Merge branch 'master' into rest_headers

Original commit: elastic/x-pack-elasticsearch@b0d14d60e4
2016-07-14 19:04:09 -07:00 · 2016-07-14 19:04:09 -07:00 · 5d42de803c
parent 0c81f1b6ad 496e112c5e
commit 5d42de803c
45 changed files with 251 additions and 270 deletions
--- a/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestMonitoringWithSecurityIT.java
+++ b/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestMonitoringWithSecurityIT.java
@ -13,9 +13,8 @@ import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.junit.annotations.Network;
 import org.elasticsearch.xpack.security.Security;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.test.ESIntegTestCase;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.junit.After;
@ -62,7 +61,7 @@ public class SmokeTestMonitoringWithSecurityIT extends ESIntegTestCase {
    protected Settings externalClusterClientSettings() {
        return Settings.builder()
                .put(Security.USER_SETTING.getKey(), USER + ":" + PASS)
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.keystore.path", clientKeyStore)
                .put("xpack.security.ssl.keystore.password", KEYSTORE_PASS)
                .put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME)
--- a/elasticsearch/x-pack/build.gradle
+++ b/elasticsearch/x-pack/build.gradle
@ -27,7 +27,7 @@ dependencies {
  testCompile project(':x-plugins:elasticsearch:license:licensor')
  // security deps
-  compile project(path: ':modules:transport-netty', configuration: 'runtime')
+  compile project(path: ':modules:transport-netty3', configuration: 'runtime')
  compile 'dk.brics.automaton:automaton:1.11-8'
  compile 'com.unboundid:unboundid-ldapsdk:2.3.8'
  compile 'org.bouncycastle:bcprov-jdk15on:1.54'
--- a/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java
+++ b/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java
@ -25,7 +25,7 @@ import org.elasticsearch.license.plugin.core.LicensesService;
 import org.elasticsearch.license.plugin.core.LicensesStatus;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.XPackPlugin;
 import java.util.Arrays;
@ -60,7 +60,7 @@ public class LicensesServiceClusterTests extends AbstractLicensesIntegrationTest
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
-        return Arrays.asList(XPackPlugin.class, MockNettyPlugin.class);
+        return Arrays.asList(XPackPlugin.class, MockNetty3Plugin.class);
    }
    @Override
--- a/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/agent/resolver/MonitoringIndexNameResolverTestCase.java
+++ b/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/agent/resolver/MonitoringIndexNameResolverTestCase.java
@ -123,6 +123,8 @@ public abstract class MonitoringIndexNameResolverTestCase<M extends MonitoringDo
    }
    @SuppressWarnings("unchecked")
    // norelease
    @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/2825;https://github.com/elastic/x-plugins/issues/2826")
    public void testSource() throws IOException {
        MonitoringIndexNameResolver resolver = newResolver();
        BytesReference source = resolver.source(newMonitoringDoc(), randomFrom(XContentType.values()));
--- a/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/agent/settings/MonitoringSettingsTests.java
+++ b/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/agent/settings/MonitoringSettingsTests.java
@ -12,7 +12,7 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.ESIntegTestCase;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.monitoring.MonitoringSettings;
 import org.elasticsearch.xpack.monitoring.agent.AgentService;
 import org.elasticsearch.xpack.monitoring.test.MonitoringIntegTestCase;
@ -51,7 +51,7 @@ public class MonitoringSettingsTests extends MonitoringIntegTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/security/MonitoringSettingsFilterTests.java
+++ b/elasticsearch/x-pack/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/security/MonitoringSettingsFilterTests.java
@ -12,7 +12,7 @@ import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.xcontent.json.JsonXContent;
 import org.elasticsearch.plugins.Plugin;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.monitoring.MonitoringSettings;
 import org.elasticsearch.xpack.monitoring.test.MonitoringIntegTestCase;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
@ -49,7 +49,7 @@ public class MonitoringSettingsFilterTests extends MonitoringIntegTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/Security.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/Security.java
@ -94,8 +94,8 @@ import org.elasticsearch.xpack.security.transport.SecurityClientTransportService
 import org.elasticsearch.xpack.security.transport.SecurityServerTransportService;
 import org.elasticsearch.xpack.security.transport.SecurityTransportModule;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.xpack.security.user.AnonymousUser;
 import org.joda.time.DateTime;
 import org.joda.time.DateTimeZone;
@ -202,7 +202,7 @@ public class Security implements ActionPlugin {
        settingsBuilder.put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME);
        settingsBuilder.put(NetworkModule.TRANSPORT_SERVICE_TYPE_KEY, Security.NAME);
        settingsBuilder.put(NetworkModule.HTTP_TYPE_SETTING.getKey(), Security.NAME);
-        SecurityNettyHttpServerTransport.overrideSettings(settingsBuilder, settings);
+        SecurityNetty3HttpServerTransport.overrideSettings(settingsBuilder, settings);
        addUserSettings(settings, settingsBuilder);
        addTribeSettings(settings, settingsBuilder);
        return settingsBuilder.build();
@ -218,7 +218,7 @@ public class Security implements ActionPlugin {
        SSLConfiguration.Global.addSettings(settingsList);
        // transport settings
-        SecurityNettyTransport.addSettings(settingsList);
+        SecurityNetty3Transport.addSettings(settingsList);
        if (transportClientMode) {
            return settingsList;
@ -243,7 +243,7 @@ public class Security implements ActionPlugin {
        InternalAuthorizationService.addSettings(settingsList);
        // HTTP settings
-        SecurityNettyHttpServerTransport.addSettings(settingsList);
+        SecurityNetty3HttpServerTransport.addSettings(settingsList);
        // encryption settings
        CryptoService.addSettings(settingsList);
@ -345,16 +345,16 @@ public class Security implements ActionPlugin {
        if (transportClientMode) {
            if (enabled) {
-                module.registerTransport(Security.NAME, SecurityNettyTransport.class);
+                module.registerTransport(Security.NAME, SecurityNetty3Transport.class);
                module.registerTransportService(Security.NAME, SecurityClientTransportService.class);
            }
            return;
        }
        if (enabled) {
-            module.registerTransport(Security.NAME, SecurityNettyTransport.class);
+            module.registerTransport(Security.NAME, SecurityNetty3Transport.class);
            module.registerTransportService(Security.NAME, SecurityServerTransportService.class);
-            module.registerHttpTransport(Security.NAME, SecurityNettyHttpServerTransport.class);
+            module.registerHttpTransport(Security.NAME, SecurityNetty3HttpServerTransport.class);
        }
    }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/SecurityFeatureSet.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/SecurityFeatureSet.java
@ -21,8 +21,8 @@ import org.elasticsearch.xpack.XPackFeatureSet;
 import org.elasticsearch.xpack.security.authz.store.RolesStore;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import java.io.IOException;
 import java.util.ArrayList;
@ -122,8 +122,8 @@ public class SecurityFeatureSet implements XPackFeatureSet {
    static Map<String, Object> sslUsage(Settings settings) {
        Map<String, Object> map = new HashMap<>(2);
-        map.put("http", Collections.singletonMap("enabled", SecurityNettyHttpServerTransport.SSL_SETTING.get(settings)));
