use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.
the class AsyncRequesterBootstrap method create.
public HttpAsyncRequester create() {
final ManagedConnPool<HttpHost, IOSession> connPool;
switch(poolConcurrencyPolicy != null ? poolConcurrencyPolicy : PoolConcurrencyPolicy.STRICT) {
case LAX:
connPool = new LaxConnPool<>(defaultMaxPerRoute > 0 ? defaultMaxPerRoute : 20, timeToLive, poolReusePolicy, new DefaultDisposalCallback<>(), connPoolListener);
break;
case STRICT:
default:
connPool = new StrictConnPool<>(defaultMaxPerRoute > 0 ? defaultMaxPerRoute : 20, maxTotal > 0 ? maxTotal : 50, timeToLive, poolReusePolicy, new DefaultDisposalCallback<>(), connPoolListener);
break;
}
final ClientHttp1StreamDuplexerFactory streamDuplexerFactory = new ClientHttp1StreamDuplexerFactory(httpProcessor != null ? httpProcessor : HttpProcessors.client(), http1Config != null ? http1Config : Http1Config.DEFAULT, charCodingConfig != null ? charCodingConfig : CharCodingConfig.DEFAULT, connStrategy, null, null, streamListener);
final IOEventHandlerFactory ioEventHandlerFactory = new ClientHttp1IOEventHandlerFactory(streamDuplexerFactory, tlsStrategy != null ? tlsStrategy : new BasicClientTlsStrategy(), handshakeTimeout);
return new HttpAsyncRequester(ioReactorConfig, ioEventHandlerFactory, ioSessionDecorator, exceptionCallback, sessionListener, connPool);
}
use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.
the class H2TLSIntegrationTest method testSSLDisabledByDefault.
@Test
public void testSSLDisabledByDefault() throws Exception {
server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext(), (endpoint, sslEngine) -> sslEngine.setEnabledProtocols(new String[] { "SSLv3" }), null)).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
server.start();
requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
server.start();
final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
final ListenerEndpoint listener = future.get();
final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
requester.start();
final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
final Throwable cause = exception.getCause();
assertThat(cause, CoreMatchers.instanceOf(IOException.class));
}
use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.
the class H2TLSIntegrationTest method testWeakCiphersDisabledByDefault.
@Test
public void testWeakCiphersDisabledByDefault() throws Exception {
requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
requester.start();
final String[] weakCiphersSuites = { "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_WITH_AES_128_CBC_SHA", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_NULL_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_WITH_AES_256_GCM_SHA384", "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_NULL_SHA256", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5" };
for (final String cipherSuite : weakCiphersSuites) {
server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext(), (endpoint, sslEngine) -> sslEngine.setEnabledCipherSuites(new String[] { cipherSuite }), null)).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
try {
server.start();
final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
final ListenerEndpoint listener = future.get();
final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
final Throwable cause = exception.getCause();
assertThat(cause, CoreMatchers.instanceOf(IOException.class));
} finally {
server.close(CloseMode.IMMEDIATE);
}
}
}
use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.
the class H2TLSIntegrationTest method testTLSSuccess.
@Test
public void testTLSSuccess() throws Exception {
server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
server.start();
final AtomicReference<SSLSession> sslSessionRef = new AtomicReference<>();
requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext(), (endpoint, sslEngine) -> {
sslSessionRef.set(sslEngine.getSession());
return null;
})).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
server.start();
final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
final ListenerEndpoint listener = future.get();
final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
requester.start();
final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
final Message<HttpResponse, String> message1 = resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
assertThat(message1, CoreMatchers.notNullValue());
final HttpResponse response1 = message1.getHead();
assertThat(response1.getCode(), CoreMatchers.equalTo(HttpStatus.SC_OK));
final String body1 = message1.getBody();
assertThat(body1, CoreMatchers.equalTo("some stuff"));
final SSLSession sslSession = sslSessionRef.getAndSet(null);
final ProtocolVersion tlsVersion = TLS.parse(sslSession.getProtocol());
assertThat(tlsVersion.greaterEquals(TLS.V_1_2.version), CoreMatchers.equalTo(true));
assertThat(sslSession.getPeerPrincipal().getName(), CoreMatchers.equalTo("CN=localhost,OU=Apache HttpComponents,O=Apache Software Foundation"));
}
use of org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy in project httpcomponents-core by apache.
the class H2TLSIntegrationTest method testTLSTrustFailure.
@Test
public void testTLSTrustFailure() throws Exception {
server = AsyncServerBootstrap.bootstrap().setLookupRegistry(new UriPatternMatcher<>()).setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).register("*", () -> new EchoHandler(2048)).create();
server.start();
requester = H2RequesterBootstrap.bootstrap().setIOReactorConfig(IOReactorConfig.custom().setSoTimeout(TIMEOUT).build()).setTlsStrategy(new BasicClientTlsStrategy(SSLContexts.createDefault())).setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT).setConnPoolListener(LoggingConnPoolListener.INSTANCE).setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE).setExceptionCallback(LoggingExceptionCallback.INSTANCE).setIOSessionListener(LoggingIOSessionListener.INSTANCE).create();
server.start();
final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
final ListenerEndpoint listener = future.get();
final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
requester.start();
final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(new BasicRequestProducer(Method.POST, target, "/stuff", new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)), new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
final ExecutionException exception = Assertions.assertThrows(ExecutionException.class, () -> resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit()));
final Throwable cause = exception.getCause();
assertThat(cause, CoreMatchers.instanceOf(SSLHandshakeException.class));
}
Aggregations