Issue #3464 - Split SslContextFactory into Client and Server
Introduced SslContextFactory subclasses Client and Server. Replaced all usages of SslContextFactory with either Client or Server as required. Refactored configuration checking so that warnings are not emitted when non necessary. Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
This commit is contained in:
parent
432fc41a32
commit
6fb243ff6c
|
@ -22,7 +22,6 @@ package org.eclipse.jetty.embedded;
|
|||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.lang.management.ManagementFactory;
|
||||
import java.nio.file.Files;
|
||||
import java.util.Date;
|
||||
import java.util.EnumSet;
|
||||
|
||||
|
@ -101,7 +100,7 @@ public class Http2Server
|
|||
String jetty_distro = System.getProperty("jetty.distro","../../jetty-distribution/target/distribution");
|
||||
if (!new File(jetty_distro).exists())
|
||||
jetty_distro = "jetty-distribution/target/distribution";
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(jetty_distro + "/demo-base/etc/keystore");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
|
|
@ -138,7 +138,7 @@ public class LikeJettyXml
|
|||
|
||||
// === jetty-https.xml ===
|
||||
// SSL Context Factory
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(jetty_home + "/../../../jetty-server/src/test/config/etc/keystore");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
|
|
@ -20,9 +20,7 @@ package org.eclipse.jetty.embedded;
|
|||
|
||||
import java.io.File;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.security.Security;
|
||||
|
||||
import org.conscrypt.OpenSSLProvider;
|
||||
import org.eclipse.jetty.http.HttpVersion;
|
||||
import org.eclipse.jetty.server.Connector;
|
||||
import org.eclipse.jetty.server.HttpConfiguration;
|
||||
|
@ -89,7 +87,7 @@ public class ManyConnectors
|
|||
// including things like choosing the particular certificate out of a
|
||||
// keystore to be used.
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
|
|
@ -44,7 +44,7 @@ public class ConscryptHTTP2Client
|
|||
public static void main(String[] args) throws Exception
|
||||
{
|
||||
Security.addProvider(new OpenSSLProvider());
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
sslContextFactory.setProvider("Conscrypt");
|
||||
HTTP2Client client = new HTTP2Client();
|
||||
client.addBean(sslContextFactory);
|
||||
|
|
|
@ -61,24 +61,35 @@ public class ConscryptHTTP2ServerTest
|
|||
|
||||
private Server server = new Server();
|
||||
|
||||
private SslContextFactory newSslContextFactory()
|
||||
private SslContextFactory.Server newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private SslContextFactory.Client newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
Path path = Paths.get("src", "test", "resources");
|
||||
File keys = path.resolve("keystore").toFile();
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setTrustStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setProvider("Conscrypt");
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
if (JavaVersion.VERSION.getPlatform() < 9)
|
||||
{
|
||||
// Conscrypt enables TLSv1.3 by default but it's not supported in Java 8.
|
||||
sslContextFactory.addExcludeProtocols("TLSv1.3");
|
||||
}
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
@BeforeEach
|
||||
|
@ -95,7 +106,7 @@ public class ConscryptHTTP2ServerTest
|
|||
HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig);
|
||||
ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
|
||||
alpn.setDefaultProtocol(http.getProtocol());
|
||||
SslConnectionFactory ssl = new SslConnectionFactory(newSslContextFactory(), alpn.getProtocol());
|
||||
SslConnectionFactory ssl = new SslConnectionFactory(newServerSslContextFactory(), alpn.getProtocol());
|
||||
|
||||
ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, http);
|
||||
http2Connector.setPort(0);
|
||||
|
@ -125,7 +136,7 @@ public class ConscryptHTTP2ServerTest
|
|||
public void testSimpleRequest() throws Exception
|
||||
{
|
||||
HTTP2Client h2Client = new HTTP2Client();
|
||||
HttpClient client = new HttpClient(new HttpClientTransportOverHTTP2(h2Client), newSslContextFactory());
|
||||
HttpClient client = new HttpClient(new HttpClientTransportOverHTTP2(h2Client), newClientSslContextFactory());
|
||||
client.start();
|
||||
try
|
||||
{
|
||||
|
|
|
@ -42,7 +42,7 @@ public class JDK9HTTP2Client
|
|||
public static void main(String[] args) throws Exception
|
||||
{
|
||||
HTTP2Client client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
client.addBean(sslContextFactory);
|
||||
client.start();
|
||||
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.alpn.java.server;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -47,6 +44,9 @@ import org.eclipse.jetty.server.handler.AbstractHandler;
|
|||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
|
||||
public class JDK9ALPNTest
|
||||
{
|
||||
private Server server;
|
||||
|
@ -68,7 +68,7 @@ public class JDK9ALPNTest
|
|||
|
||||
private SslContextFactory newSslContextFactory()
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
@ -90,7 +90,7 @@ public class JDK9ALPNTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
|
||||
sslContextFactory.start();
|
||||
SSLContext sslContext = sslContextFactory.getSslContext();
|
||||
try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket("localhost", connector.getLocalPort()))
|
||||
|
@ -132,7 +132,7 @@ public class JDK9ALPNTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
|
||||
sslContextFactory.start();
|
||||
SSLContext sslContext = sslContextFactory.getSslContext();
|
||||
try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket("localhost", connector.getLocalPort()))
|
||||
|
|
|
@ -45,7 +45,7 @@ public class JDK9HTTP2Server
|
|||
httpsConfig.setSendServerVersion(true);
|
||||
httpsConfig.addCustomizer(new SecureRequestCustomizer());
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
|
|
@ -42,7 +42,7 @@ public class OpenJDK8HTTP2Client
|
|||
public static void main(String[] args) throws Exception
|
||||
{
|
||||
HTTP2Client client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
client.addBean(sslContextFactory);
|
||||
client.start();
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ public class OpenJDK8HTTP2Server
|
|||
httpsConfig.setSendServerVersion(true);
|
||||
httpsConfig.addCustomizer(new SecureRequestCustomizer());
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
|
|
@ -58,7 +58,7 @@ public abstract class AbstractHttpClientServerTest
|
|||
serverThreads.setName("server");
|
||||
server = new Server(serverThreads);
|
||||
}
|
||||
connector = new ServerConnector(server, scenario.newSslContextFactory());
|
||||
connector = new ServerConnector(server, scenario.newServerSslContextFactory());
|
||||
connector.setPort(0);
|
||||
server.addConnector(connector);
|
||||
server.setHandler(handler);
|
||||
|
@ -67,12 +67,12 @@ public abstract class AbstractHttpClientServerTest
|
|||
|
||||
protected void startClient(final Scenario scenario) throws Exception
|
||||
{
|
||||
startClient(scenario, null,null);
|
||||
startClient(scenario, null, null);
|
||||
}
|
||||
|
||||
protected void startClient(final Scenario scenario, HttpClientTransport transport, Consumer<HttpClient> config) throws Exception
|
||||
{
|
||||
if (transport==null)
|
||||
if (transport == null)
|
||||
transport = new HttpClientTransportOverHTTP(1);
|
||||
|
||||
QueuedThreadPool executor = new QueuedThreadPool();
|
||||
|
@ -82,7 +82,7 @@ public abstract class AbstractHttpClientServerTest
|
|||
client.setExecutor(executor);
|
||||
client.setScheduler(scheduler);
|
||||
client.setSocketAddressResolver(new SocketAddressResolver.Sync());
|
||||
if (config!=null)
|
||||
if (config != null)
|
||||
config.accept(client);
|
||||
|
||||
client.start();
|
||||
|
@ -90,7 +90,7 @@ public abstract class AbstractHttpClientServerTest
|
|||
|
||||
public HttpClient newHttpClient(Scenario scenario, HttpClientTransport transport)
|
||||
{
|
||||
return new HttpClient(transport, scenario.newSslContextFactory());
|
||||
return new HttpClient(transport, scenario.newClientSslContextFactory());
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
|
@ -113,9 +113,10 @@ public abstract class AbstractHttpClientServerTest
|
|||
}
|
||||
}
|
||||
|
||||
public static class ScenarioProvider implements ArgumentsProvider {
|
||||
public static class ScenarioProvider implements ArgumentsProvider
|
||||
{
|
||||
@Override
|
||||
public Stream<? extends Arguments> provideArguments(ExtensionContext context) throws Exception
|
||||
public Stream<? extends Arguments> provideArguments(ExtensionContext context)
|
||||
{
|
||||
return Stream.of(
|
||||
new NormalScenario(),
|
||||
|
@ -125,9 +126,10 @@ public abstract class AbstractHttpClientServerTest
|
|||
}
|
||||
}
|
||||
|
||||
public static class NonSslScenarioProvider implements ArgumentsProvider {
|
||||
public static class NonSslScenarioProvider implements ArgumentsProvider
|
||||
{
|
||||
@Override
|
||||
public Stream<? extends Arguments> provideArguments(ExtensionContext context) throws Exception
|
||||
public Stream<? extends Arguments> provideArguments(ExtensionContext context)
|
||||
{
|
||||
return Stream.of(
|
||||
new NormalScenario()
|
||||
|
@ -138,12 +140,27 @@ public abstract class AbstractHttpClientServerTest
|
|||
|
||||
public interface Scenario
|
||||
{
|
||||
default SslContextFactory newSslContextFactory() { return null; }
|
||||
SslContextFactory newClientSslContextFactory();
|
||||
|
||||
SslContextFactory newServerSslContextFactory();
|
||||
|
||||
String getScheme();
|
||||
}
|
||||
|
||||
public static class NormalScenario implements Scenario
|
||||
{
|
||||
@Override
|
||||
public SslContextFactory newClientSslContextFactory()
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public SslContextFactory newServerSslContextFactory()
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getScheme()
|
||||
{
|
||||
|
@ -160,15 +177,27 @@ public abstract class AbstractHttpClientServerTest
|
|||
public static class SslScenario implements Scenario
|
||||
{
|
||||
@Override
|
||||
public SslContextFactory newSslContextFactory()
|
||||
public SslContextFactory newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client result = new SslContextFactory.Client();
|
||||
result.setEndpointIdentificationAlgorithm(null);
|
||||
configure(result);
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public SslContextFactory newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server result = new SslContextFactory.Server();
|
||||
configure(result);
|
||||
return result;
|
||||
}
|
||||
|
||||
private void configure(SslContextFactory ssl)
|
||||
{
|
||||
Path keystorePath = MavenTestingUtils.getTestResourcePath("keystore.jks");
|
||||
|
||||
SslContextFactory ssl = new SslContextFactory();
|
||||
ssl.setEndpointIdentificationAlgorithm("");
|
||||
ssl.setKeyStorePath(keystorePath.toString());
|
||||
ssl.setKeyStorePassword("storepwd");
|
||||
return ssl;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assumptions.assumeTrue;
|
||||
|
||||
import java.net.Socket;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
@ -36,6 +32,10 @@ import org.junit.jupiter.api.BeforeEach;
|
|||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assumptions.assumeTrue;
|
||||
|
||||
@Disabled
|
||||
public class ExternalSiteTest
|
||||
{
|
||||
|
@ -44,7 +44,7 @@ public class ExternalSiteTest
|
|||
@BeforeEach
|
||||
public void prepare() throws Exception
|
||||
{
|
||||
client = new HttpClient(new SslContextFactory());
|
||||
client = new HttpClient(new SslContextFactory.Client());
|
||||
client.start();
|
||||
}
|
||||
|
||||
|
@ -94,7 +94,7 @@ public class ExternalSiteTest
|
|||
public void testExternalSSLSite() throws Exception
|
||||
{
|
||||
client.stop();
|
||||
client = new HttpClient(new SslContextFactory());
|
||||
client = new HttpClient(new SslContextFactory.Client());
|
||||
client.start();
|
||||
|
||||
String host = "api-3t.paypal.com";
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
|
@ -40,11 +36,14 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
|
|||
import org.eclipse.jetty.util.thread.QueuedThreadPool;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
/**
|
||||
* This test class runs tests to make sure that hostname verification (http://www.ietf.org/rfc/rfc2818.txt
|
||||
* section 3.1) is configurable in SslContextFactory and works as expected.
