Examples with SslHandler org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler used on opensource projects

Example 81 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project ambry by linkedin.

the class CopyForcingByteBuf method validateRequest.

// conversionWithGoodInputTest() helpers
/**
 * Validates the various expected properties of the provided {@code nettyRequest}.
 * @param nettyRequest the {@link NettyRequest} that needs to be validated.
 * @param restMethod the expected {@link RestMethod} in {@code nettyRequest}.
 * @param uri the expected URI in {@code nettyRequest}.
 * @param headers the {@link HttpHeaders} passed with the request that need to be in {@link NettyRequest#getArgs()}.
 * @param params the parameters passed with the request that need to be in {@link NettyRequest#getArgs()}.
 * @param httpCookies Set of {@link Cookie} set in the request
 * @param channel the {@link MockChannel} over which the request was received.
 */
private void validateRequest(NettyRequest nettyRequest, RestMethod restMethod, String uri, HttpHeaders headers, Map<String, List<String>> params, Set<Cookie> httpCookies, MockChannel channel) {
    long contentLength = headers.contains(HttpHeaderNames.CONTENT_LENGTH) ? Long.parseLong(headers.get(HttpHeaderNames.CONTENT_LENGTH)) : 0;
    assertTrue("Request channel is not open", nettyRequest.isOpen());
    assertEquals("Mismatch in content length", contentLength, nettyRequest.getSize());
    assertEquals("Mismatch in rest method", restMethod, nettyRequest.getRestMethod());
    assertEquals("Mismatch in path", uri.substring(0, uri.indexOf("?")), nettyRequest.getPath());
    assertEquals("Mismatch in uri", uri, nettyRequest.getUri());
    assertNotNull("There should have been a RestRequestMetricsTracker", nettyRequest.getMetricsTracker());
    assertFalse("Should not have been a multipart request", nettyRequest.isMultipart());
    SSLSession sslSession = nettyRequest.getSSLSession();
    if (channel.pipeline().get(SslHandler.class) == null) {
        assertNull("Non-null SSLSession when pipeline does not contain an SslHandler", sslSession);
    } else {
        assertEquals("SSLSession does not match one from MockChannel", channel.getSSLEngine().getSession(), sslSession);
    }
    Set<javax.servlet.http.Cookie> actualCookies = (Set<javax.servlet.http.Cookie>) nettyRequest.getArgs().get(RestUtils.Headers.COOKIE);
    compareCookies(httpCookies, actualCookies);
    Map<String, List<String>> receivedArgs = new HashMap<String, List<String>>();
    for (Map.Entry<String, Object> e : nettyRequest.getArgs().entrySet()) {
        if (!e.getKey().equalsIgnoreCase(HttpHeaderNames.COOKIE.toString())) {
            if (!receivedArgs.containsKey(e.getKey())) {
                receivedArgs.put(e.getKey(), new LinkedList<String>());
            }
            if (e.getValue() != null) {
                List<String> values = Arrays.asList(e.getValue().toString().split(NettyRequest.MULTIPLE_HEADER_VALUE_DELIMITER));
                receivedArgs.get(e.getKey()).addAll(values);
            }
        }
    }
    Map<String, Integer> keyValueCount = new HashMap<String, Integer>();
    for (Map.Entry<String, List<String>> param : params.entrySet()) {
        boolean containsKey = receivedArgs.containsKey(param.getKey());
        if (BLACKLISTED_QUERY_PARAM_SET.contains(param.getKey())) {
            assertFalse("Should not contain blacklisted key: " + param.getKey(), containsKey);
        } else {
            assertTrue("Did not find key: " + param.getKey(), containsKey);
            if (!keyValueCount.containsKey(param.getKey())) {
                keyValueCount.put(param.getKey(), 0);
            }
            if (param.getValue() != null) {
                boolean containsAllValues = receivedArgs.get(param.getKey()).containsAll(param.getValue());
                assertTrue("Did not find all values expected for key: " + param.getKey(), containsAllValues);
                keyValueCount.put(param.getKey(), keyValueCount.get(param.getKey()) + param.getValue().size());
            }
        }
    }
    for (Map.Entry<String, String> e : headers) {
        if (!e.getKey().equalsIgnoreCase(HttpHeaderNames.COOKIE.toString())) {
            assertTrue("Did not find key: " + e.getKey(), receivedArgs.containsKey(e.getKey()));
            if (!keyValueCount.containsKey(e.getKey())) {
                keyValueCount.put(e.getKey(), 0);
            }
            if (headers.get(e.getKey()) != null) {
                assertTrue("Did not find value '" + e.getValue() + "' expected for key: '" + e.getKey() + "'", receivedArgs.get(e.getKey()).contains(e.getValue()));
                keyValueCount.put(e.getKey(), keyValueCount.get(e.getKey()) + 1);
            }
        }
    }
    assertEquals("Number of args does not match", keyValueCount.size(), receivedArgs.size());
    for (Map.Entry<String, Integer> e : keyValueCount.entrySet()) {
        assertEquals("Value count for key " + e.getKey() + " does not match", e.getValue().intValue(), receivedArgs.get(e.getKey()).size());
    }
    assertEquals("Auto-read is in an invalid state", (!restMethod.equals(RestMethod.POST) && !restMethod.equals(RestMethod.PUT)) || NettyRequest.bufferWatermark <= 0, channel.config().isAutoRead());
}

Example 82 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project ambry by linkedin.

the class CopyForcingByteBuf method addSslHandlerToPipeline.

