andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
fac6c19958
netty5/handler/src/test/java/io/netty/handler/ssl/SslHandlerTest.java

1681 lines
73 KiB
Java
Raw Normal View History

Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
/*
* Copyright 2013 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
Enable nohttp check during the build (#10708) Motivation: HTTP is a plaintext protocol which means that someone may be able to eavesdrop the data. To prevent this, HTTPS should be used whenever possible. However, maintaining using https:// in all URLs may be difficult. The nohttp tool can help here. The tool scans all the files in a repository and reports where http:// is used. Modifications: - Added nohttp (via checkstyle) into the build process. - Suppressed findings for the websites that don't support HTTPS or that are not reachable Result: - Prevent using HTTP in the future. - Encourage users to use HTTPS when they follow the links they found in the code.
2020-10-23 14:44:18 +02:00
* https://www.apache.org/licenses/LICENSE-2.0
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.ssl;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
SslHandler and OpenSslEngine miscalculation of wrap destination buffer size Motivation: When we do a wrap operation we calculate the maximum size of the destination buffer ahead of time, and return a BUFFER_OVERFLOW exception if the destination buffer is not big enough. However if there is a CompositeByteBuf the wrap operation may consist of multiple ByteBuffers and each incurs its own overhead during the encryption. We currently don't account for the overhead required for encryption if there are multiple ByteBuffers and we assume the overhead will only apply once to the entire input size. If there is not enough room to write an entire encrypted packed into the BIO SSL_write will return -1 despite having actually written content to the BIO. We then attempt to retry the write with a bigger buffer, but because SSL_write is stateful the remaining bytes from the previous operation are put into the BIO. This results in sending the second half of the encrypted data being sent to the peer which is not of proper format and the peer will be confused and ultimately not get the expected data (which may result in a fatal error). In this case because SSL_write returns -1 we have no way to know how many bytes were actually consumed and so the best we can do is ensure that we always allocate a destination buffer with enough space so we are guaranteed to complete the write operation synchronously. Modifications: - SslHandler#allocateNetBuf should take into account how many ByteBuffers will be wrapped and apply the encryption overhead for each - Include the TLS header length in the overhead computation Result: Fixes https://github.com/netty/netty/issues/6481
2017-03-03 18:22:26 +01:00
import io.netty.buffer.ByteBuf;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.buffer.ByteBufAllocator;
import io.netty.buffer.Unpooled;
Add testcase for c11b23bbc1f46116407bdc10779c4cace639ee83 Motivation: c11b23bbc1f46116407bdc10779c4cace639ee83 added a fix for closing the SSLEngine otbound but no test was provided. Modifications: Add testcase. Result: More tests.
2018-03-06 00:36:50 +01:00
import io.netty.buffer.UnpooledByteBufAllocator;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.channel.Channel;
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
import io.netty.channel.ChannelDuplexHandler;
SslHandler unwrap out of order promise/event notificaiton Motivation: SslHandler#decode methods catch any exceptions and attempt to wrap before shutting down the engine. The intention is to write any alerts which the engine may have pending. However the wrap process may also attempt to write user data, and may also complete the associated promises. If this is the case, and a promise listener closes the channel then SslHandler may later propagate a SslHandshakeCompletionEvent user event through the pipeline. Since the channel has already been closed the user may no longer be paying attention to user events. Modifications: - Sslhandler#decode should first fail the associated handshake promise and propagate the SslHandshakeCompletionEvent before attempting to wrap Result: Fixes https://github.com/netty/netty/issues/7639
2018-01-31 22:16:51 +01:00
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelFutureListener;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.channel.ChannelHandler;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.channel.ChannelInitializer;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.channel.ChannelOutboundHandlerAdapter;
SslHandler promise completion incorrect if write doesn't immediately complete Motivation: SslHandler removes a Buffer/Promise pair from AbstractCoalescingBufferQueue when wrapping data. However it is possible the SSLEngine will not consume the entire buffer. In this case SslHandler adds the Buffer back to the queue, but doesn't add the Promise back to the queue. This may result in the promise completing immediately in finishFlush, and generally not correlating to the completion of writing the corresponding Buffer Modifications: - AbstractCoalescingBufferQueue#addFirst should also support adding the ChannelPromise - In the event of a handshake timeout we should immediately fail pending writes immediately to get a more accurate exception Result: Fixes https://github.com/netty/netty/issues/7378.
2017-11-07 16:46:14 +01:00
import io.netty.channel.ChannelPromise;
Dont fire an SslHandshakeEvent if the handshake was not started at all. Motivation: We should not fire a SslHandshakeEvent if the channel is closed but the handshake was not started. Modifications: - Add a variable to SslHandler which tracks if an handshake was started yet or not and depending on this fire the event. - Add a unit test Result: Fixes [#7262].
2017-11-05 18:53:13 +01:00
import io.netty.channel.DefaultChannelId;
SslHandler unwrap out of order promise/event notificaiton Motivation: SslHandler#decode methods catch any exceptions and attempt to wrap before shutting down the engine. The intention is to write any alerts which the engine may have pending. However the wrap process may also attempt to write user data, and may also complete the associated promises. If this is the case, and a promise listener closes the channel then SslHandler may later propagate a SslHandshakeCompletionEvent user event through the pipeline. Since the channel has already been closed the user may no longer be paying attention to user events. Modifications: - Sslhandler#decode should first fail the associated handshake promise and propagate the SslHandshakeCompletionEvent before attempting to wrap Result: Fixes https://github.com/netty/netty/issues/7639
2018-01-31 22:16:51 +01:00
import io.netty.channel.DefaultEventLoopGroup;
Allow to configure SslHandler to wait for close_notify response before closing the Channel and fix racy flush close_notify timeout scheduling. Motivation: SslHandler closed the channel as soon as it was able to write out the close_notify message. This may not be what the user want as it may make sense to only close it after the actual response to the close_notify was received in order to guarantee a clean-shutdown of the connection in all cases. Beside this closeNotifyFlushTimeoutMillis is volatile so may change between two reads. We need to cache it in a local variable to ensure it not change int between. Beside this we also need to check if the flush promise was complete the schedule timeout as this may happened but we were not able to cancel the timeout yet. Otherwise we will produce an missleading log message. Modifications: - Add new setter / getter to SslHandler which allows to specify the behavior (old behavior is preserved as default) - Added unit test. - Cache volatile closeNotifyTimeoutMillis. - Correctly check if flush promise was complete before we try to forcibly close the Channel and log a warning. - Add missing javadocs. Result: More clean shutdown of connection possible when using SSL and fix racy way of schedule close_notify flush timeouts and javadocs.
2017-01-11 16:07:47 +01:00
import io.netty.channel.EventLoopGroup;
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
import io.netty.channel.SimpleChannelInboundHandler;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.channel.embedded.EmbeddedChannel;
SslHandler unwrap out of order promise/event notificaiton Motivation: SslHandler#decode methods catch any exceptions and attempt to wrap before shutting down the engine. The intention is to write any alerts which the engine may have pending. However the wrap process may also attempt to write user data, and may also complete the associated promises. If this is the case, and a promise listener closes the channel then SslHandler may later propagate a SslHandshakeCompletionEvent user event through the pipeline. Since the channel has already been closed the user may no longer be paying attention to user events. Modifications: - Sslhandler#decode should first fail the associated handshake promise and propagate the SslHandshakeCompletionEvent before attempting to wrap Result: Fixes https://github.com/netty/netty/issues/7639
2018-01-31 22:16:51 +01:00
import io.netty.channel.local.LocalAddress;
import io.netty.channel.local.LocalChannel;
import io.netty.channel.local.LocalServerChannel;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioServerSocketChannel;
import io.netty.channel.socket.nio.NioSocketChannel;
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
import io.netty.handler.codec.ByteToMessageDecoder;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.handler.codec.CodecException;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.handler.codec.DecoderException;
import io.netty.handler.codec.UnsupportedMessageTypeException;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.handler.ssl.util.SelfSignedCertificate;
SslHandler leak Motivation: SslHandler only supports ByteBuf objects, but will not release objects of other types. SslHandler will also not release objects if its internal state is not correctly setup. Modifications: - Release non-ByteBuf objects in write - Release all objects if the SslHandler queue is not setup Result: Less leaks in SslHandler.
2017-11-06 19:05:21 +01:00
import io.netty.util.AbstractReferenceCounted;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.util.IllegalReferenceCountException;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import io.netty.util.ReferenceCountUtil;
import io.netty.util.ReferenceCounted;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.util.concurrent.Future;
import io.netty.util.concurrent.FutureListener;
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
import io.netty.util.concurrent.ImmediateEventExecutor;
import io.netty.util.concurrent.ImmediateExecutor;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import io.netty.util.concurrent.Promise;
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
import io.netty.util.internal.EmptyArrays;
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
import io.netty.util.internal.PlatformDependent;
SSLHandler may throw AssertionError if writes occur before channelAct… (#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes https://github.com/netty/netty/issues/8479.
2018-11-11 07:23:08 +01:00
import org.hamcrest.CoreMatchers;
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
import org.hamcrest.Matchers;
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Timeout;
import org.junit.jupiter.api.function.Executable;
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
import java.net.InetSocketAddress;
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
import java.net.Socket;
Ensure SslHandler.sslCloseFuture() is notified in all cases. Motivation: The SslHandler.sslCloseFuture() may not be notified when the Channel is closed before a closify_notify is received. Modifications: Ensure we try to fail the sslCloseFuture() when the Channel is closed. Result: Correctly notify the ssl close future.
2017-01-11 14:31:53 +01:00
import java.nio.channels.ClosedChannelException;
SslHandler promise completion incorrect if write doesn't immediately complete Motivation: SslHandler removes a Buffer/Promise pair from AbstractCoalescingBufferQueue when wrapping data. However it is possible the SSLEngine will not consume the entire buffer. In this case SslHandler adds the Buffer back to the queue, but doesn't add the Promise back to the queue. This may result in the promise completing immediately in finishFlush, and generally not correlating to the completion of writing the corresponding Buffer Modifications: - AbstractCoalescingBufferQueue#addFirst should also support adding the ChannelPromise - In the event of a handshake timeout we should immediately fail pending writes immediately to get a more accurate exception Result: Fixes https://github.com/netty/netty/issues/7378.
2017-11-07 16:46:14 +01:00
import java.security.NoSuchAlgorithmException;
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
import java.util.Collections;
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
import java.util.List;
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
import java.util.Queue;
Add SslCloseCompletionEvent that is fired once a close_notify was received Motivation: For the completion of a handshake we already fire a SslHandshakeCompletionEvent which the user can intercept. We should do the same for the receiving of close_notify. Modifications: Add SslCloseCompletionEvent and test-case. Result: More consistent API.