|
||||
|
@ -52,7 +51,7 @@ import org.junit.jupiter.api.Test;
|
|||
@Disabled
|
||||
public class HostnameVerificationTest
|
||||
{
|
||||
private SslContextFactory clientSslContextFactory = new SslContextFactory();
|
||||
private SslContextFactory clientSslContextFactory = new SslContextFactory.Client();
|
||||
private Server server;
|
||||
private HttpClient client;
|
||||
private NetworkConnector connector;
|
||||
|
@ -64,7 +63,7 @@ public class HostnameVerificationTest
|
|||
serverThreads.setName("server");
|
||||
server = new Server(serverThreads);
|
||||
|
||||
SslContextFactory serverSslContextFactory = new SslContextFactory();
|
||||
SslContextFactory serverSslContextFactory = new SslContextFactory.Server();
|
||||
serverSslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
serverSslContextFactory.setKeyStorePassword("storepwd");
|
||||
connector = new ServerConnector(server, serverSslContextFactory);
|
||||
|
|
|
@ -89,13 +89,25 @@ public class HttpClientTLSTest
|
|||
client.start();
|
||||
}
|
||||
|
||||
private SslContextFactory createSslContextFactory()
|
||||
private SslContextFactory.Server createServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private SslContextFactory.Client createClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
|
@ -110,7 +122,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testNoCommonTLSProtocol() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
serverTLSFactory.setIncludeProtocols("TLSv1.3");
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
|
@ -124,7 +136,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
clientTLSFactory.setIncludeProtocols("TLSv1.2");
|
||||
startClient(clientTLSFactory);
|
||||
|
||||
|
@ -151,7 +163,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testNoCommonTLSCiphers() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
serverTLSFactory.setIncludeCipherSuites("TLS_RSA_WITH_AES_128_CBC_SHA");
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
|
@ -165,7 +177,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
clientTLSFactory.setExcludeCipherSuites(".*_SHA$");
|
||||
startClient(clientTLSFactory);
|
||||
|
||||
|
@ -192,7 +204,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testMismatchBetweenTLSProtocolAndTLSCiphersOnServer() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
// TLS 1.1 protocol, but only TLS 1.2 ciphers.
|
||||
serverTLSFactory.setIncludeProtocols("TLSv1.1");
|
||||
serverTLSFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
|
||||
|
@ -208,7 +220,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
startClient(clientTLSFactory);
|
||||
|
||||
CountDownLatch clientLatch = new CountDownLatch(1);
|
||||
|
@ -237,7 +249,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testMismatchBetweenTLSProtocolAndTLSCiphersOnClient() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
CountDownLatch serverLatch = new CountDownLatch(1);
|
||||
|
@ -250,7 +262,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
// TLS 1.1 protocol, but only TLS 1.2 ciphers.
|
||||
clientTLSFactory.setIncludeProtocols("TLSv1.1");
|
||||
clientTLSFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
|
||||
|
@ -279,7 +291,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testHandshakeSucceeded() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
CountDownLatch serverLatch = new CountDownLatch(1);
|
||||
|
@ -292,7 +304,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
startClient(clientTLSFactory);
|
||||
|
||||
CountDownLatch clientLatch = new CountDownLatch(1);
|
||||
|
@ -318,7 +330,7 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testHandshakeSucceededWithSessionResumption() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
AtomicReference<byte[]> serverSession = new AtomicReference<>();
|
||||
|
@ -331,7 +343,7 @@ public class HttpClientTLSTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
startClient(clientTLSFactory);
|
||||
|
||||
AtomicReference<byte[]> clientSession = new AtomicReference<>();
|
||||
|
@ -398,10 +410,10 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testClientRawCloseDoesNotInvalidateSession() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
clientTLSFactory.start();
|
||||
|
||||
String host = "localhost";
|
||||
|
@ -453,13 +465,13 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testServerRawCloseDetectedByClient() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
serverTLSFactory.start();
|
||||
try (ServerSocket server = new ServerSocket(0))
|
||||
{
|
||||
QueuedThreadPool clientThreads = new QueuedThreadPool();
|
||||
clientThreads.setName("client");
|
||||
client = new HttpClient(createSslContextFactory())
|
||||
client = new HttpClient(createClientSslContextFactory())
|
||||
{
|
||||
@Override
|
||||
protected ClientConnectionFactory newSslClientConnectionFactory(ClientConnectionFactory connectionFactory)
|
||||
|
@ -523,10 +535,10 @@ public class HttpClientTLSTest
|
|||
@Test
|
||||
public void testHostNameVerificationFailure() throws Exception
|
||||
{
|
||||
SslContextFactory serverTLSFactory = createSslContextFactory();
|
||||
SslContextFactory serverTLSFactory = createServerSslContextFactory();
|
||||
startServer(serverTLSFactory, new EmptyServerHandler());
|
||||
|
||||
SslContextFactory clientTLSFactory = createSslContextFactory();
|
||||
SslContextFactory clientTLSFactory = createClientSslContextFactory();
|
||||
// Make sure the host name is not verified at the TLS level.
|
||||
clientTLSFactory.setEndpointIdentificationAlgorithm(null);
|
||||
// Add host name verification after the TLS handshake.
|
||||
|
|
|
@ -18,16 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.instanceOf;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -106,12 +96,21 @@ import org.junit.jupiter.api.extension.ExtendWith;
|
|||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.ArgumentsSource;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.instanceOf;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
@ExtendWith(WorkDirExtension.class)
|
||||
public class HttpClientTest extends AbstractHttpClientServerTest
|
||||
{
|
||||
public WorkDir testdir;
|
||||
|
||||
|
||||
@ParameterizedTest
|
||||
@ArgumentsSource(ScenarioProvider.class)
|
||||
public void testStoppingClosesConnections(Scenario scenario) throws Exception
|
||||
|
@ -1529,7 +1528,7 @@ public class HttpClientTest extends AbstractHttpClientServerTest
|
|||
}
|
||||
};
|
||||
}
|
||||
}, scenario.newSslContextFactory());
|
||||
}, scenario.newClientSslContextFactory());
|
||||
client.start();
|
||||
|
||||
final CountDownLatch latch = new CountDownLatch(2);
|
||||
|
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -42,14 +40,15 @@ import org.junit.jupiter.api.AfterEach;
|
|||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.EnumSource;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class TLSServerConnectionCloseTest
|
||||
{
|
||||
private HttpClient client;
|
||||
|
||||
private void startClient() throws Exception
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client.ssl;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.security.cert.Certificate;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
@ -43,9 +38,13 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
|
|||
import org.eclipse.jetty.util.thread.QueuedThreadPool;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
/**
|
||||
* In order to work, client authentication needs a certificate
|
||||
* signed by a CA that also signed the server certificate.
|
||||
|
@ -81,10 +80,9 @@ public class NeedWantClientAuthTest
|
|||
client.start();
|
||||
}
|
||||
|
||||
private SslContextFactory createSslContextFactory()
|
||||
private SslContextFactory.Server createServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
return sslContextFactory;
|
||||
|
@ -102,11 +100,11 @@ public class NeedWantClientAuthTest
|
|||
@Test
|
||||
public void testWantClientAuthWithoutAuth() throws Exception
|
||||
{
|
||||
SslContextFactory serverSSL = createSslContextFactory();
|
||||
SslContextFactory.Server serverSSL = createServerSslContextFactory();
|
||||
serverSSL.setWantClientAuth(true);
|
||||
startServer(serverSSL, new EmptyServerHandler());
|
||||
|
||||
SslContextFactory clientSSL = new SslContextFactory(true);
|
||||
SslContextFactory clientSSL = new SslContextFactory.Client(true);
|
||||
startClient(clientSSL);
|
||||
|
||||
ContentResponse response = client.newRequest("https://localhost:" + connector.getLocalPort())
|
||||
|
@ -119,7 +117,7 @@ public class NeedWantClientAuthTest
|
|||
@Test
|
||||
public void testWantClientAuthWithAuth() throws Exception
|
||||
{
|
||||
SslContextFactory serverSSL = createSslContextFactory();
|
||||
SslContextFactory.Server serverSSL = createServerSslContextFactory();
|
||||
serverSSL.setWantClientAuth(true);
|
||||
startServer(serverSSL, new EmptyServerHandler());
|
||||
CountDownLatch handshakeLatch = new CountDownLatch(1);
|
||||
|
@ -143,7 +141,7 @@ public class NeedWantClientAuthTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientSSL = new SslContextFactory(true);
|
||||
SslContextFactory clientSSL = new SslContextFactory.Client(true);
|
||||
clientSSL.setKeyStorePath("src/test/resources/client_keystore.jks");
|
||||
clientSSL.setKeyStorePassword("storepwd");
|
||||
startClient(clientSSL);
|
||||
|
@ -166,11 +164,11 @@ public class NeedWantClientAuthTest
|
|||
// The server still sends bad_certificate to the client, but the client handshake has already
|
||||
// completed successfully its TLS handshake.
