@Override protected DecoderEmbedder<ChannelBuffer> newContentDecoder(String contentEncoding) throws Exception { if ("gzip".equalsIgnoreCase(contentEncoding) || "x-gzip".equalsIgnoreCase(contentEncoding)) { return new DecoderEmbedder<ChannelBuffer>(new ZlibDecoder(ZlibWrapper.GZIP)); } if ("deflate".equalsIgnoreCase(contentEncoding) || "x-deflate".equalsIgnoreCase(contentEncoding)) { // To be strict, 'deflate' means ZLIB, but some servers were not implemented correctly. return new DecoderEmbedder<ChannelBuffer>(new ZlibDecoder(ZlibWrapper.ZLIB_OR_NONE)); } // 'identity' or unsupported return null; } }
private ChannelBuffer finishDecode() { if (decoder == null) { return ChannelBuffers.EMPTY_BUFFER; } ChannelBuffer result; if (decoder.finish()) { result = ChannelBuffers.wrappedBuffer(decoder.pollAll(new ChannelBuffer[decoder.size()])); } else { result = ChannelBuffers.EMPTY_BUFFER; } decoder = null; return result; }
public boolean offer(Object input) { fireMessageReceived(getChannel(), input); return !isEmpty(); } }
@Test public void testTlsNegotiationAuthOnly() throws Exception { startNegotiation(true); // Expect client->server: NEGOTIATE, TLS and TLS_AUTHENTICATION_ONLY included. RpcOutboundMessage msg = (RpcOutboundMessage) embedder.poll(); NegotiatePB body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.NEGOTIATE, body.getStep()); assertTrue(body.getSupportedFeaturesList().contains(RpcFeatureFlag.TLS)); assertTrue(body.getSupportedFeaturesList().contains( RpcFeatureFlag.TLS_AUTHENTICATION_ONLY)); // Fake a server response with TLS and TLS_AUTHENTICATION_ONLY enabled. embedder.offer(fakeResponse( ResponseHeader.newBuilder().setCallId(Negotiator.SASL_CALL_ID).build(), NegotiatePB.newBuilder() .addSaslMechanisms(NegotiatePB.SaslMechanism.newBuilder().setMechanism("PLAIN")) .addSupportedFeatures(RpcFeatureFlag.TLS) .addSupportedFeatures(RpcFeatureFlag.TLS_AUTHENTICATION_ONLY) .setStep(NegotiateStep.NEGOTIATE) .build())); // Expect client->server: TLS_HANDSHAKE. runTlsHandshake(); // The pipeline should *not* have an SSL handler as the first handler, // since we used TLS for authentication only. assertFalse(embedder.getPipeline().getFirst() instanceof SslHandler); // The Negotiator should have sent the SASL_INITIATE at this point. msg = (RpcOutboundMessage) embedder.poll(); body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.SASL_INITIATE, body.getStep()); }
/** * Checks that the client sends a connection context and then yields * a Negotiation.Success to the pipeline. * @return the result */ private Success assertComplete() { RpcOutboundMessage msg = (RpcOutboundMessage)embedder.poll(); ConnectionContextPB connCtx = (ConnectionContextPB)msg.getBody(); assertEquals(Negotiator.CONNECTION_CTX_CALL_ID, msg.getHeaderBuilder().getCallId()); assertEquals(System.getProperty("user.name"), connCtx.getDEPRECATEDUserInfo().getRealUser()); // Expect the client to also emit a negotiation Success. Success success = (Success)embedder.poll(); assertNotNull(success); return success; }
private void startNegotiation(boolean fakeLoopback) { Negotiator negotiator = new Negotiator("127.0.0.1", secContext, false); negotiator.overrideLoopbackForTests = fakeLoopback; embedder = new DecoderEmbedder<Object>(negotiator); negotiator.sendHello(embedder.getPipeline().getChannel()); }
@Test public void testTlsNegotiation() throws Exception { startNegotiation(false); // Expect client->server: NEGOTIATE, TLS included. RpcOutboundMessage msg = (RpcOutboundMessage) embedder.poll(); NegotiatePB body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.NEGOTIATE, body.getStep()); assertTrue(body.getSupportedFeaturesList().contains(RpcFeatureFlag.TLS)); // Fake a server response with TLS enabled. embedder.offer(fakeResponse( ResponseHeader.newBuilder().setCallId(Negotiator.SASL_CALL_ID).build(), NegotiatePB.newBuilder() .addSaslMechanisms(NegotiatePB.SaslMechanism.newBuilder().setMechanism("PLAIN")) .addSupportedFeatures(RpcFeatureFlag.TLS) .setStep(NegotiateStep.NEGOTIATE) .build())); // Expect client->server: TLS_HANDSHAKE. runTlsHandshake(); // The pipeline should now have an SSL handler as the first handler. assertTrue(embedder.getPipeline().getFirst() instanceof SslHandler); // The Negotiator should have sent the SASL_INITIATE at this point. // NOTE: in a non-mock environment, this message would now be encrypted // by the newly-added TLS handler. But, with the DecoderEmbedder that we're // using, we don't actually end up processing outbound events. Upgrading // to Netty 4 and using EmbeddedChannel instead would make this more realistic. msg = (RpcOutboundMessage) embedder.poll(); body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.SASL_INITIATE, body.getStep()); }