2017-01-19 09:31:35 +01:00
import java.util.concurrent.BlockingQueue;
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
import java.util.concurrent.ConcurrentLinkedQueue;
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
import java.util.concurrent.CountDownLatch;
SslHandler and OpenSslEngine miscalculation of wrap destination buffer size Motivation: When we do a wrap operation we calculate the maximum size of the destination buffer ahead of time, and return a BUFFER_OVERFLOW exception if the destination buffer is not big enough. However if there is a CompositeByteBuf the wrap operation may consist of multiple ByteBuffers and each incurs its own overhead during the encryption. We currently don't account for the overhead required for encryption if there are multiple ByteBuffers and we assume the overhead will only apply once to the entire input size. If there is not enough room to write an entire encrypted packed into the BIO SSL_write will return -1 despite having actually written content to the BIO. We then attempt to retry the write with a bigger buffer, but because SSL_write is stateful the remaining bytes from the previous operation are put into the BIO. This results in sending the second half of the encrypted data being sent to the peer which is not of proper format and the peer will be confused and ultimately not get the expected data (which may result in a fatal error). In this case because SSL_write returns -1 we have no way to know how many bytes were actually consumed and so the best we can do is ensure that we always allocate a destination buffer with enough space so we are guaranteed to complete the write operation synchronously. Modifications: - SslHandler#allocateNetBuf should take into account how many ByteBuffers will be wrapped and apply the encryption overhead for each - Include the TLS header length in the overhead computation Result: Fixes https://github.com/netty/netty/issues/6481
2017-03-03 18:22:26 +01:00
import java.util.concurrent.ExecutionException;
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
import java.util.concurrent.Executor;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
Add SslCloseCompletionEvent that is fired once a close_notify was received Motivation: For the completion of a handshake we already fire a SslHandshakeCompletionEvent which the user can intercept. We should do the same for the receiving of close_notify. Modifications: Add SslCloseCompletionEvent and test-case. Result: More consistent API.
2017-01-19 09:31:35 +01:00
import java.util.concurrent.LinkedBlockingQueue;
SSLHandler may throw AssertionError if writes occur before channelAct… (#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes https://github.com/netty/netty/issues/8479.
2018-11-11 07:23:08 +01:00
import java.util.concurrent.TimeUnit;
Dont fire an SslHandshakeEvent if the handshake was not started at all. Motivation: We should not fire a SslHandshakeEvent if the channel is closed but the handshake was not started. Modifications: - Add a variable to SslHandler which tracks if an handshake was started yet or not and depending on this fire the event. - Add a unit test Result: Fixes [#7262].
2017-11-05 18:53:13 +01:00
import java.util.concurrent.atomic.AtomicBoolean;
Fix race in SslHandlerTest that could lead to NPE. (#7989) Motivation: SslHandlerTest tried to get access to the SslHandler in the pipeline via pipeline.get(...) which may return null if the channel was already closed and so the pipeline was teared down. This showed up in a test run as: ``` ------------------------------------------------------------------------------- Test set: io.netty.handler.ssl.SslHandlerTest ------------------------------------------------------------------------------- Tests run: 17, Failures: 0, Errors: 1, Skipped: 1, Time elapsed: 0.802 sec <<< FAILURE! - in io.netty.handler.ssl.SslHandlerTest testCloseOnHandshakeFailure(io.netty.handler.ssl.SslHandlerTest) Time elapsed: 0.188 sec <<< ERROR! java.lang.NullPointerException at io.netty.handler.ssl.SslHandlerTest.testCloseOnHandshakeFailure(SslHandlerTest.java:640) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:564) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.lang.Thread.run(Thread.java:844) ``` Modifications: Use an AtomicReference to propagate the SslHandler instance to the outer scope. Result: No more NPE.
2018-05-30 22:07:42 +02:00
import java.util.concurrent.atomic.AtomicReference;
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLProtocolException;
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
import javax.net.ssl.X509ExtendedTrustManager;
OpenSslEngine wrap may generate bad data if multiple src buffers Motivation: SSL_write requires a fixed amount of bytes for overhead related to the encryption process for each call. OpenSslEngine#wrap(..) will attempt to encrypt multiple input buffers until MAX_PLAINTEXT_LENGTH are consumed, but the size estimation provided by calculateOutNetBufSize may not leave enough room for each call to SSL_write. If SSL_write is not able to completely write results to the destination buffer it will keep state and attempt to write it later. Netty doesn't account for SSL_write keeping state and assumes all writes will complete synchronously (by attempting to allocate enough space to account for the overhead) and feeds the same data to SSL_write again later which results in corrupted data being generated. Modifications: - OpenSslEngine#wrap should only produce a single TLS packet according to the SSLEngine API specificaiton [1]. [1] https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html#wrap-java.nio.ByteBuffer:A-int-int-java.nio.ByteBuffer- - OpenSslEngine#wrap should only consider a single buffer when determining if there is enough space to write, because only a single buffer will ever be consumed. Result: OpenSslEngine#wrap will no longer produce corrupted data due to incorrect accounting of space required in the destination buffers.
2017-05-08 19:13:53 +02:00
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
import static io.netty.buffer.Unpooled.wrappedBuffer;
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
import static org.hamcrest.CoreMatchers.*;
Replace deprecated Assert.assertThat(...) with MatcherAssert.assertThat(...) (#10699) Motivation: junit deprecated Assert.assertThat(...) Modifications: Use MatcherAssert.assertThat(...) as replacement for deprecated method Result: Less deprecation warnings
2020-10-18 14:30:52 +02:00
import static org.hamcrest.MatcherAssert.assertThat;
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertSame;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;
import static org.junit.jupiter.api.Assumptions.assumeFalse;
import static org.junit.jupiter.api.Assumptions.assumeTrue;
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
public class SslHandlerTest {
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
public void testNonApplicationDataFailureFailsQueuedWrites() throws NoSuchAlgorithmException, InterruptedException {
final CountDownLatch writeLatch = new CountDownLatch(1);
final Queue<ChannelPromise> writesToFail = new ConcurrentLinkedQueue<ChannelPromise>();
SSLEngine engine = newClientModeSSLEngine();
SslHandler handler = new SslHandler(engine) {
@Override
public void write(final ChannelHandlerContext ctx, Object msg, ChannelPromise promise) throws Exception {
super.write(ctx, msg, promise);
writeLatch.countDown();
}
};
EmbeddedChannel ch = new EmbeddedChannel(new ChannelDuplexHandler() {
@Override
public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise) {
if (msg instanceof ByteBuf) {
if (((ByteBuf) msg).isReadable()) {
writesToFail.add(promise);
} else {
promise.setSuccess();
}
}
ReferenceCountUtil.release(msg);
}
}, handler);
try {
final CountDownLatch writeCauseLatch = new CountDownLatch(1);
final AtomicReference<Throwable> failureRef = new AtomicReference<Throwable>();
ch.write(Unpooled.wrappedBuffer(new byte[]{1})).addListener(new ChannelFutureListener() {
@Override
public void operationComplete(ChannelFuture future) {
failureRef.compareAndSet(null, future.cause());
writeCauseLatch.countDown();
}
});
writeLatch.await();
// Simulate failing the SslHandler non-application writes after there are applications writes queued.
ChannelPromise promiseToFail;
while ((promiseToFail = writesToFail.poll()) != null) {
promiseToFail.setFailure(new RuntimeException("fake exception"));
}
writeCauseLatch.await();
Throwable writeCause = failureRef.get();
assertNotNull(writeCause);
assertThat(writeCause, is(CoreMatchers.<Throwable>instanceOf(SSLException.class)));
Throwable cause = handler.handshakeFuture().cause();
assertNotNull(cause);
assertThat(cause, is(CoreMatchers.<Throwable>instanceOf(SSLException.class)));
} finally {
assertFalse(ch.finishAndReleaseAll());
}
}
Dont fire an SslHandshakeEvent if the handshake was not started at all. Motivation: We should not fire a SslHandshakeEvent if the channel is closed but the handshake was not started. Modifications: - Add a variable to SslHandler which tracks if an handshake was started yet or not and depending on this fire the event. - Add a unit test Result: Fixes [#7262].
2017-11-05 18:53:13 +01:00
@Test
public void testNoSslHandshakeEventWhenNoHandshake() throws Exception {
final AtomicBoolean inActive = new AtomicBoolean(false);
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
EmbeddedChannel ch = new EmbeddedChannel(
DefaultChannelId.newInstance(), false, false, new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) throws Exception {
// Not forward the event to the SslHandler but just close the Channel.
ctx.close();
}
}, new SslHandler(engine) {
@Override
public void handlerAdded(ChannelHandlerContext ctx) throws Exception {
// We want to override what Channel.isActive() will return as otherwise it will
// return true and so trigger an handshake.
inActive.set(true);
super.handlerAdded(ctx);
inActive.set(false);
}
}, new ChannelInboundHandlerAdapter() {
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
if (evt instanceof SslHandshakeCompletionEvent) {
throw (Exception) ((SslHandshakeCompletionEvent) evt).cause();
}
}
}) {
@Override
public boolean isActive() {
return !inActive.get() && super.isActive();
}
};
ch.register();
assertFalse(ch.finishAndReleaseAll());
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 3000, unit = TimeUnit.MILLISECONDS)
SslHandler.setHandshakeTimeout*(...) should also been enforced on the server side. Motivation: We should also enforce the handshake timeout on the server-side to allow closing connections which will not finish the handshake in an expected amount of time. Modifications: - Enforce the timeout on the server and client side - Add unit test. Result: Fixes [#7230].
2017-10-05 15:10:41 +02:00
public void testClientHandshakeTimeout() throws Exception {
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
assertThrows(SslHandshakeTimeoutException.class, new Executable() {
@Override
public void execute() throws Throwable {
testHandshakeTimeout(true);
}
});
SslHandler.setHandshakeTimeout*(...) should also been enforced on the server side. Motivation: We should also enforce the handshake timeout on the server-side to allow closing connections which will not finish the handshake in an expected amount of time. Modifications: - Enforce the timeout on the server and client side - Add unit test. Result: Fixes [#7230].
2017-10-05 15:10:41 +02:00
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 3000, unit = TimeUnit.MILLISECONDS)
SslHandler.setHandshakeTimeout*(...) should also been enforced on the server side. Motivation: We should also enforce the handshake timeout on the server-side to allow closing connections which will not finish the handshake in an expected amount of time. Modifications: - Enforce the timeout on the server and client side - Add unit test. Result: Fixes [#7230].
2017-10-05 15:10:41 +02:00
public void testServerHandshakeTimeout() throws Exception {
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
assertThrows(SslHandshakeTimeoutException.class, new Executable() {
@Override
public void execute() throws Throwable {
testHandshakeTimeout(false);
}
});
SslHandler.setHandshakeTimeout*(...) should also been enforced on the server side. Motivation: We should also enforce the handshake timeout on the server-side to allow closing connections which will not finish the handshake in an expected amount of time. Modifications: - Enforce the timeout on the server and client side - Add unit test. Result: Fixes [#7230].
2017-10-05 15:10:41 +02:00
}
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
private static SSLEngine newServerModeSSLEngine() throws NoSuchAlgorithmException {
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
// Set the mode before we try to do the handshake as otherwise it may throw an IllegalStateException.
// See:
// - https://docs.oracle.com/javase/10/docs/api/javax/net/ssl/SSLEngine.html#beginHandshake()
Enable nohttp check during the build (#10708) Motivation: HTTP is a plaintext protocol which means that someone may be able to eavesdrop the data. To prevent this, HTTPS should be used whenever possible. However, maintaining using https:// in all URLs may be difficult. The nohttp tool can help here. The tool scans all the files in a repository and reports where http:// is used. Modifications: - Added nohttp (via checkstyle) into the build process. - Suppressed findings for the websites that don't support HTTPS or that are not reachable Result: - Prevent using HTTP in the future. - Encourage users to use HTTPS when they follow the links they found in the code.
2020-10-23 14:44:18 +02:00
// - https://mail.openjdk.java.net/pipermail/security-dev/2018-July/017715.html
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
engine.setUseClientMode(false);
return engine;
}
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
private static SSLEngine newClientModeSSLEngine() throws NoSuchAlgorithmException {
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
// Set the mode before we try to do the handshake as otherwise it may throw an IllegalStateException.