|
||||
|
||||
SslContextFactory serverSSL = createSslContextFactory();
|
||||
SslContextFactory.Server serverSSL = createServerSslContextFactory();
|
||||
serverSSL.setNeedClientAuth(true);
|
||||
startServer(serverSSL, new EmptyServerHandler());
|
||||
|
||||
SslContextFactory clientSSL = new SslContextFactory(true);
|
||||
SslContextFactory clientSSL = new SslContextFactory.Client(true);
|
||||
startClient(clientSSL);
|
||||
CountDownLatch handshakeLatch = new CountDownLatch(1);
|
||||
client.addBean(new SslHandshakeListener()
|
||||
|
@ -210,7 +208,7 @@ public class NeedWantClientAuthTest
|
|||
@Test
|
||||
public void testNeedClientAuthWithAuth() throws Exception
|
||||
{
|
||||
SslContextFactory serverSSL = createSslContextFactory();
|
||||
SslContextFactory.Server serverSSL = createServerSslContextFactory();
|
||||
serverSSL.setNeedClientAuth(true);
|
||||
startServer(serverSSL, new EmptyServerHandler());
|
||||
CountDownLatch handshakeLatch = new CountDownLatch(1);
|
||||
|
@ -234,7 +232,7 @@ public class NeedWantClientAuthTest
|
|||
}
|
||||
});
|
||||
|
||||
SslContextFactory clientSSL = new SslContextFactory(true);
|
||||
SslContextFactory clientSSL = new SslContextFactory.Client(true);
|
||||
clientSSL.setKeyStorePath("src/test/resources/client_keystore.jks");
|
||||
clientSSL.setKeyStorePassword("storepwd");
|
||||
startClient(clientSSL);
|
||||
|
|
|
@ -70,7 +70,7 @@ public class SslBytesClientTest extends SslBytesTest
|
|||
{
|
||||
threadPool = Executors.newCachedThreadPool();
|
||||
|
||||
sslContextFactory = new SslContextFactory(true);
|
||||
sslContextFactory = new SslContextFactory.Client(true);
|
||||
client = new HttpClient(sslContextFactory);
|
||||
client.setMaxConnectionsPerDestination(1);
|
||||
File keyStore = MavenTestingUtils.getTestResourceFile("keystore.jks");
|
||||
|
|
|
@ -119,7 +119,7 @@ public class SslBytesServerTest extends SslBytesTest
|
|||
serverEndPoint.set(null);
|
||||
|
||||
File keyStore = MavenTestingUtils.getTestResourceFile("keystore.jks");
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keyStore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
|
||||
|
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.client.ssl;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import java.io.File;
|
||||
import java.nio.ByteBuffer;
|
||||
|
||||
|
@ -36,16 +34,17 @@ import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
|||
import org.eclipse.jetty.util.BufferUtil;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.eclipse.jetty.util.thread.QueuedThreadPool;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
public class SslConnectionTest
|
||||
{
|
||||
@Test
|
||||
public void testSslConnectionClosedBeforeFill() throws Exception
|
||||
{
|
||||
File keyStore = MavenTestingUtils.getTestResourceFile("keystore.jks");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keyStore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.start();
|
||||
|
|
|
@ -790,7 +790,7 @@ To do this, first create a new `${jetty.base}/etc/tweak-ssl.xml` file (this can
|
|||
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN"
|
||||
"http://www.eclipse.org/jetty/configure_9_3.dtd">
|
||||
<!-- Tweak SsslContextFactory Includes / Excludes -->
|
||||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
||||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
|
||||
<!-- Mitigate SLOTH Attack -->
|
||||
<Call name="addExcludeCipherSuites">
|
||||
<Arg>
|
||||
|
|
|
@ -36,8 +36,7 @@ public class DrupalHTTP2FastCGIProxyServer
|
|||
{
|
||||
public static void main(String[] args) throws Exception
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.fcgi.server.proxy;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.EnumSet;
|
||||
|
||||
|
@ -41,6 +38,9 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
|
|||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class TryFilesFilterTest
|
||||
{
|
||||
private Server server;
|
||||
|
@ -55,8 +55,7 @@ public class TryFilesFilterTest
|
|||
connector = new ServerConnector(server);
|
||||
server.addConnector(connector);
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
|
||||
|
|
|
@ -43,8 +43,7 @@ public class WordPressHTTP2FastCGIProxyServer
|
|||
{
|
||||
int tlsPort = 8443;
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.http2.alpn.tests;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.InputStream;
|
||||
import java.io.InputStreamReader;
|
||||
|
@ -43,13 +38,18 @@ import org.eclipse.jetty.util.BufferUtil;
|
|||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class ALPNNegotiationTest extends AbstractALPNTest
|
||||
{
|
||||
@Test
|
||||
public void testGentleCloseDuringHandshake() throws Exception
|
||||
{
|
||||
InetSocketAddress address = prepare();
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
sslContextFactory.start();
|
||||
SSLEngine sslEngine = sslContextFactory.newSSLEngine(address);
|
||||
sslEngine.setUseClientMode(true);
|
||||
|
@ -113,7 +113,7 @@ public class ALPNNegotiationTest extends AbstractALPNTest
|
|||
public void testAbruptCloseDuringHandshake() throws Exception
|
||||
{
|
||||
InetSocketAddress address = prepare();
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
sslContextFactory.start();
|
||||
SSLEngine sslEngine = sslContextFactory.newSSLEngine(address);
|
||||
sslEngine.setUseClientMode(true);
|
||||
|
@ -175,7 +175,7 @@ public class ALPNNegotiationTest extends AbstractALPNTest
|
|||
{
|
||||
InetSocketAddress address = prepare();
|
||||
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
sslContextFactory.start();
|
||||
SSLContext sslContext = sslContextFactory.getSslContext();
|
||||
|
||||
|
@ -228,7 +228,7 @@ public class ALPNNegotiationTest extends AbstractALPNTest
|
|||
{
|
||||
InetSocketAddress address = prepare();
|
||||
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
sslContextFactory.start();
|
||||
SSLContext sslContext = sslContextFactory.getSslContext();
|
||||
try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket(address.getAddress(), address.getPort()))
|
||||
|
@ -280,7 +280,7 @@ public class ALPNNegotiationTest extends AbstractALPNTest
|
|||
{
|
||||
InetSocketAddress address = prepare();
|
||||
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
sslContextFactory.start();
|
||||
SSLContext sslContext = sslContextFactory.getSslContext();
|
||||
try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket(address.getAddress(), address.getPort()))
|
||||
|
|
|
@ -49,7 +49,7 @@ public class AbstractALPNTest
|
|||
ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
|
||||
alpn.setDefaultProtocol(h1.getProtocol());
|
||||
|
||||
connector = new ServerConnector(server, newSslContextFactory(), alpn, h1, h2);
|
||||
connector = new ServerConnector(server, newServerSslContextFactory(), alpn, h1, h2);
|
||||
connector.setPort(0);
|
||||
connector.setIdleTimeout(30000);
|
||||
server.addConnector(connector);
|
||||
|
@ -60,9 +60,22 @@ public class AbstractALPNTest
|
|||
return new InetSocketAddress("localhost", connector.getLocalPort());
|
||||
}
|
||||
|
||||
protected SslContextFactory newSslContextFactory()
|
||||
protected SslContextFactory.Server newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server result = new SslContextFactory.Server();
|
||||
configureSslContextFactory(result);
|
||||
return result;
|
||||
}
|
||||
|
||||
protected SslContextFactory.Client newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client result = new SslContextFactory.Client();
|
||||
configureSslContextFactory(result);
|
||||
return result;
|
||||
}
|
||||
|
||||
private void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
|
||||
|
@ -70,7 +83,6 @@ public class AbstractALPNTest
|
|||
sslContextFactory.setIncludeProtocols("TLSv1.2");
|
||||
// The mandatory HTTP/2 cipher.
