Search in sources :

Example 1 with SslOptions

use of org.apache.qpid.protonj2.client.SslOptions in project qpid-protonj2 by apache.

the class OpenSslTransportTest method testConnectToServerWithUserSuppliedSSLContextWorksWhenOpenSSLRequested.

@Test
public void testConnectToServerWithUserSuppliedSSLContextWorksWhenOpenSSLRequested() throws Exception {
    assumeTrue(OpenSsl.isAvailable());
    assumeTrue(OpenSsl.supportsKeyManagerFactory());
    try (NettyEchoServer server = createEchoServer()) {
        server.start();
        final int port = server.getServerPort();
        SslOptions options = new SslOptions();
        options.sslEnabled(true);
        options.keyStoreLocation(CLIENT_KEYSTORE);
        options.keyStorePassword(PASSWORD);
        options.trustStoreLocation(CLIENT_TRUSTSTORE);
        options.trustStorePassword(PASSWORD);
        options.storeType(KEYSTORE_TYPE);
        SSLContext sslContext = SslSupport.createJdkSslContext(options);
        options = new SslOptions();
        options.sslEnabled(true);
        options.verifyHost(false);
        options.allowNativeSSL(true);
        options.sslContextOverride(sslContext);
        Transport transport = createTransport(createTransportOptions(), options);
        try {
            transport.connect(HOSTNAME, port, testListener).awaitConnect();
            LOG.info("Connected to server:{} as expected.", HOSTNAME, port);
        } catch (Exception e) {
            fail("Should have connected to the server at " + HOSTNAME + ":" + port + " but got exception: " + e);
        }
        assertTrue(transport.isConnected());
        assertEquals(HOSTNAME, transport.getHost(), "Server host is incorrect");
        assertEquals(port, transport.getPort(), "Server port is incorrect");
        assertOpenSSL("Transport should not be using OpenSSL", false, transport);
        transport.close();
        // Additional close should not fail or cause other problems.
        transport.close();
    }
    // Normal shutdown does not trigger the event.
    assertTrue(!transportErrored);
    assertTrue(exceptions.isEmpty());
    assertTrue(data.isEmpty());
}
Also used : SslOptions(org.apache.qpid.protonj2.client.SslOptions) SSLContext(javax.net.ssl.SSLContext) Test(org.junit.jupiter.api.Test)

Example 2 with SslOptions

use of org.apache.qpid.protonj2.client.SslOptions in project qpid-protonj2 by apache.

the class OpenSslTransportTest method createSSLOptionsIsVerify.

@Override
protected SslOptions createSSLOptionsIsVerify(boolean verifyHost) {
    SslOptions options = new SslOptions();
    options.sslEnabled(true);
    options.allowNativeSSL(true);
    options.keyStoreLocation(CLIENT_KEYSTORE);
    options.keyStorePassword(PASSWORD);
    options.trustStoreLocation(CLIENT_TRUSTSTORE);
    options.trustStorePassword(PASSWORD);
    options.storeType(KEYSTORE_TYPE);
    options.verifyHost(verifyHost);
    return options;
}
Also used : SslOptions(org.apache.qpid.protonj2.client.SslOptions)

Example 3 with SslOptions

use of org.apache.qpid.protonj2.client.SslOptions in project qpid-protonj2 by apache.

the class OpenSslTransportTest method doTestOpenSSLSupport.