/**
 * Add an {@link SslHandler} to the pipeline (for testing {@link NettyRequest#getSSLSession()}.
 * @throws SSLException
 * @throws CertificateException
 */
MockChannel addSslHandlerToPipeline() throws SSLException, CertificateException {
    if (pipeline().get(SslHandler.class) == null) {
        SelfSignedCertificate ssc = new SelfSignedCertificate();
        SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
        sslEngine = sslCtx.newEngine(alloc());
        pipeline().addFirst(new SslHandler(sslEngine));
    }
    return this;
}

Example 83 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project ambry by linkedin.

the class NettyPerfClient method start.

/**
 * Starts the NettyPerfClient.
 * @throws InterruptedException
 */
protected void start() throws InterruptedException {
    logger.info("Starting NettyPerfClient");
    reporter.start();
    group = new NioEventLoopGroup(concurrency);
    b.group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer<SocketChannel>() {

        @Override
        public void initChannel(SocketChannel ch) throws Exception {
            if (sslFactory != null) {
                ch.pipeline().addLast("sslHandler", new SslHandler(sslFactory.createSSLEngine(host, port, SSLFactory.Mode.CLIENT)));
            }
            ch.pipeline().addLast(new HttpClientCodec()).addLast(new ChunkedWriteHandler()).addLast(new ResponseHandler());
        }
    });
    logger.info("Connecting to {}:{}", host, port);
    b.remoteAddress(host, port);
    perfClientStartTime = System.currentTimeMillis();
    for (int i = 0; i < concurrency; i++) {
        b.connect().addListener(channelConnectListener);
    }
    isRunning = true;
    logger.info("Created {} channel(s)", concurrency);
    logger.info("NettyPerfClient started");
}

Example 84 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project pravega by pravega.

the class PravegaConnectionListener method startListening.

// endregion
public void startListening() {
    // Configure SSL.
    final SslContext sslCtx;
    if (ssl) {
        try {
            sslCtx = SslContextBuilder.forServer(new File(this.certFile), new File(this.keyFile)).build();
        } catch (SSLException e) {
            throw new RuntimeException(e);
        }
    } else {
        sslCtx = null;
    }
    boolean nio = false;
    try {
        bossGroup = new EpollEventLoopGroup(1);
        workerGroup = new EpollEventLoopGroup();
    } catch (ExceptionInInitializerError | UnsatisfiedLinkError | NoClassDefFoundError e) {
        nio = true;
        bossGroup = new NioEventLoopGroup(1);
        workerGroup = new NioEventLoopGroup();
    }
    ServerBootstrap b = new ServerBootstrap();
    b.group(bossGroup, workerGroup).channel(nio ? NioServerSocketChannel.class : EpollServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {

        @Override
        public void initChannel(SocketChannel ch) throws Exception {
            ChannelPipeline p = ch.pipeline();
            if (sslCtx != null) {
                SslHandler handler = sslCtx.newHandler(ch.alloc());
                p.addLast(handler);
            }
            ServerConnectionInboundHandler lsh = new ServerConnectionInboundHandler();
            // p.addLast(new LoggingHandler(LogLevel.INFO));
            p.addLast(new ExceptionLoggingHandler(ch.remoteAddress().toString()), new CommandEncoder(null), new LengthFieldBasedFrameDecoder(MAX_WIRECOMMAND_SIZE, 4, 4), new CommandDecoder(), new AppendDecoder(), lsh);
            lsh.setRequestProcessor(new AppendProcessor(store, lsh, new PravegaRequestProcessor(store, lsh, statsRecorder, tokenVerifier), statsRecorder, tokenVerifier));
        }
    });
    // Start the server.
    serverChannel = b.bind(host, port).awaitUninterruptibly().channel();
}

Example 85 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project camel by apache.

the class HttpClientInitializerFactory method initChannel.

@Override
protected void initChannel(Channel ch) throws Exception {
    // create a new pipeline
    ChannelPipeline pipeline = ch.pipeline();
    SslHandler sslHandler = configureClientSSLOnDemand();
    if (sslHandler != null) {
        //TODO must close on SSL exception
        //sslHandler.setCloseOnSSLException(true);
        LOG.debug("Client SSL handler configured and added as an interceptor against the ChannelPipeline: {}", sslHandler);
        pipeline.addLast("ssl", sslHandler);
    }
    pipeline.addLast("http", new HttpClientCodec());
    List<ChannelHandler> encoders = producer.getConfiguration().getEncoders();
    for (int x = 0; x < encoders.size(); x++) {
        ChannelHandler encoder = encoders.get(x);
        if (encoder instanceof ChannelHandlerFactory) {
            // use the factory to create a new instance of the channel as it may not be shareable
            encoder = ((ChannelHandlerFactory) encoder).newChannelHandler();
        }
        pipeline.addLast("encoder-" + x, encoder);
    }
    List<ChannelHandler> decoders = producer.getConfiguration().getDecoders();
    for (int x = 0; x < decoders.size(); x++) {
        ChannelHandler decoder = decoders.get(x);
        if (decoder instanceof ChannelHandlerFactory) {
            // use the factory to create a new instance of the channel as it may not be shareable
            decoder = ((ChannelHandlerFactory) decoder).newChannelHandler();
        }
        pipeline.addLast("decoder-" + x, decoder);
    }
    pipeline.addLast("aggregator", new HttpObjectAggregator(configuration.getChunkedMaxContentLength()));
    if (producer.getConfiguration().getRequestTimeout() > 0) {
        if (LOG.isTraceEnabled()) {
            LOG.trace("Using request timeout {} millis", producer.getConfiguration().getRequestTimeout());
        }
        ChannelHandler timeout = new ReadTimeoutHandler(producer.getConfiguration().getRequestTimeout(), TimeUnit.MILLISECONDS);
        pipeline.addLast("timeout", timeout);
    }
    // handler to route Camel messages
    pipeline.addLast("handler", new HttpClientChannelHandler(producer));
}