|
||||
sslContextFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
|
|
|
@ -43,7 +43,7 @@ public class Client
|
|||
public static void main(String[] args) throws Exception
|
||||
{
|
||||
HTTP2Client client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
client.addBean(sslContextFactory);
|
||||
client.start();
|
||||
|
||||
|
|
|
@ -68,7 +68,7 @@ public class DirectHTTP2OverTLSTest
|
|||
HttpConfiguration httpsConfig = new HttpConfiguration();
|
||||
httpsConfig.addCustomizer(new SecureRequestCustomizer());
|
||||
ConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig);
|
||||
ConnectionFactory ssl = new SslConnectionFactory(newSslContextFactory(), h2.getProtocol());
|
||||
ConnectionFactory ssl = new SslConnectionFactory(newServerSslContextFactory(), h2.getProtocol());
|
||||
connector = new ServerConnector(server, 1, 1, ssl, h2);
|
||||
server.addConnector(connector);
|
||||
server.setHandler(handler);
|
||||
|
@ -81,8 +81,7 @@ public class DirectHTTP2OverTLSTest
|
|||
clientThreads.setName("client");
|
||||
HttpClientTransportOverHTTP2 transport = new HttpClientTransportOverHTTP2(new HTTP2Client());
|
||||
transport.setUseALPN(false);
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
client = new HttpClient(transport, sslContextFactory);
|
||||
client.setExecutor(clientThreads);
|
||||
client.start();
|
||||
|
@ -97,14 +96,27 @@ public class DirectHTTP2OverTLSTest
|
|||
server.stop();
|
||||
}
|
||||
|
||||
private SslContextFactory newSslContextFactory()
|
||||
private SslContextFactory.Server newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private SslContextFactory.Client newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setUseCipherSuitesOrder(true);
|
||||
sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -18,15 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.http2.client.http;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThanOrEqualTo;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertSame;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -87,6 +78,15 @@ import org.eclipse.jetty.util.thread.QueuedThreadPool;
|
|||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThanOrEqualTo;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertSame;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class HttpClientTransportOverHTTP2Test extends AbstractTest
|
||||
{
|
||||
@Test
|
||||
|
@ -601,7 +601,7 @@ public class HttpClientTransportOverHTTP2Test extends AbstractTest
|
|||
public void testExternalServer() throws Exception
|
||||
{
|
||||
HTTP2Client http2Client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
HttpClient httpClient = new HttpClient(new HttpClientTransportOverHTTP2(http2Client), sslContextFactory);
|
||||
Executor executor = new QueuedThreadPool();
|
||||
httpClient.setExecutor(executor);
|
||||
|
|
|
@ -18,15 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.io;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.greaterThanOrEqualTo;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
import java.io.BufferedInputStream;
|
||||
import java.io.BufferedOutputStream;
|
||||
import java.io.File;
|
||||
|
@ -73,6 +64,15 @@ import org.junit.jupiter.params.ParameterizedTest;
|
|||
import org.junit.jupiter.params.provider.Arguments;
|
||||
import org.junit.jupiter.params.provider.MethodSource;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.greaterThanOrEqualTo;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
@SuppressWarnings("Duplicates")
|
||||
public class SocketChannelEndPointTest
|
||||
{
|
||||
|
@ -626,24 +626,23 @@ public class SocketChannelEndPointTest
|
|||
public static class SslScenario implements Scenario
|
||||
{
|
||||
private final NormalScenario _normalScenario;
|
||||
private final SslContextFactory __sslCtxFactory = new SslContextFactory();
|
||||
private final ByteBufferPool __byteBufferPool = new MappedByteBufferPool();
|
||||
private final SslContextFactory _sslCtxFactory = new SslContextFactory.Server();
|
||||
private final ByteBufferPool _byteBufferPool = new MappedByteBufferPool();
|
||||
|
||||
public SslScenario(NormalScenario normalScenario) throws Exception
|
||||
{
|
||||
_normalScenario = normalScenario;
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
__sslCtxFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
__sslCtxFactory.setKeyStorePassword("storepwd");
|
||||
__sslCtxFactory.setKeyManagerPassword("keypwd");
|
||||
__sslCtxFactory.setEndpointIdentificationAlgorithm("");
|
||||
__sslCtxFactory.start();
|
||||
_sslCtxFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
_sslCtxFactory.setKeyStorePassword("storepwd");
|
||||
_sslCtxFactory.setKeyManagerPassword("keypwd");
|
||||
_sslCtxFactory.start();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Socket newClient(ServerSocketChannel connector) throws IOException
|
||||
{
|
||||
SSLSocket socket = __sslCtxFactory.newSslSocket();
|
||||
SSLSocket socket = _sslCtxFactory.newSslSocket();
|
||||
socket.connect(connector.socket().getLocalSocketAddress());
|
||||
return socket;
|
||||
}
|
||||
|
@ -651,11 +650,11 @@ public class SocketChannelEndPointTest
|
|||
@Override
|
||||
public Connection newConnection(SelectableChannel channel, EndPoint endpoint, Executor executor, AtomicInteger blockAt, AtomicInteger writeCount)
|
||||
{
|
||||
SSLEngine engine = __sslCtxFactory.newSSLEngine();
|
||||
SSLEngine engine = _sslCtxFactory.newSSLEngine();
|
||||
engine.setUseClientMode(false);
|
||||
SslConnection sslConnection = new SslConnection(__byteBufferPool, executor, endpoint, engine);
|
||||
sslConnection.setRenegotiationAllowed(__sslCtxFactory.isRenegotiationAllowed());
|
||||
sslConnection.setRenegotiationLimit(__sslCtxFactory.getRenegotiationLimit());
|
||||
SslConnection sslConnection = new SslConnection(_byteBufferPool, executor, endpoint, engine);
|
||||
sslConnection.setRenegotiationAllowed(_sslCtxFactory.isRenegotiationAllowed());
|
||||
sslConnection.setRenegotiationLimit(_sslCtxFactory.getRenegotiationLimit());
|
||||
Connection appConnection = _normalScenario.newConnection(channel, sslConnection.getDecryptedEndPoint(), executor, blockAt, writeCount);
|
||||
sslConnection.getDecryptedEndPoint().setConnection(appConnection);
|
||||
return sslConnection;
|
||||
|
|
|
@ -60,7 +60,7 @@ public class SslConnectionTest
|
|||
private static final int TIMEOUT = 1000000;
|
||||
private static ByteBufferPool __byteBufferPool = new LeakTrackingByteBufferPool(new MappedByteBufferPool.Tagged());
|
||||
|
||||
private final SslContextFactory _sslCtxFactory =new SslContextFactory();
|
||||
private final SslContextFactory _sslCtxFactory = new SslContextFactory.Server();
|
||||
protected volatile EndPoint _lastEndp;
|
||||
private volatile boolean _testFill=true;
|
||||
private volatile FutureCallback _writeCallback;
|
||||
|
@ -92,7 +92,6 @@ public class SslConnectionTest
|
|||
return sslConnection;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
protected EndPoint newEndPoint(SelectableChannel channel, ManagedSelector selector, SelectionKey selectionKey)
|
||||
{
|
||||
|
@ -133,7 +132,6 @@ public class SslConnectionTest
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
@BeforeEach
|
||||
public void initSSL() throws Exception
|
||||
{
|
||||
|
@ -143,7 +141,6 @@ public class SslConnectionTest
|
|||
_sslCtxFactory.setKeyManagerPassword("keypwd");
|
||||
_sslCtxFactory.setRenegotiationAllowed(true);
|
||||
_sslCtxFactory.setRenegotiationLimit(-1);
|
||||
_sslCtxFactory.setEndpointIdentificationAlgorithm(null);
|
||||
startManager();
|
||||
}
|
||||
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.io;
|
||||
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
|
||||
import java.io.File;
|
||||
import java.nio.ByteBuffer;
|
||||
|
||||
|
@ -32,12 +28,15 @@ import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
|||
import org.eclipse.jetty.util.BufferUtil;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.junit.jupiter.api.AfterAll;
|
||||
|
||||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.condition.EnabledOnJre;
|
||||
import org.junit.jupiter.api.condition.JRE;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class SslEngineBehaviorTest
|
||||
{
|
||||
private static SslContextFactory sslCtxFactory;
|
||||
|
@ -45,12 +44,11 @@ public class SslEngineBehaviorTest
|
|||
@BeforeAll
|
||||
public static void startSsl() throws Exception
|
||||
{
|
||||
sslCtxFactory = new SslContextFactory();
|
||||
sslCtxFactory = new SslContextFactory.Server();
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
sslCtxFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
sslCtxFactory.setKeyStorePassword("storepwd");
|
||||
sslCtxFactory.setKeyManagerPassword("keypwd");
|
||||
sslCtxFactory.setEndpointIdentificationAlgorithm("");
|
||||
sslCtxFactory.start();
|
||||
}
|
||||
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.jmx;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.net.ConnectException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.ServerSocket;
|
||||
|
@ -40,6 +36,10 @@ import org.junit.jupiter.api.AfterEach;
|
|||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
/**
|
||||
* Running the tests of this class in the same JVM results often in
|
||||
* <pre>
|
||||
|
@ -227,7 +227,7 @@ public class ConnectorServerTest
|
|||
@Test
|
||||
public void testJMXOverTLS() throws Exception
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
String keyStorePath = MavenTestingUtils.getTestResourcePath("keystore.jks").toString();
|
||||
String keyStorePassword = "storepwd";
|
||||
sslContextFactory.setKeyStorePath(keyStorePath);
|
||||
|
|
|
@ -29,13 +29,12 @@
|
|||
<!-- ============================================================= -->
|
||||
<!-- Create a TLS (SSL) Context Factory for later reuse -->
|
||||
<!-- ============================================================= -->
|
||||
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
||||
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
|
||||
<Set name="Provider"><SystemProperty name="jetty.sslContext.provider"/></Set>
|
||||
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" default="etc/keystore"/></Set>
|
||||
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
||||
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" default="etc/keystore"/></Set>
|
||||
<Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
||||
<Set name="EndpointIdentificationAlgorithm"></Set>
|
||||
<Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" default="false"/></Set>
|
||||
<Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" default="false"/></Set>
|
||||
<Set name="ExcludeCipherSuites">
|
||||
|
|
|
@ -154,7 +154,7 @@ public class TestJettyOSGiBootHTTP2
|
|||
|
||||
//set up client to do http2
|
||||
http2Client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setTrustStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
|
||||
|
|
|
@ -139,7 +139,7 @@ public class TestJettyOSGiBootHTTP2Conscrypt
|
|||
File keys = path.resolve("etc").resolve("keystore").toFile();
