Examples with SslHandler - org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler

Example 21 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class CertificateUtil method getPeerPrincipalFromConnection.

public static Principal getPeerPrincipalFromConnection(RemotingConnection remotingConnection) {
    Principal result = null;
    if (remotingConnection != null) {
        Connection transportConnection = remotingConnection.getTransportConnection();
        if (transportConnection instanceof NettyConnection) {
            NettyConnection nettyConnection = (NettyConnection) transportConnection;
            ChannelHandler channelHandler = nettyConnection.getChannel().pipeline().get("ssl");
            if (channelHandler != null && channelHandler instanceof SslHandler) {
                SslHandler sslHandler = (SslHandler) channelHandler;
                try {
                    result = sslHandler.engine().getSession().getPeerPrincipal();
                } catch (SSLPeerUnverifiedException ignored) {
                }
            }
        }
    }
    return result;
}

Also used : NettyConnection(org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) Connection(org.apache.activemq.artemis.spi.core.remoting.Connection) NettyConnection(org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection) RemotingConnection(org.apache.activemq.artemis.spi.core.protocol.RemotingConnection) ChannelHandler(io.netty.channel.ChannelHandler) Principal(java.security.Principal) SslHandler(io.netty.handler.ssl.SslHandler)

Example 22 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project activemq-artemis by apache.

the class WebServerComponentTest method simpleSecureServer.

@Test
public void simpleSecureServer() throws Exception {
    WebServerDTO webServerDTO = new WebServerDTO();
    webServerDTO.bind = "https://localhost:0";
    webServerDTO.path = "webapps";
    webServerDTO.keyStorePath = "./src/test/resources/server.keystore";
    webServerDTO.setKeyStorePassword("password");
    WebServerComponent webServerComponent = new WebServerComponent();
    Assert.assertFalse(webServerComponent.isStarted());
    webServerComponent.configure(webServerDTO, "./src/test/resources/", "./src/test/resources/");
    testedComponents.add(webServerComponent);
    webServerComponent.start();
    final int port = webServerComponent.getPort();
    // Make the connection attempt.
    String keyStoreProvider = "JKS";
    SSLContext context = SSLSupport.createContext(keyStoreProvider, webServerDTO.keyStorePath, webServerDTO.getKeyStorePassword(), keyStoreProvider, webServerDTO.keyStorePath, webServerDTO.getKeyStorePassword());
    SSLEngine engine = context.createSSLEngine();
    engine.setUseClientMode(true);
    engine.setWantClientAuth(true);
    final SslHandler sslHandler = new SslHandler(engine);
    CountDownLatch latch = new CountDownLatch(1);
    final ClientHandler clientHandler = new ClientHandler(latch);
    bootstrap.group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer() {

        @Override
        protected void initChannel(Channel ch) throws Exception {
            ch.pipeline().addLast(sslHandler);
            ch.pipeline().addLast(new HttpClientCodec());
            ch.pipeline().addLast(clientHandler);
        }
    });
    Channel ch = bootstrap.connect("localhost", port).sync().channel();
    URI uri = new URI(SECURE_URL);
    // Prepare the HTTP request.
    HttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, uri.getRawPath());
    request.headers().set(HttpHeaderNames.HOST, "localhost");
    // Send the HTTP request.
    ch.writeAndFlush(request);
    assertTrue(latch.await(5, TimeUnit.SECONDS));
    assertEquals(clientHandler.body, "12345");
    // Wait for the server to close the connection.
    ch.close();
    Assert.assertTrue(webServerComponent.isStarted());
    webServerComponent.stop(true);
    Assert.assertFalse(webServerComponent.isStarted());
}

Also used : DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) HttpRequest(io.netty.handler.codec.http.HttpRequest) DefaultFullHttpRequest(io.netty.handler.codec.http.DefaultFullHttpRequest) SSLEngine(javax.net.ssl.SSLEngine) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) Channel(io.netty.channel.Channel) SSLContext(javax.net.ssl.SSLContext) WebServerDTO(org.apache.activemq.artemis.dto.WebServerDTO) CountDownLatch(java.util.concurrent.CountDownLatch) HttpClientCodec(io.netty.handler.codec.http.HttpClientCodec) URI(java.net.URI) SslHandler(io.netty.handler.ssl.SslHandler) URISyntaxException(java.net.URISyntaxException) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) WebServerComponent(org.apache.activemq.artemis.component.WebServerComponent) ChannelInitializer(io.netty.channel.ChannelInitializer) Test(org.junit.Test)

Example 23 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project cxf by apache.

the class NettyHttpClientPipelineFactory method initChannel.

@Override
protected void initChannel(Channel ch) throws Exception {
    ChannelPipeline pipeline = ch.pipeline();
    SslHandler sslHandler = configureClientSSLOnDemand();
    if (sslHandler != null) {
        LOG.log(Level.FINE, "Server SSL handler configured and added as an interceptor against the ChannelPipeline: {}", sslHandler);
        pipeline.addLast("ssl", sslHandler);
    }
    pipeline.addLast("decoder", new HttpResponseDecoder());
    pipeline.addLast("aggregator", new HttpObjectAggregator(maxContentLength));
    pipeline.addLast("encoder", new HttpRequestEncoder());
    pipeline.addLast("chunkedWriter", new ChunkedWriteHandler());
    if (readTimeout > 0) {
        pipeline.addLast("readTimeoutHandler", new ReadTimeoutHandler(readTimeout, TimeUnit.MILLISECONDS));
    }
    pipeline.addLast("client", new NettyHttpClientHandler());
}

