Search in sources :

Example 1 with BasicClientTlsStrategy

use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.

the class AsyncRequesterBootstrap method create.

public HttpAsyncRequester create() {
    final ManagedConnPool<HttpHost, IOSession> connPool;
    switch(poolConcurrencyPolicy != null ? poolConcurrencyPolicy : PoolConcurrencyPolicy.STRICT) {
        case LAX:
            connPool = new LaxConnPool<>(defaultMaxPerRoute > 0 ? defaultMaxPerRoute : 20, timeToLive, poolReusePolicy, new DefaultDisposalCallback<>(), connPoolListener);
            break;
        case STRICT:
        default:
            connPool = new StrictConnPool<>(defaultMaxPerRoute > 0 ? defaultMaxPerRoute : 20, maxTotal > 0 ? maxTotal : 50, timeToLive, poolReusePolicy, new DefaultDisposalCallback<>(), connPoolListener);
            break;
    }
    final ClientHttp1StreamDuplexerFactory streamDuplexerFactory = new ClientHttp1StreamDuplexerFactory(httpProcessor != null ? httpProcessor : HttpProcessors.client(), http1Config != null ? http1Config : Http1Config.DEFAULT, charCodingConfig != null ? charCodingConfig : CharCodingConfig.DEFAULT, connStrategy, null, null, streamListener);
    final IOEventHandlerFactory ioEventHandlerFactory = new ClientHttp1IOEventHandlerFactory(streamDuplexerFactory, tlsStrategy != null ? tlsStrategy : new BasicClientTlsStrategy(), handshakeTimeout);
    return new HttpAsyncRequester(ioReactorConfig, ioEventHandlerFactory, ioSessionDecorator, exceptionCallback, sessionListener, connPool);
}
Also used : DefaultDisposalCallback(org.apache.hc.core5.pool.DefaultDisposalCallback) BasicClientTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy) ClientHttp1StreamDuplexerFactory(org.apache.hc.core5.http.impl.nio.ClientHttp1StreamDuplexerFactory) HttpHost(org.apache.hc.core5.http.HttpHost) IOSession(org.apache.hc.core5.reactor.IOSession) ClientHttp1IOEventHandlerFactory(org.apache.hc.core5.http.impl.nio.ClientHttp1IOEventHandlerFactory) IOEventHandlerFactory(org.apache.hc.core5.reactor.IOEventHandlerFactory) ClientHttp1IOEventHandlerFactory(org.apache.hc.core5.http.impl.nio.ClientHttp1IOEventHandlerFactory)

Example 2 with BasicClientTlsStrategy

use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.

the class H2TLSIntegrationTest method testSSLDisabledByDefault.

@Test
public void testSSLDisabledByDefault() throws Exception {
    server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext(), (endpoint, sslEngine) -> sslEngine.setEnabledProtocols(new String[] { "SSLv3" }), null)).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
    server.start();
    requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
    server.start();
    final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
    final ListenerEndpoint listener = future.get();
    final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
    requester.start();
    final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
    final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
    final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
    final Throwable cause = exception.getCause();
    assertThat(cause, CoreMatchers.instanceOf(IOException.class));
}
Also used : StringAsyncEntityConsumer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer) Message(org.apache.hc.core5.http.Message) InetSocketAddress(java.net.InetSocketAddress) BasicRequestProducer(org.apache.hc.core5.http.nio.support.BasicRequestProducer) BasicServerTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy) StringAsyncEntityProducer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer) IOException(java.io.IOException) BasicClientTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy) ListenerEndpoint(org.apache.hc.core5.reactor.ListenerEndpoint) HttpHost(org.apache.hc.core5.http.HttpHost) UriPatternMatcher(org.apache.hc.core5.http.protocol.UriPatternMatcher) ExecutionException(java.util.concurrent.ExecutionException) Test(org.junit.jupiter.api.Test)

Example 3 with BasicClientTlsStrategy

use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.

the class H2TLSIntegrationTest method testWeakCiphersDisabledByDefault.

@Test
public void testWeakCiphersDisabledByDefault() throws Exception {
    requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
    requester.start();
    final String[] weakCiphersSuites = { "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_WITH_AES_128_CBC_SHA", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_NULL_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_WITH_AES_256_GCM_SHA384", "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_NULL_SHA256", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5" };
    for (final String cipherSuite : weakCiphersSuites) {
        server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext(), (endpoint, sslEngine) -> sslEngine.setEnabledCipherSuites(new String[] { cipherSuite }), null)).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
        try {
            server.start();
            final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
            final ListenerEndpoint listener = future.get();
            final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
            final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
            final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
            final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
            final Throwable cause = exception.getCause();
            assertThat(cause, CoreMatchers.instanceOf(IOException.class));
        } finally {
            server.close(CloseMode.IMMEDIATE);
        }
    }
}
Also used : StringAsyncEntityConsumer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer) Message(org.apache.hc.core5.http.Message) InetSocketAddress(java.net.InetSocketAddress) BasicRequestProducer(org.apache.hc.core5.http.nio.support.BasicRequestProducer) BasicServerTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy) StringAsyncEntityProducer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer) IOException(java.io.IOException) BasicClientTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy) ListenerEndpoint(org.apache.hc.core5.reactor.ListenerEndpoint) HttpHost(org.apache.hc.core5.http.HttpHost) UriPatternMatcher(org.apache.hc.core5.http.protocol.UriPatternMatcher) ExecutionException(java.util.concurrent.ExecutionException) Test(org.junit.jupiter.api.Test)

Example 4 with BasicClientTlsStrategy

use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.

the class H2TLSIntegrationTest method testTLSSuccess.