+        map.put("http", Collections.singletonMap("enabled", SecurityNetty3HttpServerTransport.SSL_SETTING.get(settings)));
-        map.put("transport", Collections.singletonMap("enabled", SecurityNettyTransport.SSL_SETTING.get(settings)));
+        map.put("transport", Collections.singletonMap("enabled", SecurityNetty3Transport.SSL_SETTING.get(settings)));
        return map;
    }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authc/pki/PkiRealm.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authc/pki/PkiRealm.java
@ -18,8 +18,8 @@ import org.elasticsearch.xpack.security.authc.Realm;
 import org.elasticsearch.xpack.security.authc.RealmConfig;
 import org.elasticsearch.xpack.security.authc.support.DnRoleMapper;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.watcher.ResourceWatcherService;
 import javax.net.ssl.TrustManager;
@ -195,16 +195,16 @@ public class PkiRealm extends Realm<X509AuthenticationToken> {
    static void checkSSLEnabled(RealmConfig config, ESLogger logger) {
        Settings settings = config.globalSettings();
-        final boolean httpSsl = SecurityNettyHttpServerTransport.SSL_SETTING.get(settings);
+        final boolean httpSsl = SecurityNetty3HttpServerTransport.SSL_SETTING.get(settings);
-        final boolean httpClientAuth = SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.get(settings).enabled();
+        final boolean httpClientAuth = SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.get(settings).enabled();
        // HTTP
        if (httpSsl && httpClientAuth) {
            return;
        }
        // Default Transport
-        final boolean ssl = SecurityNettyTransport.SSL_SETTING.get(settings);
+        final boolean ssl = SecurityNetty3Transport.SSL_SETTING.get(settings);
-        final SSLClientAuth clientAuth = SecurityNettyTransport.CLIENT_AUTH_SETTING.get(settings);
+        final SSLClientAuth clientAuth = SecurityNetty3Transport.CLIENT_AUTH_SETTING.get(settings);
        if (ssl && clientAuth.enabled()) {
            return;
        }
@ -213,8 +213,8 @@ public class PkiRealm extends Realm<X509AuthenticationToken> {
        Map<String, Settings> groupedSettings = settings.getGroups("transport.profiles.");
        for (Map.Entry<String, Settings> entry : groupedSettings.entrySet()) {
            Settings profileSettings = entry.getValue().getByPrefix(Security.settingPrefix());
-            if (SecurityNettyTransport.profileSsl(profileSettings, settings)
+            if (SecurityNetty3Transport.profileSsl(profileSettings, settings)
-                    && SecurityNettyTransport.CLIENT_AUTH_SETTING.get(profileSettings, settings).enabled()) {
+                    && SecurityNetty3Transport.CLIENT_AUTH_SETTING.get(profileSettings, settings).enabled()) {
                return;
            }
        }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/SecurityRestFilter.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/SecurityRestFilter.java
@ -11,7 +11,7 @@ import org.elasticsearch.common.logging.ESLogger;
 import org.elasticsearch.common.logging.Loggers;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.util.concurrent.ThreadContext;
-import org.elasticsearch.http.netty.NettyHttpRequest;
+import org.elasticsearch.http.netty3.Netty3HttpRequest;
 import org.elasticsearch.rest.RestChannel;
 import org.elasticsearch.rest.RestController;
 import org.elasticsearch.rest.RestFilter;
@ -20,7 +20,7 @@ import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.xpack.security.authc.AuthenticationService;
 import org.elasticsearch.xpack.security.authc.pki.PkiRealm;
 import org.elasticsearch.xpack.security.SecurityLicenseState;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
 import org.elasticsearch.threadpool.ThreadPool;
 import org.jboss.netty.handler.ssl.SslHandler;
@ -46,8 +46,8 @@ public class SecurityRestFilter extends RestFilter {
        this.licenseState = licenseState;
        this.threadContext = threadPool.getThreadContext();
        controller.registerFilter(this);
-        boolean ssl = SecurityNettyHttpServerTransport.SSL_SETTING.get(settings);
+        boolean ssl = SecurityNetty3HttpServerTransport.SSL_SETTING.get(settings);
-        extractClientCertificate = ssl && SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.get(settings).enabled();
+        extractClientCertificate = ssl && SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.get(settings).enabled();
        logger = Loggers.getLogger(getClass(), settings);
    }
@ -75,8 +75,8 @@ public class SecurityRestFilter extends RestFilter {
    }
    static void putClientCertificateInContext(RestRequest request, ThreadContext threadContext, ESLogger logger) throws Exception {
-        assert request instanceof NettyHttpRequest;
+        assert request instanceof Netty3HttpRequest;
-        NettyHttpRequest nettyHttpRequest = (NettyHttpRequest) request;
+        Netty3HttpRequest nettyHttpRequest = (Netty3HttpRequest) request;
        SslHandler handler = nettyHttpRequest.getChannel().getPipeline().get(SslHandler.class);
        assert handler != null;
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportService.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportService.java
@ -15,7 +15,7 @@ import org.elasticsearch.xpack.security.authz.AuthorizationService;
 import org.elasticsearch.xpack.security.authz.AuthorizationUtils;
 import org.elasticsearch.xpack.security.authz.accesscontrol.RequestContext;
 import org.elasticsearch.xpack.security.SecurityLicenseState;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.tasks.Task;
 import org.elasticsearch.threadpool.ThreadPool;
 import org.elasticsearch.transport.Transport;
@ -34,9 +34,9 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.function.Supplier;
-import static org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport.CLIENT_AUTH_SETTING;
+import static org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport.CLIENT_AUTH_SETTING;
-import static org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport.PROFILE_CLIENT_AUTH_SETTING;
+import static org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport.PROFILE_CLIENT_AUTH_SETTING;
-import static org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport.SSL_SETTING;
+import static org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport.SSL_SETTING;
 public class SecurityServerTransportService extends TransportService {
@ -110,7 +110,7 @@ public class SecurityServerTransportService extends TransportService {
    }
    protected Map<String, ServerTransportFilter> initializeProfileFilters() {
-        if (!(transport instanceof SecurityNettyTransport)) {
+        if (!(transport instanceof SecurityNetty3Transport)) {
            return Collections.<String, ServerTransportFilter>singletonMap(TransportSettings.DEFAULT_PROFILE,
                    new ServerTransportFilter.NodeProfile(authcService, authzService, actionMapper, threadPool.getThreadContext(), false));
        }
@ -120,7 +120,7 @@ public class SecurityServerTransportService extends TransportService {
        for (Map.Entry<String, Settings> entry : profileSettingsMap.entrySet()) {
            Settings profileSettings = entry.getValue();
-            final boolean profileSsl = SecurityNettyTransport.profileSsl(profileSettings, settings);
+            final boolean profileSsl = SecurityNetty3Transport.profileSsl(profileSettings, settings);
            final boolean clientAuth = PROFILE_CLIENT_AUTH_SETTING.get(profileSettings, settings).enabled();
            final boolean extractClientCert = profileSsl && clientAuth;
            String type = entry.getValue().get(SETTING_NAME, "node");
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/HandshakeWaitingHandler.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/HandshakeWaitingHandler.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.logging.ESLogger;
 import org.jboss.netty.channel.ChannelFuture;
@ -27,7 +27,7 @@ import java.util.Queue;
 * itself from the pipeline.
