org.apache.flink.runtime.io.network.netty.NettyTestUtil.NettyServerAndClient Java Examples

The following examples show how to use org.apache.flink.runtime.io.network.netty.NettyTestUtil.NettyServerAndClient. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify failure on invalid ssl configuration.
 */
@Test
public void testInvalidSslConfiguration() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();
	// Modify the keystore password to an incorrect one
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE_PASSWORD, "invalidpassword");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = null;
	try {
		serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
		Assert.fail("Created server and client from invalid configuration");
	} catch (Exception e) {
		// Exception should be thrown as expected
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #2
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #3
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #4
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Verify failure on invalid ssl configuration.
 */
@Test
public void testInvalidSslConfiguration() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();
	// Modify the keystore password to an incorrect one
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE_PASSWORD, "invalidpassword");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = null;
	try {
		serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
		Assert.fail("Created server and client from invalid configuration");
	} catch (Exception e) {
		// Exception should be thrown as expected
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #5
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Verify failure on invalid ssl configuration.
 */
@Test
public void testInvalidSslConfiguration() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();
	// Modify the keystore password to an incorrect one
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE_PASSWORD, "invalidpassword");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = null;
	try {
		serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);
		Assert.fail("Created server and client from invalid configuration");
	} catch (Exception e) {
		// Exception should be thrown as expected
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #6
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 6 votes vote down vote up
@Test
public void testClientUntrustedCertificate() throws Exception {
	final Configuration serverConfig = createSslConfig();
	final Configuration clientConfig = createSslConfig();

	// give the client a different keystore / certificate
	clientConfig.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	final NettyConfig nettyServerConfig = createNettyConfig(serverConfig);
	final NettyConfig nettyClientConfig = createNettyConfig(clientConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyProtocol protocol = new NoOpProtocol();

	final NettyServer server = NettyTestUtil.initServer(nettyServerConfig, protocol, bufferPool);
	final NettyClient client = NettyTestUtil.initClient(nettyClientConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	final Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #7
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 5 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler sslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, sslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, sslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	assertTrue(ch.writeAndFlush("test").await().isSuccess());

	// session context is only be available after a session was setup -> this should be true after data was sent
	SSLSessionContext sessionContext = sslHandler.engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #8
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testSslPinningForInvalidFingerprint() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// pin the certificate based on internal cert
	config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test").replaceAll("[0-9A-Z]", "0"));

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #9
Source File: CancelPartitionRequestTest.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that requests for non-existing (failed/cancelled) input channels are properly
 * cancelled. The receiver receives data, but there is no input channel to receive the data.
 * This should cancel the request.
 */
@Test
public void testCancelPartitionRequest() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
			.thenAnswer(new Answer<ResultSubpartitionView>() {
				@Override
				public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
					BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
					listener.notifyDataAvailable();
					return view;
				}
			});

		NettyProtocol protocol = new NettyProtocol(
				partitions, mock(TaskEventDispatcher.class), true);

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		ch.writeAndFlush(new PartitionRequest(pid, 0, new InputChannelID(), Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		verify(view, times(1)).releaseAllResources();
		verify(view, times(0)).notifySubpartitionConsumed();
	}
	finally {
		shutdown(serverAndClient);
	}
}
 
Example #10
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testSslPinningForValidFingerprint() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// pin the certificate based on internal cert
	config.setString(SecurityOptions.SSL_INTERNAL_CERT_FINGERPRINT, SSLUtilsTest.getCertificateFingerprint(config, "flink.test"));

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	assertTrue(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #11
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #12
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	OneShotLatch serverChannelInitComplete = new OneShotLatch();
	final SslHandler[] serverSslHandler = new SslHandler[1];

	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyServer server = NettyTestUtil.initServer(
		nettyConfig,
		bufferPool,
		sslHandlerFactory ->
			new TestingServerChannelInitializer(
				protocol,
				sslHandlerFactory,
				serverChannelInitComplete,
				serverSslHandler));
	final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	ch.writeAndFlush("test").sync();

	// session context is only be available after a session was setup -> this should be true after data was sent
	serverChannelInitComplete.await();
	assertNotNull(serverSslHandler[0]);

	// verify server parameters
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
	SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	// note: can't verify session cache setting at the client - delegate to server instead (with our own channel initializer)
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #13
Source File: ClientTransportErrorHandlingTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that failed client requests via {@link PartitionRequestClient} are correctly
 * attributed to the respective {@link RemoteInputChannel}.
 */
@Test
public void testExceptionOnWrite() throws Exception {

	NettyProtocol protocol = new NettyProtocol(
			mock(ResultPartitionProvider.class),
			mock(TaskEventDispatcher.class)) {

		@Override
		public ChannelHandler[] getServerChannelHandlers() {
			return new ChannelHandler[0];
		}
	};

	// We need a real server and client in this test, because Netty's EmbeddedChannel is
	// not failing the ChannelPromise of failed writes.
	NettyServerAndClient serverAndClient = initServerAndClient(protocol, createConfig());

	Channel ch = connect(serverAndClient);

	NetworkClientHandler handler = getClientHandler(ch);

	// Last outbound handler throws Exception after 1st write
	ch.pipeline().addFirst(new ChannelOutboundHandlerAdapter() {
		int writeNum = 0;

		@Override
		public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
				throws Exception {

			if (writeNum >= 1) {
				throw new RuntimeException("Expected test exception.");
			}

			writeNum++;
			ctx.write(msg, promise);
		}
	});

	PartitionRequestClient requestClient = new NettyPartitionRequestClient(
			ch, handler, mock(ConnectionID.class), mock(PartitionRequestClientFactory.class));

	// Create input channels
	RemoteInputChannel[] rich = new RemoteInputChannel[] {
			createRemoteInputChannel(), createRemoteInputChannel()};

	final CountDownLatch sync = new CountDownLatch(1);

	// Do this with explicit synchronization. Otherwise this is not robust against slow timings
	// of the callback (e.g. we cannot just verify that it was called once, because there is
	// a chance that we do this too early).
	doAnswer(new Answer<Void>() {
		@Override
		public Void answer(InvocationOnMock invocation) throws Throwable {
			sync.countDown();
			return null;
		}
	}).when(rich[1]).onError(isA(LocalTransportException.class));

	// First request is successful
	requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[0], 0);

	// Second request is *not* successful
	requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[1], 0);

	// Wait for the notification and it could confirm all the request operations are done
	if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
		fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
				" ms to be notified about the channel error.");
	}

	// Only the second channel should be notified about the error
	verify(rich[0], times(0)).onError(any(LocalTransportException.class));

	shutdown(serverAndClient);
}
 
Example #14
Source File: CancelPartitionRequestTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testDuplicateCancel() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		final TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		final CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
				.thenAnswer(new Answer<ResultSubpartitionView>() {
					@Override
					public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
						BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
						listener.notifyDataAvailable();
						return view;
					}
				});

		NettyProtocol protocol = new NettyProtocol(partitions, mock(TaskEventDispatcher.class));

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		InputChannelID inputChannelId = new InputChannelID();

		ch.writeAndFlush(new PartitionRequest(pid, 0, inputChannelId, Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		ch.writeAndFlush(new CancelPartitionRequest(inputChannelId)).await();

		ch.close();

		NettyTestUtil.awaitClose(ch);

		verify(view, times(1)).releaseAllResources();
	}
	finally {
		shutdown(serverAndClient);
	}
}
 
Example #15
Source File: CancelPartitionRequestTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that requests for non-existing (failed/cancelled) input channels are properly
 * cancelled. The receiver receives data, but there is no input channel to receive the data.
 * This should cancel the request.
 */
@Test
public void testCancelPartitionRequest() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
			.thenAnswer(new Answer<ResultSubpartitionView>() {
				@Override
				public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
					BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
					listener.notifyDataAvailable();
					return view;
				}
			});

		NettyProtocol protocol = new NettyProtocol(partitions, mock(TaskEventDispatcher.class));

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		ch.writeAndFlush(new PartitionRequest(pid, 0, new InputChannelID(), Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		verify(view, times(1)).releaseAllResources();
	}
	finally {
		shutdown(serverAndClient);
	}
}
 
Example #16
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #17
Source File: NettyClientServerSslTest.java    From flink with Apache License 2.0 4 votes vote down vote up
private void testValidSslConnection(Configuration sslConfig) throws Exception {
	OneShotLatch serverChannelInitComplete = new OneShotLatch();
	final SslHandler[] serverSslHandler = new SslHandler[1];

	NettyProtocol protocol = new NoOpProtocol();

	NettyConfig nettyConfig = createNettyConfig(sslConfig);

	final NettyBufferPool bufferPool = new NettyBufferPool(1);
	final NettyServer server = NettyTestUtil.initServer(
		nettyConfig,
		bufferPool,
		sslHandlerFactory ->
			new TestingServerChannelInitializer(
				protocol,
				sslHandlerFactory,
				serverChannelInitComplete,
				serverSslHandler));
	final NettyClient client = NettyTestUtil.initClient(nettyConfig, protocol, bufferPool);
	final NettyServerAndClient serverAndClient = new NettyServerAndClient(server, client);

	Channel ch = NettyTestUtil.connect(serverAndClient);

	SslHandler clientSslHandler = (SslHandler) ch.pipeline().get("ssl");
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, clientSslHandler.getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, clientSslHandler.getCloseNotifyFlushTimeoutMillis());

	// should be able to send text data
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());
	ch.writeAndFlush("test").sync();

	// session context is only be available after a session was setup -> this should be true after data was sent
	serverChannelInitComplete.await();
	assertNotNull(serverSslHandler[0]);

	// verify server parameters
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_HANDSHAKE_TIMEOUT, serverSslHandler[0].getHandshakeTimeoutMillis());
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_CLOSE_NOTIFY_FLUSH_TIMEOUT, serverSslHandler[0].getCloseNotifyFlushTimeoutMillis());
	SSLSessionContext sessionContext = serverSslHandler[0].engine().getSession().getSessionContext();
	assertNotNull("bug in unit test setup: session context not available", sessionContext);
	// note: can't verify session cache setting at the client - delegate to server instead (with our own channel initializer)
	assertEqualsOrDefault(sslConfig, SSL_INTERNAL_SESSION_CACHE_SIZE, sessionContext.getSessionCacheSize());
	int sessionTimeout = sslConfig.getInteger(SSL_INTERNAL_SESSION_TIMEOUT);
	if (sessionTimeout != -1) {
		// session timeout config is in milliseconds but the context returns it in seconds
		assertEquals(sessionTimeout / 1000, sessionContext.getSessionTimeout());
	} else {
		assertTrue("default value (-1) should not be propagated", sessionContext.getSessionTimeout() >= 0);
	}

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #18
Source File: ClientTransportErrorHandlingTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that failed client requests via {@link PartitionRequestClient} are correctly
 * attributed to the respective {@link RemoteInputChannel}.
 */
@Test
public void testExceptionOnWrite() throws Exception {

	NettyProtocol protocol = new NettyProtocol(
			mock(ResultPartitionProvider.class),
			mock(TaskEventDispatcher.class),
			true) {

		@Override
		public ChannelHandler[] getServerChannelHandlers() {
			return new ChannelHandler[0];
		}
	};

	// We need a real server and client in this test, because Netty's EmbeddedChannel is
	// not failing the ChannelPromise of failed writes.
	NettyServerAndClient serverAndClient = initServerAndClient(protocol, createConfig());

	Channel ch = connect(serverAndClient);

	NetworkClientHandler handler = getClientHandler(ch);

	// Last outbound handler throws Exception after 1st write
	ch.pipeline().addFirst(new ChannelOutboundHandlerAdapter() {
		int writeNum = 0;

		@Override
		public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
				throws Exception {

			if (writeNum >= 1) {
				throw new RuntimeException("Expected test exception.");
			}

			writeNum++;
			ctx.write(msg, promise);
		}
	});

	PartitionRequestClient requestClient = new NettyPartitionRequestClient(
			ch, handler, mock(ConnectionID.class), mock(PartitionRequestClientFactory.class));

	// Create input channels
	RemoteInputChannel[] rich = new RemoteInputChannel[] {
			createRemoteInputChannel(), createRemoteInputChannel()};

	final CountDownLatch sync = new CountDownLatch(1);

	// Do this with explicit synchronization. Otherwise this is not robust against slow timings
	// of the callback (e.g. we cannot just verify that it was called once, because there is
	// a chance that we do this too early).
	doAnswer(new Answer<Void>() {
		@Override
		public Void answer(InvocationOnMock invocation) throws Throwable {
			sync.countDown();
			return null;
		}
	}).when(rich[1]).onError(isA(LocalTransportException.class));

	// First request is successful
	requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[0], 0);

	// Second request is *not* successful
	requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[1], 0);

	// Wait for the notification and it could confirm all the request operations are done
	if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
		fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
				" ms to be notified about the channel error.");
	}

	// Only the second channel should be notified about the error
	verify(rich[0], times(0)).onError(any(LocalTransportException.class));

	shutdown(serverAndClient);
}
 
Example #19
Source File: CancelPartitionRequestTest.java    From flink with Apache License 2.0 4 votes vote down vote up
@Test
public void testDuplicateCancel() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		final TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		final CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
				.thenAnswer(new Answer<ResultSubpartitionView>() {
					@Override
					public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
						BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
						listener.notifyDataAvailable();
						return view;
					}
				});

		NettyProtocol protocol = new NettyProtocol(
				partitions, mock(TaskEventDispatcher.class), true);

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		InputChannelID inputChannelId = new InputChannelID();

		ch.writeAndFlush(new PartitionRequest(pid, 0, inputChannelId, Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		ch.writeAndFlush(new CancelPartitionRequest(inputChannelId)).await();

		ch.close();

		NettyTestUtil.awaitClose(ch);

		verify(view, times(1)).releaseAllResources();
		verify(view, times(1)).notifySubpartitionConsumed();
	}
	finally {
		shutdown(serverAndClient);
	}
}
 
Example #20
Source File: CancelPartitionRequestTest.java    From flink with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that requests for non-existing (failed/cancelled) input channels are properly
 * cancelled. The receiver receives data, but there is no input channel to receive the data.
 * This should cancel the request.
 */
@Test
public void testCancelPartitionRequest() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
			.thenAnswer(new Answer<ResultSubpartitionView>() {
				@Override
				public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
					BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
					listener.notifyDataAvailable();
					return view;
				}
			});

		NettyProtocol protocol = new NettyProtocol(
				partitions, mock(TaskEventDispatcher.class), true);

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		ch.writeAndFlush(new PartitionRequest(pid, 0, new InputChannelID(), Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		verify(view, times(1)).releaseAllResources();
		verify(view, times(1)).notifySubpartitionConsumed();
	}
	finally {
		shutdown(serverAndClient);
	}
}
 
Example #21
Source File: NettyClientServerSslTest.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
/**
 * Verify SSL handshake error when untrusted server certificate is used.
 */
@Test
public void testSslHandshakeError() throws Exception {
	NettyProtocol protocol = new NoOpProtocol();

	Configuration config = createSslConfig();

	// Use a server certificate which is not present in the truststore
	config.setString(SecurityOptions.SSL_INTERNAL_KEYSTORE, "src/test/resources/untrusted.keystore");

	NettyConfig nettyConfig = createNettyConfig(config);

	NettyTestUtil.NettyServerAndClient serverAndClient = NettyTestUtil.initServerAndClient(protocol, nettyConfig);

	Channel ch = NettyTestUtil.connect(serverAndClient);
	ch.pipeline().addLast(new StringDecoder()).addLast(new StringEncoder());

	// Attempting to write data over ssl should fail
	assertFalse(ch.writeAndFlush("test").await().isSuccess());

	NettyTestUtil.shutdown(serverAndClient);
}
 
Example #22
Source File: ClientTransportErrorHandlingTest.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
/**
 * Verifies that failed client requests via {@link PartitionRequestClient} are correctly
 * attributed to the respective {@link RemoteInputChannel}.
 */
@Test
public void testExceptionOnWrite() throws Exception {

	NettyProtocol protocol = new NettyProtocol(
			mock(ResultPartitionProvider.class),
			mock(TaskEventDispatcher.class),
			true) {

		@Override
		public ChannelHandler[] getServerChannelHandlers() {
			return new ChannelHandler[0];
		}
	};

	// We need a real server and client in this test, because Netty's EmbeddedChannel is
	// not failing the ChannelPromise of failed writes.
	NettyServerAndClient serverAndClient = initServerAndClient(protocol, createConfig());

	Channel ch = connect(serverAndClient);

	NetworkClientHandler handler = getClientHandler(ch);

	// Last outbound handler throws Exception after 1st write
	ch.pipeline().addFirst(new ChannelOutboundHandlerAdapter() {
		int writeNum = 0;

		@Override
		public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise)
				throws Exception {

			if (writeNum >= 1) {
				throw new RuntimeException("Expected test exception.");
			}

			writeNum++;
			ctx.write(msg, promise);
		}
	});

	PartitionRequestClient requestClient = new PartitionRequestClient(
			ch, handler, mock(ConnectionID.class), mock(PartitionRequestClientFactory.class));

	// Create input channels
	RemoteInputChannel[] rich = new RemoteInputChannel[] {
			createRemoteInputChannel(), createRemoteInputChannel()};

	final CountDownLatch sync = new CountDownLatch(1);

	// Do this with explicit synchronization. Otherwise this is not robust against slow timings
	// of the callback (e.g. we cannot just verify that it was called once, because there is
	// a chance that we do this too early).
	doAnswer(new Answer<Void>() {
		@Override
		public Void answer(InvocationOnMock invocation) throws Throwable {
			sync.countDown();
			return null;
		}
	}).when(rich[1]).onError(isA(LocalTransportException.class));

	// First request is successful
	ChannelFuture f = requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[0], 0);
	assertTrue(f.await().isSuccess());

	// Second request is *not* successful
	f = requestClient.requestSubpartition(new ResultPartitionID(), 0, rich[1], 0);
	assertFalse(f.await().isSuccess());

	// Only the second channel should be notified about the error
	verify(rich[0], times(0)).onError(any(LocalTransportException.class));

	// Wait for the notification
	if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
		fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
				" ms to be notified about the channel error.");
	}

	shutdown(serverAndClient);
}
 
Example #23
Source File: CancelPartitionRequestTest.java    From Flink-CEPplus with Apache License 2.0 4 votes vote down vote up
@Test
public void testDuplicateCancel() throws Exception {

	NettyServerAndClient serverAndClient = null;

	try {
		final TestPooledBufferProvider outboundBuffers = new TestPooledBufferProvider(16);

		ResultPartitionManager partitions = mock(ResultPartitionManager.class);

		ResultPartitionID pid = new ResultPartitionID();

		final CountDownLatch sync = new CountDownLatch(1);

		final ResultSubpartitionView view = spy(new InfiniteSubpartitionView(outboundBuffers, sync));

		// Return infinite subpartition
		when(partitions.createSubpartitionView(eq(pid), eq(0), any(BufferAvailabilityListener.class)))
				.thenAnswer(new Answer<ResultSubpartitionView>() {
					@Override
					public ResultSubpartitionView answer(InvocationOnMock invocationOnMock) throws Throwable {
						BufferAvailabilityListener listener = (BufferAvailabilityListener) invocationOnMock.getArguments()[2];
						listener.notifyDataAvailable();
						return view;
					}
				});

		NettyProtocol protocol = new NettyProtocol(
				partitions, mock(TaskEventDispatcher.class), true);

		serverAndClient = initServerAndClient(protocol);

		Channel ch = connect(serverAndClient);

		// Request for non-existing input channel => results in cancel request
		InputChannelID inputChannelId = new InputChannelID();

		ch.writeAndFlush(new PartitionRequest(pid, 0, inputChannelId, Integer.MAX_VALUE)).await();

		// Wait for the notification
		if (!sync.await(TestingUtils.TESTING_DURATION().toMillis(), TimeUnit.MILLISECONDS)) {
			fail("Timed out after waiting for " + TestingUtils.TESTING_DURATION().toMillis() +
					" ms to be notified about cancelled partition.");
		}

		ch.writeAndFlush(new CancelPartitionRequest(inputChannelId)).await();

		ch.close();

		NettyTestUtil.awaitClose(ch);

		verify(view, times(1)).releaseAllResources();
		verify(view, times(0)).notifySubpartitionConsumed();
	}
	finally {
		shutdown(serverAndClient);
	}
}