org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringEncoder Java Examples

The following examples show how to use org.apache.flink.shaded.netty4.io.netty.handler.codec.string.StringEncoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #2
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #3
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #4
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 5 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler sslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, sslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, sslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	assertTrue(ch.writeAndFlush("test").await().isSuccess());

	// session context is only be available after a session was setup -> this should be true after data was sent
	SSLSessionContext sessionContext = sslHandler.engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #5
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #6
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	OneShotLatch serverChannelInitComplete = new OneShotLatch();
	final SslHandler[] serverSslHandler = new SslHandler[1];

	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyServer server = NettyTestUtil.initServer(
		nettyConfig,
		bufferPool,
		sslHandlerFactory ->
			new TestingServerChannelInitializer(
				protocol,
				sslHandlerFactory,
				serverChannelInitComplete,
				serverSslHandler));
	final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	ch.writeAndFlush("test").sync();

	// session context is only be available after a session was setup -> this should be true after data was sent
	serverChannelInitComplete.await();
	assertNotNull(serverSslHandler[0]);

	// verify server parameters
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
	SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	// note: can't verify session cache setting at the client - delegate to server instead (with our own channel initializer)
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #7
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #8
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	OneShotLatch serverChannelInitComplete = new OneShotLatch();
	final SslHandler[] serverSslHandler = new SslHandler[1];

	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyServer server = NettyTestUtil.initServer(
		nettyConfig,
		bufferPool,
		sslHandlerFactory ->
			new TestingServerChannelInitializer(
				protocol,
				sslHandlerFactory,
				serverChannelInitComplete,
				serverSslHandler));
	final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	ch.writeAndFlush("test").sync();

	// session context is only be available after a session was setup -> this should be true after data was sent
	serverChannelInitComplete.await();
	assertNotNull(serverSslHandler[0]);

	// verify server parameters
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
	SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	// note: can't verify session cache setting at the client - delegate to server instead (with our own channel initializer)
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #9
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #10
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testSslPinningForValidFingerprint() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// pin the certificate based on internal cert
	config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test"));

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	assertTrue(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #11
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testSslPinningForInvalidFingerprint() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// pin the certificate based on internal cert
	config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test").replaceAll("[0-9A-Z]", "0"));

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}