 *
 * NOTE: This class assumes that the transport will not use a closed channel again or attempt to reconnect, which
- * is the way that NettyTransport currently works
+ * is the way that Netty3Transport currently works
 */
 public class HandshakeWaitingHandler extends SimpleChannelHandler {
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/IPFilterNetty3UpstreamHandler.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/IPFilterNetty3UpstreamHandler.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
 import org.jboss.netty.channel.ChannelEvent;
@ -17,12 +17,12 @@ import java.net.InetSocketAddress;
 *
 */
@ChannelHandler.Sharable
-public class IPFilterNettyUpstreamHandler extends IpFilteringHandlerImpl {
+public class IPFilterNetty3UpstreamHandler extends IpFilteringHandlerImpl {
    private final IPFilter filter;
    private final String profile;
-    public IPFilterNettyUpstreamHandler(IPFilter filter, String profile) {
+    public IPFilterNetty3UpstreamHandler(IPFilter filter, String profile) {
        this.filter = filter;
        this.profile = profile;
    }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3HttpServerTransport.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3HttpServerTransport.java
@ -3,17 +3,15 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.network.NetworkService;
 import org.elasticsearch.common.settings.Setting;
 import org.elasticsearch.common.settings.Setting.Property;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.settings.SettingsModule;
 import org.elasticsearch.common.util.BigArrays;
-import org.elasticsearch.http.netty.NettyHttpServerTransport;
+import org.elasticsearch.http.netty3.Netty3HttpServerTransport;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 import org.elasticsearch.xpack.security.ssl.ServerSSLService;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
@ -26,7 +24,6 @@ import org.jboss.netty.handler.ssl.SslHandler;
 import javax.net.ssl.SSLEngine;
 import java.util.Collections;
 import java.util.List;
 import static org.elasticsearch.http.HttpTransportSettings.SETTING_HTTP_COMPRESSION;
@ -37,7 +34,7 @@ import static org.elasticsearch.xpack.security.transport.SSLExceptionHelper.isNo
 /**
 *
 */
-public class SecurityNettyHttpServerTransport extends NettyHttpServerTransport {
+public class SecurityNetty3HttpServerTransport extends Netty3HttpServerTransport {
    public static final boolean SSL_DEFAULT = false;
    public static final String CLIENT_AUTH_DEFAULT = SSLClientAuth.NO.name();
@ -55,7 +52,7 @@ public class SecurityNettyHttpServerTransport extends NettyHttpServerTransport {
    private final Settings sslSettings;
    @Inject
-    public SecurityNettyHttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays, IPFilter ipFilter,
+    public SecurityNetty3HttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays, IPFilter ipFilter,
                                             ServerSSLService sslService, ThreadPool threadPool) {
        super(settings, networkService, bigArrays, threadPool);
        this.ipFilter = ipFilter;
@ -109,7 +106,7 @@ public class SecurityNettyHttpServerTransport extends NettyHttpServerTransport {
        private final SSLClientAuth clientAuth;
-        public HttpSslChannelPipelineFactory(NettyHttpServerTransport transport) {
+        public HttpSslChannelPipelineFactory(Netty3HttpServerTransport transport) {
            super(transport, detailedErrorsEnabled, threadPool.getThreadContext());
            clientAuth = CLIENT_AUTH_SETTING.get(settings);
        }
@ -124,7 +121,7 @@ public class SecurityNettyHttpServerTransport extends NettyHttpServerTransport {
                pipeline.addFirst("ssl", new SslHandler(engine));
            }
-            pipeline.addFirst("ipfilter", new IPFilterNettyUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME));
+            pipeline.addFirst("ipfilter", new IPFilterNetty3UpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME));
            return pipeline;
        }
    }
--- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3Transport.java
+++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3Transport.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.SuppressForbidden;
 import org.elasticsearch.common.inject.Inject;
@ -20,7 +20,7 @@ import org.elasticsearch.xpack.security.ssl.ServerSSLService;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
 import org.elasticsearch.threadpool.ThreadPool;
-import org.elasticsearch.transport.netty.NettyTransport;
+import org.elasticsearch.transport.netty3.Netty3Transport;
 import org.jboss.netty.channel.Channel;
 import org.jboss.netty.channel.ChannelHandlerContext;
 import org.jboss.netty.channel.ChannelPipeline;
@ -41,10 +41,7 @@ import static org.elasticsearch.xpack.security.Security.settingPrefix;
 import static org.elasticsearch.xpack.security.transport.SSLExceptionHelper.isCloseDuringHandshakeException;
 import static org.elasticsearch.xpack.security.transport.SSLExceptionHelper.isNotSslRecordException;
-/**
+public class SecurityNetty3Transport extends Netty3Transport {
 *
 */
 public class SecurityNettyTransport extends NettyTransport {
    public static final String CLIENT_AUTH_DEFAULT = SSLClientAuth.REQUIRED.name();
    public static final boolean SSL_DEFAULT = false;
@ -82,7 +79,7 @@ public class SecurityNettyTransport extends NettyTransport {
    private final boolean ssl;
    @Inject
-    public SecurityNettyTransport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays,
+    public SecurityNetty3Transport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays,
                                   @Nullable IPFilter authenticator, @Nullable ServerSSLService serverSSLService,
                                   ClientSSLService clientSSLService, NamedWriteableRegistry namedWriteableRegistry,
                                   CircuitBreakerService circuitBreakerService) {
@ -148,7 +145,7 @@ public class SecurityNettyTransport extends NettyTransport {
        private final Settings profileSettings;
-        public SslServerChannelPipelineFactory(NettyTransport nettyTransport, String name, Settings settings, Settings profileSettings) {
+        public SslServerChannelPipelineFactory(Netty3Transport nettyTransport, String name, Settings settings, Settings profileSettings) {
            super(nettyTransport, name, settings);
            this.profileSettings = profileSettings;
        }
@ -172,7 +169,7 @@ public class SecurityNettyTransport extends NettyTransport {
                pipeline.addFirst("ssl", new SslHandler(serverEngine));
            }
            if (authenticator != null) {
-                pipeline.addFirst("ipfilter", new IPFilterNettyUpstreamHandler(authenticator, name));
+                pipeline.addFirst("ipfilter", new IPFilterNetty3UpstreamHandler(authenticator, name));
            }
            return pipeline;
        }
@ -180,7 +177,7 @@ public class SecurityNettyTransport extends NettyTransport {
    private class SslClientChannelPipelineFactory extends ClientChannelPipelineFactory {
-        public SslClientChannelPipelineFactory(NettyTransport transport) {
+        public SslClientChannelPipelineFactory(Netty3Transport transport) {
            super(transport);
        }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/http/netty3/Netty3HttpMockUtil.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/http/netty3/Netty3HttpMockUtil.java
@ -3,20 +3,20 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.http.netty;
+package org.elasticsearch.http.netty3;
-import org.elasticsearch.transport.netty.OpenChannelsHandler;
+import org.elasticsearch.transport.netty3.Netty3OpenChannelsHandler;
 import static org.mockito.Mockito.mock;
-/** Allows setting a mock into NettyHttpServerTransport */
+/** Allows setting a mock into Netty3HttpServerTransport */
-public class NettyHttpMockUtil {
+public class Netty3HttpMockUtil {
    /**
     * We don't really need to start Netty for these tests, but we can't create a pipeline
     * with a null handler. So we set it to a mock for tests.
