Search in sources :

Example 96 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class WebServerComponentTest method simpleSecureServerWithClientAuth.

@Test
public void simpleSecureServerWithClientAuth() throws Exception {
    WebServerDTO webServerDTO = new WebServerDTO();
    webServerDTO.bind = "https://localhost:0";
    webServerDTO.path = "webapps";
    webServerDTO.keyStorePath = "./src/test/resources/server.keystore";
    webServerDTO.setKeyStorePassword("password");
    webServerDTO.clientAuth = true;
    webServerDTO.trustStorePath = "./src/test/resources/server.keystore";
    webServerDTO.setTrustStorePassword("password");
    WebServerComponent webServerComponent = new WebServerComponent();
    Assert.assertFalse(webServerComponent.isStarted());
    webServerComponent.configure(webServerDTO, "./src/test/resources/", "./src/test/resources/");
    testedComponents.add(webServerComponent);
    webServerComponent.start();
    final int port = webServerComponent.getPort();
    // Make the connection attempt.
    String keyStoreProvider = "JKS";
    SSLContext context = SSLSupport.createContext(keyStoreProvider, webServerDTO.keyStorePath, webServerDTO.getKeyStorePassword(), keyStoreProvider, webServerDTO.trustStorePath, webServerDTO.getTrustStorePassword());
    SSLEngine engine = context.createSSLEngine();
    engine.setUseClientMode(true);
    engine.setWantClientAuth(true);
    final SslHandler sslHandler = new SslHandler(engine);
    CountDownLatch latch = new CountDownLatch(1);
    final ClientHandler clientHandler = new ClientHandler(latch);
    bootstrap.group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer() {

        @Override
        protected void initChannel(Channel ch) throws Exception {
            ch.pipeline().addLast(sslHandler);
            ch.pipeline().addLast(new HttpClientCodec());
            ch.pipeline().addLast(clientHandler);
        }
    });
    Channel ch = bootstrap.connect("localhost", port).sync().channel();
    URI uri = new URI(SECURE_URL);
    // Prepare the HTTP request.
    HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, uri.getRawPath());
    request.headers().set(HttpHeaderNames.HOST, "localhost");
    // Send the HTTP request.
    ch.writeAndFlush(request);
    assertTrue(latch.await(5, TimeUnit.SECONDS));
    assertEquals(clientHandler.body, "12345");
    // Wait for the server to close the connection.
    ch.close();
    Assert.assertTrue(webServerComponent.isStarted());
    webServerComponent.stop(true);
    Assert.assertFalse(webServerComponent.isStarted());
}
Also used : DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) HttpRequest(io.netty.handler.codec.http.HttpRequest) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) SSLEngine(javax.net.ssl.SSLEngine) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) Channel(io.netty.channel.Channel) SSLContext(javax.net.ssl.SSLContext) WebServerDTO(org.apache.activemq.artemis.dto.WebServerDTO) CountDownLatch(java.util.concurrent.CountDownLatch) HttpClientCodec(io.netty.handler.codec.http.HttpClientCodec) URI(java.net.URI) SslHandler(io.netty.handler.ssl.SslHandler) URISyntaxException(java.net.URISyntaxException) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) WebServerComponent(org.apache.activemq.artemis.component.WebServerComponent) ChannelInitializer(io.netty.channel.ChannelInitializer) Test(org.junit.Test)

Example 97 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class NettyTcpTransport method connect.

@Override
public void connect() throws IOException {
    if (listener == null) {
        throw new IllegalStateException("A transport listener must be set before connection attempts.");
    }
    final SslHandler sslHandler;
    if (isSSL()) {
        try {
            sslHandler = NettyTransportSupport.createSslHandler(getRemoteLocation(), getSslOptions());
        } catch (Exception ex) {
            // TODO: can we stop it throwing Exception?
            throw IOExceptionSupport.create(ex);
        }
    } else {
        sslHandler = null;
    }
    group = new NioEventLoopGroup(1);
    bootstrap = new Bootstrap();
    bootstrap.group(group);
    bootstrap.channel(NioSocketChannel.class);
    bootstrap.handler(new ChannelInitializer<Channel>() {

        @Override
        public void initChannel(Channel connectedChannel) throws Exception {
            configureChannel(connectedChannel, sslHandler);
        }
    });
    configureNetty(bootstrap, getTransportOptions());
    ChannelFuture future = bootstrap.connect(getRemoteHost(), getRemotePort());
    future.addListener(new ChannelFutureListener() {