|
||||
|
||||
HTTP2Client http2Client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setTrustStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
|
||||
|
|
|
@ -133,7 +133,7 @@ public class TestJettyOSGiBootHTTP2JDK9
|
|||
|
||||
//set up client to do http2
|
||||
http2Client = new HTTP2Client();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setTrustStorePath(keys.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
|
||||
|
|
|
@ -24,6 +24,7 @@ import java.util.ArrayList;
|
|||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
@ -273,10 +274,10 @@ public class TestOSGiUtil
|
|||
return bundleContext.getAllServiceReferences(service, null);
|
||||
}
|
||||
|
||||
protected static SslContextFactory newSslContextFactory()
|
||||
protected static SslContextFactory newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory(true);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
|
@ -306,7 +307,7 @@ public class TestOSGiUtil
|
|||
}, null, null);
|
||||
|
||||
// now test the servlet
|
||||
HttpClient client = protocol.equals("https") ? new HttpClient(newSslContextFactory()) : new HttpClient();
|
||||
HttpClient client = protocol.equals("https") ? new HttpClient(newClientSslContextFactory()) : new HttpClient();
|
||||
try
|
||||
{
|
||||
client.start();
|
||||
|
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.proxy;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -43,10 +41,11 @@ import org.eclipse.jetty.server.ServerConnector;
|
|||
import org.eclipse.jetty.server.handler.AbstractHandler;
|
||||
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
|
||||
{
|
||||
private SslContextFactory sslContextFactory;
|
||||
|
@ -54,7 +53,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
|
|||
@BeforeEach
|
||||
public void prepare() throws Exception
|
||||
{
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory = new SslContextFactory.Server();
|
||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
sslContextFactory.setKeyStorePath(keyStorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
|
|
|
@ -62,7 +62,7 @@ public class ForwardProxyServerTest
|
|||
// no server SSL
|
||||
SslContextFactory scenario1 = null;
|
||||
// basic server SSL
|
||||
SslContextFactory scenario2 = new SslContextFactory();
|
||||
SslContextFactory scenario2 = new SslContextFactory.Server();
|
||||
scenario2.setKeyStorePath(keyStorePath);
|
||||
scenario2.setKeyStorePassword("storepwd");
|
||||
scenario2.setKeyManagerPassword("keypwd");
|
||||
|
@ -203,7 +203,7 @@ public class ForwardProxyServerTest
|
|||
startProxy();
|
||||
|
||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
SslContextFactory clientSsl = new SslContextFactory();
|
||||
SslContextFactory clientSsl = new SslContextFactory.Client();
|
||||
clientSsl.setKeyStorePath(keyStorePath);
|
||||
clientSsl.setKeyStorePassword("storepwd");
|
||||
clientSsl.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -82,7 +82,7 @@ public class ForwardProxyTLSServerTest
|
|||
// no server SSL
|
||||
SslContextFactory scenario1 = null;
|
||||
// basic server SSL
|
||||
SslContextFactory scenario2 = new SslContextFactory();
|
||||
SslContextFactory scenario2 = new SslContextFactory.Server();
|
||||
scenario2.setKeyStorePath(keyStorePath);
|
||||
scenario2.setKeyStorePassword("storepwd");
|
||||
scenario2.setKeyManagerPassword("keypwd");
|
||||
|
@ -139,22 +139,27 @@ public class ForwardProxyTLSServerTest
|
|||
|
||||
private static SslContextFactory newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
sslContextFactory.setKeyStorePath(keyStorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
return sslContextFactory;
|
||||
|
||||
}
|
||||
|
||||
private static SslContextFactory newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory sslContextFactory = newServerSslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private static void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
sslContextFactory.setKeyStorePath(keyStorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
public void stop() throws Exception
|
||||
{
|
||||
|
@ -629,9 +634,6 @@ public class ForwardProxyTLSServerTest
|
|||
assumeTrue(false, "Environment not able to connect to proxy service");
|
||||
}
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.start();
|
||||
|
||||
HttpClient httpClient = new HttpClient(newClientSslContextFactory());
|
||||
httpClient.getProxyConfiguration().getProxies().add(new HttpProxy(proxyHost, proxyPort));
|
||||
httpClient.start();
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites
|
||||
-->
|
||||
|
||||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
||||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
|
||||
<Set name="Provider"><Property name="jetty.sslContext.provider"/></Set>
|
||||
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="etc/keystore"/></Set>
|
||||
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
||||
|
|
|
@ -53,8 +53,8 @@ public class SslConnectionFactory extends AbstractConnectionFactory
|
|||
public SslConnectionFactory(@Name("sslContextFactory") SslContextFactory factory, @Name("next") String nextProtocol)
|
||||
{
|
||||
super("SSL");
|
||||
_sslContextFactory=factory==null?new SslContextFactory():factory;
|
||||
_nextProtocol=nextProtocol;
|
||||
_sslContextFactory = factory == null ? new SslContextFactory.Server() : factory;
|
||||
_nextProtocol = nextProtocol;
|
||||
addBean(_sslContextFactory);
|
||||
}
|
||||
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -49,6 +44,11 @@ import org.junit.jupiter.api.Tag;
|
|||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class ConnectionOpenCloseTest extends AbstractHttpTest
|
||||
{
|
||||
@Test
|
||||
|
@ -170,7 +170,7 @@ public class ConnectionOpenCloseTest extends AbstractHttpTest
|
|||
@DisabledIfSystemProperty(named = "env", matches = "ci") // TODO: SLOW, needs review
|
||||
public void testSSLOpenRequestClose() throws Exception
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
sslContextFactory.setKeyStoreResource(Resource.newResource(keystore));
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
|
|
|
@ -52,7 +52,7 @@ public class OptionalSslConnectionTest
|
|||
server = new Server(serverThreads);
|
||||
|
||||
String keystore = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
@ -113,7 +113,7 @@ public class OptionalSslConnectionTest
|
|||
}
|
||||
|
||||
// Then try a SSL connection.
|
||||
SslContextFactory sslContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
|
||||
sslContextFactory.start();
|
||||
try (Socket ssl = sslContextFactory.newSslSocket())
|
||||
{
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -62,6 +57,11 @@ import org.junit.jupiter.params.ParameterizedTest;
|
|||
import org.junit.jupiter.params.provider.Arguments;
|
||||
import org.junit.jupiter.params.provider.MethodSource;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class ThreadStarvationTest
|
||||
{
|
||||
final static int BUFFER_SIZE=1024*1024;
|
||||
|
@ -89,7 +89,7 @@ public class ThreadStarvationTest
|
|||
// HTTPS/SSL/TLS
|
||||
ConnectorProvider https = (server, acceptors, selectors) -> {
|
||||
Path keystorePath = MavenTestingUtils.getTestResourcePath("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath.toString());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.handler;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
@ -58,6 +53,11 @@ import org.junit.jupiter.api.AfterEach;
|
|||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
|
||||
public class DebugHandlerTest
|
||||
{
|
||||
public final static HostnameVerifier __hostnameverifier = new HostnameVerifier()
|
||||
|
@ -89,7 +89,7 @@ public class DebugHandlerTest
|
|||
server.addConnector(httpConnector);
|
||||
|
||||
File keystorePath = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.handler;
|
||||
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -55,6 +51,10 @@ import org.junit.jupiter.api.AfterAll;
|
|||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
|
||||
public class SecuredRedirectHandlerTest
|
||||
{
|
||||
private static Server server;
|
||||
|
@ -68,7 +68,7 @@ public class SecuredRedirectHandlerTest
|
|||
{
|
||||
// Setup SSL
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -27,7 +27,6 @@ import java.net.Socket;
|
|||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
@ -37,7 +36,6 @@ import org.eclipse.jetty.server.Server;
|
|||
import org.eclipse.jetty.server.ServerConnector;
|
||||
import org.eclipse.jetty.server.handler.AbstractHandler;
|
||||
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
||||
import org.eclipse.jetty.util.TypeUtil;
|
||||
import org.eclipse.jetty.util.resource.Resource;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
@ -48,7 +46,7 @@ public class SSLCloseTest
|
|||
public void testClose() throws Exception
|
||||
{
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStoreResource(Resource.newResource(keystore));
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -23,12 +23,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -63,6 +57,12 @@ import org.junit.jupiter.api.AfterEach;
|
|||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
|
@ -109,7 +109,7 @@ public class SSLEngineTest
|
|||
public void startServer() throws Exception
|
||||
{
|
||||
String keystore = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -46,6 +43,9 @@ import org.junit.jupiter.api.Test;
|
|||
import org.junit.jupiter.api.condition.DisabledOnJre;
|
||||
import org.junit.jupiter.api.condition.JRE;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
// Only in JDK 11 is possible to use SSLSocket.shutdownOutput().
|
||||
@DisabledOnJre({JRE.JAVA_8, JRE.JAVA_9, JRE.JAVA_10})
|
||||
public class SSLReadEOFAfterResponseTest
|
||||
|
@ -54,7 +54,7 @@ public class SSLReadEOFAfterResponseTest
|
|||
public void testReadEOFAfterResponse() throws Exception
|
||||
{
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStoreResource(Resource.newResource(keystore));
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
|
@ -53,6 +50,9 @@ import org.junit.jupiter.api.AfterAll;
|
|||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
|
||||
public class SSLSelectChannelConnectorLoadTest
|
||||
{
|
||||
private static Server server;
|
||||
|
@ -63,7 +63,7 @@ public class SSLSelectChannelConnectorLoadTest
|
|||
public static void startServer() throws Exception
|
||||
{
|
||||
String keystorePath = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,14 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.isEmptyOrNullString;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.condition.OS.WINDOWS;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -62,11 +54,19 @@ import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
|||
import org.eclipse.jetty.util.log.Log;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.condition.DisabledOnOs;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.isEmptyOrNullString;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.condition.OS.WINDOWS;
|
||||
|
||||
/**
|
||||
* HttpServer Tester.