// See:
// - https://docs.oracle.com/javase/10/docs/api/javax/net/ssl/SSLEngine.html#beginHandshake()
Enable nohttp check during the build (#10708) Motivation: HTTP is a plaintext protocol which means that someone may be able to eavesdrop the data. To prevent this, HTTPS should be used whenever possible. However, maintaining using https:// in all URLs may be difficult. The nohttp tool can help here. The tool scans all the files in a repository and reports where http:// is used. Modifications: - Added nohttp (via checkstyle) into the build process. - Suppressed findings for the websites that don't support HTTPS or that are not reachable Result: - Prevent using HTTP in the future. - Encourage users to use HTTPS when they follow the links they found in the code.
2020-10-23 14:44:18 +02:00
// - https://mail.openjdk.java.net/pipermail/security-dev/2018-July/017715.html
SslHandler to fail handshake and pending writes if non-application write fails (#9240) Motivation: SslHandler must generate control data as part of the TLS protocol, for example to do handshakes. SslHandler doesn't capture the status of the future corresponding to the writes when writing this control (aka non-application data). If there is another handler before the SslHandler that wants to fail these writes the SslHandler will not detect the failure and we must wait until the handshake timeout to detect a failure. Modifications: - SslHandler should detect if non application writes fail, tear down the channel, and clean up any pending state. Result: SslHandler detects non application write failures and cleans up immediately.
2019-06-16 07:38:33 +02:00
engine.setUseClientMode(true);
return engine;
}
SslHandler.setHandshakeTimeout*(...) should also been enforced on the server side. Motivation: We should also enforce the handshake timeout on the server-side to allow closing connections which will not finish the handshake in an expected amount of time. Modifications: - Enforce the timeout on the server and client side - Add unit test. Result: Fixes [#7230].
2017-10-05 15:10:41 +02:00
private static void testHandshakeTimeout(boolean client) throws Exception {
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
engine.setUseClientMode(client);
SslHandler handler = new SslHandler(engine);
handler.setHandshakeTimeoutMillis(1);
EmbeddedChannel ch = new EmbeddedChannel(handler);
try {
while (!handler.handshakeFuture().isDone()) {
Thread.sleep(10);
// We need to run all pending tasks as the handshake timeout is scheduled on the EventLoop.
ch.runPendingTasks();
}
handler.handshakeFuture().syncUninterruptibly();
} finally {
ch.finishAndReleaseAll();
}
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
SslHandler should fail handshake / close promise and notify pipeline on removal (#10161) Motivation: If the SslHandler is removed from the pipeline we also need to ensure we fail the handshake / close promise if it was not notified before as otherwise we may never do so. Modifications: - Correctly fail promise and notify pipeline if handshake was not done yet when the SslHandler is removed - Add unit test Result: Fix https://github.com/netty/netty/issues/10158
2020-04-03 08:45:48 +02:00
public void testHandshakeAndClosePromiseFailedOnRemoval() throws Exception {
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
engine.setUseClientMode(true);
SslHandler handler = new SslHandler(engine);
final AtomicReference<Throwable> handshakeRef = new AtomicReference<Throwable>();
final AtomicReference<Throwable> closeRef = new AtomicReference<Throwable>();
EmbeddedChannel ch = new EmbeddedChannel(handler, new ChannelInboundHandlerAdapter() {
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslHandshakeCompletionEvent) {
handshakeRef.set(((SslHandshakeCompletionEvent) evt).cause());
} else if (evt instanceof SslCloseCompletionEvent) {
closeRef.set(((SslCloseCompletionEvent) evt).cause());
}
}
});
assertFalse(handler.handshakeFuture().isDone());
assertFalse(handler.sslCloseFuture().isDone());
ch.pipeline().remove(handler);
try {
while (!handler.handshakeFuture().isDone() || handshakeRef.get() == null
|| !handler.sslCloseFuture().isDone() || closeRef.get() == null) {
Thread.sleep(10);
// Continue running all pending tasks until we notified for everything.
ch.runPendingTasks();
}
assertSame(handler.handshakeFuture().cause(), handshakeRef.get());
assertSame(handler.sslCloseFuture().cause(), closeRef.get());
} finally {
ch.finishAndReleaseAll();
}
}
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
@Test
public void testTruncatedPacket() throws Exception {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
final EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(engine));
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
// Push the first part of a 5-byte handshake message.
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
ch.writeInbound(wrappedBuffer(new byte[]{22, 3, 1, 0, 5}));
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
// Should decode nothing yet.
assertThat(ch.readInbound(), is(nullValue()));
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
DecoderException e = assertThrows(DecoderException.class, new Executable() {
@Override
public void execute() throws Throwable {
// Push the second part of the 5-byte handshake message.
ch.writeInbound(wrappedBuffer(new byte[]{2, 0, 0, 1, 0}));
}
});
// Be sure we cleanup the channel and release any pending messages that may have been generated because
// of an alert.
// See https://github.com/netty/netty/issues/6057.
ch.finishAndReleaseAll();
SslHandlerTest ByteBuf leak Motivation: We are now more careful to flush alerts that are generated when errors occur. We should also be more careful in unit tests to release any buffers that may be queued due to potential errors wich result in alerts. Modifications: - When SslHandlerTest uses EmbeddedChannel we should always call finishAndReleaseAll Results: Fixes https://github.com/netty/netty/issues/6057
2016-11-23 00:26:16 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
// The pushed message is invalid, so it should raise an exception if it decoded the message correctly.
assertThat(e.getCause(), is(instanceOf(SSLProtocolException.class)));
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
}
Fix a bug in SslHandler where a ClassCastException is raised when non-ByteBuf message is passed - Fixes #1828
2013-12-16 08:30:24 +01:00
SslHandler leak Motivation: SslHandler only supports ByteBuf objects, but will not release objects of other types. SslHandler will also not release objects if its internal state is not correctly setup. Modifications: - Release non-ByteBuf objects in write - Release all objects if the SslHandler queue is not setup Result: Less leaks in SslHandler.
2017-11-06 19:05:21 +01:00
@Test
public void testNonByteBufWriteIsReleased() throws Exception {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
final EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(engine));
SslHandler leak Motivation: SslHandler only supports ByteBuf objects, but will not release objects of other types. SslHandler will also not release objects if its internal state is not correctly setup. Modifications: - Release non-ByteBuf objects in write - Release all objects if the SslHandler queue is not setup Result: Less leaks in SslHandler.
2017-11-06 19:05:21 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
final AbstractReferenceCounted referenceCounted = new AbstractReferenceCounted() {
SslHandler leak Motivation: SslHandler only supports ByteBuf objects, but will not release objects of other types. SslHandler will also not release objects if its internal state is not correctly setup. Modifications: - Release non-ByteBuf objects in write - Release all objects if the SslHandler queue is not setup Result: Less leaks in SslHandler.
2017-11-06 19:05:21 +01:00
@Override
public ReferenceCounted touch(Object hint) {
return this;
}
@Override
protected void deallocate() {
}
};
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
ExecutionException e = assertThrows(ExecutionException.class, new Executable() {
@Override
public void execute() throws Throwable {
ch.write(referenceCounted).get();
}
});
assertThat(e.getCause(), is(instanceOf(UnsupportedMessageTypeException.class)));
SslHandler leak Motivation: SslHandler only supports ByteBuf objects, but will not release objects of other types. SslHandler will also not release objects if its internal state is not correctly setup. Modifications: - Release non-ByteBuf objects in write - Release all objects if the SslHandler queue is not setup Result: Less leaks in SslHandler.
2017-11-06 19:05:21 +01:00
assertEquals(0, referenceCounted.refCnt());
assertTrue(ch.finishAndReleaseAll());
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
[#3968] Disallow pass-through of non ByteBufs in SslHandler Motivation: We pass-through non ByteBuf when SslHandler.write(...) is called which can lead to have unencrypted data to be send (like for example if a FileRegion is written). Modifications: - Fail ChannelPromise with UnsupportedMessageException if a non ByteBuf is written. Result: Only allow ByteBuf to be written when using SslHandler.
2015-07-20 15:14:17 +02:00
public void testNonByteBufNotPassThrough() throws Exception {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
final EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(engine));
Fix a bug in SslHandler where a ClassCastException is raised when non-ByteBuf message is passed - Fixes #1828
2013-12-16 08:30:24 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
assertThrows(UnsupportedMessageTypeException.class, new Executable() {
@Override
public void execute() throws Throwable {
ch.writeOutbound(new Object());
}
});
ch.finishAndReleaseAll();
Fix a bug in SslHandler where a ClassCastException is raised when non-ByteBuf message is passed - Fixes #1828
2013-12-16 08:30:24 +01:00
}
Read if needed on NEED_UNWRAP Motivation: There are some use cases when a client may only be willing to read from a channel once its previous write is finished (eg: serial dispatchers in Finagle). In this case, a connection with SslHandler installed and ctx.channel().config().isAutoRead() == false will stall in 100% of cases no matter what order of "channel active", "write", "flush" events was. The use case is following (how Finagle serial dispatchers work): 1. Client writeAndFlushes and waits on a write-promise to perform read() once it's satisfied. 2. A write-promise will only be satisfied once SslHandler finishes with handshaking and sends the unencrypted queued message. 3. The handshaking process itself requires a number of read()s done by a client but the SslHandler doesn't request them explicitly assuming that either auto-read is enabled or client requested at least one read() already. 4. At this point a client will stall with NEED_UNWRAP status returned from underlying engine. Modifiations: Always request a read() on NEED_UNWRAP returned from engine if a) it's handshaking and b) auto read is disabled and c) it wasn't requested already. Result: SslHandler is now completely tolerant of whether or not auto-read is enabled and client is explicitly reading a channel.
2016-03-25 04:29:15 +01:00
SslHandler promise completion incorrect if write doesn't immediately complete Motivation: SslHandler removes a Buffer/Promise pair from AbstractCoalescingBufferQueue when wrapping data. However it is possible the SSLEngine will not consume the entire buffer. In this case SslHandler adds the Buffer back to the queue, but doesn't add the Promise back to the queue. This may result in the promise completing immediately in finishFlush, and generally not correlating to the completion of writing the corresponding Buffer Modifications: - AbstractCoalescingBufferQueue#addFirst should also support adding the ChannelPromise - In the event of a handshake timeout we should immediately fail pending writes immediately to get a more accurate exception Result: Fixes https://github.com/netty/netty/issues/7378.
2017-11-07 16:46:14 +01:00
@Test
public void testIncompleteWriteDoesNotCompletePromisePrematurely() throws NoSuchAlgorithmException {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
SslHandler promise completion incorrect if write doesn't immediately complete Motivation: SslHandler removes a Buffer/Promise pair from AbstractCoalescingBufferQueue when wrapping data. However it is possible the SSLEngine will not consume the entire buffer. In this case SslHandler adds the Buffer back to the queue, but doesn't add the Promise back to the queue. This may result in the promise completing immediately in finishFlush, and generally not correlating to the completion of writing the corresponding Buffer Modifications: - AbstractCoalescingBufferQueue#addFirst should also support adding the ChannelPromise - In the event of a handshake timeout we should immediately fail pending writes immediately to get a more accurate exception Result: Fixes https://github.com/netty/netty/issues/7378.