        @Override
        public void operationComplete(ChannelFuture future) throws Exception {
            if (!future.isSuccess()) {
                handleException(future.channel(), IOExceptionSupport.create(future.cause()));
            }
        }
    });
    try {
        connectLatch.await();
    } catch (InterruptedException ex) {
        LOG.debug("Transport connection was interrupted.");
        Thread.interrupted();
        failureCause = IOExceptionSupport.create(ex);
    }
    if (failureCause != null) {
        // Close out any Netty resources now as they are no longer needed.
        if (channel != null) {
            channel.close().syncUninterruptibly();
            channel = null;
        }
        if (group != null) {
            Future<?> fut = group.shutdownGracefully(0, SHUTDOWN_TIMEOUT, TimeUnit.MILLISECONDS);
            if (!fut.awaitUninterruptibly(2 * SHUTDOWN_TIMEOUT)) {
                LOG.trace("Channel group shutdown failed to complete in allotted time");
            }
            group = null;
        }
        throw failureCause;
    } else {
        // Connected, allow any held async error to fire now and close the transport.
        channel.eventLoop().execute(new Runnable() {

            @Override
            public void run() {
                if (failureCause != null) {
                    channel.pipeline().fireExceptionCaught(failureCause);
                }
            }
        });
    }
}
Also used : ChannelFuture(io.netty.channel.ChannelFuture) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) Channel(io.netty.channel.Channel) ChannelFutureListener(io.netty.channel.ChannelFutureListener) SslHandler(io.netty.handler.ssl.SslHandler) IOException(java.io.IOException) Bootstrap(io.netty.bootstrap.Bootstrap) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)

Example 98 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class NettyTcpTransport method getLocalPrincipal.

@Override
public Principal getLocalPrincipal() {
    Principal result = null;
    if (isSSL()) {
        SslHandler sslHandler = channel.pipeline().get(SslHandler.class);
        result = sslHandler.engine().getSession().getLocalPrincipal();
    }
    return result;
}
Also used : Principal(java.security.Principal) SslHandler(io.netty.handler.ssl.SslHandler)

Example 99 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class NettyConnection method close.

@Override
public final void close() {
    if (closed) {
        return;
    }
    EventLoop eventLoop = channel.eventLoop();
    boolean inEventLoop = eventLoop.inEventLoop();
    // if we are in an event loop we need to close the channel after the writes have finished
    if (!inEventLoop) {
        final SslHandler sslHandler = (SslHandler) channel.pipeline().get("ssl");
        closeSSLAndChannel(sslHandler, channel, false);
    } else {
        eventLoop.execute(() -> {
            final SslHandler sslHandler = (SslHandler) channel.pipeline().get("ssl");
            closeSSLAndChannel(sslHandler, channel, true);
        });
    }
    closed = true;
    listener.connectionDestroyed(getID());
}
Also used : EventLoop(io.netty.channel.EventLoop) SslHandler(io.netty.handler.ssl.SslHandler)

Example 100 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project ratpack by ratpack.

the class RequestActionSupport method createSslHandler.

private SslHandler createSslHandler() throws NoSuchAlgorithmException, SSLException {
    SSLEngine sslEngine;
    if (requestConfig.sslContext != null) {
        sslEngine = createSslEngine(requestConfig.sslContext);
    } else {
        sslEngine = createSslEngine(SslContextBuilder.forClient().build());
    }
    sslEngine.setUseClientMode(true);
    SSLParameters sslParameters = sslEngine.getSSLParameters();
    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
    sslEngine.setSSLParameters(sslParameters);
    return new SslHandler(sslEngine);
}
Also used : SSLParameters(javax.net.ssl.SSLParameters) SSLEngine(javax.net.ssl.SSLEngine) SslHandler(io.netty.handler.ssl.SslHandler)

Aggregations

SslHandler (io.netty.handler.ssl.SslHandler)141 SSLEngine (javax.net.ssl.SSLEngine)51 ChannelPipeline (io.netty.channel.ChannelPipeline)37 Channel (io.netty.channel.Channel)29 ChannelHandler (io.netty.channel.ChannelHandler)23 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)23 SslContext (io.netty.handler.ssl.SslContext)21 IOException (java.io.IOException)16 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)15 Test (org.junit.Test)15 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)14 ChannelInitializer (io.netty.channel.ChannelInitializer)13 SocketChannel (io.netty.channel.socket.SocketChannel)13 SSLSession (javax.net.ssl.SSLSession)12 ByteBuf (io.netty.buffer.ByteBuf)11 ChunkedWriteHandler (io.netty.handler.stream.ChunkedWriteHandler)11 IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)11 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)10 HttpObjectAggregator (io.netty.handler.codec.http.HttpObjectAggregator)10 File (java.io.File)10