|
||||
*/
|
||||
|
@ -83,7 +83,7 @@ public class SelectChannelServerSslTest extends HttpServerTestBase
|
|||
public void init() throws Exception
|
||||
{
|
||||
String keystorePath = MavenTestingUtils.getTestResourcePath("keystore").toString();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static java.time.Duration.ofSeconds;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -51,6 +49,8 @@ import org.junit.jupiter.api.Disabled;
|
|||
import org.junit.jupiter.api.Tag;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static java.time.Duration.ofSeconds;
|
||||
|
||||
@Tag("Unstable")
|
||||
@Disabled
|
||||
public class SlowClientsTest
|
||||
|
@ -61,7 +61,7 @@ public class SlowClientsTest
|
|||
public void testSlowClientsWithSmallThreadPool() throws Exception
|
||||
{
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,12 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.startsWith;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
|
@ -70,6 +64,12 @@ import org.junit.jupiter.api.AfterEach;
|
|||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.startsWith;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class SniSslConnectionFactoryTest
|
||||
{
|
||||
private Server _server;
|
||||
|
@ -118,7 +118,7 @@ public class SniSslConnectionFactoryTest
|
|||
if (!keystoreFile.exists())
|
||||
throw new FileNotFoundException(keystoreFile.getAbsolutePath());
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
@ -224,7 +224,7 @@ public class SniSslConnectionFactoryTest
|
|||
{
|
||||
start("src/test/resources/keystore_sni.p12");
|
||||
|
||||
SslContextFactory clientContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
|
||||
clientContextFactory.start();
|
||||
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
|
||||
try (SSLSocket sslSocket = (SSLSocket)factory.createSocket("127.0.0.1", _port))
|
||||
|
@ -282,7 +282,7 @@ public class SniSslConnectionFactoryTest
|
|||
{
|
||||
start("src/test/resources/keystore_sni.p12");
|
||||
|
||||
SslContextFactory clientContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
|
||||
clientContextFactory.start();
|
||||
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
|
||||
try (SSLSocket sslSocket = (SSLSocket)factory.createSocket("127.0.0.1", _port))
|
||||
|
@ -360,7 +360,7 @@ public class SniSslConnectionFactoryTest
|
|||
|
||||
private String getResponse(String sniHost, String reqHost, String cn) throws Exception
|
||||
{
|
||||
SslContextFactory clientContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
|
||||
clientContextFactory.start();
|
||||
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
|
||||
try (SSLSocket sslSocket = (SSLSocket)factory.createSocket("127.0.0.1", _port))
|
||||
|
|
|
@ -18,11 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
|
@ -59,10 +54,14 @@ import org.eclipse.jetty.util.IO;
|
|||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
public class SslConnectionFactoryTest
|
||||
{
|
||||
private Server _server;
|
||||
|
@ -87,7 +86,7 @@ public class SslConnectionFactoryTest
|
|||
https_config.addCustomizer(new SecureRequestCustomizer());
|
||||
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
@ -210,7 +209,7 @@ public class SslConnectionFactoryTest
|
|||
|
||||
private String getResponse(String sniHost, String reqHost, String cn) throws Exception
|
||||
{
|
||||
SslContextFactory clientContextFactory = new SslContextFactory(true);
|
||||
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
|
||||
clientContextFactory.start();
|
||||
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
|
||||
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -56,9 +52,12 @@ import org.eclipse.jetty.util.thread.ScheduledExecutorScheduler;
|
|||
import org.eclipse.jetty.util.thread.Scheduler;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
|
||||
public class SslContextFactoryReloadTest
|
||||
{
|
||||
public static final String KEYSTORE_1 = "src/test/resources/reload_keystore_1.jks";
|
||||
|
@ -72,7 +71,7 @@ public class SslContextFactoryReloadTest
|
|||
{
|
||||
server = new Server();
|
||||
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(KEYSTORE_1);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyStoreType("JKS");
|
||||
|
|
|
@ -45,7 +45,7 @@ public class SslSelectChannelTimeoutTest extends ConnectorTimeoutTest
|
|||
public void init() throws Exception
|
||||
{
|
||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath);
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
@ -64,7 +64,5 @@ public class SslSelectChannelTimeoutTest extends ConnectorTimeoutTest
|
|||
trustManagerFactory.init(keystore);
|
||||
__sslContext = SSLContext.getInstance("SSL");
|
||||
__sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.server.ssl;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.IOException;
|
||||
|
@ -49,6 +46,9 @@ import org.junit.jupiter.api.BeforeAll;
|
|||
import org.junit.jupiter.api.Disabled;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
/**
|
||||
*/
|
||||
public class SslUploadTest
|
||||
|
@ -62,7 +62,7 @@ public class SslUploadTest
|
|||
{
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
|
|
|
@ -18,9 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.servlet;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
@ -48,6 +45,9 @@ import org.junit.jupiter.params.ParameterizedTest;
|
|||
import org.junit.jupiter.params.provider.Arguments;
|
||||
import org.junit.jupiter.params.provider.MethodSource;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class SSLAsyncIOServletTest
|
||||
{
|
||||
public static Stream<Arguments> scenarios()
|
||||
|
@ -221,8 +221,7 @@ public class SSLAsyncIOServletTest
|
|||
Path keystorePath = MavenTestingUtils.getTestResourcePath("keystore.jks");
|
||||
Path truststorePath = MavenTestingUtils.getTestResourcePath("truststore.jks");
|
||||
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("");
|
||||
sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystorePath.toString());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath(truststorePath.toString());
|
||||
|
|
|
@ -86,10 +86,10 @@ import org.eclipse.jetty.util.security.CertificateValidator;
|
|||
import org.eclipse.jetty.util.security.Password;
|
||||
|
||||
/**
|
||||
* SslContextFactory is used to configure SSL connectors
|
||||
* as well as HttpClient. It holds all SSL parameters and
|
||||
* creates SSL context based on these parameters to be
|
||||
* used by the SSL connectors.
|
||||
* <p>SslContextFactory is used to configure SSL parameters
|
||||
* to be used by server and client connectors.</p>
|
||||
* <p>Use {@link Server} to configure server-side connectors,
|
||||
* and {@link Client} to configure HTTP or WebSocket clients.</p>
|
||||
*/
|
||||
@ManagedObject
|
||||
public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
||||
|
@ -198,9 +198,11 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
private HostnameVerifier _hostnameVerifier;
|
||||
|
||||
/**
|
||||
* Construct an instance of SslContextFactory
|
||||
* Default constructor for use in XmlConfiguration files
|
||||
* Construct an instance of SslContextFactory with the default configuration.
|
||||
*
|
||||
* @deprecated use {@link Client#Client()} or {@link Server#Server()} instead
|
||||
*/
|
||||
@Deprecated
|
||||
public SslContextFactory()
|
||||
{
|
||||
this(false);
|
||||
|
@ -212,7 +214,9 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
*
|
||||
* @param trustAll whether to blindly trust all certificates
|
||||
* @see #setTrustAll(boolean)
|
||||
* @deprecated use {@link Client#Client(boolean)} instead
|
||||
*/
|
||||
@Deprecated
|
||||
public SslContextFactory(boolean trustAll)
|
||||
{
|
||||
this(trustAll, null);
|
||||
|
@ -222,7 +226,9 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
* Construct an instance of SslContextFactory
|
||||
*
|
||||
* @param keyStorePath default keystore location
|
||||
* @deprecated use {@link #setKeyStorePath(String)} instead
|
||||
*/
|
||||
@Deprecated
|
||||
public SslContextFactory(String keyStorePath)
|
||||
{
|
||||
this(false, keyStorePath);
|
||||
|
@ -249,21 +255,33 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
{
|
||||
load();
|
||||
}
|
||||
|
||||
secureConfigurationCheck();
|
||||
checkConfiguration();
|
||||
}
|
||||
|
||||
protected void secureConfigurationCheck()
|
||||
protected void checkConfiguration()
|
||||
{
|
||||
if (isTrustAll())
|
||||
LOG_CONFIG.warn("Trusting all certificates configured for {}",this);
|
||||
if (getEndpointIdentificationAlgorithm()==null)
|
||||
LOG_CONFIG.warn("No Client EndPointIdentificationAlgorithm configured for {}",this);
|
||||
|
||||
SSLEngine engine = _factory._context.createSSLEngine();
|
||||
customize(engine);
|
||||
SSLParameters supported = engine.getSSLParameters();
|
||||
|
||||
checkProtocols(supported);
|
||||
checkCiphers(supported);
|
||||
}
|
||||
|
||||
protected void checkTrustAll()
|
||||
{
|
||||
if (isTrustAll())
|
||||
LOG_CONFIG.warn("Trusting all certificates configured for {}", this);
|
||||
}
|
||||
|
||||
protected void checkEndPointIdentificationAlgorithm()
|
||||
{
|
||||
if (getEndpointIdentificationAlgorithm() == null)
|
||||
LOG_CONFIG.warn("No Client EndPointIdentificationAlgorithm configured for {}", this);
|
||||
}
|
||||
|
||||
protected void checkProtocols(SSLParameters supported)
|
||||
{
|
||||
for (String protocol : supported.getProtocols())
|
||||
{
|
||||
for (String excluded : DEFAULT_EXCLUDED_PROTOCOLS)
|
||||
|
@ -272,7 +290,10 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
LOG_CONFIG.warn("Protocol {} not excluded for {}", protocol, this);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected void checkCiphers(SSLParameters supported)
|
||||
{
|
||||
for (String suite : supported.getCipherSuites())
|
||||
{
|
||||
for (String excludedSuiteRegex : DEFAULT_EXCLUDED_CIPHER_SUITES)
|
||||
|
@ -417,9 +438,9 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
getExcludeCipherSuites(),
|
||||
getIncludeCipherSuites()));
|
||||
}
|
||||
catch (NoSuchAlgorithmException ignore)
|
||||
catch (NoSuchAlgorithmException x)
|
||||
{
|
||||
LOG.ignore(ignore);
|
||||
LOG.ignore(x);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -754,8 +775,10 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
/**
|
||||
* @return True if SSL needs client authentication.
|
||||
* @see SSLEngine#getNeedClientAuth()
|
||||
* @deprecated use {@link Server#getNeedClientAuth()} instead
|
||||
*/
|
||||
@ManagedAttribute("Whether client authentication is needed")
|
||||
@Deprecated
|
||||
public boolean getNeedClientAuth()
|
||||
{
|
||||
return _needClientAuth;
|
||||
|
@ -764,7 +787,9 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
/**
|
||||
* @param needClientAuth True if SSL needs client authentication.
|
||||
* @see SSLEngine#getNeedClientAuth()
|
||||
* @deprecated use {@link Server#setNeedClientAuth(boolean)} instead
|
||||
*/
|
||||
@Deprecated
|
||||
public void setNeedClientAuth(boolean needClientAuth)
|
||||
{
|
||||
_needClientAuth = needClientAuth;
|
||||
|
@ -773,8 +798,10 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
/**
|
||||
* @return True if SSL wants client authentication.
