Search in sources :

Example 31 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty-socketio by mrniko.

the class SocketIOChannelInitializer method addSslHandler.

/**
 * Adds the ssl handler
 *
 * @param pipeline - channel pipeline
 */
protected void addSslHandler(ChannelPipeline pipeline) {
    if (sslContext != null) {
        SSLEngine engine = sslContext.createSSLEngine();
        engine.setUseClientMode(false);
        pipeline.addLast(SSL_HANDLER, new SslHandler(engine));
    }
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SslHandler(io.netty.handler.ssl.SslHandler)

Example 32 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.

the class OcspTest method testServerOcspNotEnabled.

private static void testServerOcspNotEnabled(SslProvider sslProvider) throws Exception {
    SelfSignedCertificate ssc = new SelfSignedCertificate();
    try {
        SslContext context = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(sslProvider).build();
        try {
            SslHandler sslHandler = context.newHandler(ByteBufAllocator.DEFAULT);
            final ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) sslHandler.engine();
            try {
                assertThrows(IllegalStateException.class, new Executable() {

                    @Override
                    public void execute() {
                        engine.setOcspResponse(new byte[] { 1, 2, 3 });
                    }
                });
            } finally {
                engine.release();
            }
        } finally {
            ReferenceCountUtil.release(context);
        }
    } finally {
        ssc.delete();
    }
}
Also used : ReferenceCountedOpenSslEngine(io.netty.handler.ssl.ReferenceCountedOpenSslEngine) SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) Executable(org.junit.jupiter.api.function.Executable) SslHandler(io.netty.handler.ssl.SslHandler) SslContext(io.netty.handler.ssl.SslContext)

Example 33 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.

the class NettyBlockHoundIntegrationTest method testSslHandlerWrapAllowsBlockingCalls.

@Test
public void testSslHandlerWrapAllowsBlockingCalls() throws Exception {
    final SslContext sslClientCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).sslProvider(SslProvider.JDK).build();
    final SslHandler sslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
    final EventLoopGroup group = new NioEventLoopGroup();
    final CountDownLatch activeLatch = new CountDownLatch(1);
    final AtomicReference<Throwable> error = new AtomicReference<>();
    Channel sc = null;
    Channel cc = null;
    try {
        sc = new ServerBootstrap().group(group).channel(NioServerSocketChannel.class).childHandler(new ChannelInboundHandlerAdapter()).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
        cc = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer<Channel>() {

            @Override
            protected void initChannel(Channel ch) {
                ch.pipeline().addLast(sslHandler);
                ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {

                    @Override
                    public void channelActive(ChannelHandlerContext ctx) {
                        activeLatch.countDown();
                    }

                    @Override
                    public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
                        if (evt instanceof SslHandshakeCompletionEvent && ((SslHandshakeCompletionEvent) evt).cause() != null) {
                            Throwable cause = ((SslHandshakeCompletionEvent) evt).cause();
                            cause.printStackTrace();
                            error.set(cause);
                        }
                        ctx.fireUserEventTriggered(evt);
                    }
                });
            }
        }).connect(sc.localAddress()).addListener((ChannelFutureListener) future -> future.channel().writeAndFlush(wrappedBuffer(new byte[] { 1, 2, 3, 4 }))).syncUninterruptibly().channel();
        assertTrue(activeLatch.await(5, TimeUnit.SECONDS));
        assertNull(error.get());
    } finally {
        if (cc != null) {
            cc.close().syncUninterruptibly();
        }
        if (sc != null) {
            sc.close().syncUninterruptibly();
        }
        group.shutdownGracefully();
        ReferenceCountUtil.release(sslClientCtx);
    }
}
Also used : NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) SslHandshakeCompletionEvent(io.netty.handler.ssl.SslHandshakeCompletionEvent) InetSocketAddress(java.net.InetSocketAddress) NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel) NioDatagramChannel(io.netty.channel.socket.nio.NioDatagramChannel) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) Channel(io.netty.channel.Channel) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) CountDownLatch(java.util.concurrent.CountDownLatch) ChannelFutureListener(io.netty.channel.ChannelFutureListener) SslHandler(io.netty.handler.ssl.SslHandler) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) EventLoopGroup(io.netty.channel.EventLoopGroup) Bootstrap(io.netty.bootstrap.Bootstrap) ServerBootstrap(io.netty.bootstrap.ServerBootstrap) ChannelInitializer(io.netty.channel.ChannelInitializer) NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup) SslContext(io.netty.handler.ssl.SslContext) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter) Test(org.junit.jupiter.api.Test)

Example 34 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.

the class NettyBlockHoundIntegrationTest method testTrustManagerVerify.

private static void testTrustManagerVerify(SslProvider provider, String tlsVersion) throws Exception {
    final SslContext sslClientCtx = SslContextBuilder.forClient().sslProvider(provider).protocols(tlsVersion).trustManager(ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "mutual_auth_ca.pem")).build();
    final SslContext sslServerCtx = SslContextBuilder.forServer(ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "localhost_server.pem"), ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "localhost_server.key"), null).sslProvider(provider).protocols(tlsVersion).build();
    final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
    final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
    testHandshake(sslClientCtx, clientSslHandler, serverSslHandler);
}
Also used : SslHandler(io.netty.handler.ssl.SslHandler) SslContext(io.netty.handler.ssl.SslContext)

Example 35 with SslHandler

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.

the class OcspServerExample method newServerHandler.

private static ChannelInitializer<Channel> newServerHandler(final ReferenceCountedOpenSslContext context, final OCSPResp response) {
    return new ChannelInitializer<Channel>() {

        @Override
        protected void initChannel(Channel ch) throws Exception {
            SslHandler sslHandler = context.newHandler(ch.alloc());
            if (response != null) {
                ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) sslHandler.engine();
                engine.setOcspResponse(response.getEncoded());
            }
            ChannelPipeline pipeline = ch.pipeline();
            pipeline.addLast(sslHandler);
        // so on and so forth...
        }
    };
}
Also used : ReferenceCountedOpenSslEngine(io.netty.handler.ssl.ReferenceCountedOpenSslEngine) Channel(io.netty.channel.Channel) ChannelInitializer(io.netty.channel.ChannelInitializer) SslHandler(io.netty.handler.ssl.SslHandler) ChannelPipeline(io.netty.channel.ChannelPipeline)

Aggregations

SslHandler (io.netty.handler.ssl.SslHandler)178 SSLEngine (javax.net.ssl.SSLEngine)63 ChannelPipeline (io.netty.channel.ChannelPipeline)51 Channel (io.netty.channel.Channel)36 SslContext (io.netty.handler.ssl.SslContext)31 ChannelHandler (io.netty.channel.ChannelHandler)28 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)26 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)21 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)19 Test (org.junit.Test)19 SocketChannel (io.netty.channel.socket.SocketChannel)18 IOException (java.io.IOException)17 InetSocketAddress (java.net.InetSocketAddress)16 SSLSession (javax.net.ssl.SSLSession)16 IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)15 SSLParameters (javax.net.ssl.SSLParameters)15 ChannelInitializer (io.netty.channel.ChannelInitializer)14 ChunkedWriteHandler (io.netty.handler.stream.ChunkedWriteHandler)14 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)13 ByteBuf (io.netty.buffer.ByteBuf)13