private void doTestOpenSSLSupport(boolean useOpenSSL) throws Exception {
    assumeTrue(OpenSsl.isAvailable());
    assumeTrue(OpenSsl.supportsKeyManagerFactory());
    try (NettyEchoServer server = createEchoServer()) {
        server.start();
        final int port = server.getServerPort();
        SslOptions options = createSSLOptions();
        options.allowNativeSSL(useOpenSSL);
        Transport transport = createTransport(createTransportOptions(), options);
        try {
            transport.connect(HOSTNAME, port, testListener).awaitConnect();
            LOG.info("Connected to server:{}:{} as expected.", HOSTNAME, port);
        } catch (Exception e) {
            fail("Should have connected to the server at " + HOSTNAME + ":" + port + " but got exception: " + e);
        }
        assertTrue(transport.isConnected());
        assertEquals(HOSTNAME, transport.getHost());
        assertEquals(port, transport.getPort());
        assertOpenSSL("Transport should be using OpenSSL", useOpenSSL, transport);
        transport.close();
        // Additional close should not fail or cause other problems.
        transport.close();
    }
    // Normal shutdown does not trigger the event.
    assertTrue(!transportErrored);
    assertTrue(exceptions.isEmpty());
    assertTrue(data.isEmpty());
}
Also used : SslOptions(org.apache.qpid.protonj2.client.SslOptions)

Example 4 with SslOptions

use of org.apache.qpid.protonj2.client.SslOptions in project qpid-protonj2 by apache.

the class SslSupportTest method testCreateSslEngineFromPkcs12StoreJDK.

@Test
public void testCreateSslEngineFromPkcs12StoreJDK() throws Exception {
    SslOptions options = createPkcs12SslOptions();
    SSLContext context = SslSupport.createJdkSslContext(options);
    assertNotNull(context);
    SSLEngine engine = SslSupport.createJdkSslEngine(null, -1, context, options);
    assertNotNull(engine);
    List<String> engineProtocols = Arrays.asList(engine.getEnabledProtocols());
    assertFalse(engineProtocols.isEmpty());
}
Also used : SSLEngine(javax.net.ssl.SSLEngine) SslOptions(org.apache.qpid.protonj2.client.SslOptions) SSLContext(javax.net.ssl.SSLContext) Test(org.junit.jupiter.api.Test)

Example 5 with SslOptions

use of org.apache.qpid.protonj2.client.SslOptions in project qpid-protonj2 by apache.

the class SslSupportTest method createJksSslOptions.

private SslOptions createJksSslOptions(String[] enabledProtocols) {
    SslOptions options = new SslOptions();
    options.sslEnabled(true);
    options.keyStoreLocation(CLIENT_JKS_KEYSTORE);
    options.trustStoreLocation(CLIENT_JKS_TRUSTSTORE);
    options.storeType(KEYSTORE_JKS_TYPE);
    options.keyStorePassword(PASSWORD);
    options.trustStorePassword(PASSWORD);
    if (enabledProtocols != null) {
        options.enabledProtocols(enabledProtocols);
    }
    return options;
}
Also used : SslOptions(org.apache.qpid.protonj2.client.SslOptions)

Aggregations

SslOptions (org.apache.qpid.protonj2.client.SslOptions)76 Test (org.junit.jupiter.api.Test)64 SSLEngine (javax.net.ssl.SSLEngine)28 SSLContext (javax.net.ssl.SSLContext)20 SslContext (io.netty.handler.ssl.SslContext)19 IOException (java.io.IOException)7 URISyntaxException (java.net.URISyntaxException)5 TransportOptions (org.apache.qpid.protonj2.client.TransportOptions)4 OpenSslEngine (io.netty.handler.ssl.OpenSslEngine)2 SslHandler (io.netty.handler.ssl.SslHandler)2 Certificate (java.security.cert.Certificate)2 X509Certificate (java.security.cert.X509Certificate)2 CountDownLatch (java.util.concurrent.CountDownLatch)2 URI (java.net.URI)1 ArrayList (java.util.ArrayList)1 SSLSession (javax.net.ssl.SSLSession)1 Client (org.apache.qpid.protonj2.client.Client)1 Connection (org.apache.qpid.protonj2.client.Connection)1 ConnectionOptions (org.apache.qpid.protonj2.client.ConnectionOptions)1 ProtonTestServer (org.apache.qpid.protonj2.test.driver.ProtonTestServer)1