public NetServerImpl(VertxInternal vertx, NetServerOptions options) { this.vertx = vertx; this.options = new NetServerOptions(options); this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.creatingContext = vertx.getContext(); this.logEnabled = options.getLogActivity(); if (creatingContext != null) { creatingContext.addCloseHook(this); } }
public HttpServerImpl(VertxInternal vertx, HttpServerOptions options) { this.options = new HttpServerOptions(options); this.vertx = vertx; this.creatingContext = vertx.getContext(); if (creatingContext != null) { creatingContext.addCloseHook(this); } this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.subProtocols = options.getWebsocketSubProtocols(); this.logEnabled = options.getLogActivity(); }
@Test public void testUseJdkCiphersWhenNotSpecified() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, null); SSLEngine engine = context.createSSLEngine(); String[] expected = engine.getEnabledCipherSuites(); SSLHelper helper = new SSLHelper(new HttpClientOptions(), Cert.CLIENT_JKS.get(), Trust.SERVER_JKS.get()); SslContext ctx = helper.getContext((VertxInternal) vertx); assertEquals(new HashSet<>(Arrays.asList(expected)), new HashSet<>(ctx.cipherSuites())); }
public NetClientImpl(VertxInternal vertx, NetClientOptions options, boolean useCreatingContext) { this.vertx = vertx; this.options = new NetClientOptions(options); this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.closeHook = completionHandler -> { NetClientImpl.this.close(); completionHandler.handle(Future.succeededFuture()); }; if (useCreatingContext) { creatingContext = vertx.getContext(); if (creatingContext != null) { creatingContext.addCloseHook(closeHook); } } else { creatingContext = null; } VertxMetrics metrics = vertx.metricsSPI(); this.metrics = metrics != null ? metrics.createNetClientMetrics(options) : null; logEnabled = options.getLogActivity(); idleTimeout = options.getIdleTimeout(); idleTimeoutUnit = options.getIdleTimeoutUnit(); }
@Test public void testPreserveEnabledCipherSuitesOrder() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, null); SSLEngine engine = context.createSSLEngine(); HttpServerOptions options = new HttpServerOptions(); for (String suite : engine.getEnabledCipherSuites()) { options.addEnabledCipherSuite(suite); } assertEquals(new ArrayList<>(options.getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); assertEquals(new ArrayList<>(new HttpServerOptions(options).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); JsonObject json = options.toJson(); assertEquals(new ArrayList<>(new HttpServerOptions(json).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); SSLHelper helper = new SSLHelper(options, Cert.SERVER_JKS.get(), null); assertEquals(Arrays.asList(helper.createEngine((VertxInternal) vertx).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); }
this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()). setApplicationProtocols(alpnVersions); sslHelper.validate(vertx);
@Test public void testUseOpenSSLCiphersWhenNotSpecified() throws Exception { Set<String> expected = OpenSsl.availableOpenSslCipherSuites(); SSLHelper helper = new SSLHelper( new HttpClientOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions()), Cert.CLIENT_PEM.get(), Trust.SERVER_PEM.get()); SslContext ctx = helper.getContext((VertxInternal) vertx); assertEquals(expected, new HashSet<>(ctx.cipherSuites())); }
private void testOpenSslServerSessionContext(boolean testDefault){ HttpServerOptions httpServerOptions = new HttpServerOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions()); if(!testDefault) { httpServerOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions().setSessionCacheEnabled(false)); } SSLHelper defaultHelper = new SSLHelper(httpServerOptions, Cert.SERVER_PEM.get(), Trust.SERVER_PEM.get()); SslContext ctx = defaultHelper.getContext((VertxInternal) vertx); assertTrue(ctx instanceof OpenSslServerContext); SSLSessionContext sslSessionContext = ctx.sessionContext(); assertTrue(sslSessionContext instanceof OpenSslServerSessionContext); if (sslSessionContext instanceof OpenSslServerSessionContext) { assertEquals(testDefault, ((OpenSslServerSessionContext) sslSessionContext).isSessionCacheEnabled()); } }
public NetServerImpl(VertxInternal vertx, NetServerOptions options) { this.vertx = vertx; this.options = new NetServerOptions(options); this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.creatingContext = vertx.getContext(); this.logEnabled = options.getLogActivity(); if (creatingContext != null) { if (creatingContext.isMultiThreadedWorkerContext()) { throw new IllegalStateException("Cannot use NetServer in a multi-threaded worker verticle"); } creatingContext.addCloseHook(this); } }
public HttpServerImpl(VertxInternal vertx, HttpServerOptions options) { this.options = new HttpServerOptions(options); this.vertx = vertx; this.creatingContext = vertx.getContext(); if (creatingContext != null) { if (creatingContext.isMultiThreadedWorkerContext()) { throw new IllegalStateException("Cannot use HttpServer in a multi-threaded worker verticle"); } creatingContext.addCloseHook(this); } this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.subProtocols = options.getWebsocketSubProtocols(); this.logEnabled = options.getLogActivity(); }
