidFingerprint() throws Exception {
NettyProtocol protocol = new NoOpProtocol();
Configuration config = createSslConfig();
// pin the certificate based on internal cert
config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test"));
NettyTestUtil.NettyServerAndClient serverAndClient;
try (NetUtils.Port port = NetUtils.getAvailablePort()) {
NettyConfig nettyConfig = createNettyConfig(config, port);
serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
}
Assert.assertNotNull("serverAndClient is null due to fail to get a free port", serverAndClient);
Channel ch = NettyTestUtil.connect(serverAndClient);
ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
assertTrue(ch.writeAndFlush("test").await().isSuccess());
NettyTestUtil.shutdown(serverAndClient);
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project netty by netty.
the class SocketStartTlsTest method testStartTls.
private void testStartTls(ServerBootstrap sb, Bootstrap cb, SslContext serverCtx, SslContext clientCtx, boolean autoRead) throws Throwable {
sb.childOption(ChannelOption.AUTO_READ, autoRead);
cb.option(ChannelOption.AUTO_READ, autoRead);
final EventExecutorGroup executor = SocketStartTlsTest.executor;
SSLEngine sse = serverCtx.newEngine(PooledByteBufAllocator.DEFAULT);
SSLEngine cse = clientCtx.newEngine(PooledByteBufAllocator.DEFAULT);
final StartTlsServerHandler sh = new StartTlsServerHandler(sse, autoRead);
final StartTlsClientHandler ch = new StartTlsClientHandler(cse, autoRead);
sb.childHandler(new ChannelInitializer<Channel>() {
@Override
public void initChannel(Channel sch) throws Exception {
ChannelPipeline p = sch.pipeline();
p.addLast("logger", new LoggingHandler(LOG_LEVEL));
p.addLast(new LineBasedFrameDecoder(64), new StringDecoder(), new StringEncoder());
p.addLast(executor, sh);
}
});
cb.handler(new ChannelInitializer<Channel>() {
@Override
public void initChannel(Channel sch) throws Exception {
ChannelPipeline p = sch.pipeline();
p.addLast("logger", new LoggingHandler(LOG_LEVEL));
p.addLast(new LineBasedFrameDecoder(64), new StringDecoder(), new StringEncoder());
p.addLast(executor, ch);
}
});
Channel sc = sb.bind().sync().channel();
Channel cc = cb.connect(sc.localAddress()).sync().channel();
while (cc.isActive()) {
if (sh.exception.get() != null) {
break;
}
if (ch.exception.get() != null) {
break;
}
try {
Thread.sleep(50);
} catch (InterruptedException e) {
// Ignore.
}
}
while (sh.channel.isActive()) {
if (sh.exception.get() != null) {
break;
}
if (ch.exception.get() != null) {
break;
}
try {
Thread.sleep(50);
} catch (InterruptedException e) {
// Ignore.
}
}
sh.channel.close().awaitUninterruptibly();
cc.close().awaitUninterruptibly();
sc.close().awaitUninterruptibly();
if (sh.exception.get() != null && !(sh.exception.get() instanceof IOException)) {
throw sh.exception.get();
}
if (ch.exception.get() != null && !(ch.exception.get() instanceof IOException)) {
throw ch.exception.get();
}
if (sh.exception.get() != null) {
throw sh.exception.get();
}
if (ch.exception.get() != null) {
throw ch.exception.get();
}
}
use of org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringDecoder in project netty by netty.
the class FileServer method main.
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(ch.alloc()));
}
p.addLast(new StringEncoder(CharsetUtil.UTF_8), new LineBasedFrameDecoder(8192), new StringDecoder(CharsetUtil.UTF_8), new ChunkedWriteHandler(), new FileServerHandler());
}
});
// Start the server.
ChannelFuture f = b.bind(PORT).sync();
// Wait until the server socket is closed.
f.channel().closeFuture().sync();
} finally {
// Shut down all event loops to terminate all threads.
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Aggregations