     */
-    public static void setOpenChannelsHandlerToMock(NettyHttpServerTransport transport) throws Exception {
+    public static void setOpenChannelsHandlerToMock(Netty3HttpServerTransport transport) throws Exception {
-        transport.serverOpenChannels = mock(OpenChannelsHandler.class);
+        transport.serverOpenChannels = mock(Netty3OpenChannelsHandler.class);
    }
 }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java
@ -11,7 +11,7 @@ import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.ESIntegTestCase;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
 import org.junit.Before;
@ -137,7 +137,7 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/LicensingTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/LicensingTests.java
@ -38,7 +38,7 @@ import org.elasticsearch.rest.RestStatus;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.test.SecuritySettingsSource;
 import org.elasticsearch.transport.Transport;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
@ -120,7 +120,7 @@ public class LicensingTests extends SecurityIntegTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ldap/AbstractAdLdapRealmTestCase.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ldap/AbstractAdLdapRealmTestCase.java
@ -15,7 +15,7 @@ import org.elasticsearch.xpack.security.authc.activedirectory.ActiveDirectoryRea
 import org.elasticsearch.xpack.security.authc.ldap.LdapRealm;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.junit.AfterClass;
 import org.junit.BeforeClass;
@ -166,7 +166,7 @@ public abstract  class AbstractAdLdapRealmTestCase extends SecurityIntegTestCase
        return Settings.builder()
                .put("xpack.security.ssl.keystore.path", store)
                .put("xpack.security.ssl.keystore.password", password)
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
                .put("xpack.security.ssl.truststore.path", store)
                .put("xpack.security.ssl.truststore.password", password).build();
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java
@ -16,17 +16,14 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.transport.MockTcpTransportPlugin;
 import org.elasticsearch.xpack.security.InternalClient;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.client.SecurityClient;
 import org.elasticsearch.test.ESIntegTestCase.SuppressLocalMode;
 import org.elasticsearch.test.transport.AssertingLocalTransport;
 import org.elasticsearch.test.transport.MockTransportService;
 import org.elasticsearch.xpack.XPackClient;
 import org.elasticsearch.xpack.XPackPlugin;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
@ -37,10 +34,8 @@ import java.net.InetSocketAddress;
 import java.nio.file.Path;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.function.Function;
 import java.util.stream.Collectors;
@ -367,7 +362,7 @@ public abstract class SecurityIntegTestCase extends ESIntegTestCase {
        final List<NodeInfo> nodes = nodeInfos.getNodes();
        assertTrue("there is at least one node", nodes.size() > 0);
        NodeInfo ni = randomFrom(nodes);
-        useSSL = SecurityNettyHttpServerTransport.SSL_SETTING.get(ni.getSettings());
+        useSSL = SecurityNetty3HttpServerTransport.SSL_SETTING.get(ni.getSettings());
        TransportAddress publishAddress = ni.getHttp().address().publishAddress();
        assertEquals(1, publishAddress.uniqueAddressTypeId());
        InetSocketAddress address = ((InetSocketTransportAddress) publishAddress).address();
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/test/SecuritySettingsSource.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/test/SecuritySettingsSource.java
@ -11,7 +11,7 @@ import org.elasticsearch.common.io.PathUtils;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.util.concurrent.ThreadContext;
 import org.elasticsearch.discovery.DiscoveryModule;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.monitoring.Monitoring;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.ESIntegTestCase.Scope;
@ -25,8 +25,8 @@ import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authz.store.FileRolesStore;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.test.SecurityTestUtils;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.test.discovery.ClusterDiscoveryConfiguration;
 import org.elasticsearch.xpack.watcher.Watcher;
 import org.elasticsearch.xpack.XPackPlugin;
@ -162,7 +162,7 @@ public class SecuritySettingsSource extends ClusterDiscoveryConfiguration.Unicas
    @Override
    public Collection<Class<? extends Plugin>> nodePlugins() {
-        return Arrays.asList(xpackPluginClass(), MockNettyPlugin.class);
+        return Arrays.asList(xpackPluginClass(), MockNetty3Plugin.class);
    }
    @Override
@ -259,18 +259,18 @@ public class SecuritySettingsSource extends ClusterDiscoveryConfiguration.Unicas
        Path store = resolveResourcePath(resourcePathToStore);
        final String sslEnabledSetting =
-                randomFrom(SecurityNettyTransport.SSL_SETTING.getKey(), SecurityNettyTransport.DEPRECATED_SSL_SETTING.getKey());
+                randomFrom(SecurityNetty3Transport.SSL_SETTING.getKey(), SecurityNetty3Transport.DEPRECATED_SSL_SETTING.getKey());
        Settings.Builder builder = Settings.builder().put(sslEnabledSetting, sslTransportEnabled);
        if (transportClient == false) {
-            builder.put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), false);
+            builder.put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), false);
        }
        if (sslTransportEnabled) {
            builder.put("xpack.security.ssl.keystore.path", store)
                    .put("xpack.security.ssl.keystore.password", password)
-                    .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), hostnameVerificationEnabled)
+                    .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), hostnameVerificationEnabled)
-                    .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(),
+                    .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(),
                            hostnameVerificationResolveNameEnabled);
        }
@ -287,20 +287,20 @@ public class SecuritySettingsSource extends ClusterDiscoveryConfiguration.Unicas
                                            boolean transportClient) {
        Settings.Builder builder = Settings.builder();
        final String sslEnabledSetting =
-                randomFrom(SecurityNettyTransport.SSL_SETTING.getKey(), SecurityNettyTransport.DEPRECATED_SSL_SETTING.getKey());
+                randomFrom(SecurityNetty3Transport.SSL_SETTING.getKey(), SecurityNetty3Transport.DEPRECATED_SSL_SETTING.getKey());
        builder.put(sslEnabledSetting, sslTransportEnabled);
        if (transportClient == false) {
-            builder.put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), false);
+            builder.put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), false);
        }
        if (sslTransportEnabled) {
            builder.put("xpack.security.ssl.key.path", resolveResourcePath(keyPath))
                    .put("xpack.security.ssl.key.password", password)
                    .put("xpack.security.ssl.cert", Strings.arrayToCommaDelimitedString(resolvePathsToString(certificateFiles)))
-                    .put(randomFrom(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(),
+                    .put(randomFrom(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(),
-                            SecurityNettyTransport.DEPRECATED_HOSTNAME_VERIFICATION_SETTING.getKey()), hostnameVerificationEnabled)
+                            SecurityNetty3Transport.DEPRECATED_HOSTNAME_VERIFICATION_SETTING.getKey()), hostnameVerificationEnabled)
-                    .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(),
+                    .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(),
                            hostnameVerificationResolveNameEnabled);
            if (trustedCertificates.isEmpty() == false) {
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/transport/netty3/Netty3MockUtil.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/transport/netty3/Netty3MockUtil.java
@ -3,17 +3,17 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.transport.netty;
+package org.elasticsearch.transport.netty3;
 import static org.mockito.Mockito.mock;
-/** Allows setting a mock into NettyTransport */
+/** Allows setting a mock into Netty3Transport */
-public class NettyMockUtil {
+public class Netty3MockUtil {
    /**
     * We don't really need to start Netty for these tests, but we can't create a pipeline
     * with a null handler. So we set it to a mock for tests.
