@Test public void testCopyServerOptions() { NetServerOptions options = new NetServerOptions(); int sendBufferSize = TestUtils.randomPositiveInt(); int receiverBufferSize = TestUtils.randomPortInt(); options.setSendBufferSize(sendBufferSize); options.setReceiveBufferSize(receiverBufferSize); options.setReuseAddress(reuseAddress); options.setTrafficClass(trafficClass); options.setTcpNoDelay(tcpNoDelay); options.setTcpKeepAlive(tcpKeepAlive); options.setSoLinger(soLinger); options.setUsePooledBuffers(usePooledBuffers); options.setIdleTimeout(idleTimeout); options.setSsl(ssl); options.setKeyStoreOptions(keyStoreOptions); options.setTrustStoreOptions(trustStoreOptions); options.addEnabledCipherSuite(enabledCipher); options.addCrlPath(crlPath); options.addCrlValue(crlValue); options.setPort(port); options.setHost(host); options.setAcceptBacklog(acceptBacklog); options.setUseAlpn(useAlpn); options.setSslEngineOptions(sslEngine); options.setSni(sni); NetServerOptions copy = new NetServerOptions(options); assertEquals(sendBufferSize, copy.getSendBufferSize());
case "acceptBacklog": if (member.getValue() instanceof Number) { obj.setAcceptBacklog(((Number)member.getValue()).intValue()); obj.setClientAuth(io.vertx.core.http.ClientAuth.valueOf((String)member.getValue())); obj.setClientAuthRequired((Boolean)member.getValue()); obj.setHost((String)member.getValue()); obj.setPort(((Number)member.getValue()).intValue()); obj.setSni((Boolean)member.getValue());
@Override public HttpServerOptions setPemKeyCertOptions(PemKeyCertOptions options) { return (HttpServerOptions) super.setPemKeyCertOptions(options); }
public NetServerImpl(VertxInternal vertx, NetServerOptions options) { this.vertx = vertx; this.options = new NetServerOptions(options); this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.creatingContext = vertx.getContext(); this.logEnabled = options.getLogActivity(); if (creatingContext != null) { creatingContext.addCloseHook(this); } }
@Test @SuppressWarnings("deprecation") public void testDefaultServerOptionsJson() { NetServerOptions def = new NetServerOptions(); NetServerOptions json = new NetServerOptions(new JsonObject()); assertEquals(def.isClientAuthRequired(), json.isClientAuthRequired()); assertEquals(def.getCrlPaths(), json.getCrlPaths()); assertEquals(def.getCrlValues(), json.getCrlValues()); assertEquals(def.getAcceptBacklog(), json.getAcceptBacklog()); assertEquals(def.getPort(), json.getPort()); assertEquals(def.getHost(), json.getHost()); assertEquals(def.isClientAuthRequired(), json.isClientAuthRequired()); assertEquals(def.getCrlPaths(), json.getCrlPaths()); assertEquals(def.getCrlValues(), json.getCrlValues()); assertEquals(def.getAcceptBacklog(), json.getAcceptBacklog()); assertEquals(def.getPort(), json.getPort()); assertEquals(def.getHost(), json.getHost()); assertEquals(def.isTcpNoDelay(), json.isTcpNoDelay()); assertEquals(def.isTcpKeepAlive(), json.isTcpKeepAlive()); assertEquals(def.getSoLinger(), json.getSoLinger()); assertEquals(def.isUsePooledBuffers(), json.isUsePooledBuffers()); assertEquals(def.isSsl(), json.isSsl()); assertEquals(def.isUseAlpn(), json.isUseAlpn()); assertEquals(def.getSslEngineOptions(), json.getSslEngineOptions()); assertEquals(def.isSni(), json.isSni()); }
@Test public void testNetServerInternalTLS() throws Exception { server.close(); server = vertx.createNetServer(new NetServerOptions() .setPort(1234) .setHost("localhost") .setSsl(true) .setKeyStoreOptions(Cert.SERVER_JKS.get())); testNetServerInternal_(new HttpClientOptions() .setSsl(true) .setTrustStoreOptions(Trust.SERVER_JKS.get()) , true); }
@Test public void testTLSHostnameCertCheckIncorrect() { server.close(); server = vertx.createNetServer(new NetServerOptions().setSsl(true).setPort(4043) .setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get())); server.connectHandler(netSocket -> netSocket.close()).listen(ar -> { NetClientOptions options = new NetClientOptions() .setHostnameVerificationAlgorithm("HTTPS") .setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()); NetClient client = vertx.createNetClient(options); client.connect(4043, "127.0.0.1", arSocket -> { if (arSocket.succeeded()) { NetSocket ns = arSocket.result(); ns.closeHandler(v -> { testComplete(); }); ns.upgradeToSsl(v -> { fail("this test should fail"); }); } else { fail(ar.cause()); } }); }); await(); }
public TCPSyslogServer(int port, String clientAuth, String trustStorePath, String trustStorePassword, String keyStorePath, String keyStorePassword, Async async){ this.port = port; this.async = async; nsOptions = new NetServerOptions() .setReuseAddress(true) .setHost("localhost") .setClientAuth(ClientAuth.valueOf(clientAuth)) .setTrustStoreOptions(trustStorePath != null? new JksOptions(). setPath(trustStorePath). setPassword(trustStorePassword): null) .setKeyStoreOptions(keyStorePath != null? new JksOptions(). setPath(keyStorePath). setPassword(keyStorePassword): null) .setSsl(true); }
