Example 66 with SslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project pinpoint by naver.
the class PinpointNettyServerBuilder method useTransportSecurity.
@Override
public PinpointNettyServerBuilder useTransportSecurity(InputStream certChain, InputStream privateKey) {
checkState(!freezeProtocolNegotiatorFactory, "Cannot change security when using ServerCredentials");
SslContext sslContext;
try {
sslContext = GrpcSslContexts.forServer(certChain, privateKey).build();
} catch (SSLException e) {
// This should likely be some other, easier to catch exception.
throw new RuntimeException(e);
}
protocolNegotiatorFactory = ProtocolNegotiators.serverTlsFactory(sslContext);
return this;
}
Also used :
SSLException(javax.net.ssl.SSLException)
SslContext(io.netty.handler.ssl.SslContext)
Example 67 with SslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project pinpoint by naver.
the class DefaultChannelFactory method build.
@Override
public ManagedChannel build(String channelName, String host, int port) {
final NettyChannelBuilder channelBuilder = NettyChannelBuilder.forAddress(host, port);
channelBuilder.usePlaintext();
logger.info("ChannelType:{}", channelType.getSimpleName());
channelBuilder.channelType(channelType);
channelBuilder.eventLoopGroup(eventLoopGroup);
setupInternal(channelBuilder);
channelBuilder.defaultLoadBalancingPolicy(GrpcUtil.DEFAULT_LB_POLICY);
addHeader(channelBuilder);
addClientInterceptor(channelBuilder);
channelBuilder.executor(executorService);
if (nameResolverProvider != null) {
logger.info("Set nameResolverProvider {}. channelName={}, host={}, port={}", this.nameResolverProvider, channelName, host, port);
setNameResolverFactory(channelBuilder, this.nameResolverProvider);
}
setupClientOption(channelBuilder);
if (sslClientConfig.isEnable()) {
SslContext sslContext = null;
try {
sslContext = SslContextFactory.create(sslClientConfig);
} catch (SSLException e) {
throw new SecurityException(e);
}
channelBuilder.sslContext(sslContext);
channelBuilder.negotiationType(NegotiationType.TLS);
}
channelBuilder.maxTraceEvents(clientOption.getMaxTraceEvent());
final ManagedChannel channel = channelBuilder.build();
return channel;
}
Also used :
InternalNettyChannelBuilder(io.grpc.netty.InternalNettyChannelBuilder)
NettyChannelBuilder(io.grpc.netty.NettyChannelBuilder)
ManagedChannel(io.grpc.ManagedChannel)
SSLException(javax.net.ssl.SSLException)
SslContext(io.netty.handler.ssl.SslContext)
Example 68 with SslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project pinpoint by naver.
the class SslContextFactory method create.
public static SslContext create(SslClientConfig clientConfig) throws SSLException {
Objects.requireNonNull(clientConfig, "clientConfig");
if (!clientConfig.isEnable()) {
throw new IllegalArgumentException("sslConfig is disabled.");
}
SslProvider sslProvider = getSslProvider(clientConfig.getSslProviderType());
SslContextBuilder sslContextBuilder = null;
try {
sslContextBuilder = SslContextBuilder.forClient();
Resource trustCertResource = clientConfig.getTrustCertResource();
if (trustCertResource != null) {
sslContextBuilder.trustManager(trustCertResource.getInputStream());
} else {
// Loads default Root CA certificates (generally, from JAVA_HOME/lib/cacerts)
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
sslContextBuilder.trustManager(trustManagerFactory);
}
SslContext sslContext = createSslContext(sslContextBuilder, sslProvider);
assertValidCipherSuite(sslContext);
return sslContext;
} catch (SSLException e) {
throw e;
} catch (Exception e) {
throw new SSLException(e);
}
}
Also used :
SslContextBuilder(io.netty.handler.ssl.SslContextBuilder)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
Resource(com.navercorp.pinpoint.grpc.util.Resource)
SslProvider(io.netty.handler.ssl.SslProvider)
SSLException(javax.net.ssl.SSLException)
SSLException(javax.net.ssl.SSLException)
SslContext(io.netty.handler.ssl.SslContext)
Example 69 with SslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project instrumentation-java by census-instrumentation.
the class OcAgentMetricsExporterConfigurationTest method setAndGet.
@Test
public void setAndGet() throws SSLException {
Duration oneMinute = Duration.create(60, 0);
Duration fiveMinutes = Duration.create(300, 0);
SslContext sslContext = SslContextBuilder.forClient().build();
OcAgentMetricsExporterConfiguration configuration = OcAgentMetricsExporterConfiguration.builder().setEndPoint("192.168.0.1:50051").setServiceName("service").setUseInsecure(false).setSslContext(sslContext).setRetryInterval(fiveMinutes).setExportInterval(oneMinute).build();
assertThat(configuration.getEndPoint()).isEqualTo("192.168.0.1:50051");
assertThat(configuration.getServiceName()).isEqualTo("service");
assertThat(configuration.getUseInsecure()).isFalse();
assertThat(configuration.getSslContext()).isEqualTo(sslContext);
assertThat(configuration.getRetryInterval()).isEqualTo(fiveMinutes);
assertThat(configuration.getExportInterval()).isEqualTo(oneMinute);
}
Also used :
Duration(io.opencensus.common.Duration)
SslContext(io.netty.handler.ssl.SslContext)
Test(org.junit.Test)
Example 70 with SslContext
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project netty by netty.
the class OcspTest method testServerOcspNotEnabled.
private static void testServerOcspNotEnabled(SslProvider sslProvider) throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
try {
SslContext context = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(sslProvider).build();
try {
SslHandler sslHandler = context.newHandler(ByteBufAllocator.DEFAULT);
final ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) sslHandler.engine();
try {
assertThrows(IllegalStateException.class, new Executable() {
@Override
public void execute() {
engine.setOcspResponse(new byte[] { 1, 2, 3 });
}
});
} finally {
engine.release();
}
} finally {
ReferenceCountUtil.release(context);
}
} finally {
ssc.delete();
}
}
Also used :
ReferenceCountedOpenSslEngine(io.netty.handler.ssl.ReferenceCountedOpenSslEngine)
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
Executable(org.junit.jupiter.api.function.Executable)
SslHandler(io.netty.handler.ssl.SslHandler)
SslContext(io.netty.handler.ssl.SslContext)
Aggregations
SslContext (io.netty.handler.ssl.SslContext)221
NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)67
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)59
EventLoopGroup (io.netty.channel.EventLoopGroup)52
Channel (io.netty.channel.Channel)48
Test (org.junit.Test)48
SSLException (javax.net.ssl.SSLException)46
ServerBootstrap (io.netty.bootstrap.ServerBootstrap)41
SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)37
NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)36
Bootstrap (io.netty.bootstrap.Bootstrap)35
LoggingHandler (io.netty.handler.logging.LoggingHandler)35
SocketChannel (io.netty.channel.socket.SocketChannel)34
NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)33
InetSocketAddress (java.net.InetSocketAddress)31
SslHandler (io.netty.handler.ssl.SslHandler)30
CertificateException (java.security.cert.CertificateException)29
IOException (java.io.IOException)26
File (java.io.File)24
ChannelPipeline (io.netty.channel.ChannelPipeline)23