     */
-    public static void setOpenChannelsHandlerToMock(NettyTransport transport) throws Exception {
+    public static void setOpenChannelsHandlerToMock(Netty3Transport transport) throws Exception {
-        transport.serverOpenChannels = mock(OpenChannelsHandler.class);
+        transport.serverOpenChannels = mock(Netty3OpenChannelsHandler.class);
    }
 }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityFeatureSetTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityFeatureSetTests.java
@ -8,16 +8,16 @@ package org.elasticsearch.xpack.security;
 import org.elasticsearch.common.collect.MapBuilder;
 import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.xpack.XPackFeatureSet;
 import org.elasticsearch.xpack.security.audit.AuditTrailService;
 import org.elasticsearch.xpack.security.authc.Realm;
 import org.elasticsearch.xpack.security.authc.Realms;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.xpack.XPackFeatureSet;
 import org.elasticsearch.xpack.security.authz.store.RolesStore;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource;
 import org.junit.Before;
@ -37,9 +37,6 @@ import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 /**
 *
 */
 public class SecurityFeatureSetTests extends ESTestCase {
    private Settings settings;
@ -116,9 +113,9 @@ public class SecurityFeatureSetTests extends ESTestCase {
        settings.put("xpack.security.enabled", enabled);
        final boolean httpSSLEnabled = randomBoolean();
-        settings.put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), httpSSLEnabled);
+        settings.put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), httpSSLEnabled);
        final boolean transportSSLEnabled = randomBoolean();
-        settings.put(SecurityNettyTransport.SSL_SETTING.getKey(), transportSSLEnabled);
+        settings.put(SecurityNetty3Transport.SSL_SETTING.getKey(), transportSSLEnabled);
        final boolean auditingEnabled = randomBoolean();
        final String[] auditOutputs = randomFrom(new String[] {"logfile"}, new String[] {"index"}, new String[] {"logfile", "index"});
        when(auditTrail.usageStats())
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityPluginEnabledDisabledTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityPluginEnabledDisabledTests.java
@ -8,12 +8,12 @@ package org.elasticsearch.xpack.security;
 import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.integration.LicensingTests;
 import org.elasticsearch.xpack.security.transport.SecurityServerTransportService;
 import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.transport.TransportService;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.transport.SecurityServerTransportService;
 import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.hamcrest.Matcher;
 import org.junit.After;
 import org.junit.BeforeClass;
@ -21,9 +21,6 @@ import org.junit.BeforeClass;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.not;
 /**
 *
 */
 public class SecurityPluginEnabledDisabledTests extends SecurityIntegTestCase {
    private static boolean enabled;
@ -72,7 +69,7 @@ public class SecurityPluginEnabledDisabledTests extends SecurityIntegTestCase {
            assertThat(service, matcher);
        }
        for (Transport transport : internalCluster().getInstances(Transport.class)) {
-            Matcher<Transport> matcher = instanceOf(SecurityNettyTransport.class);
+            Matcher<Transport> matcher = instanceOf(SecurityNetty3Transport.class);
            if (!enabled) {
                matcher = not(matcher);
            }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
@ -53,7 +53,7 @@ import org.elasticsearch.xpack.security.authc.AuthenticationToken;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.transport.filter.IPFilter;
 import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.xpack.security.user.SystemUser;
 import org.elasticsearch.xpack.security.user.User;
 import org.joda.time.DateTime;
@ -173,7 +173,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
                builder.put("xpack.security.audit.index.client." + entry.getKey(), entry.getValue());
            }
        } else {
-            builder.put("xpack.security.audit.index.client." + SecurityNettyTransport.SSL_SETTING.getKey(), false);
+            builder.put("xpack.security.audit.index.client." + SecurityNetty3Transport.SSL_SETTING.getKey(), false);
        }
        remoteSettings = builder.build();
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/RunAsIntegTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/RunAsIntegTests.java
@ -20,7 +20,7 @@ import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authc.support.SecuredStringTests;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.test.SecuritySettingsSource;
 import org.elasticsearch.xpack.XPackPlugin;
@ -230,7 +230,7 @@ public class RunAsIntegTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(extraSettings)
                .put("cluster.name", clusterName)
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), false)
                .build();
        return TransportClient.builder()
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/esnative/ESNativeMigrateToolTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/esnative/ESNativeMigrateToolTests.java
@ -16,9 +16,8 @@ import org.elasticsearch.env.Environment;
 import org.elasticsearch.test.NativeRealmIntegTestCase;
 import org.elasticsearch.test.SecuritySettingsSource;
 import org.elasticsearch.xpack.security.SecurityTemplateService;
 import org.elasticsearch.xpack.security.authc.esnative.ESNativeRealmMigrateTool;
 import org.elasticsearch.xpack.security.client.SecurityClient;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
 import org.junit.BeforeClass;
 import java.util.HashSet;
@ -45,7 +44,7 @@ public class ESNativeMigrateToolTests extends NativeRealmIntegTestCase {
        Settings s = Settings.builder()
                .put(super.nodeSettings(nodeOrdinal))
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), useSSL)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), useSSL)
                .build();
        return s;
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiAuthenticationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiAuthenticationTests.java
@ -21,7 +21,7 @@ import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.file.FileRealm;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
 import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
@ -56,8 +56,8 @@ public class PkiAuthenticationTests extends SecurityIntegTestCase {
                .put(super.nodeSettings(nodeOrdinal))
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), sslClientAuth)
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), sslClientAuth)
                .put("xpack.security.authc.realms.file.type", FileRealm.TYPE)
                .put("xpack.security.authc.realms.file.order", "0")
                .put("xpack.security.authc.realms.pki1.type", PkiRealm.TYPE)
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiOptionalClientAuthTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiOptionalClientAuthTests.java
@ -23,8 +23,8 @@ import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.junit.BeforeClass;
 import javax.net.ssl.SSLContext;
@ -57,8 +57,8 @@ public class PkiOptionalClientAuthTests extends SecurityIntegTestCase {
        return Settings.builder()
                .put(super.nodeSettings(nodeOrdinal))
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), SSLClientAuth.OPTIONAL)
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), SSLClientAuth.OPTIONAL)
                .put("xpack.security.authc.realms.file.type", "file")
                .put("xpack.security.authc.realms.file.order", "0")
                .put("xpack.security.authc.realms.pki1.type", "pki")
@ -108,7 +108,7 @@ public class PkiOptionalClientAuthTests extends SecurityIntegTestCase {
                .put(sslSettingsForStore)
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .build();
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiWithoutClientAuthenticationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiWithoutClientAuthenticationTests.java
@ -20,8 +20,8 @@ import org.elasticsearch.test.SecuritySettingsSource;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
@ -61,9 +61,9 @@ public class PkiWithoutClientAuthenticationTests extends SecurityIntegTestCase {
        return Settings.builder()
                .put(super.nodeSettings(nodeOrdinal))
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
-                .put(SecurityNettyTransport.CLIENT_AUTH_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.CLIENT_AUTH_SETTING.getKey(), false)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(),
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(),
                        randomFrom(SSLClientAuth.NO.name(), false, "false", "FALSE", SSLClientAuth.NO.name().toLowerCase(Locale.ROOT)))
                .put("xpack.security.authc.realms.pki1.type", "pki")
                .put("xpack.security.authc.realms.pki1.order", "0")
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java
@ -14,14 +14,14 @@ import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.discovery.MasterNotDiscoveredException;
 import org.elasticsearch.node.MockNode;
 import org.elasticsearch.node.Node;
 import org.elasticsearch.xpack.security.authc.file.FileRealm;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authz.store.FileRolesStore;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.authc.file.FileRealm;
 import org.elasticsearch.xpack.security.authz.store.FileRolesStore;
 import org.elasticsearch.xpack.security.crypto.CryptoService;
 import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.junit.BeforeClass;
 import java.io.IOException;
@ -31,9 +31,9 @@ import java.nio.file.Path;
 import java.util.Collections;
 import static java.util.Collections.singletonMap;
 import static org.elasticsearch.test.SecuritySettingsSource.getSSLSettingsForStore;
