use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty-socketio by mrniko.
the class SocketIOChannelInitializer method addSslHandler.
/**
* Adds the ssl handler
*
* @param pipeline - channel pipeline
*/
protected void addSslHandler(ChannelPipeline pipeline) {
if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
pipeline.addLast(SSL_HANDLER, new SslHandler(engine));
}
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.
the class OcspTest method testServerOcspNotEnabled.
private static void testServerOcspNotEnabled(SslProvider sslProvider) throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
try {
SslContext context = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(sslProvider).build();
try {
SslHandler sslHandler = context.newHandler(ByteBufAllocator.DEFAULT);
final ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) sslHandler.engine();
try {
assertThrows(IllegalStateException.class, new Executable() {
@Override
public void execute() {
engine.setOcspResponse(new byte[] { 1, 2, 3 });
}
});
} finally {
engine.release();
}
} finally {
ReferenceCountUtil.release(context);
}
} finally {
ssc.delete();
}
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.
the class NettyBlockHoundIntegrationTest method testSslHandlerWrapAllowsBlockingCalls.
@Test
public void testSslHandlerWrapAllowsBlockingCalls() throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).sslProvider(SslProvider.JDK).build();
final SslHandler sslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
final EventLoopGroup group = new NioEventLoopGroup();
final CountDownLatch activeLatch = new CountDownLatch(1);
final AtomicReference<Throwable> error = new AtomicReference<>();
Channel sc = null;
Channel cc = null;
try {
sc = new ServerBootstrap().group(group).channel(NioServerSocketChannel.class).childHandler(new ChannelInboundHandlerAdapter()).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(sslHandler);
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) {
activeLatch.countDown();
}
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslHandshakeCompletionEvent && ((SslHandshakeCompletionEvent) evt).cause() != null) {
Throwable cause = ((SslHandshakeCompletionEvent) evt).cause();
cause.printStackTrace();
error.set(cause);
}
ctx.fireUserEventTriggered(evt);
}
});
}
}).connect(sc.localAddress()).addListener((ChannelFutureListener) future -> future.channel().writeAndFlush(wrappedBuffer(new byte[] { 1, 2, 3, 4 }))).syncUninterruptibly().channel();
assertTrue(activeLatch.await(5, TimeUnit.SECONDS));
assertNull(error.get());
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.
the class NettyBlockHoundIntegrationTest method testTrustManagerVerify.
private static void testTrustManagerVerify(SslProvider provider, String tlsVersion) throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient().sslProvider(provider).protocols(tlsVersion).trustManager(ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "mutual_auth_ca.pem")).build();
final SslContext sslServerCtx = SslContextBuilder.forServer(ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "localhost_server.pem"), ResourcesUtil.getFile(NettyBlockHoundIntegrationTest.class, "localhost_server.key"), null).sslProvider(provider).protocols(tlsVersion).build();
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
testHandshake(sslClientCtx, clientSslHandler, serverSslHandler);
}
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project netty by netty.
the class OcspServerExample method newServerHandler.
private static ChannelInitializer<Channel> newServerHandler(final ReferenceCountedOpenSslContext context, final OCSPResp response) {
return new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
SslHandler sslHandler = context.newHandler(ch.alloc());
if (response != null) {
ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) sslHandler.engine();
engine.setOcspResponse(response.getEncoded());
}
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(sslHandler);
// so on and so forth...
}
};
}
Aggregations