Example 41 with SslHandler
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project grpc-java by grpc.
the class ProtocolNegotiatorsTest method serverTlsHandler_userEventTriggeredSslEvent_unsupportedProtocolCustom.
@Test
public void serverTlsHandler_userEventTriggeredSslEvent_unsupportedProtocolCustom() throws Exception {
SslHandler badSslHandler = new SslHandler(engine, false) {
@Override
public String applicationProtocol() {
return "badprotocol";
}
};
File serverCert = TestUtils.loadCert("server1.pem");
File key = TestUtils.loadCert("server1.key");
List<String> alpnList = Arrays.asList("managed_mtls", "h2");
ApplicationProtocolConfig apn = new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, alpnList);
sslContext = GrpcSslContexts.forServer(serverCert, key).ciphers(TestUtils.preferredTestCiphers(), SupportedCipherSuiteFilter.INSTANCE).applicationProtocolConfig(apn).build();
ChannelHandler handler = new ServerTlsHandler(grpcHandler, sslContext, null);
pipeline.addLast(handler);
final AtomicReference<Throwable> error = new AtomicReference<>();
ChannelHandler errorCapture = new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
error.set(cause);
}
};
pipeline.addLast(errorCapture);
pipeline.replace(SslHandler.class, null, badSslHandler);
channelHandlerCtx = pipeline.context(handler);
Object sslEvent = SslHandshakeCompletionEvent.SUCCESS;
pipeline.fireUserEventTriggered(sslEvent);
// No h2 protocol was specified, so there should be an error, (normally handled by WBAEH)
assertThat(error.get()).hasMessageThat().contains("Unable to find compatible protocol");
ChannelHandlerContext grpcHandlerCtx = pipeline.context(grpcHandler);
assertNull(grpcHandlerCtx);
}
Also used :
ServerTlsHandler(io.grpc.netty.ProtocolNegotiators.ServerTlsHandler)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
ChannelHandler(io.netty.channel.ChannelHandler)
SslHandler(io.netty.handler.ssl.SslHandler)
ApplicationProtocolConfig(io.netty.handler.ssl.ApplicationProtocolConfig)
File(java.io.File)
ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)
Test(org.junit.Test)
Example 42 with SslHandler
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project vert.x by eclipse.
the class HttpChannelConnector method wrap.
public Future<HttpClientConnection> wrap(EventLoopContext context, NetSocket so_) {
NetSocketImpl so = (NetSocketImpl) so_;
Object metric = so.metric();
Promise<HttpClientConnection> promise = context.promise();
// Remove all un-necessary handlers
ChannelPipeline pipeline = so.channelHandlerContext().pipeline();
List<ChannelHandler> removedHandlers = new ArrayList<>();
for (Map.Entry<String, ChannelHandler> stringChannelHandlerEntry : pipeline) {
ChannelHandler handler = stringChannelHandlerEntry.getValue();
if (!(handler instanceof SslHandler)) {
removedHandlers.add(handler);
}
}
removedHandlers.forEach(pipeline::remove);
//
Channel ch = so.channelHandlerContext().channel();
if (ssl) {
String protocol = so.applicationLayerProtocol();
if (useAlpn) {
if ("h2".equals(protocol)) {
applyHttp2ConnectionOptions(ch.pipeline());
http2Connected(context, metric, ch, promise);
} else {
applyHttp1xConnectionOptions(ch.pipeline());
HttpVersion fallbackProtocol = "http/1.0".equals(protocol) ? HttpVersion.HTTP_1_0 : HttpVersion.HTTP_1_1;
http1xConnected(fallbackProtocol, server, true, context, metric, ch, promise);
}
} else {
applyHttp1xConnectionOptions(ch.pipeline());
http1xConnected(version, server, true, context, metric, ch, promise);
}
} else {
if (version == HttpVersion.HTTP_2) {
if (this.options.isHttp2ClearTextUpgrade()) {
applyHttp1xConnectionOptions(pipeline);
http1xConnected(version, server, false, context, metric, ch, promise);
} else {
applyHttp2ConnectionOptions(pipeline);
http2Connected(context, metric, ch, promise);
}
} else {
applyHttp1xConnectionOptions(pipeline);
http1xConnected(version, server, false, context, metric, ch, promise);
}
}
return promise.future();
}
Also used :
Channel(io.netty.channel.Channel)
ArrayList(java.util.ArrayList)
ChannelHandler(io.netty.channel.ChannelHandler)
ChannelPipeline(io.netty.channel.ChannelPipeline)
SslHandler(io.netty.handler.ssl.SslHandler)
NetSocketImpl(io.vertx.core.net.impl.NetSocketImpl)
Map(java.util.Map)
HttpVersion(io.vertx.core.http.HttpVersion)
Example 43 with SslHandler
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project vert.x by eclipse.
the class ChannelProvider method initSSL.
