Search in sources :

Example 56 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method clientTlsHandler_userEventTriggeredSslEvent_unsupportedProtocol.

@Test
public void clientTlsHandler_userEventTriggeredSslEvent_unsupportedProtocol() throws Exception {
    SslHandler goodSslHandler = new SslHandler(engine, false) {

        @Override
        public String applicationProtocol() {
            return "badproto";
        }
    };
    DefaultEventLoopGroup elg = new DefaultEventLoopGroup(1);
    ClientTlsHandler handler = new ClientTlsHandler(grpcHandler, sslContext, "authority", elg, noopLogger);
    pipeline.addLast(handler);
    final AtomicReference<Throwable> error = new AtomicReference<>();
    ChannelHandler errorCapture = new ChannelInboundHandlerAdapter() {

        @Override
        public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
            error.set(cause);
        }
    };
    pipeline.addLast(errorCapture);
    pipeline.replace(SslHandler.class, null, goodSslHandler);
    pipeline.fireUserEventTriggered(ProtocolNegotiationEvent.DEFAULT);
    channelHandlerCtx = pipeline.context(handler);
    Object sslEvent = SslHandshakeCompletionEvent.SUCCESS;
    pipeline.fireUserEventTriggered(sslEvent);
    // Bad protocol was specified, so there should be an error, (normally handled by WBAEH)
    assertThat(error.get()).hasMessageThat().contains("Unable to find compatible protocol");
    ChannelHandlerContext grpcHandlerCtx = pipeline.context(grpcHandler);
    assertNull(grpcHandlerCtx);
}
Also used : ClientTlsHandler(io.grpc.netty.ProtocolNegotiators.ClientTlsHandler) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) DefaultEventLoopGroup(io.netty.channel.DefaultEventLoopGroup) SslHandler(io.netty.handler.ssl.SslHandler) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter) Test(org.junit.Test)

Example 57 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method tlsHandler_userEventTriggeredSslEvent_unsupportedProtocol.

@Test
public void tlsHandler_userEventTriggeredSslEvent_unsupportedProtocol() throws Exception {
    SslHandler badSslHandler = new SslHandler(engine, false) {

        @Override
        public String applicationProtocol() {
            return "badprotocol";
        }
    };
    ChannelHandler handler = new ServerTlsHandler(grpcHandler, sslContext, null);
    pipeline.addLast(handler);
    final AtomicReference<Throwable> error = new AtomicReference<>();
    ChannelHandler errorCapture = new ChannelInboundHandlerAdapter() {

        @Override
        public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
            error.set(cause);
        }
    };
    pipeline.addLast(errorCapture);
    pipeline.replace(SslHandler.class, null, badSslHandler);
    channelHandlerCtx = pipeline.context(handler);
    Object sslEvent = SslHandshakeCompletionEvent.SUCCESS;
    pipeline.fireUserEventTriggered(sslEvent);
    // No h2 protocol was specified, so there should be an error, (normally handled by WBAEH)
    assertThat(error.get()).hasMessageThat().contains("Unable to find compatible protocol");
    ChannelHandlerContext grpcHandlerCtx = pipeline.context(grpcHandler);
    assertNull(grpcHandlerCtx);
}
Also used : ServerTlsHandler(io.grpc.netty.ProtocolNegotiators.ServerTlsHandler) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) SslHandler(io.netty.handler.ssl.SslHandler) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter) Test(org.junit.Test)

Example 58 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method tlsHandler_userEventTriggeredSslEvent_supportedProtocolH2.

@Test
public void tlsHandler_userEventTriggeredSslEvent_supportedProtocolH2() throws Exception {
    SslHandler goodSslHandler = new SslHandler(engine, false) {

        @Override
        public String applicationProtocol() {
            return "h2";
        }
    };
    ChannelHandler handler = new ServerTlsHandler(grpcHandler, sslContext, null);
    pipeline.addLast(handler);
    pipeline.replace(SslHandler.class, null, goodSslHandler);
    channelHandlerCtx = pipeline.context(handler);
    Object sslEvent = SslHandshakeCompletionEvent.SUCCESS;
    pipeline.fireUserEventTriggered(sslEvent);
    assertTrue(channel.isOpen());
    ChannelHandlerContext grpcHandlerCtx = pipeline.context(grpcHandler);
    assertNotNull(grpcHandlerCtx);
}
Also used : ServerTlsHandler(io.grpc.netty.ProtocolNegotiators.ServerTlsHandler) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) SslHandler(io.netty.handler.ssl.SslHandler) Test(org.junit.Test)

Example 59 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method serverTlsHandler_userEventTriggeredSslEvent_unsupportedProtocolCustom.