 import static org.elasticsearch.xpack.security.test.SecurityTestUtils.createFolder;
 import static org.elasticsearch.xpack.security.test.SecurityTestUtils.writeFile;
 import static org.elasticsearch.test.SecuritySettingsSource.getSSLSettingsForStore;
 import static org.hamcrest.CoreMatchers.instanceOf;
 import static org.hamcrest.CoreMatchers.is;
@ -66,7 +66,7 @@ public class ServerTransportFilterIntegrationTests extends SecurityIntegTestCase
        if (sslTransportEnabled()) {
            settingsBuilder.put("transport.profiles.client.xpack.security.truststore.path", store) // settings for client truststore
                           .put("transport.profiles.client.xpack.security.truststore.password", "testnode")
-                           .put(SecurityNettyTransport.SSL_SETTING.getKey(), true);
+                           .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true);
        }
        return settingsBuilder
@ -97,7 +97,7 @@ public class ServerTransportFilterIntegrationTests extends SecurityIntegTestCase
                .put("network.host", "localhost")
                .put("cluster.name", internalCluster().getClusterName())
                .put("discovery.zen.ping.unicast.hosts", unicastHost)
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), sslTransportEnabled())
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), sslTransportEnabled())
                .put("xpack.security.audit.enabled", false)
                .put("path.home", createTempDir())
                .put(NetworkModule.HTTP_ENABLED.getKey(), false)
@ -127,7 +127,7 @@ public class ServerTransportFilterIntegrationTests extends SecurityIntegTestCase
                .put(Security.USER_SETTING.getKey(), "test_user:changeme")
                .put("cluster.name", internalCluster().getClusterName())
                .put("discovery.zen.ping.unicast.hosts", "localhost:" + randomClientPort)
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), sslTransportEnabled())
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), sslTransportEnabled())
                .put("xpack.security.audit.enabled", false)
                .put(NetworkModule.HTTP_ENABLED.getKey(), false)
                .put(CryptoService.FILE_SETTING.getKey(), systemKeyFile)
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/HandshakeWaitingHandlerTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/HandshakeWaitingHandlerTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.logging.Loggers;
 import org.elasticsearch.common.settings.Settings;
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/IPFilterNetty3UpstreamHandlerTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/IPFilterNetty3UpstreamHandlerTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.component.Lifecycle;
 import org.elasticsearch.common.network.InetAddresses;
@ -41,11 +41,8 @@ import static org.hamcrest.Matchers.is;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
-/**
+public class IPFilterNetty3UpstreamHandlerTests extends ESTestCase {
- *
+    private IPFilterNetty3UpstreamHandler nettyUpstreamHandler;
 */
 public class IPFilterNettyUpstreamHandlerTests extends ESTestCase {
    private IPFilterNettyUpstreamHandler nettyUpstreamHandler;
    @Before
    public void init() throws Exception {
@ -81,9 +78,9 @@ public class IPFilterNettyUpstreamHandlerTests extends ESTestCase {
        }
        if (isHttpEnabled) {
-            nettyUpstreamHandler = new IPFilterNettyUpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME);
+            nettyUpstreamHandler = new IPFilterNetty3UpstreamHandler(ipFilter, IPFilter.HTTP_PROFILE_NAME);
        } else {
-            nettyUpstreamHandler = new IPFilterNettyUpstreamHandler(ipFilter, "default");
+            nettyUpstreamHandler = new IPFilterNetty3UpstreamHandler(ipFilter, "default");
        }
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/IPHostnameVerificationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/IPHostnameVerificationTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.client.Client;
 import org.elasticsearch.common.settings.Settings;
@ -61,8 +61,8 @@ public class IPHostnameVerificationTests extends SecurityIntegTestCase {
                .put(TransportSettings.BIND_HOST.getKey(), "127.0.0.1")
                .put("network.host", "127.0.0.1")
                .put("xpack.security.ssl.client.auth", "false")
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(), false)
                .build();
    }
@ -78,8 +78,8 @@ public class IPHostnameVerificationTests extends SecurityIntegTestCase {
        clientSettings = builder.build();
        return Settings.builder().put(clientSettings)
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_RESOLVE_NAME_SETTING.getKey(), false)
                .put("xpack.security.ssl.keystore.path", keystore.toAbsolutePath())
                .put("xpack.security.ssl.keystore.password", "testnode-ip-only")
                .put("xpack.security.ssl.truststore.path", keystore.toAbsolutePath())
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3HttpServerTransportTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3HttpServerTransportTests.java
@ -3,14 +3,14 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.network.NetworkService;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.util.BigArrays;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.http.HttpTransportSettings;
-import org.elasticsearch.http.netty.NettyHttpMockUtil;
+import org.elasticsearch.http.netty3.Netty3HttpMockUtil;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 import org.elasticsearch.xpack.security.ssl.ServerSSLService;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
@ -31,7 +31,7 @@ import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.not;
 import static org.mockito.Mockito.mock;
-public class SecurityNettyHttpServerTransportTests extends ESTestCase {
+public class SecurityNetty3HttpServerTransportTests extends ESTestCase {
    private ServerSSLService serverSSLService;
@ -47,10 +47,10 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    }
    public void testDefaultClientAuth() throws Exception {
-        Settings settings = Settings.builder().put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyHttpServerTransport transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        SecurityNetty3HttpServerTransport transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory();
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -59,11 +59,11 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    public void testOptionalClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.OPTIONAL.name(), SSLClientAuth.OPTIONAL.name().toLowerCase(Locale.ROOT));
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyHttpServerTransport transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        SecurityNetty3HttpServerTransport transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory();
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(true));
@ -72,11 +72,11 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    public void testRequiredClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.REQUIRED.name(), SSLClientAuth.REQUIRED.name().toLowerCase(Locale.ROOT), "true", "TRUE");
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyHttpServerTransport transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        SecurityNetty3HttpServerTransport transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory();
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(true));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -85,11 +85,11 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    public void testNoClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.NO.name(), SSLClientAuth.NO.name().toLowerCase(Locale.ROOT), "false", "FALSE");
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyHttpServerTransport transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        SecurityNetty3HttpServerTransport transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory();
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -97,20 +97,20 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    public void testCustomSSLConfiguration() throws Exception {
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true).build();
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyHttpServerTransport transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        SecurityNetty3HttpServerTransport transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory();
        SSLEngine defaultEngine = factory.getPipeline().get(SslHandler.class).getEngine();
        settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
                .put("xpack.security.http.ssl.supported_protocols", "TLSv1.2")
                .build();
-        transport = new SecurityNettyHttpServerTransport(settings, mock(NetworkService.class),
+        transport = new SecurityNetty3HttpServerTransport(settings, mock(NetworkService.class),
                mock(BigArrays.class), mock(IPFilter.class), serverSSLService, mock(ThreadPool.class));
-        NettyHttpMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3HttpMockUtil.setOpenChannelsHandlerToMock(transport);
        factory = transport.configureServerChannelPipelineFactory();
        SSLEngine customEngine = factory.getPipeline().get(SslHandler.class).getEngine();
        assertThat(customEngine.getEnabledProtocols(), arrayContaining("TLSv1.2"));
@ -119,29 +119,29 @@ public class SecurityNettyHttpServerTransportTests extends ESTestCase {
    public void testDisablesCompressionByDefaultForSsl() throws Exception {
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true).build();
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true).build();
        Settings.Builder pluginSettingsBuilder = Settings.builder();
-        SecurityNettyHttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