private void initSSL(Handler<Channel> handler, SocketAddress peerAddress, String serverName, boolean ssl, boolean useAlpn, Channel ch, Promise<Channel> channelHandler) {
if (ssl) {
SslHandler sslHandler = new SslHandler(sslHelper.createEngine(context.owner(), peerAddress, serverName, useAlpn));
sslHandler.setHandshakeTimeout(sslHelper.getSslHandshakeTimeout(), sslHelper.getSslHandshakeTimeoutUnit());
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast("ssl", sslHandler);
pipeline.addLast(new ChannelInboundHandlerAdapter() {
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslHandshakeCompletionEvent) {
// Notify application
SslHandshakeCompletionEvent completion = (SslHandshakeCompletionEvent) evt;
if (completion.isSuccess()) {
// Remove from the pipeline after handshake result
ctx.pipeline().remove(this);
applicationProtocol = sslHandler.applicationProtocol();
if (handler != null) {
context.dispatch(ch, handler);
}
channelHandler.setSuccess(ctx.channel());
} else {
SSLHandshakeException sslException = new SSLHandshakeException("Failed to create SSL connection");
sslException.initCause(completion.cause());
channelHandler.setFailure(sslException);
}
}
ctx.fireUserEventTriggered(evt);
}
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
// Ignore these exception as they will be reported to the handler
}
});
}
}
Also used :
SslHandshakeCompletionEvent(io.netty.handler.ssl.SslHandshakeCompletionEvent)
SslHandler(io.netty.handler.ssl.SslHandler)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Example 44 with SslHandler
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project vert.x by eclipse.
the class Http2ClientTest method createH2Server.
private ServerBootstrap createH2Server(BiFunction<Http2ConnectionDecoder, Http2ConnectionEncoder, Http2FrameListener> handler) {
ServerBootstrap bootstrap = new ServerBootstrap();
bootstrap.channel(NioServerSocketChannel.class);
NioEventLoopGroup eventLoopGroup = new NioEventLoopGroup();
eventLoopGroups.add(eventLoopGroup);
bootstrap.group(eventLoopGroup);
bootstrap.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
SSLHelper sslHelper = new SSLHelper(serverOptions, Cert.SERVER_JKS.get(), null);
SslHandler sslHandler = new SslHandler(sslHelper.setApplicationProtocols(Arrays.asList(HttpVersion.HTTP_2.alpnName(), HttpVersion.HTTP_1_1.alpnName())).createEngine((VertxInternal) vertx, DEFAULT_HTTPS_HOST, DEFAULT_HTTPS_PORT));
ch.pipeline().addLast(sslHandler);
ch.pipeline().addLast(new ApplicationProtocolNegotiationHandler("whatever") {
@Override
protected void configurePipeline(ChannelHandlerContext ctx, String protocol) {
if (ApplicationProtocolNames.HTTP_2.equals(protocol)) {
ChannelPipeline p = ctx.pipeline();
Http2ConnectionHandler clientHandler = createHttpConnectionHandler(handler);
p.addLast("handler", clientHandler);
return;
}
ctx.close();
throw new IllegalStateException("unknown protocol: " + protocol);
}
});
}
});
return bootstrap;
}
Also used :
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
Channel(io.netty.channel.Channel)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
AsciiString(io.netty.util.AsciiString)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
ConnectException(java.net.ConnectException)
SslHandler(io.netty.handler.ssl.SslHandler)
ChannelPipeline(io.netty.channel.ChannelPipeline)
ApplicationProtocolNegotiationHandler(io.netty.handler.ssl.ApplicationProtocolNegotiationHandler)
SSLHelper(io.vertx.core.net.impl.SSLHelper)
NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)
Example 45 with SslHandler
use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslHandler in project sissi by KimShen.
the class FixDomainStartTls method startTls.
@Override
public boolean startTls(String domain) {
try {
if (this.isTls.compareAndSet(false, true)) {
SSLEngine engine = this.sslContextBuilder.build().createSSLEngine();
engine.setNeedClientAuth(false);
engine.setUseClientMode(false);
this.handler = new SslHandler(engine);
this.prepareTls.compareAndSet(false, true);
}
return true;
} catch (Exception e) {
log.error(e.toString());
Trace.trace(log, e);
return this.rollbackSSL();
}
}
Also used :
SSLEngine(javax.net.ssl.SSLEngine)
SslHandler(io.netty.handler.ssl.SslHandler)
Aggregations
SslHandler (io.netty.handler.ssl.SslHandler)328
SSLEngine (javax.net.ssl.SSLEngine)128
ChannelPipeline (io.netty.channel.ChannelPipeline)93
Channel (io.netty.channel.Channel)62
SslContext (io.netty.handler.ssl.SslContext)52
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)43
ChannelHandler (io.netty.channel.ChannelHandler)38
IOException (java.io.IOException)35
SocketChannel (io.netty.channel.socket.SocketChannel)31
IdleStateHandler (io.netty.handler.timeout.IdleStateHandler)31
NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)30
InetSocketAddress (java.net.InetSocketAddress)30
SSLParameters (javax.net.ssl.SSLParameters)28
NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)27
SSLSession (javax.net.ssl.SSLSession)27
Test (org.junit.Test)27
SSLContext (javax.net.ssl.SSLContext)25
ChannelInitializer (io.netty.channel.ChannelInitializer)24
NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)24
HttpObjectAggregator (io.netty.handler.codec.http.HttpObjectAggregator)24