2017-11-07 16:46:14 +01:00
EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(engine));
ChannelPromise promise = ch.newPromise();
ByteBuf buf = Unpooled.buffer(10).writeZero(10);
ch.writeAndFlush(buf, promise);
assertFalse(promise.isDone());
assertTrue(ch.finishAndReleaseAll());
assertTrue(promise.isDone());
assertThat(promise.cause(), is(instanceOf(SSLException.class)));
}
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
@Test
public void testReleaseSslEngine() throws Exception {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
SelfSignedCertificate cert = new SelfSignedCertificate();
try {
SslContext sslContext = SslContextBuilder.forServer(cert.certificate(), cert.privateKey())
.sslProvider(SslProvider.OPENSSL)
.build();
try {
Fix SSL tests that use SslProvider.OPENSSL_REFCNT (#9649) Motivation: 031c2e2e8899d037228a492a458ccd194eb8df9c introduced some change to reduce the risk of have the `ReferenceCountedOpenSslContext` be destroyed while the `ReferenceCountedSslEngine` is still in us. Unfortunaly it missed to adjust a few tests which make assumptions about the refCnt of the context. Modifications: Adjust tests to take new semenatics into acount. Result: No more tests failures
2019-10-10 08:40:45 +02:00
assertEquals(1, ((ReferenceCounted) sslContext).refCnt());
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
SSLEngine sslEngine = sslContext.newEngine(ByteBufAllocator.DEFAULT);
EmbeddedChannel ch = new EmbeddedChannel(new SslHandler(sslEngine));
Fix SSL tests that use SslProvider.OPENSSL_REFCNT (#9649) Motivation: 031c2e2e8899d037228a492a458ccd194eb8df9c introduced some change to reduce the risk of have the `ReferenceCountedOpenSslContext` be destroyed while the `ReferenceCountedSslEngine` is still in us. Unfortunaly it missed to adjust a few tests which make assumptions about the refCnt of the context. Modifications: Adjust tests to take new semenatics into acount. Result: No more tests failures
2019-10-10 08:40:45 +02:00
assertEquals(2, ((ReferenceCounted) sslContext).refCnt());
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
assertEquals(1, ((ReferenceCounted) sslEngine).refCnt());
SslHandlerTest ByteBuf leak Motivation: We are now more careful to flush alerts that are generated when errors occur. We should also be more careful in unit tests to release any buffers that may be queued due to potential errors wich result in alerts. Modifications: - When SslHandlerTest uses EmbeddedChannel we should always call finishAndReleaseAll Results: Fixes https://github.com/netty/netty/issues/6057
2016-11-23 00:26:16 +01:00
assertTrue(ch.finishAndReleaseAll());
Unit Test for SslHandler's handlerRemoved() Motivation SslHandler's handlerRemoved() is supposed to release the SSLEngine (which it does) but there is no Test for it to make sure it really happens and doesn't unexpectedly change in the future. Modifications Add a Unit Test that makes sure that SslHandler releases the SSLEngine when the Channel gets closed. Result Assurance that SslHandler will not leak (ReferenceCounted) SSLEngines.
2016-08-27 14:41:09 +02:00
ch.close().syncUninterruptibly();
assertEquals(1, ((ReferenceCounted) sslContext).refCnt());
assertEquals(0, ((ReferenceCounted) sslEngine).refCnt());
} finally {
ReferenceCountUtil.release(sslContext);
}
} finally {
cert.delete();
}
}
Read if needed on NEED_UNWRAP Motivation: There are some use cases when a client may only be willing to read from a channel once its previous write is finished (eg: serial dispatchers in Finagle). In this case, a connection with SslHandler installed and ctx.channel().config().isAutoRead() == false will stall in 100% of cases no matter what order of "channel active", "write", "flush" events was. The use case is following (how Finagle serial dispatchers work): 1. Client writeAndFlushes and waits on a write-promise to perform read() once it's satisfied. 2. A write-promise will only be satisfied once SslHandler finishes with handshaking and sends the unencrypted queued message. 3. The handshaking process itself requires a number of read()s done by a client but the SslHandler doesn't request them explicitly assuming that either auto-read is enabled or client requested at least one read() already. 4. At this point a client will stall with NEED_UNWRAP status returned from underlying engine. Modifiations: Always request a read() on NEED_UNWRAP returned from engine if a) it's handshaking and b) auto read is disabled and c) it wasn't requested already. Result: SslHandler is now completely tolerant of whether or not auto-read is enabled and client is explicitly reading a channel.
2016-03-25 04:29:15 +01:00
private static final class TlsReadTest extends ChannelOutboundHandlerAdapter {
private volatile boolean readIssued;
@Override
public void read(ChannelHandlerContext ctx) throws Exception {
readIssued = true;
super.read(ctx);
}
public void test(final boolean dropChannelActive) throws Exception {
Allow to delay registration when creating a EmbeddedChannel Motivation: Some ChannelOptions must be set before the Channel is really registered to have the desired effect. Modifications: Add another constructor argument which allows to not register the EmbeddedChannel to its EventLoop until the user calls register(). Result: More flexible usage of EmbeddedChannel. Also Fixes [#6968].
2017-07-18 16:14:30 +02:00
SSLEngine engine = SSLContext.getDefault().createSSLEngine();
engine.setUseClientMode(true);
EmbeddedChannel ch = new EmbeddedChannel(false, false,
this,
new SslHandler(engine),
new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) throws Exception {
if (!dropChannelActive) {
ctx.fireChannelActive();
}
}
}
);
ch.config().setAutoRead(false);
assertFalse(ch.config().isAutoRead());
ch.register();
assertTrue(readIssued);
readIssued = false;
assertTrue(ch.writeOutbound(Unpooled.EMPTY_BUFFER));
assertTrue(readIssued);
assertTrue(ch.finishAndReleaseAll());
Read if needed on NEED_UNWRAP Motivation: There are some use cases when a client may only be willing to read from a channel once its previous write is finished (eg: serial dispatchers in Finagle). In this case, a connection with SslHandler installed and ctx.channel().config().isAutoRead() == false will stall in 100% of cases no matter what order of "channel active", "write", "flush" events was. The use case is following (how Finagle serial dispatchers work): 1. Client writeAndFlushes and waits on a write-promise to perform read() once it's satisfied. 2. A write-promise will only be satisfied once SslHandler finishes with handshaking and sends the unencrypted queued message. 3. The handshaking process itself requires a number of read()s done by a client but the SslHandler doesn't request them explicitly assuming that either auto-read is enabled or client requested at least one read() already. 4. At this point a client will stall with NEED_UNWRAP status returned from underlying engine. Modifiations: Always request a read() on NEED_UNWRAP returned from engine if a) it's handshaking and b) auto read is disabled and c) it wasn't requested already. Result: SslHandler is now completely tolerant of whether or not auto-read is enabled and client is explicitly reading a channel.
2016-03-25 04:29:15 +01:00
}
}
@Test
public void testIssueReadAfterActiveWriteFlush() throws Exception {
// the handshake is initiated by channelActive
new TlsReadTest().test(false);
}
@Test
public void testIssueReadAfterWriteFlushActive() throws Exception {
// the handshake is initiated by flush
new TlsReadTest().test(true);
}
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 30000, unit = TimeUnit.MILLISECONDS)
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
public void testRemoval() throws Exception {
NioEventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
try {
final Promise<Void> clientPromise = group.next().newPromise();
Bootstrap bootstrap = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(newHandler(SslContextBuilder.forClient().trustManager(
InsecureTrustManagerFactory.INSTANCE).build(), clientPromise));
SelfSignedCertificate ssc = new SelfSignedCertificate();
final Promise<Void> serverPromise = group.next().newPromise();
ServerBootstrap serverBootstrap = new ServerBootstrap()
.group(group, group)
.channel(NioServerSocketChannel.class)
.childHandler(newHandler(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build(),
serverPromise));
sc = serverBootstrap.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = bootstrap.connect(sc.localAddress()).syncUninterruptibly().channel();
serverPromise.syncUninterruptibly();
clientPromise.syncUninterruptibly();
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
}
}
private static ChannelHandler newHandler(final SslContext sslCtx, final Promise<Void> promise) {
return new ChannelInitializer() {
@Override
protected void initChannel(final Channel ch) {
final SslHandler sslHandler = sslCtx.newHandler(ch.alloc());
sslHandler.setHandshakeTimeoutMillis(1000);
ch.pipeline().addFirst(sslHandler);
sslHandler.handshakeFuture().addListener(new FutureListener<Channel>() {
@Override
public void operationComplete(final Future<Channel> future) {
ch.pipeline().remove(sslHandler);
fix the typos
2017-04-19 22:37:03 +02:00
// Schedule the close so removal has time to propagate exception if any.
[#5860] Ensure removal of SslHandler not produce IllegalReferenceCountException Motivation: If the user removes the SslHandler while still in the processing loop we will produce an IllegalReferenceCountException. We should stop looping when the handlerwas removed. Modifications: Ensure we stop looping when the handler is removed. Result: No more IllegalReferenceCountException.
2016-09-28 10:26:06 +02:00
ch.eventLoop().execute(new Runnable() {
@Override
public void run() {
ch.close();
}
});
}
});
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
if (cause instanceof CodecException) {
cause = cause.getCause();
}
if (cause instanceof IllegalReferenceCountException) {
promise.setFailure(cause);
}
}
@Override
public void channelInactive(ChannelHandlerContext ctx) {
promise.trySuccess(null);
}
});
}
};
}
Ensure alert is send when SSLException happens during calling SslHandler.unwrap(...) Motivation: When the SslHandler.unwrap(...) (which is called via decode(...)) method did produce an SSLException it was possible that the produced alert was not send to the remote peer. This could lead to staling connections if the remote peer did wait for such an alert and the connection was not closed. Modifications: - Ensure we try to flush any pending data when a SSLException is thrown during unwrapping. - Fix SniHandlerTest to correct test this - Add explicit new test in SslHandlerTest to verify behaviour with all SslProviders. Result: The alert is correctly send to the remote peer in all cases.
2016-11-16 15:47:07 +01:00
Ensure SslHandler.sslCloseFuture() is notified in all cases. Motivation: The SslHandler.sslCloseFuture() may not be notified when the Channel is closed before a closify_notify is received. Modifications: Ensure we try to fail the sslCloseFuture() when the Channel is closed. Result: Correctly notify the ssl close future.
2017-01-11 14:31:53 +01:00
@Test
public void testCloseFutureNotified() throws Exception {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
SslHandler handler = new SslHandler(engine);
Ensure SslHandler.sslCloseFuture() is notified in all cases. Motivation: The SslHandler.sslCloseFuture() may not be notified when the Channel is closed before a closify_notify is received. Modifications: Ensure we try to fail the sslCloseFuture() when the Channel is closed. Result: Correctly notify the ssl close future.
2017-01-11 14:31:53 +01:00
EmbeddedChannel ch = new EmbeddedChannel(handler);
OpenSslEngine option to wrap/unwrap multiple packets per call Motivation: The JDK SSLEngine documentation says that a call to wrap/unwrap "will attempt to consume one complete SSL/TLS network packet" [1]. This limitation can result in thrashing in the pipeline to decode and encode data that may be spread amongst multiple SSL/TLS network packets. ReferenceCountedOpenSslEngine also does not correct account for the overhead introduced by each individual SSL_write call if there are multiple ByteBuffers passed to the wrap() method. Modifications: - OpenSslEngine and SslHandler supports a mode to not comply with the limitation to only deal with a single SSL/TLS network packet per call - ReferenceCountedOpenSslEngine correctly accounts for the overhead of each call to SSL_write - SslHandler shouldn't cache maxPacketBufferSize as aggressively because this value may change before/after the handshake. Result: OpenSslEngine and SslHanadler can handle multiple SSL/TLS network packet per call. [1] https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html
2017-02-04 02:54:13 +01:00
ch.close();
// When the channel is closed the SslHandler will write an empty buffer to the channel.