+        SecurityNetty3HttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
        assertThat(HttpTransportSettings.SETTING_HTTP_COMPRESSION.get(pluginSettingsBuilder.build()), is(false));
    }
    public void testLeavesCompressionOnIfNotSsl() throws Exception {
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), false).build();
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), false).build();
        Settings.Builder pluginSettingsBuilder = Settings.builder();
-        SecurityNettyHttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
+        SecurityNetty3HttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
        assertThat(pluginSettingsBuilder.build().isEmpty(), is(true));
    }
    public void testDoesNotChangeExplicitlySetCompression() throws Exception {
        Settings settings = Settings.builder()
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
                .put(HttpTransportSettings.SETTING_HTTP_COMPRESSION.getKey(), true)
                .build();
        Settings.Builder pluginSettingsBuilder = Settings.builder();
-        SecurityNettyHttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
+        SecurityNetty3HttpServerTransport.overrideSettings(pluginSettingsBuilder, settings);
        assertThat(pluginSettingsBuilder.build().isEmpty(), is(true));
    }
 }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3TransportTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3TransportTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
 import org.elasticsearch.common.network.NetworkService;
@ -17,7 +17,7 @@ import org.elasticsearch.xpack.security.ssl.ServerSSLService;
 import org.elasticsearch.xpack.security.transport.SSLClientAuth;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.threadpool.ThreadPool;
-import org.elasticsearch.transport.netty.NettyMockUtil;
+import org.elasticsearch.transport.netty3.Netty3MockUtil;
 import org.jboss.netty.channel.ChannelPipelineFactory;
 import org.jboss.netty.handler.ssl.SslHandler;
 import org.junit.Before;
@ -30,7 +30,7 @@ import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
 import static org.mockito.Mockito.mock;
-public class SecurityNettyTransportTests extends ESTestCase {
+public class SecurityNetty3TransportTests extends ESTestCase {
    private ServerSSLService serverSSLService;
    private ClientSSLService clientSSLService;
@ -49,43 +49,43 @@ public class SecurityNettyTransportTests extends ESTestCase {
    }
    public void testThatSSLCanBeDisabledByProfile() throws Exception {
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client",
                Settings.builder().put("xpack.security.ssl", false).build());
        assertThat(factory.getPipeline().get(SslHandler.class), nullValue());
    }
    public void testThatSSLCanBeEnabledByProfile() throws Exception {
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), false).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), false).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client",
                Settings.builder().put("xpack.security.ssl", true).build());
        assertThat(factory.getPipeline().get(SslHandler.class), notNullValue());
    }
    public void testThatProfileTakesDefaultSSLSetting() throws Exception {
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", Settings.EMPTY);
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine(), notNullValue());
    }
    public void testDefaultClientAuth() throws Exception {
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", Settings.EMPTY);
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(true));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -94,12 +94,12 @@ public class SecurityNettyTransportTests extends ESTestCase {
    public void testRequiredClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.REQUIRED.name(), SSLClientAuth.REQUIRED.name().toLowerCase(Locale.ROOT), "true");
        Settings settings = Settings.builder()
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3Transport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", Settings.EMPTY);
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(true));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -108,12 +108,12 @@ public class SecurityNettyTransportTests extends ESTestCase {
    public void testNoClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.NO.name(), "false", "FALSE", SSLClientAuth.NO.name().toLowerCase(Locale.ROOT));
        Settings settings = Settings.builder()
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3Transport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", Settings.EMPTY);
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
@ -122,12 +122,12 @@ public class SecurityNettyTransportTests extends ESTestCase {
    public void testOptionalClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.OPTIONAL.name(), SSLClientAuth.OPTIONAL.name().toLowerCase(Locale.ROOT));
        Settings settings = Settings.builder()
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyTransport.CLIENT_AUTH_SETTING.getKey(), value).build();
+                .put(SecurityNetty3Transport.CLIENT_AUTH_SETTING.getKey(), value).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
               mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client", Settings.EMPTY);
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(true));
@ -135,39 +135,39 @@ public class SecurityNettyTransportTests extends ESTestCase {
    public void testProfileRequiredClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.REQUIRED.name(), SSLClientAuth.REQUIRED.name().toLowerCase(Locale.ROOT), "true", "TRUE");
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client",
-                Settings.builder().put(SecurityNettyTransport.PROFILE_CLIENT_AUTH_SETTING, value).build());
+                Settings.builder().put(SecurityNetty3Transport.PROFILE_CLIENT_AUTH_SETTING, value).build());
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(true));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
    }
    public void testProfileNoClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.NO.name(), "false", "FALSE", SSLClientAuth.NO.name().toLowerCase(Locale.ROOT));
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class), mock(NetworkService.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class), mock(NetworkService.class),
                mock(BigArrays.class), null, serverSSLService, clientSSLService, mock(NamedWriteableRegistry.class),
                mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client",
-                Settings.builder().put(SecurityNettyTransport.PROFILE_CLIENT_AUTH_SETTING.getKey(), value).build());
+                Settings.builder().put(SecurityNetty3Transport.PROFILE_CLIENT_AUTH_SETTING.getKey(), value).build());
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(false));
    }
    public void testProfileOptionalClientAuth() throws Exception {
        String value = randomFrom(SSLClientAuth.OPTIONAL.name(), SSLClientAuth.OPTIONAL.name().toLowerCase(Locale.ROOT));
-        Settings settings = Settings.builder().put(SecurityNettyTransport.SSL_SETTING.getKey(), true).build();
+        Settings settings = Settings.builder().put(SecurityNetty3Transport.SSL_SETTING.getKey(), true).build();
-        SecurityNettyTransport transport = new SecurityNettyTransport(settings, mock(ThreadPool.class),
+        SecurityNetty3Transport transport = new SecurityNetty3Transport(settings, mock(ThreadPool.class),
                mock(NetworkService.class), mock(BigArrays.class), null, serverSSLService, clientSSLService,
                mock(NamedWriteableRegistry.class), mock(CircuitBreakerService.class));
-        NettyMockUtil.setOpenChannelsHandlerToMock(transport);
+        Netty3MockUtil.setOpenChannelsHandlerToMock(transport);
        ChannelPipelineFactory factory = transport.configureServerChannelPipelineFactory("client",
-                Settings.builder().put(SecurityNettyTransport.PROFILE_CLIENT_AUTH_SETTING.getKey(), value).build());
+                Settings.builder().put(SecurityNetty3Transport.PROFILE_CLIENT_AUTH_SETTING.getKey(), value).build());
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getNeedClientAuth(), is(false));
        assertThat(factory.getPipeline().get(SslHandler.class).getEngine().getWantClientAuth(), is(true));
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SslHostnameVerificationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SslHostnameVerificationTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.xpack.security.transport.netty;
+package org.elasticsearch.xpack.security.transport.netty3;
 import org.elasticsearch.client.Client;
 import org.elasticsearch.client.transport.NoNodeAvailableException;
@ -11,10 +11,10 @@ import org.elasticsearch.client.transport.TransportClient;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.Security;
 import java.net.InetSocketAddress;
 import java.nio.file.Files;
@ -59,7 +59,7 @@ public class SslHostnameVerificationTests extends SecurityIntegTestCase {
                .put("xpack.security.ssl.truststore.path", keystore.toAbsolutePath())
                .put("xpack.security.ssl.truststore.password", "testnode-no-subjaltname")
                // disable hostname verification as this test uses non-localhost addresses
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
                .build();
    }
@ -77,7 +77,7 @@ public class SslHostnameVerificationTests extends SecurityIntegTestCase {
            }
        }
-        builder.put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
+        builder.put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), false)
                .put("xpack.security.ssl.keystore.path", keystore.toAbsolutePath()) // settings for client keystore
                .put("xpack.security.ssl.keystore.password", "testnode-no-subjaltname");
@ -96,7 +96,7 @@ public class SslHostnameVerificationTests extends SecurityIntegTestCase {
        InetSocketAddress inetSocketAddress = ((InetSocketTransportAddress) transportAddress).address();
