use of org.eclipse.jetty.io.ssl.SslHandshakeListener in project jetty.project by eclipse.
the class HttpClientTLSTest method testHandshakeSucceededWithSessionResumption.
@Test
public void testHandshakeSucceededWithSessionResumption() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
startServer(serverTLSFactory, new EmptyServerHandler());
AtomicReference<byte[]> serverSession = new AtomicReference<>();
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
serverSession.set(event.getSSLEngine().getSession().getId());
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
startClient(clientTLSFactory);
AtomicReference<byte[]> clientSession = new AtomicReference<>();
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
clientSession.set(event.getSSLEngine().getSession().getId());
}
});
// First request primes the TLS session.
ContentResponse response = client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).header(HttpHeader.CONNECTION, "close").timeout(5, TimeUnit.SECONDS).send();
Assert.assertEquals(HttpStatus.OK_200, response.getStatus());
Assert.assertNotNull(serverSession.get());
Assert.assertNotNull(clientSession.get());
connector.removeBean(connector.getBean(SslHandshakeListener.class));
client.removeBean(client.getBean(SslHandshakeListener.class));
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
if (Arrays.equals(serverSession.get(), event.getSSLEngine().getSession().getId()))
serverLatch.countDown();
}
});
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
if (Arrays.equals(clientSession.get(), event.getSSLEngine().getSession().getId()))
clientLatch.countDown();
}
});
// Second request should have the same session ID.
response = client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).header(HttpHeader.CONNECTION, "close").timeout(5, TimeUnit.SECONDS).send();
Assert.assertEquals(HttpStatus.OK_200, response.getStatus());
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
use of org.eclipse.jetty.io.ssl.SslHandshakeListener in project jetty.project by eclipse.
the class HttpClientTLSTest method testNoCommonTLSProtocol.
@Test
public void testNoCommonTLSProtocol() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
serverTLSFactory.setIncludeProtocols("TLSv1.2");
startServer(serverTLSFactory, new EmptyServerHandler());
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
serverLatch.countDown();
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
clientTLSFactory.setIncludeProtocols("TLSv1.1");
startClient(clientTLSFactory);
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
clientLatch.countDown();
}
});
try {
client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).timeout(5, TimeUnit.SECONDS).send();
Assert.fail();
} catch (ExecutionException x) {
// Expected.
}
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
use of org.eclipse.jetty.io.ssl.SslHandshakeListener in project jetty.project by eclipse.
the class HttpClientTLSTest method testNoCommonTLSCiphers.
@Test
public void testNoCommonTLSCiphers() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
serverTLSFactory.setIncludeCipherSuites("TLS_RSA_WITH_AES_128_CBC_SHA");
startServer(serverTLSFactory, new EmptyServerHandler());
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
serverLatch.countDown();
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
clientTLSFactory.setExcludeCipherSuites(".*_SHA$");
startClient(clientTLSFactory);
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
clientLatch.countDown();
}
});
try {
client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).timeout(5, TimeUnit.SECONDS).send();
Assert.fail();
} catch (ExecutionException x) {
// Expected.
}
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
use of org.eclipse.jetty.io.ssl.SslHandshakeListener in project jetty.project by eclipse.
the class HttpClientTLSTest method testHandshakeSucceeded.
@Test
public void testHandshakeSucceeded() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
startServer(serverTLSFactory, new EmptyServerHandler());
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
serverLatch.countDown();
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
startClient(clientTLSFactory);
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeSucceeded(Event event) {
clientLatch.countDown();
}
});
ContentResponse response = client.GET("https://localhost:" + connector.getLocalPort());
Assert.assertEquals(HttpStatus.OK_200, response.getStatus());
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
use of org.eclipse.jetty.io.ssl.SslHandshakeListener in project jetty.project by eclipse.
the class HttpClientTLSTest method testMismatchBetweenTLSProtocolAndTLSCiphersOnServer.
@Test
public void testMismatchBetweenTLSProtocolAndTLSCiphersOnServer() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
// TLS 1.1 protocol, but only TLS 1.2 ciphers.
serverTLSFactory.setIncludeProtocols("TLSv1.1");
serverTLSFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
startServer(serverTLSFactory, new EmptyServerHandler());
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
serverLatch.countDown();
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
startClient(clientTLSFactory);
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
clientLatch.countDown();
}
});
try {
client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).timeout(5, TimeUnit.SECONDS).send();
Assert.fail();
} catch (ExecutionException x) {
// Expected.
}
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
Aggregations