@Test public void testUseJdkCiphersWhenNotSpecified() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, null); SSLEngine engine = context.createSSLEngine(); String[] expected = engine.getEnabledCipherSuites(); SSLHelper helper = new SSLHelper(new HttpClientOptions(), Cert.CLIENT_JKS.get(), Trust.SERVER_JKS.get()); SslContext ctx = helper.getContext((VertxInternal) vertx); assertEquals(new HashSet<>(Arrays.asList(expected)), new HashSet<>(ctx.cipherSuites())); }
public NetClientImpl(VertxInternal vertx, NetClientOptions options, boolean useCreatingContext) { this.vertx = vertx; this.options = new NetClientOptions(options); this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); this.closeHook = completionHandler -> { NetClientImpl.this.close(); completionHandler.handle(Future.succeededFuture()); }; if (useCreatingContext) { creatingContext = vertx.getContext(); if (creatingContext != null) { if (creatingContext.isMultiThreadedWorkerContext()) { throw new IllegalStateException("Cannot use NetClient in a multi-threaded worker verticle"); } creatingContext.addCloseHook(closeHook); } } else { creatingContext = null; } VertxMetrics metrics = vertx.metricsSPI(); this.metrics = metrics != null ? metrics.createNetClientMetrics(options) : null; logEnabled = options.getLogActivity(); idleTimeout = options.getIdleTimeout(); idleTimeoutUnit = options.getIdleTimeoutUnit(); }
@Test public void testPreserveEnabledCipherSuitesOrder() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, null); SSLEngine engine = context.createSSLEngine(); HttpServerOptions options = new HttpServerOptions(); for (String suite : engine.getEnabledCipherSuites()) { options.addEnabledCipherSuite(suite); } assertEquals(new ArrayList<>(options.getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); assertEquals(new ArrayList<>(new HttpServerOptions(options).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); JsonObject json = options.toJson(); assertEquals(new ArrayList<>(new HttpServerOptions(json).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); SSLHelper helper = new SSLHelper(options, Cert.SERVER_JKS.get(), null); assertEquals(Arrays.asList(helper.createEngine((VertxInternal) vertx).getEnabledCipherSuites()), Arrays.asList(engine.getEnabledCipherSuites())); }
this.sslHelper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()). setApplicationProtocols(alpnVersions); sslHelper.validate(vertx);
@Test public void testUseOpenSSLCiphersWhenNotSpecified() throws Exception { Set<String> expected = OpenSsl.availableOpenSslCipherSuites(); SSLHelper helper = new SSLHelper( new HttpClientOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions()), Cert.CLIENT_PEM.get(), Trust.SERVER_PEM.get()); SslContext ctx = helper.getContext((VertxInternal) vertx); assertEquals(expected, new HashSet<>(ctx.cipherSuites())); }
private void testOpenSslServerSessionContext(boolean testDefault){ HttpServerOptions httpServerOptions = new HttpServerOptions().setOpenSslEngineOptions(new OpenSSLEngineOptions()); if(!testDefault) { httpServerOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions().setSessionCacheEnabled(false)); } SSLHelper defaultHelper = new SSLHelper(httpServerOptions, Cert.SERVER_PEM.get(), Trust.SERVER_PEM.get()); SslContext ctx = defaultHelper.getContext((VertxInternal) vertx); assertTrue(ctx instanceof OpenSslServerContext); SSLSessionContext sslSessionContext = ctx.sessionContext(); assertTrue(sslSessionContext instanceof OpenSslServerSessionContext); if (sslSessionContext instanceof OpenSslServerSessionContext) { assertEquals(testDefault, ((OpenSslServerSessionContext) sslSessionContext).isSessionCacheEnabled()); } }
private ActualServer(Vertx vertx, ServerID id, HttpServerOptions options, NettyServerBuilder builder) { // SSL if (options.isSsl()) { SSLHelper helper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); helper.setApplicationProtocols(Collections.singletonList(HttpVersion.HTTP_2)); SslContext ctx = helper.getContext((VertxInternal) vertx); builder.sslContext(new DelegatingSslContext(ctx) { @Override protected void initEngine(SSLEngine engine) { helper.configureEngine(engine, null); } }); } Transport transport = ((VertxInternal) vertx).transport(); this.id = id; this.options = options; this.server = builder .executor(command -> { contextLocal.get().get(0).executeFromIO(event -> command.run()); }) .channelType(transport.serverChannelFactory(false).newChannel().getClass()) .bossEventLoopGroup(group) .workerEventLoopGroup(group) .build(); }
@Override public ManagedChannel build() { // SSL if (options.isSsl()) { SSLHelper helper = new SSLHelper(options, options.getKeyCertOptions(), options.getTrustOptions()); helper.setApplicationProtocols(Collections.singletonList(HttpVersion.HTTP_2)); SslContext ctx = helper.getContext((VertxInternal) vertx); builder.sslContext(new DelegatingSslContext(ctx) { @Override protected void initEngine(SSLEngine engine) { helper.configureEngine(engine, null); } }); } Transport transport = ((VertxInternal) vertx).transport(); return builder .eventLoopGroup(context.nettyEventLoop()) .channelType(transport.channelFactory(false).newChannel().getClass()) // Ugly work around / perhaps contribute change to grpc .executor(command -> { if (Context.isOnEventLoopThread()) { context.executeFromIO(event -> command.run()); } else { command.run(); } }).build(); } }