        Settings settings = Settings.builder().put(transportClientSettings())
-                .put(SecurityNettyTransport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.HOSTNAME_VERIFICATION_SETTING.getKey(), true)
                .build();
        try (TransportClient client = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslClientAuthTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslClientAuthTests.java
@ -24,8 +24,8 @@ import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.ssl.ClientSSLService;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import javax.net.ssl.SSLHandshakeException;
 import java.io.IOException;
@ -43,9 +43,9 @@ public class SslClientAuthTests extends SecurityIntegTestCase {
        return Settings.builder()
                .put(super.nodeSettings(nodeOrdinal))
                // invert the require auth settings
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.CLIENT_AUTH_SETTING.getKey(), true)
+                .put(SecurityNetty3HttpServerTransport.CLIENT_AUTH_SETTING.getKey(), true)
                .put("transport.profiles.default.xpack.security.ssl.client.auth", false)
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
                .build();
@ -94,7 +94,7 @@ public class SslClientAuthTests extends SecurityIntegTestCase {
        }
        Settings settings = Settings.builder()
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.keystore.path", store)
                .put("xpack.security.ssl.keystore.password", "testclient-client-profile")
                .put("cluster.name", internalCluster().getClusterName())
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslIntegrationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslIntegrationTests.java
@ -25,7 +25,7 @@ import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.xpack.security.ssl.ClientSSLService;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3HttpServerTransport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.xpack.XPackPlugin;
@ -49,7 +49,7 @@ public class SslIntegrationTests extends SecurityIntegTestCase {
    protected Settings nodeSettings(int nodeOrdinal) {
        return Settings.builder().put(super.nodeSettings(nodeOrdinal))
                .put(NetworkModule.HTTP_ENABLED.getKey(), true)
-                .put(SecurityNettyHttpServerTransport.SSL_SETTING.getKey(), true).build();
+                .put(SecurityNetty3HttpServerTransport.SSL_SETTING.getKey(), true).build();
    }
    @Override
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslMultiPortTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslMultiPortTests.java
@ -11,7 +11,8 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.transport.TransportAddress;
 import org.elasticsearch.xpack.security.Security;
-import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
+import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.xpack.security.transport.netty3.SecurityNetty3Transport;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.transport.Transport;
 import org.elasticsearch.xpack.XPackPlugin;
@ -236,7 +237,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
    public void testThatTransportClientCanConnectToNoSslProfile() throws Exception {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), false)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), false)
                .put("cluster.name", internalCluster().getClusterName())
                .build();
        try (TransportClient transportClient = TransportClient.builder().settings(settings).addPlugin(XPackPlugin.class).build()) {
@ -309,7 +310,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.truststore.path",
                        getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/truststore-testnode-only.jks"))
                .put("xpack.security.ssl.truststore.password", "truststore-testnode-only")
@ -331,7 +332,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.truststore.path",
                        getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/truststore-testnode-only.jks"))
                .put("xpack.security.ssl.truststore.password", "truststore-testnode-only")
@ -355,7 +356,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.truststore.path",
                        getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/truststore-testnode-only.jks"))
                .put("xpack.security.ssl.truststore.password", "truststore-testnode-only")
@ -378,7 +379,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .put("xpack.security.ssl.truststore.path",
                        getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/truststore-testnode-only.jks"))
                .put("xpack.security.ssl.truststore.password", "truststore-testnode-only")
@ -401,7 +402,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .build();
        try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
            transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses()));
@ -421,7 +422,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .build();
        try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
            transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
@ -441,7 +442,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .build();
        try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
            transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(),
@ -462,7 +463,7 @@ public class SslMultiPortTests extends SecurityIntegTestCase {
        Settings settings = Settings.builder()
                .put(Security.USER_SETTING.getKey(), DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
                .put("cluster.name", internalCluster().getClusterName())
-                .put(SecurityNettyTransport.SSL_SETTING.getKey(), true)
+                .put(SecurityNetty3Transport.SSL_SETTING.getKey(), true)
                .build();
        try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
            transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
--- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/MockNetty3Plugin.java
+++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/MockNetty3Plugin.java
@ -6,12 +6,12 @@
 package org.elasticsearch.xpack;
 import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.transport.NettyPlugin;
+import org.elasticsearch.transport.Netty3Plugin;
-public final class MockNettyPlugin extends NettyPlugin {
+public final class MockNetty3Plugin extends Netty3Plugin {
-    // se NettyPlugin.... this runs without the permission from the netty module so it will fail since reindex can't set the property
+    // se Netty3Plugin.... this runs without the permission from the netty3 module so it will fail since reindex can't set the property
    // to make it still work we disable that check for pseudo integ tests
-    public MockNettyPlugin(Settings settings) {
+    public MockNetty3Plugin(Settings settings) {
        super(Settings.builder().put(settings).put("netty.assert.buglevel", false).build());
    }
 }
--- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java
+++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java
@ -11,7 +11,7 @@ import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse;
 import org.elasticsearch.client.ResponseException;
 import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.monitoring.Monitoring;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.xpack.security.Security;
@ -51,7 +51,7 @@ public class WatcherPluginDisableTests extends ESIntegTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
-        return Arrays.asList(XPackPlugin.class, MockNettyPlugin.class);
+        return Arrays.asList(XPackPlugin.class, MockNetty3Plugin.class);
    }
    @Override
--- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/input/chain/ChainIntegrationTests.java
+++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/input/chain/ChainIntegrationTests.java
@ -10,7 +10,7 @@ import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.index.IndexNotFoundException;
 import org.elasticsearch.plugins.Plugin;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.watcher.input.http.HttpInput;
 import org.elasticsearch.xpack.common.http.HttpRequestTemplate;
 import org.elasticsearch.xpack.common.http.auth.basic.BasicAuth;
@ -47,7 +47,7 @@ public class ChainIntegrationTests extends AbstractWatcherIntegrationTestCase {
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/input/http/HttpInputIntegrationTests.java
+++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/input/http/HttpInputIntegrationTests.java
@ -12,7 +12,7 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.xcontent.XContentBuilder;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.junit.annotations.TestLogging;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.watcher.client.WatcherClient;
 import org.elasticsearch.xpack.watcher.condition.compare.CompareCondition;
 import org.elasticsearch.xpack.watcher.history.HistoryStore;
@ -54,7 +54,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTestCas
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }
--- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java
+++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java
@ -15,7 +15,7 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.xcontent.json.JsonXContent;
 import org.elasticsearch.common.xcontent.support.XContentMapValues;
 import org.elasticsearch.plugins.Plugin;
-import org.elasticsearch.xpack.MockNettyPlugin;
+import org.elasticsearch.xpack.MockNetty3Plugin;
 import org.elasticsearch.xpack.monitoring.test.MonitoringIntegTestCase;
 import org.elasticsearch.xpack.security.authc.support.SecuredString;
 import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
@ -55,7 +55,7 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
-        plugins.add(MockNettyPlugin.class); // for http
+        plugins.add(MockNetty3Plugin.class); // for http
        return plugins;
    }