@Test
public void serverTlsHandler_userEventTriggeredSslEvent_unsupportedProtocolCustom() throws Exception {
    SslHandler badSslHandler = new SslHandler(engine, false) {

        @Override
        public String applicationProtocol() {
            return "badprotocol";
        }
    };
    File serverCert = TestUtils.loadCert("server1.pem");
    File key = TestUtils.loadCert("server1.key");
    List<String> alpnList = Arrays.asList("managed_mtls", "h2");
    ApplicationProtocolConfig apn = new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, alpnList);
    sslContext = GrpcSslContexts.forServer(serverCert, key).ciphers(TestUtils.preferredTestCiphers(), SupportedCipherSuiteFilter.INSTANCE).applicationProtocolConfig(apn).build();
    ChannelHandler handler = new ServerTlsHandler(grpcHandler, sslContext, null);
    pipeline.addLast(handler);
    final AtomicReference<Throwable> error = new AtomicReference<>();
    ChannelHandler errorCapture = new ChannelInboundHandlerAdapter() {

        @Override
        public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
            error.set(cause);
        }
    };
    pipeline.addLast(errorCapture);
    pipeline.replace(SslHandler.class, null, badSslHandler);
    channelHandlerCtx = pipeline.context(handler);
    Object sslEvent = SslHandshakeCompletionEvent.SUCCESS;
    pipeline.fireUserEventTriggered(sslEvent);
    // No h2 protocol was specified, so there should be an error, (normally handled by WBAEH)
    assertThat(error.get()).hasMessageThat().contains("Unable to find compatible protocol");
    ChannelHandlerContext grpcHandlerCtx = pipeline.context(grpcHandler);
    assertNull(grpcHandlerCtx);
}
Also used : ServerTlsHandler(io.grpc.netty.ProtocolNegotiators.ServerTlsHandler) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) SslHandler(io.netty.handler.ssl.SslHandler) ApplicationProtocolConfig(io.netty.handler.ssl.ApplicationProtocolConfig) File(java.io.File) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter) Test(org.junit.Test)

Example 60 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project vert.x by eclipse.

the class ChannelProvider method initSSL.

private void initSSL(Handler<Channel> handler, SocketAddress peerAddress, String serverName, boolean ssl, boolean useAlpn, Channel ch, Promise<Channel> channelHandler) {
    if (ssl) {
        SslHandler sslHandler = new SslHandler(sslHelper.createEngine(context.owner(), peerAddress, serverName, useAlpn));
        sslHandler.setHandshakeTimeout(sslHelper.getSslHandshakeTimeout(), sslHelper.getSslHandshakeTimeoutUnit());
        ChannelPipeline pipeline = ch.pipeline();
        pipeline.addLast("ssl", sslHandler);
        pipeline.addLast(new ChannelInboundHandlerAdapter() {

            @Override
            public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
                if (evt instanceof SslHandshakeCompletionEvent) {
                    // Notify application
                    SslHandshakeCompletionEvent completion = (SslHandshakeCompletionEvent) evt;
                    if (completion.isSuccess()) {
                        // Remove from the pipeline after handshake result
                        ctx.pipeline().remove(this);
                        applicationProtocol = sslHandler.applicationProtocol();
                        if (handler != null) {
                            context.dispatch(ch, handler);
                        }
                        channelHandler.setSuccess(ctx.channel());
                    } else {
                        SSLHandshakeException sslException = new SSLHandshakeException("Failed to create SSL connection");
                        sslException.initCause(completion.cause());
                        channelHandler.setFailure(sslException);
                    }
                }
                ctx.fireUserEventTriggered(evt);
            }

            @Override
            public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
            // Ignore these exception as they will be reported to the handler
            }
        });
    }
}
Also used : SslHandshakeCompletionEvent(io.netty.handler.ssl.SslHandshakeCompletionEvent) SslHandler(io.netty.handler.ssl.SslHandler) SSLHandshakeException(javax.net.ssl.SSLHandshakeException)

Aggregations

SslHandler (io.netty.handler.ssl.SslHandler)141 SSLEngine (javax.net.ssl.SSLEngine)51 ChannelPipeline (io.netty.channel.ChannelPipeline)37 Channel (io.netty.channel.Channel)29 ChannelHandler (io.netty.channel.ChannelHandler)23 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)23 SslContext (io.netty.handler.ssl.SslContext)21 IOException (java.io.IOException)16 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)15 Test (org.junit.Test)15 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)14 ChannelInitializer (io.netty.channel.ChannelInitializer)13 SocketChannel (io.netty.channel.socket.SocketChannel)13 SSLSession (javax.net.ssl.SSLSession)12 ByteBuf (io.netty.buffer.ByteBuf)11 ChunkedWriteHandler (io.netty.handler.stream.ChunkedWriteHandler)11 IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)11 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)10 HttpObjectAggregator (io.netty.handler.codec.http.HttpObjectAggregator)10 File (java.io.File)10