|
||||
* @see SSLEngine#getWantClientAuth()
|
||||
* @deprecated use {@link Server#getWantClientAuth()} instead
|
||||
*/
|
||||
@ManagedAttribute("Whether client authentication is wanted")
|
||||
@Deprecated
|
||||
public boolean getWantClientAuth()
|
||||
{
|
||||
return _wantClientAuth;
|
||||
|
@ -783,7 +810,9 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
/**
|
||||
* @param wantClientAuth True if SSL wants client authentication.
|
||||
* @see SSLEngine#getWantClientAuth()
|
||||
* @deprecated use {@link Server#setWantClientAuth(boolean)} instead
|
||||
*/
|
||||
@Deprecated
|
||||
public void setWantClientAuth(boolean wantClientAuth)
|
||||
{
|
||||
_wantClientAuth = wantClientAuth;
|
||||
|
@ -1110,6 +1139,7 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
* Deployments can be vulnerable to a man-in-the-middle attack if a EndpointIndentificationAlgorithm
|
||||
* is not set.
|
||||
* @param endpointIdentificationAlgorithm Set the endpointIdentificationAlgorithm
|
||||
* @see #setHostnameVerifier(HostnameVerifier)
|
||||
*/
|
||||
public void setEndpointIdentificationAlgorithm(String endpointIdentificationAlgorithm)
|
||||
{
|
||||
|
@ -1198,7 +1228,7 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
}
|
||||
|
||||
// Is SNI needed to select a certificate?
|
||||
if (!_certWilds.isEmpty() || _certHosts.size()>1 || _certHosts.size()==1 && _aliasX509.size()>1)
|
||||
if (!_certWilds.isEmpty() || _certHosts.size()>1 || (_certHosts.size()==1 && _aliasX509.size()>1))
|
||||
{
|
||||
for (int idx = 0; idx < managers.length; idx++)
|
||||
{
|
||||
|
@ -1761,10 +1791,14 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
sslParams.setCipherSuites(_selectedCipherSuites);
|
||||
if (_selectedProtocols != null)
|
||||
sslParams.setProtocols(_selectedProtocols);
|
||||
if (getWantClientAuth())
|
||||
sslParams.setWantClientAuth(true);
|
||||
if (getNeedClientAuth())
|
||||
sslParams.setNeedClientAuth(true);
|
||||
if (this instanceof Server)
|
||||
{
|
||||
Server server = (Server)this;
|
||||
if (server.getWantClientAuth())
|
||||
sslParams.setWantClientAuth(true);
|
||||
if (server.getNeedClientAuth())
|
||||
sslParams.setNeedClientAuth(true);
|
||||
}
|
||||
return sslParams;
|
||||
}
|
||||
|
||||
|
@ -1792,7 +1826,7 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
|
||||
for (int i = 0; i < length; i++)
|
||||
{
|
||||
byte bytes[] = javaxCerts[i].getEncoded();
|
||||
byte[] bytes = javaxCerts[i].getEncoded();
|
||||
ByteArrayInputStream stream = new ByteArrayInputStream(bytes);
|
||||
javaCerts[i] = (X509Certificate)cf.generateCertificate(stream);
|
||||
}
|
||||
|
@ -1953,4 +1987,56 @@ public class SslContextFactory extends AbstractLifeCycle implements Dumpable
|
|||
return _x509;
|
||||
}
|
||||
}
|
||||
|
||||
public static class Client extends SslContextFactory
|
||||
{
|
||||
public Client()
|
||||
{
|
||||
this(false);
|
||||
}
|
||||
|
||||
public Client(boolean trustAll)
|
||||
{
|
||||
super(trustAll);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void checkConfiguration()
|
||||
{
|
||||
checkTrustAll();
|
||||
checkEndPointIdentificationAlgorithm();
|
||||
super.checkConfiguration();
|
||||
}
|
||||
}
|
||||
|
||||
public static class Server extends SslContextFactory
|
||||
{
|
||||
public Server()
|
||||
{
|
||||
setEndpointIdentificationAlgorithm(null);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getWantClientAuth()
|
||||
{
|
||||
return super.getWantClientAuth();
|
||||
}
|
||||
|
||||
public void setWantClientAuth(boolean wantClientAuth)
|
||||
{
|
||||
super.setWantClientAuth(wantClientAuth);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean getNeedClientAuth()
|
||||
{
|
||||
return super.getNeedClientAuth();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setNeedClientAuth(boolean needClientAuth)
|
||||
{
|
||||
super.setNeedClientAuth(needClientAuth);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,21 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.util.ssl;
|
||||
|
||||
import static org.eclipse.jetty.toolchain.test.matchers.RegexMatcher.matchesPattern;
|
||||
import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.hasItem;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.KeyStore;
|
||||
|
@ -50,6 +35,22 @@ import org.eclipse.jetty.util.resource.Resource;
|
|||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.eclipse.jetty.toolchain.test.matchers.RegexMatcher.matchesPattern;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsInAnyOrder;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.hamcrest.Matchers.equalTo;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.hasItem;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.not;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class SslContextFactoryTest
|
||||
{
|
||||
private SslContextFactory cf;
|
||||
|
@ -57,7 +58,7 @@ public class SslContextFactoryTest
|
|||
@BeforeEach
|
||||
public void setUp() throws Exception
|
||||
{
|
||||
cf = new SslContextFactory();
|
||||
cf = new SslContextFactory.Server();
|
||||
|
||||
java.security.cert.CertPathBuilder certPathBuilder = java.security.cert.CertPathBuilder.getInstance("PKIX");
|
||||
java.security.cert.PKIXRevocationChecker revocationChecker = (java.security.cert.PKIXRevocationChecker)certPathBuilder.getRevocationChecker();
|
||||
|
@ -325,18 +326,36 @@ public class SslContextFactoryTest
|
|||
@Test
|
||||
public void testNonDefaultKeyStoreTypeUsedForTrustStore() throws Exception
|
||||
{
|
||||
cf = new SslContextFactory();
|
||||
cf = new SslContextFactory.Server();
|
||||
cf.setKeyStoreResource(Resource.newSystemResource("keystore.p12"));
|
||||
cf.setKeyStoreType("pkcs12");
|
||||
cf.setKeyStorePassword("storepwd");
|
||||
cf.start();
|
||||
cf.stop();
|
||||
|
||||
cf = new SslContextFactory();
|
||||
cf = new SslContextFactory.Server();
|
||||
cf.setKeyStoreResource(Resource.newSystemResource("keystore.jce"));
|
||||
cf.setKeyStoreType("jceks");
|
||||
cf.setKeyStorePassword("storepwd");
|
||||
cf.start();
|
||||
cf.stop();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testClientSslContextFactory() throws Exception
|
||||
{
|
||||
cf = new SslContextFactory.Client();
|
||||
cf.start();
|
||||
|
||||
assertEquals("HTTPS", cf.getEndpointIdentificationAlgorithm());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testServerSslContextFactory() throws Exception
|
||||
{
|
||||
cf = new SslContextFactory.Server();
|
||||
cf.start();
|
||||
|
||||
assertNull(cf.getEndpointIdentificationAlgorithm());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -44,7 +44,7 @@ class DefaultHttpClientProvider
|
|||
|
||||
if (sslContextFactory == null)
|
||||
{
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory = new SslContextFactory.Client();
|
||||
sslContextFactory.setTrustAll(false);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm("HTTPS");
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
<Configure class="org.eclipse.jetty.client.HttpClient">
|
||||
<Arg>
|
||||
<New class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
||||
<New class="org.eclipse.jetty.util.ssl.SslContextFactory$Client">
|
||||
<Set name="trustAll" type="java.lang.Boolean">false</Set>
|
||||
<Call name="addExcludeProtocols">
|
||||
<Arg>
|
||||
|
@ -20,4 +20,4 @@
|
|||
<Set name="name">XmlBasedClient@</Set>
|
||||
</New>
|
||||
</Set>
|
||||
</Configure>
|
||||
</Configure>
|
||||
|
|
|
@ -48,8 +48,7 @@ public class SimpleContainerScope extends ContainerLifeCycle implements WebSocke
|
|||
|
||||
public SimpleContainerScope(WebSocketPolicy policy)
|
||||
{
|
||||
this(policy, new MappedByteBufferPool(), new DecoratedObjectFactory());
|
||||
this.sslContextFactory = new SslContextFactory();
|
||||
this(policy, new MappedByteBufferPool());
|
||||
}
|
||||
|
||||
public SimpleContainerScope(WebSocketPolicy policy, ByteBufferPool bufferPool)
|
||||
|
@ -59,7 +58,7 @@ public class SimpleContainerScope extends ContainerLifeCycle implements WebSocke
|
|||
|
||||
public SimpleContainerScope(WebSocketPolicy policy, ByteBufferPool bufferPool, DecoratedObjectFactory objectFactory)
|
||||
{
|
||||
this(policy, bufferPool, (Executor) null, objectFactory);
|
||||
this(policy, bufferPool, null, objectFactory);
|
||||
}
|
||||
|
||||
public SimpleContainerScope(WebSocketPolicy policy, ByteBufferPool bufferPool, Executor executor, DecoratedObjectFactory objectFactory)
|
||||
|
@ -83,9 +82,9 @@ public class SimpleContainerScope extends ContainerLifeCycle implements WebSocke
|
|||
this.objectFactory = objectFactory;
|
||||
}
|
||||
|
||||
if(ssl == null)
|
||||
if (ssl == null)
|
||||
{
|
||||
this.sslContextFactory = new SslContextFactory();
|
||||
this.sslContextFactory = new SslContextFactory.Server();
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -18,10 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.websocket.server;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.notNullValue;
|
||||
|
||||
import java.net.URI;
|
||||
import java.util.concurrent.Future;
|
||||
|
||||
|
@ -48,6 +44,10 @@ import org.junit.jupiter.api.AfterAll;
|
|||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.hamcrest.Matchers.notNullValue;
|
||||
|
||||
public class RedirectWebSocketClientTest
|
||||
{
|
||||
public static Server server;
|
||||
|
@ -114,7 +114,7 @@ public class RedirectWebSocketClientTest
|
|||
|
||||
private static SslContextFactory newSslContextFactory()
|
||||
{
|
||||
SslContextFactory ssl = new SslContextFactory();
|
||||
SslContextFactory ssl = new SslContextFactory.Server();
|
||||
ssl.setKeyStorePath(MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath());
|
||||
ssl.setKeyStorePassword("storepwd");
|
||||
ssl.setKeyManagerPassword("keypwd");
|
||||
|