Also used : HttpObjectAggregator(io.netty.handler.codec.http.HttpObjectAggregator) ChunkedWriteHandler(io.netty.handler.stream.ChunkedWriteHandler) HttpRequestEncoder(io.netty.handler.codec.http.HttpRequestEncoder) ReadTimeoutHandler(io.netty.handler.timeout.ReadTimeoutHandler) HttpResponseDecoder(io.netty.handler.codec.http.HttpResponseDecoder) ChannelPipeline(io.netty.channel.ChannelPipeline) SslHandler(io.netty.handler.ssl.SslHandler)

Example 24 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project cxf by apache.

the class NettyHttpServletPipelineFactory method getDefaultHttpChannelPipeline.

protected ChannelPipeline getDefaultHttpChannelPipeline(Channel channel) throws Exception {
    // Create a default pipeline implementation.
    ChannelPipeline pipeline = channel.pipeline();
    SslHandler sslHandler = configureServerHttpSSLOnDemand();
    if (sslHandler != null) {
        LOG.log(Level.FINE, "Server SSL handler configured and added as an interceptor against the ChannelPipeline: {}", sslHandler);
        pipeline.addLast("ssl", sslHandler);
    }
    configureDefaultHttpPipeline(pipeline);
    return pipeline;
}

Also used : ChannelPipeline(io.netty.channel.ChannelPipeline) SslHandler(io.netty.handler.ssl.SslHandler)

Example 25 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project async-http-client by AsyncHttpClient.

the class NettyConnectListener method onSuccess.

public void onSuccess(Channel channel, InetSocketAddress remoteAddress) {
    if (connectionSemaphore != null) {
        // transfer lock from future to channel
        Object partitionKeyLock = future.takePartitionKeyLock();
        if (partitionKeyLock != null) {
            channel.closeFuture().addListener(future -> connectionSemaphore.releaseChannelLock(partitionKeyLock));
        }
    }
    Channels.setActiveToken(channel);
    TimeoutsHolder timeoutsHolder = future.getTimeoutsHolder();
    if (futureIsAlreadyCancelled(channel)) {
        return;
    }
    Request request = future.getTargetRequest();
    Uri uri = request.getUri();
    timeoutsHolder.setResolvedRemoteAddress(remoteAddress);
    ProxyServer proxyServer = future.getProxyServer();
    // in case of proxy tunneling, we'll add the SslHandler later, after the CONNECT request
    if ((proxyServer == null || proxyServer.getProxyType().isSocks()) && uri.isSecured()) {
        SslHandler sslHandler;
        try {
            sslHandler = channelManager.addSslHandler(channel.pipeline(), uri, request.getVirtualHost(), proxyServer != null);
        } catch (Exception sslError) {
            onFailure(channel, sslError);
            return;
        }
        final AsyncHandler<?> asyncHandler = future.getAsyncHandler();
        try {
            asyncHandler.onTlsHandshakeAttempt();
        } catch (Exception e) {
            LOGGER.error("onTlsHandshakeAttempt crashed", e);
            onFailure(channel, e);
            return;
        }
        sslHandler.handshakeFuture().addListener(new SimpleFutureListener<Channel>() {

            @Override
            protected void onSuccess(Channel value) {
                try {
                    asyncHandler.onTlsHandshakeSuccess(sslHandler.engine().getSession());
                } catch (Exception e) {
                    LOGGER.error("onTlsHandshakeSuccess crashed", e);
                    NettyConnectListener.this.onFailure(channel, e);
                    return;
                }
                writeRequest(channel);
            }

            @Override
            protected void onFailure(Throwable cause) {
                try {
                    asyncHandler.onTlsHandshakeFailure(cause);
                } catch (Exception e) {
                    LOGGER.error("onTlsHandshakeFailure crashed", e);
                    NettyConnectListener.this.onFailure(channel, e);
                    return;
                }
                NettyConnectListener.this.onFailure(channel, cause);
            }
        });
    } else {
        writeRequest(channel);
    }
}

Also used : Channel(io.netty.channel.Channel) HttpRequest(io.netty.handler.codec.http.HttpRequest) Request(org.asynchttpclient.Request) Uri(org.asynchttpclient.uri.Uri) SslHandler(io.netty.handler.ssl.SslHandler) ConnectException(java.net.ConnectException) TimeoutsHolder(org.asynchttpclient.netty.timeout.TimeoutsHolder) ProxyServer(org.asynchttpclient.proxy.ProxyServer)

Aggregations

SslHandler (io.netty.handler.ssl.SslHandler)165 SSLEngine (javax.net.ssl.SSLEngine)57 ChannelPipeline (io.netty.channel.ChannelPipeline)47 Channel (io.netty.channel.Channel)33 SslContext (io.netty.handler.ssl.SslContext)30 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)26 ChannelHandler (io.netty.channel.ChannelHandler)25 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)19 SocketChannel (io.netty.channel.socket.SocketChannel)18 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)17 Test (org.junit.Test)17 IOException (java.io.IOException)15 InetSocketAddress (java.net.InetSocketAddress)15 IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)14 SSLSession (javax.net.ssl.SSLSession)14 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)13 ByteBuf (io.netty.buffer.ByteBuf)13 ChannelInitializer (io.netty.channel.ChannelInitializer)13 ChunkedWriteHandler (io.netty.handler.stream.ChunkedWriteHandler)13 SSLParameters (javax.net.ssl.SSLParameters)13