Example 6 with JdkSslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext in project dubbo by alibaba.
the class SslContextsTest method testSslContextsItem.
protected void testSslContextsItem() throws NoSuchFieldException, IllegalAccessException {
String cipher = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
String protocol = "TLSv1.3";
ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
SslConfig sslConfig = new SslConfig();
sslConfig.setCiphers(Arrays.asList(cipher));
sslConfig.setProtocols(Arrays.asList(protocol));
globalConfigManager.setSsl(sslConfig);
SslContext sslContext = SslContexts.buildClientSslContext(null);
if (sslContext instanceof JdkSslContext) {
JdkSslContext jdkSslContext = (JdkSslContext) sslContext;
List<String> cipherSuites = jdkSslContext.cipherSuites();
Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
Field protocols = JdkSslContext.class.getDeclaredField("protocols");
protocols.setAccessible(true);
String[] item = (String[]) protocols.get(jdkSslContext);
Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
} else if (sslContext instanceof OpenSslContext) {
OpenSslContext openSslContext = (OpenSslContext) sslContext;
Assertions.assertTrue(openSslContext instanceof ReferenceCountedOpenSslContext);
List<String> cipherSuites = openSslContext.cipherSuites();
Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
Field protocols = ReferenceCountedOpenSslContext.class.getDeclaredField("protocols");
protocols.setAccessible(true);
final String[] item = (String[]) protocols.get(openSslContext);
Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
}
}
Also used :
Field(java.lang.reflect.Field)
SslConfig(org.apache.dubbo.config.SslConfig)
ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
OpenSslContext(io.netty.handler.ssl.OpenSslContext)
ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext)
List(java.util.List)
ConfigManager(org.apache.dubbo.config.context.ConfigManager)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SslContext(io.netty.handler.ssl.SslContext)
OpenSslContext(io.netty.handler.ssl.OpenSslContext)
ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext)
Example 7 with JdkSslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext in project vert.x by eclipse.
the class SSLEngineTest method doTest.
private void doTest(SSLEngineOptions engine, boolean useAlpn, HttpVersion version, String error, String expectedSslContext, boolean expectCause) {
server.close();
HttpServerOptions options = new HttpServerOptions().setSslEngineOptions(engine).setPort(DEFAULT_HTTP_PORT).setHost(DEFAULT_HTTP_HOST).setKeyCertOptions(Cert.SERVER_PEM.get()).setSsl(true).setUseAlpn(useAlpn);
try {
server = vertx.createHttpServer(options);
} catch (VertxException e) {
e.printStackTrace();
if (error == null) {
fail(e);
} else {
assertEquals(error, e.getMessage());
if (expectCause) {
assertNotSame(e, e.getCause());
}
}
return;
}
server.requestHandler(req -> {
assertEquals(req.version(), version);
assertTrue(req.isSSL());
req.response().end();
});
server.listen(onSuccess(s -> {
HttpServerImpl impl = (HttpServerImpl) s;
SSLHelper sslHelper = impl.getSslHelper();
SslContext ctx = sslHelper.getContext((VertxInternal) vertx);
switch(expectedSslContext) {
case "jdk":
assertTrue(ctx instanceof JdkSslContext);
break;
case "openssl":
assertTrue(ctx instanceof OpenSslContext);
break;
}
client = vertx.createHttpClient(new HttpClientOptions().setSslEngineOptions(engine).setSsl(true).setUseAlpn(useAlpn).setTrustAll(true).setProtocolVersion(version));
client.getNow(DEFAULT_HTTP_PORT, DEFAULT_HTTP_HOST, "/somepath", resp -> {
assertEquals(200, resp.statusCode());
testComplete();
});
}));
await();
}
Also used :
VertxException(io.vertx.core.VertxException)
HttpServerImpl(io.vertx.core.http.impl.HttpServerImpl)