/** * Test that, if we don't have any trusted certs, we don't expose * token authentication as an option. */ @Test public void testNoTokenAuthWhenNoTrustedCerts() throws Exception { secContext.setAuthenticationToken(SignedTokenPB.getDefaultInstance()); startNegotiation(false); // Expect client->server: NEGOTIATE, TLS included, Token not included. RpcOutboundMessage msg = (RpcOutboundMessage) embedder.poll(); NegotiatePB body = (NegotiatePB) msg.getBody(); assertEquals("supported_features: APPLICATION_FEATURE_FLAGS " + "supported_features: TLS " + "step: NEGOTIATE " + "authn_types { sasl { } }", TextFormat.shortDebugString(body)); }
/** * Creates a new instance with the specified parameters. */ protected RtspMessageDecoder(int maxInitialLineLength, int maxHeaderSize, int maxContentLength) { super(maxInitialLineLength, maxHeaderSize, maxContentLength * 2); aggregator = new DecoderEmbedder<HttpMessage>(new HttpChunkAggregator(maxContentLength)); }
@Test public void testDecodeIncomplete() throws Exception { ChannelBuffer bytes = read( "incomplete-connect.msg", false ); this.decoder.offer( bytes ); StompFrame frame = this.decoder.poll(); assertNull( frame ); this.decoder.offer( ChannelBuffers.copiedBuffer( new byte[] { '\n', 0x00 } ) ); frame = this.decoder.poll(); assertNotNull( frame ); assertEquals( Command.CONNECT, frame.getCommand() ); }
@Before public void setUp() { this.decoder = new DecoderEmbedder<StompFrame>( new StompFrameDecoder( ) ); }
@Before public void setUp() { this.decoder = new DecoderEmbedder<StompMessage>( new StompMessageDecoder( DefaultStompMessageFactory.INSTANCE ) ); }
/** * Completes the 3-step TLS handshake, assuming that the client is * about to generate the first of the messages. */ private void runTlsHandshake() throws SSLException { RpcOutboundMessage msg = (RpcOutboundMessage) embedder.poll(); NegotiatePB body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.TLS_HANDSHAKE, body.getStep()); // Consume the ClientHello in our fake server, which should generate ServerHello. embedder.offer(runServerStep(serverEngine, body.getTlsHandshake())); // Expect client to generate ClientKeyExchange, ChangeCipherSpec, Finished. msg = (RpcOutboundMessage) embedder.poll(); body = (NegotiatePB) msg.getBody(); assertEquals(NegotiateStep.TLS_HANDSHAKE, body.getStep()); // Server consumes the above. Should send the TLS "Finished" message. embedder.offer(runServerStep(serverEngine, body.getTlsHandshake())); }
@Test public void testDecodeNullTerminatedMessage() throws Exception { ChannelBuffer bytes = read( "null-terminated.msg", true ); this.decoder.offer( bytes ); StompFrame frame = this.decoder.poll(); assertNotNull( frame ); assertTrue( frame instanceof StompContentFrame ); assertEquals( Command.SEND, frame.getCommand() ); assertEquals( "This is my message.\n", ((StompContentFrame) frame).getContent().toString( Charset.forName( "UTF-8" ) ) ); }
@Test public void testContentFrame() throws Exception { StompMessage message = StompMessages.createStompMessage( "/queues/one", "wtf is a taco?" ); StompFrame frame = StompFrames.newSendFrame( message ); boolean result = this.decoder.offer( frame ); assertTrue( result ); StompMessage outputMessage = this.decoder.poll(); assertNotNull( outputMessage ); assertNotSame( message, outputMessage ); assertEquals( "/queues/one", outputMessage.getDestination() ); assertEquals( "wtf is a taco?", outputMessage.getContentAsString() ); }
RpcOutboundMessage msg = (RpcOutboundMessage) embedder.poll(); NegotiatePB body = (NegotiatePB) msg.getBody(); assertEquals("supported_features: APPLICATION_FEATURE_FLAGS " + embedder.offer(fakeResponse( ResponseHeader.newBuilder().setCallId(Negotiator.SASL_CALL_ID).build(), NegotiatePB.newBuilder() msg = (RpcOutboundMessage) embedder.poll(); body = (NegotiatePB) msg.getBody(); assertEquals("step: TOKEN_EXCHANGE authn_token { }", embedder.offer(fakeResponse( ResponseHeader.newBuilder().setCallId(Negotiator.SASL_CALL_ID).build(), NegotiatePB.newBuilder()