use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.
the class WebServerComponentTest method simpleSecureServerWithClientAuth.
@Test
public void simpleSecureServerWithClientAuth() throws Exception {
WebServerDTO webServerDTO = new WebServerDTO();
webServerDTO.bind = "https://localhost:0";
webServerDTO.path = "webapps";
webServerDTO.keyStorePath = "./src/test/resources/server.keystore";
webServerDTO.setKeyStorePassword("password");
webServerDTO.clientAuth = true;
webServerDTO.trustStorePath = "./src/test/resources/server.keystore";
webServerDTO.setTrustStorePassword("password");
WebServerComponent webServerComponent = new WebServerComponent();
Assert.assertFalse(webServerComponent.isStarted());
webServerComponent.configure(webServerDTO, "./src/test/resources/", "./src/test/resources/");
testedComponents.add(webServerComponent);
webServerComponent.start();
final int port = webServerComponent.getPort();
// Make the connection attempt.
String keyStoreProvider = "JKS";
SSLContext context = SSLSupport.createContext(keyStoreProvider, webServerDTO.keyStorePath, webServerDTO.getKeyStorePassword(), keyStoreProvider, webServerDTO.trustStorePath, webServerDTO.getTrustStorePassword());
SSLEngine engine = context.createSSLEngine();
engine.setUseClientMode(true);
engine.setWantClientAuth(true);
final SslHandler sslHandler = new SslHandler(engine);
CountDownLatch latch = new CountDownLatch(1);
final ClientHandler clientHandler = new ClientHandler(latch);
bootstrap.group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslHandler);
ch.pipeline().addLast(new HttpClientCodec());
ch.pipeline().addLast(clientHandler);
}
});
Channel ch = bootstrap.connect("localhost", port).sync().channel();
URI uri = new URI(SECURE_URL);
// Prepare the HTTP request.
HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, uri.getRawPath());
request.headers().set(HttpHeaderNames.HOST, "localhost");
// Send the HTTP request.
ch.writeAndFlush(request);
assertTrue(latch.await(5, TimeUnit.SECONDS));
assertEquals(clientHandler.body, "12345");
// Wait for the server to close the connection.
ch.close();
Assert.assertTrue(webServerComponent.isStarted());
webServerComponent.stop(true);
Assert.assertFalse(webServerComponent.isStarted());
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.
the class NettyTcpTransport method connect.
@Override
public void connect() throws IOException {
if (listener == null) {
throw new IllegalStateException("A transport listener must be set before connection attempts.");
}
final SslHandler sslHandler;
if (isSSL()) {
try {
sslHandler = NettyTransportSupport.createSslHandler(getRemoteLocation(), getSslOptions());
} catch (Exception ex) {
// TODO: can we stop it throwing Exception?
throw IOExceptionSupport.create(ex);
}
} else {
sslHandler = null;
}
group = new NioEventLoopGroup(1);
bootstrap = new Bootstrap();
bootstrap.group(group);
bootstrap.channel(NioSocketChannel.class);
bootstrap.handler(new ChannelInitializer<Channel>() {
@Override
public void initChannel(Channel connectedChannel) throws Exception {
configureChannel(connectedChannel, sslHandler);
}
});
configureNetty(bootstrap, getTransportOptions());
ChannelFuture future = bootstrap.connect(getRemoteHost(), getRemotePort());
future.addListener(new ChannelFutureListener() {
@Override
public void operationComplete(ChannelFuture future) throws Exception {
if (!future.isSuccess()) {
handleException(future.channel(), IOExceptionSupport.create(future.cause()));
}
}
});
try {
connectLatch.await();
} catch (InterruptedException ex) {
LOG.debug("Transport connection was interrupted.");
Thread.interrupted();
failureCause = IOExceptionSupport.create(ex);
}
if (failureCause != null) {
// Close out any Netty resources now as they are no longer needed.
if (channel != null) {
channel.close().syncUninterruptibly();
channel = null;
}
if (group != null) {
Future<?> fut = group.shutdownGracefully(0, SHUTDOWN_TIMEOUT, TimeUnit.MILLISECONDS);
if (!fut.awaitUninterruptibly(2 * SHUTDOWN_TIMEOUT)) {
LOG.trace("Channel group shutdown failed to complete in allotted time");
}
group = null;
}
throw failureCause;
} else {
// Connected, allow any held async error to fire now and close the transport.
channel.eventLoop().execute(new Runnable() {
@Override
public void run() {
if (failureCause != null) {
channel.pipeline().fireExceptionCaught(failureCause);
}
}
});
}
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.
the class NettyTcpTransport method getLocalPrincipal.
@Override
public Principal getLocalPrincipal() {
Principal result = null;
if (isSSL()) {
SslHandler sslHandler = channel.pipeline().get(SslHandler.class);
result = sslHandler.engine().getSession().getLocalPrincipal();
}
return result;
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.
the class NettyConnection method close.
@Override
public final void close() {
if (closed) {
return;
}
EventLoop eventLoop = channel.eventLoop();
boolean inEventLoop = eventLoop.inEventLoop();
// if we are in an event loop we need to close the channel after the writes have finished
if (!inEventLoop) {
final SslHandler sslHandler = (SslHandler) channel.pipeline().get("ssl");
closeSSLAndChannel(sslHandler, channel, false);
} else {
eventLoop.execute(() -> {
final SslHandler sslHandler = (SslHandler) channel.pipeline().get("ssl");
closeSSLAndChannel(sslHandler, channel, true);
});
}
closed = true;
listener.connectionDestroyed(getID());
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project ratpack by ratpack.
the class RequestActionSupport method createSslHandler.
private SslHandler createSslHandler() throws NoSuchAlgorithmException, SSLException {
SSLEngine sslEngine;
if (requestConfig.sslContext != null) {
sslEngine = createSslEngine(requestConfig.sslContext);
} else {
sslEngine = createSslEngine(SslContextBuilder.forClient().build());
}
sslEngine.setUseClientMode(true);
SSLParameters sslParameters = sslEngine.getSSLParameters();
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
sslEngine.setSSLParameters(sslParameters);
return new SslHandler(sslEngine);
}
Aggregations