SSLEngineOptions(io.vertx.core.net.SSLEngineOptions)
VertxInternal(io.vertx.core.impl.VertxInternal)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SslContext(io.netty.handler.ssl.SslContext)
OpenSslContext(io.netty.handler.ssl.OpenSslContext)
Test(org.junit.Test)
Cert(io.vertx.test.core.tls.Cert)
SSLHelper(io.vertx.core.net.impl.SSLHelper)
OpenSSLEngineOptions(io.vertx.core.net.OpenSSLEngineOptions)
HttpTestBase(io.vertx.test.core.HttpTestBase)
HttpVersion(io.vertx.core.http.HttpVersion)
HttpServerOptions(io.vertx.core.http.HttpServerOptions)
HttpClientOptions(io.vertx.core.http.HttpClientOptions)
JdkSSLEngineOptions(io.vertx.core.net.JdkSSLEngineOptions)
SSLHelper(io.vertx.core.net.impl.SSLHelper)
VertxInternal(io.vertx.core.impl.VertxInternal)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
VertxException(io.vertx.core.VertxException)
OpenSslContext(io.netty.handler.ssl.OpenSslContext)
HttpServerOptions(io.vertx.core.http.HttpServerOptions)
HttpClientOptions(io.vertx.core.http.HttpClientOptions)
HttpServerImpl(io.vertx.core.http.impl.HttpServerImpl)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SslContext(io.netty.handler.ssl.SslContext)
OpenSslContext(io.netty.handler.ssl.OpenSslContext)
Example 8 with JdkSslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext in project netty by netty.
the class SocketSslSessionReuseTest method testSslSessionReuse.
public void testSslSessionReuse(ServerBootstrap sb, Bootstrap cb) throws Throwable {
final ReadAndDiscardHandler sh = new ReadAndDiscardHandler(true, true);
final ReadAndDiscardHandler ch = new ReadAndDiscardHandler(false, true);
final String[] protocols = new String[] { "TLSv1", "TLSv1.1", "TLSv1.2" };
sb.childHandler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel sch) throws Exception {
SSLEngine engine = serverCtx.newEngine(sch.alloc());
engine.setUseClientMode(false);
engine.setEnabledProtocols(protocols);
sch.pipeline().addLast(new SslHandler(engine));
sch.pipeline().addLast(sh);
}
});
final Channel sc = sb.bind().sync().channel();
cb.handler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel sch) throws Exception {
InetSocketAddress serverAddr = (InetSocketAddress) sc.localAddress();
SSLEngine engine = clientCtx.newEngine(sch.alloc(), serverAddr.getHostString(), serverAddr.getPort());
engine.setUseClientMode(true);
engine.setEnabledProtocols(protocols);
sch.pipeline().addLast(new SslHandler(engine));
sch.pipeline().addLast(ch);
}
});
try {
SSLSessionContext clientSessionCtx = ((JdkSslContext) clientCtx).sessionContext();
ByteBuf msg = Unpooled.wrappedBuffer(new byte[] { 0xa, 0xb, 0xc, 0xd }, 0, 4);
Channel cc = cb.connect().sync().channel();
cc.writeAndFlush(msg).sync();
cc.closeFuture().sync();
rethrowHandlerExceptions(sh, ch);
Set<String> sessions = sessionIdSet(clientSessionCtx.getIds());
msg = Unpooled.wrappedBuffer(new byte[] { 0xa, 0xb, 0xc, 0xd }, 0, 4);
cc = cb.connect().sync().channel();
cc.writeAndFlush(msg).sync();
cc.closeFuture().sync();
assertEquals("Expected no new sessions", sessions, sessionIdSet(clientSessionCtx.getIds()));
rethrowHandlerExceptions(sh, ch);
} finally {
sc.close().awaitUninterruptibly();
}
}
Also used :
SocketChannel(io.netty.channel.socket.SocketChannel)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SSLSessionContext(javax.net.ssl.SSLSessionContext)
SSLEngine(javax.net.ssl.SSLEngine)
InetSocketAddress(java.net.InetSocketAddress)
SocketChannel(io.netty.channel.socket.SocketChannel)
Channel(io.netty.channel.Channel)
ByteBuf(io.netty.buffer.ByteBuf)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SslHandler(io.netty.handler.ssl.SslHandler)
Example 9 with JdkSslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext in project camel by apache.
the class AhcEndpoint method doStart.