@Test
public void testTLSSuccess() throws Exception {
    server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
    server.start();
    final AtomicReference<SSLSession> sslSessionRef = new AtomicReference<>();
    requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext(), (endpoint, sslEngine) -> {
        sslSessionRef.set(sslEngine.getSession());
        return null;
    })).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
    server.start();
    final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
    final ListenerEndpoint listener = future.get();
    final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
    requester.start();
    final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
    final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
    final Message<HttpResponse, String> message1 = resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
    assertThat(message1, CoreMatchers.notNullValue());
    final HttpResponse response1 = message1.getHead();
    assertThat(response1.getCode(), CoreMatchers.equalTo(HttpStatus.SC_OK));
    final String body1 = message1.getBody();
    assertThat(body1, CoreMatchers.equalTo("some stuff"));
    final SSLSession sslSession = sslSessionRef.getAndSet(null);
    final ProtocolVersion tlsVersion = TLS.parse(sslSession.getProtocol());
    assertThat(tlsVersion.greaterEquals(TLS.V_1_2.version), CoreMatchers.equalTo(true));
    assertThat(sslSession.getPeerPrincipal().getName(), CoreMatchers.equalTo("CN=localhost,OU=Apache HttpComponents,O=Apache Software Foundation"));
}
Also used : StringAsyncEntityConsumer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer) Message(org.apache.hc.core5.http.Message) InetSocketAddress(java.net.InetSocketAddress) BasicRequestProducer(org.apache.hc.core5.http.nio.support.BasicRequestProducer) BasicServerTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy) StringAsyncEntityProducer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer) SSLSession(javax.net.ssl.SSLSession) HttpResponse(org.apache.hc.core5.http.HttpResponse) AtomicReference(java.util.concurrent.atomic.AtomicReference) ProtocolVersion(org.apache.hc.core5.http.ProtocolVersion) BasicClientTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy) ListenerEndpoint(org.apache.hc.core5.reactor.ListenerEndpoint) HttpHost(org.apache.hc.core5.http.HttpHost) UriPatternMatcher(org.apache.hc.core5.http.protocol.UriPatternMatcher) Test(org.junit.jupiter.api.Test)

Example 5 with BasicClientTlsStrategy

use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.

the class H2TLSIntegrationTest method testTLSTrustFailure.

@Test
public void testTLSTrustFailure() throws Exception {
    server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
    server.start();
    requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLContexts.createDefault())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
    server.start();
    final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
    final ListenerEndpoint listener = future.get();
    final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
    requester.start();
    final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
    final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
    final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
    final Throwable cause = exception.getCause();
    assertThat(cause, CoreMatchers.instanceOf(SSLHandshakeException.class));
}
Also used : StringAsyncEntityConsumer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer) Message(org.apache.hc.core5.http.Message) InetSocketAddress(java.net.InetSocketAddress) BasicRequestProducer(org.apache.hc.core5.http.nio.support.BasicRequestProducer) BasicServerTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy) StringAsyncEntityProducer(org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) BasicClientTlsStrategy(org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy) ListenerEndpoint(org.apache.hc.core5.reactor.ListenerEndpoint) HttpHost(org.apache.hc.core5.http.HttpHost) UriPatternMatcher(org.apache.hc.core5.http.protocol.UriPatternMatcher) ExecutionException(java.util.concurrent.ExecutionException) Test(org.junit.jupiter.api.Test)

Aggregations

BasicClientTlsStrategy (org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy)7 HttpHost (org.apache.hc.core5.http.HttpHost)6 InetSocketAddress (java.net.InetSocketAddress)5 Message (org.apache.hc.core5.http.Message)5 StringAsyncEntityConsumer (org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer)5 StringAsyncEntityProducer (org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer)5 BasicServerTlsStrategy (org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy)5 BasicRequestProducer (org.apache.hc.core5.http.nio.support.BasicRequestProducer)5 UriPatternMatcher (org.apache.hc.core5.http.protocol.UriPatternMatcher)5 ListenerEndpoint (org.apache.hc.core5.reactor.ListenerEndpoint)5 Test (org.junit.jupiter.api.Test)5 IOException (java.io.IOException)4 ExecutionException (java.util.concurrent.ExecutionException)4 HttpResponse (org.apache.hc.core5.http.HttpResponse)2 File (java.io.File)1 SocketAddress (java.net.SocketAddress)1 ByteBuffer (java.nio.ByteBuffer)1 ByteChannel (java.nio.channels.ByteChannel)1 AtomicReference (java.util.concurrent.atomic.AtomicReference)1 Lock (java.util.concurrent.locks.Lock)1