ByteBuf buf = ch.readOutbound();
assertFalse(buf.isReadable());
buf.release();
assertFalse(ch.finishAndReleaseAll());
Ensure SslHandler.sslCloseFuture() is notified in all cases. Motivation: The SslHandler.sslCloseFuture() may not be notified when the Channel is closed before a closify_notify is received. Modifications: Ensure we try to fail the sslCloseFuture() when the Channel is closed. Result: Correctly notify the ssl close future.
2017-01-11 14:31:53 +01:00
assertTrue(handler.handshakeFuture().cause() instanceof ClosedChannelException);
assertTrue(handler.sslCloseFuture().cause() instanceof ClosedChannelException);
}
Add SslCloseCompletionEvent that is fired once a close_notify was received Motivation: For the completion of a handshake we already fire a SslHandshakeCompletionEvent which the user can intercept. We should do the same for the receiving of close_notify. Modifications: Add SslCloseCompletionEvent and test-case. Result: More consistent API.
2017-01-19 09:31:35 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
Add SslCloseCompletionEvent that is fired once a close_notify was received Motivation: For the completion of a handshake we already fire a SslHandshakeCompletionEvent which the user can intercept. We should do the same for the receiving of close_notify. Modifications: Add SslCloseCompletionEvent and test-case. Result: More consistent API.
2017-01-19 09:31:35 +01:00
public void testEventsFired() throws Exception {
Adjust SSL related tests to be more correct and so pass in the next EA release of java11. (#8162) Motivation: In some of our tests we not correctly init the SSLEngine before trying to perform a handshake which can cause an IllegalStateException. While this not happened in previous java releases it does now on Java11 (which is "ok" as its even mentioned in the api docs). Beside this how we selected the ciphersuite to test renegotation was not 100 % safe. Modifications: - Correctly init SSLEngine before using it - Correctly select ciphersuite before testing for renegotation. Result: More correct tests and also pass on next java11 EA release.
2018-08-01 06:37:53 +02:00
SSLEngine engine = newServerModeSSLEngine();
Add SslCloseCompletionEvent that is fired once a close_notify was received Motivation: For the completion of a handshake we already fire a SslHandshakeCompletionEvent which the user can intercept. We should do the same for the receiving of close_notify. Modifications: Add SslCloseCompletionEvent and test-case. Result: More consistent API.
2017-01-19 09:31:35 +01:00
final BlockingQueue<SslCompletionEvent> events = new LinkedBlockingQueue<SslCompletionEvent>();
EmbeddedChannel channel = new EmbeddedChannel(new SslHandler(engine), new ChannelInboundHandlerAdapter() {
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
if (evt instanceof SslCompletionEvent) {
events.add((SslCompletionEvent) evt);
}
}
});
assertTrue(events.isEmpty());
assertTrue(channel.finishAndReleaseAll());
SslCompletionEvent evt = events.take();
assertTrue(evt instanceof SslHandshakeCompletionEvent);
assertTrue(evt.cause() instanceof ClosedChannelException);
evt = events.take();
assertTrue(evt instanceof SslCloseCompletionEvent);
assertTrue(evt.cause() instanceof ClosedChannelException);
assertTrue(events.isEmpty());
}
Allow to configure SslHandler to wait for close_notify response before closing the Channel and fix racy flush close_notify timeout scheduling. Motivation: SslHandler closed the channel as soon as it was able to write out the close_notify message. This may not be what the user want as it may make sense to only close it after the actual response to the close_notify was received in order to guarantee a clean-shutdown of the connection in all cases. Beside this closeNotifyFlushTimeoutMillis is volatile so may change between two reads. We need to cache it in a local variable to ensure it not change int between. Beside this we also need to check if the flush promise was complete the schedule timeout as this may happened but we were not able to cancel the timeout yet. Otherwise we will produce an missleading log message. Modifications: - Add new setter / getter to SslHandler which allows to specify the behavior (old behavior is preserved as default) - Added unit test. - Cache volatile closeNotifyTimeoutMillis. - Correctly check if flush promise was complete before we try to forcibly close the Channel and log a warning. - Add missing javadocs. Result: More clean shutdown of connection possible when using SSL and fix racy way of schedule close_notify flush timeouts and javadocs.
2017-01-11 16:07:47 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
SslHandler unwrap out of order promise/event notificaiton Motivation: SslHandler#decode methods catch any exceptions and attempt to wrap before shutting down the engine. The intention is to write any alerts which the engine may have pending. However the wrap process may also attempt to write user data, and may also complete the associated promises. If this is the case, and a promise listener closes the channel then SslHandler may later propagate a SslHandshakeCompletionEvent user event through the pipeline. Since the channel has already been closed the user may no longer be paying attention to user events. Modifications: - Sslhandler#decode should first fail the associated handshake promise and propagate the SslHandshakeCompletionEvent before attempting to wrap Result: Fixes https://github.com/netty/netty/issues/7639
2018-01-31 22:16:51 +01:00
public void testHandshakeFailBeforeWritePromise() throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
final CountDownLatch latch = new CountDownLatch(2);
final CountDownLatch latch2 = new CountDownLatch(2);
final BlockingQueue<Object> events = new LinkedBlockingQueue<Object>();
Channel serverChannel = null;
Channel clientChannel = null;
EventLoopGroup group = new DefaultEventLoopGroup();
try {
ServerBootstrap sb = new ServerBootstrap();
sb.group(group)
.channel(LocalServerChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(sslServerCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) {
ByteBuf buf = ctx.alloc().buffer(10);
buf.writeZero(buf.capacity());
ctx.writeAndFlush(buf).addListener(new ChannelFutureListener() {
@Override
public void operationComplete(ChannelFuture future) {
events.add(future);
latch.countDown();
}
});
}
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslCompletionEvent) {
events.add(evt);
latch.countDown();
latch2.countDown();
}
}
});
}
});
Bootstrap cb = new Bootstrap();
cb.group(group)
.channel(LocalChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addFirst(new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) {
ByteBuf buf = ctx.alloc().buffer(1000);
buf.writeZero(buf.capacity());
ctx.writeAndFlush(buf);
}
});
}
});
serverChannel = sb.bind(new LocalAddress("SslHandlerTest")).sync().channel();
clientChannel = cb.connect(serverChannel.localAddress()).sync().channel();
latch.await();
SslCompletionEvent evt = (SslCompletionEvent) events.take();
assertTrue(evt instanceof SslHandshakeCompletionEvent);
assertThat(evt.cause(), is(instanceOf(SSLException.class)));
ChannelFuture future = (ChannelFuture) events.take();
assertThat(future.cause(), is(instanceOf(SSLException.class)));
serverChannel.close().sync();
serverChannel = null;
clientChannel.close().sync();
clientChannel = null;
latch2.await();
evt = (SslCompletionEvent) events.take();
assertTrue(evt instanceof SslCloseCompletionEvent);
assertThat(evt.cause(), is(instanceOf(ClosedChannelException.class)));
assertTrue(events.isEmpty());
} finally {
if (serverChannel != null) {
serverChannel.close();
}
if (clientChannel != null) {
clientChannel.close();
}
group.shutdownGracefully();
}
}
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
@Test
public void writingReadOnlyBufferDoesNotBreakAggregation() throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final CountDownLatch serverReceiveLatch = new CountDownLatch(1);
try {
final int expectedBytes = 11;
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslServerCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new SimpleChannelInboundHandler<ByteBuf>() {
private int readBytes;
@Override
protected void channelRead0(ChannelHandlerContext ctx, ByteBuf msg) throws Exception {
readBytes += msg.readableBytes();
if (readBytes >= expectedBytes) {
serverReceiveLatch.countDown();
}
}
});
}
}).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslClientCtx.newHandler(ch.alloc()));
}
}).connect(sc.localAddress()).syncUninterruptibly().channel();
// We first write a ReadOnlyBuffer because SslHandler will attempt to take the first buffer and append to it
// until there is no room, or the aggregation size threshold is exceeded. We want to verify that we don't
// throw when a ReadOnlyBuffer is used and just verify that we don't aggregate in this case.
ByteBuf firstBuffer = Unpooled.buffer(10);
firstBuffer.writeByte(0);
firstBuffer = firstBuffer.asReadOnly();
ByteBuf secondBuffer = Unpooled.buffer(10);
SslHandler unwrap out of order promise/event notificaiton Motivation: SslHandler#decode methods catch any exceptions and attempt to wrap before shutting down the engine. The intention is to write any alerts which the engine may have pending. However the wrap process may also attempt to write user data, and may also complete the associated promises. If this is the case, and a promise listener closes the channel then SslHandler may later propagate a SslHandshakeCompletionEvent user event through the pipeline. Since the channel has already been closed the user may no longer be paying attention to user events. Modifications: - Sslhandler#decode should first fail the associated handshake promise and propagate the SslHandshakeCompletionEvent before attempting to wrap Result: Fixes https://github.com/netty/netty/issues/7639
2018-01-31 22:16:51 +01:00
secondBuffer.writeZero(secondBuffer.capacity());
ByteBufs which are not resizable should not throw in ensureWritable(int,boolean) Motivation: ByteBuf#ensureWritable(int,boolean) returns an int indicating the status of the resize operation. For buffers that are unmodifiable or cannot be resized this method shouldn't throw but just return 1. ByteBuf#ensureWriteable(int) should throw unmodifiable buffers. Modifications: - ReadOnlyByteBuf should be updated as described above. - Add a unit test to SslHandler which verifies the read only buffer can be tolerated in the aggregation algorithm. Result: Fixes https://github.com/netty/netty/issues/7002.
2017-07-21 02:52:54 +02:00
cc.write(firstBuffer);
cc.writeAndFlush(secondBuffer).syncUninterruptibly();
serverReceiveLatch.countDown();
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslServerCtx);
ReferenceCountUtil.release(sslClientCtx);
}
}
SSL connection not closed properly after handshake failure Motivation: When SSL handshake fails, the connection should be closed. This is not true anymore after 978a46c. Modifications: - Ensure we always flush and close the channel on handshake failure. - Add testcase. Result: Fixes [#7724].
2018-02-16 17:25:47 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 10000, unit = TimeUnit.MILLISECONDS)
SSL connection not closed properly after handshake failure Motivation: When SSL handshake fails, the connection should be closed. This is not true anymore after 978a46c. Modifications: - Ensure we always flush and close the channel on handshake failure. - Add testcase. Result: Fixes [#7724].
2018-02-16 17:25:47 +01:00
public void testCloseOnHandshakeFailure() throws Exception {
final SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(ssc.key(), ssc.cert()).build();
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(new SelfSignedCertificate().cert())
.build();
EventLoopGroup group = new NioEventLoopGroup(1);
Channel sc = null;
Channel cc = null;
try {
LocalAddress address = new LocalAddress(getClass().getSimpleName() + ".testCloseOnHandshakeFailure");
ServerBootstrap sb = new ServerBootstrap()
.group(group)
.channel(LocalServerChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(sslServerCtx.newHandler(ch.alloc()));
}
});
sc = sb.bind(address).syncUninterruptibly().channel();
Fix race in SslHandlerTest that could lead to NPE. (#7989) Motivation: SslHandlerTest tried to get access to the SslHandler in the pipeline via pipeline.get(...) which may return null if the channel was already closed and so the pipeline was teared down. This showed up in a test run as: ``` ------------------------------------------------------------------------------- Test set: io.netty.handler.ssl.SslHandlerTest ------------------------------------------------------------------------------- Tests run: 17, Failures: 0, Errors: 1, Skipped: 1, Time elapsed: 0.802 sec <<< FAILURE! - in io.netty.handler.ssl.SslHandlerTest testCloseOnHandshakeFailure(io.netty.handler.ssl.SslHandlerTest) Time elapsed: 0.188 sec <<< ERROR! java.lang.NullPointerException at io.netty.handler.ssl.SslHandlerTest.testCloseOnHandshakeFailure(SslHandlerTest.java:640) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:564) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.lang.Thread.run(Thread.java:844) ``` Modifications: Use an AtomicReference to propagate the SslHandler instance to the outer scope. Result: No more NPE.
2018-05-30 22:07:42 +02:00
final AtomicReference<SslHandler> sslHandlerRef = new AtomicReference<SslHandler>();
SSL connection not closed properly after handshake failure Motivation: When SSL handshake fails, the connection should be closed. This is not true anymore after 978a46c. Modifications: - Ensure we always flush and close the channel on handshake failure. - Add testcase. Result: Fixes [#7724].
2018-02-16 17:25:47 +01:00
Bootstrap b = new Bootstrap()
.group(group)
.channel(LocalChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
Fix race in SslHandlerTest that could lead to NPE. (#7989) Motivation: SslHandlerTest tried to get access to the SslHandler in the pipeline via pipeline.get(...) which may return null if the channel was already closed and so the pipeline was teared down. This showed up in a test run as: ``` ------------------------------------------------------------------------------- Test set: io.netty.handler.ssl.SslHandlerTest ------------------------------------------------------------------------------- Tests run: 17, Failures: 0, Errors: 1, Skipped: 1, Time elapsed: 0.802 sec <<< FAILURE! - in io.netty.handler.ssl.SslHandlerTest testCloseOnHandshakeFailure(io.netty.handler.ssl.SslHandlerTest) Time elapsed: 0.188 sec <<< ERROR! java.lang.NullPointerException at io.netty.handler.ssl.SslHandlerTest.testCloseOnHandshakeFailure(SslHandlerTest.java:640) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:564) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.lang.Thread.run(Thread.java:844) ``` Modifications: Use an AtomicReference to propagate the SslHandler instance to the outer scope. Result: No more NPE.
2018-05-30 22:07:42 +02:00
SslHandler handler = sslClientCtx.newHandler(ch.alloc());
// We propagate the SslHandler via an AtomicReference to the outer-scope as using
// pipeline.get(...) may return null if the pipeline was teared down by the time we call it.
// This will happen if the channel was closed in the meantime.
sslHandlerRef.set(handler);
ch.pipeline().addLast(handler);
SSL connection not closed properly after handshake failure Motivation: When SSL handshake fails, the connection should be closed. This is not true anymore after 978a46c. Modifications: - Ensure we always flush and close the channel on handshake failure. - Add testcase. Result: Fixes [#7724].
2018-02-16 17:25:47 +01:00
}
});
cc = b.connect(sc.localAddress()).syncUninterruptibly().channel();
Fix race in SslHandlerTest that could lead to NPE. (#7989) Motivation: SslHandlerTest tried to get access to the SslHandler in the pipeline via pipeline.get(...) which may return null if the channel was already closed and so the pipeline was teared down. This showed up in a test run as: ``` ------------------------------------------------------------------------------- Test set: io.netty.handler.ssl.SslHandlerTest ------------------------------------------------------------------------------- Tests run: 17, Failures: 0, Errors: 1, Skipped: 1, Time elapsed: 0.802 sec <<< FAILURE! - in io.netty.handler.ssl.SslHandlerTest testCloseOnHandshakeFailure(io.netty.handler.ssl.SslHandlerTest) Time elapsed: 0.188 sec <<< ERROR! java.lang.NullPointerException at io.netty.handler.ssl.SslHandlerTest.testCloseOnHandshakeFailure(SslHandlerTest.java:640) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:564) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:298) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:292) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.lang.Thread.run(Thread.java:844) ``` Modifications: Use an AtomicReference to propagate the SslHandler instance to the outer scope. Result: No more NPE.
2018-05-30 22:07:42 +02:00
SslHandler handler = sslHandlerRef.get();
SSL connection not closed properly after handshake failure Motivation: When SSL handshake fails, the connection should be closed. This is not true anymore after 978a46c. Modifications: - Ensure we always flush and close the channel on handshake failure. - Add testcase. Result: Fixes [#7724].
2018-02-16 17:25:47 +01:00
handler.handshakeFuture().awaitUninterruptibly();
assertFalse(handler.handshakeFuture().isSuccess());
cc.closeFuture().syncUninterruptibly();
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslServerCtx);
ReferenceCountUtil.release(sslClientCtx);
}
}
Add testcase for c11b23bbc1f46116407bdc10779c4cace639ee83 Motivation: c11b23bbc1f46116407bdc10779c4cace639ee83 added a fix for closing the SSLEngine otbound but no test was provided. Modifications: Add testcase. Result: More tests.
2018-03-06 00:36:50 +01:00
@Test
public void testOutboundClosedAfterChannelInactive() throws Exception {
SslContext context = SslContextBuilder.forClient().build();
SSLEngine engine = context.newEngine(UnpooledByteBufAllocator.DEFAULT);
EmbeddedChannel channel = new EmbeddedChannel();
assertFalse(channel.finish());
channel.pipeline().addLast(new SslHandler(engine));
assertFalse(engine.isOutboundDone());
channel.close().syncUninterruptibly();
assertTrue(engine.isOutboundDone());
}
SSLHandler may throw AssertionError if writes occur before channelAct… (#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes https://github.com/netty/netty/issues/8479.
2018-11-11 07:23:08 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 10000, unit = TimeUnit.MILLISECONDS)
SSLHandler may throw AssertionError if writes occur before channelAct… (#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes https://github.com/netty/netty/issues/8479.
2018-11-11 07:23:08 +01:00
public void testHandshakeFailedByWriteBeforeChannelActive() throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient()
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
.protocols(SslProtocols.SSL_v3)
SSLHandler may throw AssertionError if writes occur before channelAct… (#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes https://github.com/netty/netty/issues/8479.
2018-11-11 07:23:08 +01:00
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.sslProvider(SslProvider.JDK).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final CountDownLatch activeLatch = new CountDownLatch(1);
final AtomicReference<AssertionError> errorRef = new AtomicReference<AssertionError>();
final SslHandler sslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
try {
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInboundHandlerAdapter())
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslHandler);
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause)
throws Exception {
if (cause instanceof AssertionError) {
errorRef.set((AssertionError) cause);
}
}
@Override
public void channelActive(ChannelHandlerContext ctx) throws Exception {
activeLatch.countDown();
}
});
}
}).connect(sc.localAddress()).addListener(new ChannelFutureListener() {
@Override
public void operationComplete(ChannelFuture future) throws Exception {
// Write something to trigger the handshake before fireChannelActive is called.
future.channel().writeAndFlush(wrappedBuffer(new byte [] { 1, 2, 3, 4 }));
}
}).syncUninterruptibly().channel();
// Ensure there is no AssertionError thrown by having the handshake failed by the writeAndFlush(...) before
// channelActive(...) was called. Let's first wait for the activeLatch countdown to happen and after this
// check if we saw and AssertionError (even if we timed out waiting).
activeLatch.await(5, TimeUnit.SECONDS);
AssertionError error = errorRef.get();
if (error != null) {
throw error;
}
assertThat(sslHandler.handshakeFuture().await().cause(),
CoreMatchers.<Throwable>instanceOf(SSLException.class));
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
Handshake timeout may never be scheduled if handshake starts via a flush or starttls is used. (#8494) Motivation: We did not correctly schedule the handshake timeout if the handshake was either started by a flush(...) or if starttls was used. Modifications: - Correctly setup timeout in all cases - Add unit tests. Result: Fixes https://github.com/netty/netty/issues/8493.
2018-11-13 19:22:38 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 10000, unit = TimeUnit.MILLISECONDS)
Handshake timeout may never be scheduled if handshake starts via a flush or starttls is used. (#8494) Motivation: We did not correctly schedule the handshake timeout if the handshake was either started by a flush(...) or if starttls was used. Modifications: - Correctly setup timeout in all cases - Add unit tests. Result: Fixes https://github.com/netty/netty/issues/8493.
2018-11-13 19:22:38 +01:00
public void testHandshakeTimeoutFlushStartsHandshake() throws Exception {
testHandshakeTimeout0(false);
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 10000, unit = TimeUnit.MILLISECONDS)
Handshake timeout may never be scheduled if handshake starts via a flush or starttls is used. (#8494) Motivation: We did not correctly schedule the handshake timeout if the handshake was either started by a flush(...) or if starttls was used. Modifications: - Correctly setup timeout in all cases - Add unit tests. Result: Fixes https://github.com/netty/netty/issues/8493.
2018-11-13 19:22:38 +01:00
public void testHandshakeTimeoutStartTLS() throws Exception {
testHandshakeTimeout0(true);
}
private static void testHandshakeTimeout0(final boolean startTls) throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient()
.startTls(true)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.sslProvider(SslProvider.JDK).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final SslHandler sslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
sslHandler.setHandshakeTimeout(500, TimeUnit.MILLISECONDS);
try {
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInboundHandlerAdapter())
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslHandler);
if (startTls) {
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void channelActive(ChannelHandlerContext ctx) throws Exception {
ctx.writeAndFlush(wrappedBuffer(new byte[] { 1, 2, 3, 4 }));
}
});
}
}
}).connect(sc.localAddress());
if (!startTls) {
future.addListener(new ChannelFutureListener() {
@Override
public void operationComplete(ChannelFuture future) throws Exception {
// Write something to trigger the handshake before fireChannelActive is called.
future.channel().writeAndFlush(wrappedBuffer(new byte [] { 1, 2, 3, 4 }));
}
});
}
cc = future.syncUninterruptibly().channel();
Throwable cause = sslHandler.handshakeFuture().await().cause();
assertThat(cause, CoreMatchers.<Throwable>instanceOf(SSLException.class));
assertThat(cause.getMessage(), containsString("timed out"));
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
@Test
public void testHandshakeWithExecutorThatExecuteDirecty() throws Exception {
testHandshakeWithExecutor(new Executor() {
@Override
public void execute(Runnable command) {
command.run();
}
});
}
@Test
public void testHandshakeWithImmediateExecutor() throws Exception {
testHandshakeWithExecutor(ImmediateExecutor.INSTANCE);
}
@Test
public void testHandshakeWithImmediateEventExecutor() throws Exception {
testHandshakeWithExecutor(ImmediateEventExecutor.INSTANCE);
}
@Test
public void testHandshakeWithExecutor() throws Exception {
ExecutorService executorService = Executors.newCachedThreadPool();
try {
testHandshakeWithExecutor(executorService);
} finally {
executorService.shutdown();
}
}
SSL / BlockHound works out of the box with the default SSL provider (#9969) Motivation: JDK is the default SSL provider and internally uses blocking IO operations. Modifications: Add allowBlockingCallsInside configuration for SslHandler runAllDelegate function. Result: When BlockHound is installed, SSL works out of the box with the default SSL provider. Co-authored-by: violetagg <milesg78@gmail.com>
2020-01-30 11:35:16 +01:00
private static void testHandshakeWithExecutor(Executor executor) throws Exception {
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.sslProvider(SslProvider.JDK).build();
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
.sslProvider(SslProvider.JDK).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT, executor);
final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT, executor);
try {
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(serverSslHandler)
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(clientSslHandler);
}
}).connect(sc.localAddress());
cc = future.syncUninterruptibly().channel();
assertTrue(clientSslHandler.handshakeFuture().await().isSuccess());
assertTrue(serverSslHandler.handshakeFuture().await().isSuccess());
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
@Test
public void testClientHandshakeTimeoutBecauseExecutorNotExecute() throws Exception {
testHandshakeTimeoutBecauseExecutorNotExecute(true);
}
@Test
public void testServerHandshakeTimeoutBecauseExecutorNotExecute() throws Exception {
testHandshakeTimeoutBecauseExecutorNotExecute(false);
}
SSL / BlockHound works out of the box with the default SSL provider (#9969) Motivation: JDK is the default SSL provider and internally uses blocking IO operations. Modifications: Add allowBlockingCallsInside configuration for SslHandler runAllDelegate function. Result: When BlockHound is installed, SSL works out of the box with the default SSL provider. Co-authored-by: violetagg <milesg78@gmail.com>
2020-01-30 11:35:16 +01:00
private static void testHandshakeTimeoutBecauseExecutorNotExecute(final boolean client) throws Exception {
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.sslProvider(SslProvider.JDK).build();
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
.sslProvider(SslProvider.JDK).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT, new Executor() {
@Override
public void execute(Runnable command) {
if (!client) {
command.run();
}
// Do nothing to simulate slow execution.
}
});
if (client) {
clientSslHandler.setHandshakeTimeout(100, TimeUnit.MILLISECONDS);
}
final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT, new Executor() {
@Override
public void execute(Runnable command) {
if (client) {
command.run();
}
// Do nothing to simulate slow execution.
}
});
if (!client) {
serverSslHandler.setHandshakeTimeout(100, TimeUnit.MILLISECONDS);
}
try {
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(serverSslHandler)
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(clientSslHandler);
}
}).connect(sc.localAddress());
cc = future.syncUninterruptibly().channel();
if (client) {
Throwable cause = clientSslHandler.handshakeFuture().await().cause();
Update test to directly check for SslHandshakeTimeoutException (#10339) Motivation: 9b7e091 added a special SSLHandshakeException sub-class to signal handshake timeouts but we missed to update a testcase to directly assert the type of the exception. Modifications: Assert directly that SslHandshakeTimeoutException is used Result: Test cleanup
2020-06-04 18:29:36 +02:00
assertThat(cause, CoreMatchers.<Throwable>instanceOf(SslHandshakeTimeoutException.class));
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
assertFalse(serverSslHandler.handshakeFuture().await().isSuccess());
} else {
Throwable cause = serverSslHandler.handshakeFuture().await().cause();
Update test to directly check for SslHandshakeTimeoutException (#10339) Motivation: 9b7e091 added a special SSLHandshakeException sub-class to signal handshake timeouts but we missed to update a testcase to directly assert the type of the exception. Modifications: Assert directly that SslHandshakeTimeoutException is used Result: Test cleanup
2020-06-04 18:29:36 +02:00
assertThat(cause, CoreMatchers.<Throwable>instanceOf(SslHandshakeTimeoutException.class));
Support using an Executor to offload blocking / long-running tasks wh… (#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes https://github.com/netty/netty/issues/7862 and https://github.com/netty/netty/issues/7020.
2019-02-11 09:47:44 +01:00
assertFalse(clientSslHandler.handshakeFuture().await().isSuccess());
}
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
public void testSessionTicketsWithTLSv12() throws Throwable {
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testSessionTickets(SslProvider.OPENSSL, SslProtocols.TLS_v1_2, true);
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
public void testSessionTicketsWithTLSv13() throws Throwable {
Make the TLSv1.3 check more robust and not depend on the Java version… (#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
2020-07-17 07:12:11 +02:00
assumeTrue(SslProvider.isTlsv13Supported(SslProvider.OPENSSL));
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testSessionTickets(SslProvider.OPENSSL, SslProtocols.TLS_v1_3, true);
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
Allow to have the session tickets automatically managed by the native… (#10280) Motivation: BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this. Modifications: - Allow to have setSessionTickets() called without an argument or an empty array - Add tests Result: Easier usage of session tickets
2020-05-14 12:09:26 +02:00
public void testSessionTicketsWithTLSv12AndNoKey() throws Throwable {
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testSessionTickets(SslProvider.OPENSSL, SslProtocols.TLS_v1_2, false);
Allow to have the session tickets automatically managed by the native… (#10280) Motivation: BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this. Modifications: - Allow to have setSessionTickets() called without an argument or an empty array - Add tests Result: Easier usage of session tickets
2020-05-14 12:09:26 +02:00
}
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 5000, unit = TimeUnit.MILLISECONDS)
Allow to have the session tickets automatically managed by the native… (#10280) Motivation: BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this. Modifications: - Allow to have setSessionTickets() called without an argument or an empty array - Add tests Result: Easier usage of session tickets
2020-05-14 12:09:26 +02:00
public void testSessionTicketsWithTLSv13AndNoKey() throws Throwable {
assumeTrue(OpenSsl.isTlsv13Supported());
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testSessionTickets(SslProvider.OPENSSL, SslProtocols.TLS_v1_3, false);
Allow to have the session tickets automatically managed by the native… (#10280) Motivation: BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this. Modifications: - Allow to have setSessionTickets() called without an argument or an empty array - Add tests Result: Easier usage of session tickets
2020-05-14 12:09:26 +02:00
}
Make the TLSv1.3 check more robust and not depend on the Java version… (#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
2020-07-17 07:12:11 +02:00
private static void testSessionTickets(SslProvider provider, String protocol, boolean withKey) throws Throwable {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
Make the TLSv1.3 check more robust and not depend on the Java version… (#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
2020-07-17 07:12:11 +02:00
.sslProvider(provider)
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
.protocols(protocol)
.build();
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
// Explicit enable session cache as it's disabled by default atm.
((OpenSslContext) sslClientCtx).sessionContext()
.setSessionCacheEnabled(true);
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
Make the TLSv1.3 check more robust and not depend on the Java version… (#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
2020-07-17 07:12:11 +02:00
.sslProvider(provider)
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
.protocols(protocol)
.build();
Allow to have the session tickets automatically managed by the native… (#10280) Motivation: BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this. Modifications: - Allow to have setSessionTickets() called without an argument or an empty array - Add tests Result: Easier usage of session tickets
2020-05-14 12:09:26 +02:00
if (withKey) {
OpenSslSessionTicketKey key = new OpenSslSessionTicketKey(new byte[OpenSslSessionTicketKey.NAME_SIZE],
new byte[OpenSslSessionTicketKey.HMAC_KEY_SIZE], new byte[OpenSslSessionTicketKey.AES_KEY_SIZE]);
((OpenSslSessionContext) sslClientCtx.sessionContext()).setTicketKeys(key);
((OpenSslSessionContext) sslServerCtx.sessionContext()).setTicketKeys(key);
} else {
((OpenSslSessionContext) sslClientCtx.sessionContext()).setTicketKeys();
((OpenSslSessionContext) sslServerCtx.sessionContext()).setTicketKeys();
}
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
final byte[] bytes = new byte[96];
PlatformDependent.threadLocalRandom().nextBytes(bytes);
try {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
final AtomicReference<AssertionError> assertErrorRef = new AtomicReference<AssertionError>();
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
final SslHandler sslHandler = sslServerCtx.newHandler(ch.alloc());
ch.pipeline().addLast(sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT));
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
private int handshakeCount;
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslHandshakeCompletionEvent) {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
handshakeCount++;
ReferenceCountedOpenSslEngine engine =
(ReferenceCountedOpenSslEngine) sslHandler.engine();
// This test only works for non TLSv1.3 as TLSv1.3 will establish sessions after
// the handshake is done.
// See https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_sess_set_get_cb.html
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
if (!SslProtocols.TLS_v1_3.equals(engine.getSession().getProtocol())) {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
// First should not re-use the session
try {
assertEquals(handshakeCount > 1, engine.isSessionReused());
} catch (AssertionError error) {
assertErrorRef.set(error);
return;
}
}
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
ctx.writeAndFlush(Unpooled.wrappedBuffer(bytes));
}
}
});
}
})
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
InetSocketAddress serverAddr = (InetSocketAddress) sc.localAddress();
testSessionTickets(serverAddr, group, sslClientCtx, bytes, false);
testSessionTickets(serverAddr, group, sslClientCtx, bytes, true);
AssertionError error = assertErrorRef.get();
if (error != null) {
throw error;
}
} finally {
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
private static void testSessionTickets(InetSocketAddress serverAddress, EventLoopGroup group,
SslContext sslClientCtx, final byte[] bytes, boolean isReused)
throws Throwable {
Channel cc = null;
final BlockingQueue<Object> queue = new LinkedBlockingQueue<Object>();
try {
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT,
serverAddress.getAddress().getHostAddress(), serverAddress.getPort());
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(clientSslHandler);
ch.pipeline().addLast(new ByteToMessageDecoder() {
@Override
protected void decode(ChannelHandlerContext ctx, ByteBuf in, List<Object> out) {
if (in.readableBytes() == bytes.length) {
queue.add(in.readBytes(bytes.length));
}
}
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
queue.add(cause);
}
});
}
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
}).connect(serverAddress);
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
cc = future.syncUninterruptibly().channel();
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
assertTrue(clientSslHandler.handshakeFuture().sync().isSuccess());
ReferenceCountedOpenSslEngine engine = (ReferenceCountedOpenSslEngine) clientSslHandler.engine();
// This test only works for non TLSv1.3 as TLSv1.3 will establish sessions after
// the handshake is done.
// See https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_sess_set_get_cb.html
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
if (!SslProtocols.TLS_v1_3.equals(engine.getSession().getProtocol())) {
Support session cache for client and server when using native SSLEngine implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .
2021-03-07 19:15:39 +01:00
assertEquals(isReused, engine.isSessionReused());
}
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
Object obj = queue.take();
if (obj instanceof ByteBuf) {
ByteBuf buffer = (ByteBuf) obj;
ByteBuf expected = Unpooled.wrappedBuffer(bytes);
try {
assertEquals(expected, buffer);
} finally {
expected.release();
Also include one PR job that uses boringssl (#10886) Motivation: When validating PRs we should also at least run one job that uses boringssl Modifications: - Add job that uses boringssl - Cleanup docker compose files - Fix buffer leak in test Result: Also run with boringssl when PRs are validated
2020-12-23 19:11:04 +01:00
buffer.release();
Correctly calculate the produced bytes in all cases when calling Refe… (#10063) Motivation: We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection. Modifications: - Always ensure we calculate the produced bytes correctly - Add unit tests Result: Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:49:53 +01:00
}
} else {
throw (Throwable) obj;
}
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
}
}
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
@Test
@Timeout(value = 10000, unit = TimeUnit.MILLISECONDS)
Don't produce multiple calls to exceptionCaught(...) on SSL handshake failure (#10134) Motivation: Before release 4.1.23, there was only ONE call to exceptionCaught method when an ssl handshake failure occurs, now we have two when using the JDK provider. Modifications: - Ensure we only propagate one exception fi we already failed the handshake and channelInactive(...) produce an exception again - Add unit test Result: Fixes https://github.com/netty/netty/issues/10119
2020-03-26 09:12:39 +01:00
public void testHandshakeFailureOnlyFireExceptionOnce() throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(new X509ExtendedTrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)
throws CertificateException {
failVerification();
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)
throws CertificateException {
failVerification();
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
throws CertificateException {
failVerification();
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
throws CertificateException {
failVerification();
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
failVerification();
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
failVerification();
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return EmptyArrays.EMPTY_X509_CERTIFICATES;
}
private void failVerification() throws CertificateException {
throw new CertificateException();
}
})
.sslProvider(SslProvider.JDK).build();
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
.sslProvider(SslProvider.JDK).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
try {
final Object terminalEvent = new Object();
final BlockingQueue<Object> errorQueue = new LinkedBlockingQueue<Object>();
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(serverSslHandler);
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(final ChannelHandlerContext ctx, Throwable cause) {
errorQueue.add(cause);
}
@Override
public void channelInactive(ChannelHandlerContext ctx) {
errorQueue.add(terminalEvent);
}
});
}
})
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
final ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(clientSslHandler);
}
}).connect(sc.localAddress());
future.syncUninterruptibly();
clientSslHandler.handshakeFuture().addListener(new FutureListener<Channel>() {
@Override
public void operationComplete(Future<Channel> f) {
future.channel().close();
}
});
assertFalse(clientSslHandler.handshakeFuture().await().isSuccess());
assertFalse(serverSslHandler.handshakeFuture().await().isSuccess());
Object error = errorQueue.take();
assertThat(error, Matchers.instanceOf(DecoderException.class));
assertThat(((Throwable) error).getCause(), Matchers.<Throwable>instanceOf(SSLException.class));
Object terminal = errorQueue.take();
assertSame(terminalEvent, terminal);
assertNull(errorQueue.poll(1, TimeUnit.MILLISECONDS));
} finally {
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
}
}
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
@Test
public void testHandshakeFailureCipherMissmatchTLSv12Jdk() throws Exception {
testHandshakeFailureCipherMissmatch(SslProvider.JDK, false);
}
@Test
public void testHandshakeFailureCipherMissmatchTLSv13Jdk() throws Exception {
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
assumeTrue(SslProvider.isTlsv13Supported(SslProvider.JDK));
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
testHandshakeFailureCipherMissmatch(SslProvider.JDK, true);
}
@Test
public void testHandshakeFailureCipherMissmatchTLSv12OpenSsl() throws Exception {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
testHandshakeFailureCipherMissmatch(SslProvider.OPENSSL, false);
}
@Test
public void testHandshakeFailureCipherMissmatchTLSv13OpenSsl() throws Exception {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Use Junit5 for handler module (#11444) Motivation: We should aim to use junit5 everywhere Modifications: Migrate most of the handler module to use junit5 Result: Part of #10757
2021-07-02 15:06:06 +02:00
assumeTrue(SslProvider.isTlsv13Supported(SslProvider.OPENSSL));
assumeFalse(OpenSsl.isBoringSSL(), "BoringSSL does not support setting ciphers for TLSv1.3 explicit");
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
testHandshakeFailureCipherMissmatch(SslProvider.OPENSSL, true);
}
private static void testHandshakeFailureCipherMissmatch(SslProvider provider, boolean tls13) throws Exception {
final String clientCipher;
final String serverCipher;
final String protocol;
if (tls13) {
clientCipher = "TLS_AES_128_GCM_SHA256";
serverCipher = "TLS_AES_256_GCM_SHA384";
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
protocol = SslProtocols.TLS_v1_3;
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
} else {
clientCipher = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
serverCipher = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
protocol = SslProtocols.TLS_v1_2;
Correctly report back when we fail to select the key material and ens… (#10610) Motivation: We need to let openssl know that we failed to find the key material so it will produce an alert for the remote peer to consume. Beside this we also need to ensure we wrap(...) until we produced everything as otherwise the remote peer may see partial data when an alert is produced in multiple steps. Modifications: - Correctly throw if we could not find the keymaterial - wrap until we produced everything - Add test Result: Correctly handle the case when key material could not be found
2020-09-26 08:56:16 +02:00
}
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.protocols(protocol)
.ciphers(Collections.singleton(clientCipher))
.sslProvider(provider).build();
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
.protocols(protocol)
.ciphers(Collections.singleton(serverCipher))
.sslProvider(provider).build();
EventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
final SslHandler clientSslHandler = sslClientCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
final SslHandler serverSslHandler = sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT);
class SslEventHandler extends ChannelInboundHandlerAdapter {
private final AtomicReference<SslHandshakeCompletionEvent> ref;
SslEventHandler(AtomicReference<SslHandshakeCompletionEvent> ref) {
this.ref = ref;
}
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
if (evt instanceof SslHandshakeCompletionEvent) {
ref.set((SslHandshakeCompletionEvent) evt);
}
super.userEventTriggered(ctx, evt);
}
}
final AtomicReference<SslHandshakeCompletionEvent> clientEvent =
new AtomicReference<SslHandshakeCompletionEvent>();
final AtomicReference<SslHandshakeCompletionEvent> serverEvent =
new AtomicReference<SslHandshakeCompletionEvent>();
try {
sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(serverSslHandler);
ch.pipeline().addLast(new SslEventHandler(serverEvent));
}
})
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
ChannelFuture future = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(clientSslHandler);
ch.pipeline().addLast(new SslEventHandler(clientEvent));
}
}).connect(sc.localAddress());
cc = future.syncUninterruptibly().channel();
Throwable clientCause = clientSslHandler.handshakeFuture().await().cause();
assertThat(clientCause, CoreMatchers.<Throwable>instanceOf(SSLException.class));
assertThat(clientCause.getCause(), not(CoreMatchers.<Throwable>instanceOf(ClosedChannelException.class)));
Throwable serverCause = serverSslHandler.handshakeFuture().await().cause();
assertThat(serverCause, CoreMatchers.<Throwable>instanceOf(SSLException.class));
assertThat(serverCause.getCause(), not(CoreMatchers.<Throwable>instanceOf(ClosedChannelException.class)));
cc.close().syncUninterruptibly();
sc.close().syncUninterruptibly();
Throwable eventClientCause = clientEvent.get().cause();
assertThat(eventClientCause, CoreMatchers.<Throwable>instanceOf(SSLException.class));
assertThat(eventClientCause.getCause(),
not(CoreMatchers.<Throwable>instanceOf(ClosedChannelException.class)));
Throwable serverEventCause = serverEvent.get().cause();
assertThat(serverEventCause, CoreMatchers.<Throwable>instanceOf(SSLException.class));
assertThat(serverEventCause.getCause(),
not(CoreMatchers.<Throwable>instanceOf(ClosedChannelException.class)));
} finally {
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
}
}
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
@Test
public void testHandshakeEventsTls12JDK() throws Exception {
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testHandshakeEvents(SslProvider.JDK, SslProtocols.TLS_v1_2);
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
}
@Test
public void testHandshakeEventsTls12Openssl() throws Exception {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testHandshakeEvents(SslProvider.OPENSSL, SslProtocols.TLS_v1_2);
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
}
@Test
public void testHandshakeEventsTls13JDK() throws Exception {
assumeTrue(SslProvider.isTlsv13Supported(SslProvider.JDK));
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testHandshakeEvents(SslProvider.JDK, SslProtocols.TLS_v1_3);
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
}
@Test
public void testHandshakeEventsTls13Openssl() throws Exception {
Fail the build if we can't load the OpenSSL library (#11269) Motivation: We should better fail the build if we can't load the OpenSSL library to ensure we not introduce a regression at some point related to native library loading Modifications: Remove usages of assumeTrue and let the tests fail if we cant load the native lib Result: Ensure we not regress
2021-05-19 08:19:15 +02:00
OpenSsl.ensureAvailability();
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
assumeTrue(SslProvider.isTlsv13Supported(SslProvider.OPENSSL));
Use SslProtocols and Ciphers constant
2021-07-06 17:31:24 +02:00
testHandshakeEvents(SslProvider.OPENSSL, SslProtocols.TLS_v1_3);
Workaround possible JDK bug in SSLEngineImpl when using TLSv1.3 that lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events
2020-12-15 07:53:15 +01:00
}
private void testHandshakeEvents(SslProvider provider, String protocol) throws Exception {
final SslContext sslClientCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.protocols(protocol)
.sslProvider(provider).build();
final SelfSignedCertificate cert = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(cert.key(), cert.cert())
.protocols(protocol)
.sslProvider(provider).build();
EventLoopGroup group = new NioEventLoopGroup();
final LinkedBlockingQueue<SslHandshakeCompletionEvent> serverCompletionEvents =
new LinkedBlockingQueue<SslHandshakeCompletionEvent>();
final LinkedBlockingQueue<SslHandshakeCompletionEvent> clientCompletionEvents =
new LinkedBlockingQueue<SslHandshakeCompletionEvent>();
try {
Channel sc = new ServerBootstrap()
.group(group)
.channel(NioServerSocketChannel.class)
.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslServerCtx.newHandler(UnpooledByteBufAllocator.DEFAULT));
ch.pipeline().addLast(new SslHandshakeCompletionEventHandler(serverCompletionEvents));
}
})
.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
Bootstrap bs = new Bootstrap()
.group(group)
.channel(NioSocketChannel.class)
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) {
ch.pipeline().addLast(sslClientCtx.newHandler(
UnpooledByteBufAllocator.DEFAULT, "netty.io", 9999));
ch.pipeline().addLast(new SslHandshakeCompletionEventHandler(clientCompletionEvents));
}
})
.remoteAddress(sc.localAddress());
Channel cc1 = bs.connect().sync().channel();
Channel cc2 = bs.connect().sync().channel();
// We expect 4 events as we have 2 connections and for each connection there should be one event
// on the server-side and one on the client-side.
for (int i = 0; i < 2; i++) {
SslHandshakeCompletionEvent event = clientCompletionEvents.take();
assertTrue(event.isSuccess());
}
for (int i = 0; i < 2; i++) {
SslHandshakeCompletionEvent event = serverCompletionEvents.take();
assertTrue(event.isSuccess());
}
cc1.close().sync();
cc2.close().sync();
sc.close().sync();
assertEquals(0, clientCompletionEvents.size());
assertEquals(0, serverCompletionEvents.size());
} finally {
group.shutdownGracefully();
ReferenceCountUtil.release(sslClientCtx);
ReferenceCountUtil.release(sslServerCtx);
}
}
private static class SslHandshakeCompletionEventHandler extends ChannelInboundHandlerAdapter {
private final Queue<SslHandshakeCompletionEvent> completionEvents;
SslHandshakeCompletionEventHandler(Queue<SslHandshakeCompletionEvent> completionEvents) {
this.completionEvents = completionEvents;
}
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
if (evt instanceof SslHandshakeCompletionEvent) {
completionEvents.add((SslHandshakeCompletionEvent) evt);
}
}
@Override
public boolean isSharable() {
return true;
}
};
Add Test case for truncated SSL packets - Related issue: #1534 - Also made sure ByteToMessageDecoder does not wrap EncoderException.
2013-07-07 04:52:34 +02:00
}
Reference in New Issue Copy Permalink