void run(boolean shouldPass) { server.close(); NetServerOptions options = new NetServerOptions(); if (!startTLS) { options.setSsl(true); options.setTrustOptions(serverTrust.get()); options.setKeyCertOptions(serverCert.get()); if (requireClientAuth) { options.setClientAuth(ClientAuth.REQUIRED); options.addEnabledCipherSuite(suite); options.getEnabledSecureTransportProtocols().forEach(options::removeEnabledSecureTransportProtocol); options.addEnabledSecureTransportProtocol(protocol); options.setSni(sni);
@Test public void testListenInvalidHost() { server.close(); server = vertx.createNetServer(new NetServerOptions().setPort(1234).setHost("uhqwduhqwudhqwuidhqwiudhqwudqwiuhd")); server.connectHandler(netSocket -> { }).listen(ar -> { assertTrue(ar.failed()); assertFalse(ar.succeeded()); assertNotNull(ar.cause()); testComplete(); }); await(); }
NetServerOptions opt = new NetServerOptions() .setTcpKeepAlive(true) .setIdleTimeout(idleTimeout) .setPort(localBridgePort) opt.setSsl(true).setClientAuth(ClientAuth.REQUIRED) .setPemKeyCertOptions(new PemKeyCertOptions() .setKeyPath(ssl_cert_key) .setCertPath(ssl_cert) .setPemTrustOptions(new PemTrustOptions() .addCertPath(ssl_trust)
.addOutboundPermitted(new PermittedOptions().setAddress("echo")) .addOutboundPermitted(new PermittedOptions().setAddress("ping")), new NetServerOptions() .setSsl(true).setTrustStoreOptions(new JksOptions().setPath("server.truststore").setPassword("wibble")) .setKeyStoreOptions(new JksOptions().setPath("server.keystore").setPassword("wibble")), be -> {
@Test public void testListenInvalidPort() { /* Port 80 is free to use by any application on Windows, so this test fails. */ Assume.assumeFalse(System.getProperty("os.name").startsWith("Windows")); server.close(); server = vertx.createNetServer(new NetServerOptions().setPort(80)); server.connectHandler((netSocket) -> { }).listen(ar -> { assertTrue(ar.failed()); assertFalse(ar.succeeded()); assertNotNull(ar.cause()); testComplete(); }); await(); }
private void startTcpServer(ConfigParser c) { int port = c.getPort(); String keyPath = c.getTlsKeyPath(); String certPath = c.getTlsCertPath(); boolean tlsEnabled = c.isTlsEnabled(); int idleTimeout = c.getSocketIdleTimeout(); // MQTT over TCP NetServerOptions opt = new NetServerOptions() .setTcpKeepAlive(true) .setIdleTimeout(idleTimeout) // in seconds; 0 means "don't timeout". .setPort(port); if(tlsEnabled) { opt.setSsl(true).setPemKeyCertOptions(new PemKeyCertOptions() .setKeyPath(keyPath) .setCertPath(certPath) ); } NetServer netServer = vertx.createNetServer(opt); Map<String, MQTTSession> sessions = new MonitoredMap<>(); netServer.connectHandler(netSocket -> { MQTTNetSocket mqttNetSocket = new MQTTNetSocket(vertx, c, netSocket, sessions); mqttNetSocket.start(); }).listen(); }
@Test public void testCloseCompletionHandlerNotCalledWhenActualServerFailed() { server.close(); server = vertx.createNetServer( new NetServerOptions() .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("invalid"))) .connectHandler(c -> { }); try { server.listen(10000, r -> fail()); } catch (Exception ignore) { // Expected } server.close(onSuccess(v -> { testComplete(); })); await(); }
@Override public void start() throws Exception { NetServerOptions options = new NetServerOptions() .setSsl(true).setKeyStoreOptions(new JksOptions().setPath("server-keystore.jks").setPassword("wibble")); vertx.createNetServer(options).connectHandler(sock -> { // Create a pump Pump.pump(sock, sock).start(); }).listen(1234); System.out.println("Echo server is now listening"); } }
NetServerOptions serverOptions = new NetServerOptions() .setSsl(true) .setKeyCertOptions(certificate.keyCertOptions()) .setTrustOptions(certificate.trustOptions());
/** * Adds TLS trust anchor configuration to a given set of server options. * <p> * The options for configuring the server side trust anchor are * determined by invoking the {@link #getServerTrustOptions()} method. * However, the trust anchor options returned by that method will only be added to the * given server options if its <em>ssl</em> flag is set to {@code true} and if its * <em>trustOptions</em> property is {@code null}. * * @param serverOptions The options to add configuration to. */ protected final void addTlsTrustOptions(final NetServerOptions serverOptions) { if (serverOptions.isSsl() && serverOptions.getTrustOptions() == null) { final TrustOptions trustOptions = getServerTrustOptions(); if (trustOptions != null) { serverOptions.setTrustOptions(trustOptions).setClientAuth(ClientAuth.REQUEST); LOG.info("enabling client authentication using certificates [{}]", trustOptions.getClass().getName()); } } }
@Override public NetServer createNetServer() { return createNetServer(new NetServerOptions()); }
@Override public HttpServerOptions setKeyStoreOptions(JksOptions options) { super.setKeyStoreOptions(options); return this; }