@ -124,7 +124,10 @@ public class RedirectWebSocketClientTest
|
|||
@Test
|
||||
public void testRedirect() throws Exception
|
||||
{
|
||||
SslContextFactory ssl = newSslContextFactory();
|
||||
SslContextFactory ssl = new SslContextFactory.Client();
|
||||
ssl.setKeyStorePath(MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath());
|
||||
ssl.setKeyStorePassword("storepwd");
|
||||
ssl.setKeyManagerPassword("keypwd");
|
||||
ssl.setTrustAll(false);
|
||||
ssl.setEndpointIdentificationAlgorithm(null);
|
||||
HttpClient httpClient = new HttpClient(ssl);
|
||||
|
@ -149,7 +152,7 @@ public class RedirectWebSocketClientTest
|
|||
}
|
||||
|
||||
@WebSocket
|
||||
public static class EmptyWebSocket {
|
||||
|
||||
public static class EmptyWebSocket
|
||||
{
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
package org.eclipse.jetty.websocket.server;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import javax.servlet.http.HttpServlet;
|
||||
|
||||
import org.eclipse.jetty.http.HttpVersion;
|
||||
|
@ -87,11 +88,10 @@ public class SimpleServletServer
|
|||
http_config.setSendServerVersion(true);
|
||||
http_config.setSendDateHeader(false);
|
||||
|
||||
sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
|
||||
// SSL HTTP Configuration
|
||||
HttpConfiguration https_config = new HttpConfiguration(http_config);
|
||||
|
|
|
@ -65,7 +65,7 @@ public class HttpChannelAssociationTest extends AbstractTest<TransportScenario>
|
|||
init(transport);
|
||||
scenario.startServer(new EmptyServerHandler());
|
||||
|
||||
scenario.client = new HttpClient(newHttpClientTransport(scenario, exchange -> false), scenario.sslContextFactory);
|
||||
scenario.client = new HttpClient(newHttpClientTransport(scenario, exchange -> false), scenario.newClientSslContextFactory());
|
||||
QueuedThreadPool clientThreads = new QueuedThreadPool();
|
||||
clientThreads.setName("client");
|
||||
scenario.client.setExecutor(clientThreads);
|
||||
|
@ -90,8 +90,7 @@ public class HttpChannelAssociationTest extends AbstractTest<TransportScenario>
|
|||
scenario.startServer(new EmptyServerHandler());
|
||||
|
||||
long idleTimeout = 1000;
|
||||
SslContextFactory sslContextFactory = scenario.newSslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
SslContextFactory sslContextFactory = scenario.newClientSslContextFactory();
|
||||
scenario.client = new HttpClient(newHttpClientTransport(scenario, exchange ->
|
||||
{
|
||||
// We idle timeout just before the association,
|
||||
|
|
|
@ -18,15 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.http.client;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.InterruptedIOException;
|
||||
|
@ -63,6 +54,15 @@ import org.junit.jupiter.api.Assumptions;
|
|||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.ArgumentsSource;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.containsString;
|
||||
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
|
||||
public class HttpClientTest extends AbstractTest<TransportScenario>
|
||||
{
|
||||
@Override
|
||||
|
@ -343,7 +343,9 @@ public class HttpClientTest extends AbstractTest<TransportScenario>
|
|||
scenario.startServer(new EmptyServerHandler());
|
||||
|
||||
// Use a default SslContextFactory, requests should fail because the server certificate is unknown.
|
||||
scenario.client = scenario.newHttpClient(scenario.provideClientTransport(), new SslContextFactory());
|
||||
SslContextFactory.Client clientTLS = scenario.newClientSslContextFactory();
|
||||
clientTLS.setEndpointIdentificationAlgorithm("HTTPS");
|
||||
scenario.client = scenario.newHttpClient(scenario.provideClientTransport(), clientTLS);
|
||||
QueuedThreadPool clientThreads = new QueuedThreadPool();
|
||||
clientThreads.setName("client");
|
||||
scenario.client.setExecutor(clientThreads);
|
||||
|
|
|
@ -251,8 +251,7 @@ public class HttpClientTimeoutTest extends AbstractTest<TransportScenario>
|
|||
scenario.startServer(new TimeoutHandler(2 * timeout));
|
||||
|
||||
AtomicBoolean sslIdle = new AtomicBoolean();
|
||||
SslContextFactory sslContextFactory = scenario.newSslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
SslContextFactory sslContextFactory = scenario.newClientSslContextFactory();
|
||||
scenario.client = new HttpClient(scenario.provideClientTransport(), sslContextFactory)
|
||||
{
|
||||
@Override
|
||||
|
|
|
@ -298,8 +298,7 @@ public class TransportScenario
|
|||
QueuedThreadPool clientThreads = new QueuedThreadPool();
|
||||
clientThreads.setName("client");
|
||||
clientThreads.setDetailedDump(true);
|
||||
SslContextFactory sslContextFactory = newSslContextFactory();
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
SslContextFactory sslContextFactory = newClientSslContextFactory();
|
||||
client = newHttpClient(provideClientTransport(transport), sslContextFactory);
|
||||
client.setExecutor(clientThreads);
|
||||
client.setSocketAddressResolver(new SocketAddressResolver.Sync());
|
||||
|
@ -324,7 +323,7 @@ public class TransportScenario
|
|||
|
||||
public void startServer(Handler handler) throws Exception
|
||||
{
|
||||
sslContextFactory = newSslContextFactory();
|
||||
sslContextFactory = newServerSslContextFactory();
|
||||
QueuedThreadPool serverThreads = new QueuedThreadPool();
|
||||
serverThreads.setName("server");
|
||||
serverThreads.setDetailedDump(true);
|
||||
|
@ -352,16 +351,29 @@ public class TransportScenario
|
|||
}
|
||||
}
|
||||
|
||||
protected SslContextFactory newSslContextFactory()
|
||||
protected SslContextFactory.Server newServerSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
protected SslContextFactory.Client newClientSslContextFactory()
|
||||
{
|
||||
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
|
||||
configureSslContextFactory(sslContextFactory);
|
||||
sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
private void configureSslContextFactory(SslContextFactory sslContextFactory)
|
||||
{
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
|
||||
sslContextFactory.setTrustStorePassword("storepwd");
|
||||
sslContextFactory.setUseCipherSuitesOrder(true);
|
||||
sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR);
|
||||
return sslContextFactory;
|
||||
}
|
||||
|
||||
public void stopClient() throws Exception
|
||||
|
|
|
@ -101,11 +101,10 @@ public class HttpInputIntegrationTest
|
|||
|
||||
// SSL Context Factory for HTTPS and HTTP/2
|
||||
String jetty_distro = System.getProperty("jetty.distro","../../jetty-distribution/target/distribution");
|
||||
__sslContextFactory = new SslContextFactory();
|
||||
__sslContextFactory = new SslContextFactory.Server();
|
||||
__sslContextFactory.setKeyStorePath(jetty_distro + "/../../../jetty-server/src/test/config/etc/keystore");
|
||||
__sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
__sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
__sslContextFactory.setEndpointIdentificationAlgorithm(null);
|
||||
|
||||
// HTTPS Configuration
|
||||
__sslConfig = new HttpConfiguration(__config);
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
|
||||
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
|
||||
<Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.sslContext.keyStorePath" default="keystore"/></Set>
|
||||
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
||||
<Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" default="OBF:1u2u1wml1z7s1z7a1wnl1u2g"/></Set>
|
||||
<Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.sslContext.trustStorePath" default="keystore"/></Set>
|
||||
<Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
|
||||
<Set name="EndpointIdentificationAlgorithm"></Set>
|
||||
<Set name="ExcludeCipherSuites">
|
||||
<Array type="String">
|
||||
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
|
||||
|
|
|
@ -54,7 +54,7 @@ public class HTTP1Servlet extends HttpServlet
|
|||
{
|
||||
try
|
||||
{
|
||||
sslContextFactory = new SslContextFactory(true);
|
||||
sslContextFactory = new SslContextFactory.Client(true);
|
||||
http2Client = new HTTP2Client();
|
||||
http2Client.addBean(sslContextFactory);
|
||||
http2Client.start();
|
||||
|
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.eclipse.jetty.test.webapp;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
|
||||
|
@ -36,9 +34,10 @@ import org.eclipse.jetty.server.ServerConnector;
|
|||
import org.eclipse.jetty.server.SslConnectionFactory;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.eclipse.jetty.webapp.WebAppContext;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
|
||||
public class HTTP2FromWebAppIT
|
||||
{
|
||||
@Test
|
||||
|
@ -46,7 +45,7 @@ public class HTTP2FromWebAppIT
|
|||
{
|
||||
Server server = new Server();
|
||||
|
||||
SslContextFactory serverTLS = new SslContextFactory();
|
||||
SslContextFactory serverTLS = new SslContextFactory.Server();
|
||||
serverTLS.setKeyStorePath("src/test/resources/keystore.jks");
|
||||
serverTLS.setKeyStorePassword("storepwd");
|
||||
serverTLS.setCipherComparator(new HTTP2Cipher.CipherComparator());
|
||||
|
@ -71,7 +70,7 @@ public class HTTP2FromWebAppIT
|
|||
|
||||
try
|
||||
{
|
||||
SslContextFactory clientTLS = new SslContextFactory(true);
|
||||
SslContextFactory clientTLS = new SslContextFactory.Client(true);
|
||||
HttpClient client = new HttpClient(clientTLS);
|
||||
client.start();
|
||||
|
||||
|
|
|
@ -82,7 +82,7 @@ public class TestTransparentProxyServer
|
|||
|
||||
|
||||
// SSL configurations
|
||||
SslContextFactory sslContextFactory = new SslContextFactory();
|
||||
SslContextFactory sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
|
||||
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||
|
@ -136,5 +136,4 @@ public class TestTransparentProxyServer
|
|||
server.start();
|
||||
server.join();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue