Java Code Examples for org.apache.flink.runtime.io.network.netty.SSLHandlerFactory#createNettySSLHandler()

The following examples show how to use org.apache.flink.runtime.io.network.netty.SSLHandlerFactory#createNettySSLHandler() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.

Example 1

Source File: SSLUtilsTest.java From Flink-CEPplus with Apache License 2.0

6 votes

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256");

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler();

	assertEquals(1, sslHandler.engine().getEnabledProtocols().length);
	assertEquals("TLSv1", sslHandler.engine().getEnabledProtocols()[0]);

	assertEquals(2, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(sslHandler.engine().getEnabledCipherSuites(), arrayContainingInAnyOrder(
			"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"));
}

Example 2

Source File: SSLUtilsTest.java From flink with Apache License 2.0

5 votes

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();
	final String[] sslAlgorithms;
	final String[] expectedSslProtocols;
	if (sslProvider.equalsIgnoreCase("OPENSSL")) {
		// openSSL does not support the same set of cipher algorithms!
		sslAlgorithms = new String[] {"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384"};
		expectedSslProtocols = new String[] {"SSLv2Hello", "TLSv1"};
	} else {
		sslAlgorithms = new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"};
		expectedSslProtocols = new String[] {"TLSv1"};
	}

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, String.join(",", sslAlgorithms));

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);

	assertEquals(expectedSslProtocols.length, sslHandler.engine().getEnabledProtocols().length);
	assertThat(
		sslHandler.engine().getEnabledProtocols(),
		arrayContainingInAnyOrder(expectedSslProtocols));

	assertEquals(sslAlgorithms.length, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(
		sslHandler.engine().getEnabledCipherSuites(),
		arrayContainingInAnyOrder(sslAlgorithms));
}

Example 3

Source File: SSLUtilsTest.java From flink with Apache License 2.0

5 votes

/**
 * Tests that {@link SSLHandlerFactory} is created correctly.
 */
@Test
public void testCreateSSLEngineFactory() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();
	final String[] sslAlgorithms;
	final String[] expectedSslProtocols;
	if (sslProvider.equalsIgnoreCase("OPENSSL")) {
		// openSSL does not support the same set of cipher algorithms!
		sslAlgorithms = new String[] {"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384"};
		expectedSslProtocols = new String[] {"SSLv2Hello", "TLSv1"};
	} else {
		sslAlgorithms = new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"};
		expectedSslProtocols = new String[] {"TLSv1"};
	}

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, String.join(",", sslAlgorithms));

	final SSLHandlerFactory serverSSLHandlerFactory = SSLUtils.createInternalServerSSLEngineFactory(serverConfig);
	final SslHandler sslHandler = serverSSLHandlerFactory.createNettySSLHandler(UnpooledByteBufAllocator.DEFAULT);

	assertEquals(expectedSslProtocols.length, sslHandler.engine().getEnabledProtocols().length);
	assertThat(
		sslHandler.engine().getEnabledProtocols(),
		arrayContainingInAnyOrder(expectedSslProtocols));

	assertEquals(sslAlgorithms.length, sslHandler.engine().getEnabledCipherSuites().length);
	assertThat(
		sslHandler.engine().getEnabledCipherSuites(),
		arrayContainingInAnyOrder(sslAlgorithms));
}