@Override
protected void doStart() throws Exception {
super.doStart();
if (client == null) {
AsyncHttpClientConfig config = null;
if (clientConfig != null) {
DefaultAsyncHttpClientConfig.Builder builder = AhcComponent.cloneConfig(clientConfig);
if (sslContextParameters != null) {
SSLContext sslContext = sslContextParameters.createSSLContext(getCamelContext());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
}
config = builder.build();
} else {
if (sslContextParameters != null) {
DefaultAsyncHttpClientConfig.Builder builder = new DefaultAsyncHttpClientConfig.Builder();
SSLContext sslContext = sslContextParameters.createSSLContext(getCamelContext());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
config = builder.build();
}
}
client = createClient(config);
}
}
Also used :
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
AsyncHttpClientConfig(org.asynchttpclient.AsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
DefaultAsyncHttpClientConfig(org.asynchttpclient.DefaultAsyncHttpClientConfig)
SSLContext(javax.net.ssl.SSLContext)
Example 10 with JdkSslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.JdkSslContext in project aerospike-client-java by aerospike.
the class NettyEventLoops method initTlsContext.
/**
* Initialize TLS context. For internal use only.
*/
public void initTlsContext(TlsPolicy policy) {
if (this.tlsPolicy != null) {
// Already initialized.
return;
}
this.tlsPolicy = policy;
if (policy.context != null) {
// I assume the real protocol used is defined by SSLContext.getProtocol().
if (policy.ciphers == null) {
sslContext = new JdkSslContext(policy.context, true, ClientAuth.NONE);
} else {
// Ciphers are filtered in filterCipherSuites().
// Use null for ApplicationProtocolConfig argument.
sslContext = new JdkSslContext(policy.context, true, null, this, null, ClientAuth.NONE);
}
return;
}
try {
SslContextBuilder builder = SslContextBuilder.forClient();
if (policy.protocols != null) {
builder.protocols(policy.protocols);
}
if (policy.ciphers != null) {
builder.ciphers(Arrays.asList(policy.ciphers));
}
sslContext = builder.build();
} catch (Exception e) {
throw new AerospikeException("Failed to init netty TLS: " + Util.getErrorMessage(e));
}
}
Also used :
AerospikeException(com.aerospike.client.AerospikeException)
JdkSslContext(io.netty.handler.ssl.JdkSslContext)
SslContextBuilder(io.netty.handler.ssl.SslContextBuilder)
AerospikeException(com.aerospike.client.AerospikeException)
Aggregations
JdkSslContext (io.netty.handler.ssl.JdkSslContext)14
SslContext (io.netty.handler.ssl.SslContext)4
SSLContext (javax.net.ssl.SSLContext)4
OpenSslContext (io.netty.handler.ssl.OpenSslContext)3
Channel (io.netty.channel.Channel)2
EventLoopGroup (io.netty.channel.EventLoopGroup)2
SocketChannel (io.netty.channel.socket.SocketChannel)2
ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)2
SslHandler (io.netty.handler.ssl.SslHandler)2
VertxException (io.vertx.core.VertxException)2
HttpClientOptions (io.vertx.core.http.HttpClientOptions)2
HttpServerOptions (io.vertx.core.http.HttpServerOptions)2
HttpVersion (io.vertx.core.http.HttpVersion)2
HttpServerImpl (io.vertx.core.http.impl.HttpServerImpl)2
VertxInternal (io.vertx.core.impl.VertxInternal)2
JdkSSLEngineOptions (io.vertx.core.net.JdkSSLEngineOptions)2
OpenSSLEngineOptions (io.vertx.core.net.OpenSSLEngineOptions)2
SSLEngineOptions (io.vertx.core.net.SSLEngineOptions)2
SSLHelper (io.vertx.core.net.impl.SSLHelper)2
List (java.util.List)2
