Commit Graph

394 Commits

Author SHA1 Message Date
Trustin Lee
a4b1e68b9d Future compatibility with TLS ALPN
Motivation:

According to TLS ALPN draft-05, a client sends the list of the supported
protocols and a server responds with the selected protocol, which is
different from NPN.  Therefore, ApplicationProtocolSelector won't work
with ALPN

Modifications:

- Use Iterable<String> to list the supported protocols on the client
  side, rather than using ApplicationProtocolSelector
- Remove ApplicationProtocolSelector

Result:

Future compatibility with TLS ALPN
2014-05-22 10:03:16 +09:00
Trustin Lee
b03074fe74 Update the instruction for running SPDY examples 2014-05-21 17:30:18 +09:00
Trustin Lee
8953f5a6cb Add unified NextProtoNego extension support to SslContext
Motivation:

- OpenSslEngine and JDK SSLEngine (+ Jetty NPN) have different APIs to
  support NextProtoNego extension.
  - It is impossible to configure NPN with SslContext when the provider
    type is JDK.

Modification:

- Implement NextProtoNego extension by overriding the behavior of
  SSLSession.getProtocol() for both OpenSSLEngine and JDK SSLEngine.
  - SSLEngine.getProtocol() returns a string delimited by a colon (':')
    where the first component is the transport protosol (e.g. TLSv1.2)
    and the second component is the name of the application protocol
- Remove the direct reference of Jetty NPN classes from the examples
- Add SslContext.newApplicationProtocolSelector

Result:

- A user can now use both JDK SSLEngine and OpenSslEngine for NPN-based
  protocols such as HTTP2 and SPDY
2014-05-21 17:25:55 +09:00
Trustin Lee
7bea542259 Clean up the execution mechanism of examples
Motivation:

- There's no way to pass an argument to an example.
- Assigning a Maven profile for each example is an overkill.
  It makes the pom.xml crowded.

Modifications:

- Remove example profiles from example/pom.xml
- Keep the list of examples in run-example.sh
- run-example.sh passes all options to exec-maven-plugin.
  For example, we can now do this:

    ./run-example.sh -Dssl -Dport=443 http-server

Result:

- It's much easier to add a new example and provide an easy way to
  launch it.
- We can still pass an arbitrary argument to the example being launched.
  (I'll update all examples to make them get their options from system
  properties rather than from args[].
2014-05-20 23:34:10 +09:00
Trustin Lee
4a66b4f764 Fix a build problem with JDK 8
Motivation:

Build fails with JDK 8 because npn-boot does not work with JDK 8

Modifications:

Do not specify bootclasspath when on JDK 8

Result:

Build is green again.
2014-05-20 22:40:31 +09:00
Trustin Lee
48aa72b54f Clean up example execution
Motivation:

- example/pom.xml has quite a bit of duplication.
- We expect that we depend on npn-boot in more than one module in the
  near future. (e.g. handler, codec-http, and codec-http2)

Modification:

- Deduplicate the profiles in example/pom.xml
- Move the build configuration related with npn-boot to the parent pom.
- Add run-example.sh that helps a user launch an example easily

Result:

- Cleaner build files
- Easier to add a new example
- Easier to launch an example
- Easier to run the tests that relies on npn-boot in the future
2014-05-20 20:11:35 +09:00
Trustin Lee
23852c1891 Add netty-tcnative dependency to netty-example
Motivation:

It's useful to have netty-tcnative dependency in netty-example because
we can play with OpenSslEngine from our IDE.

Modifications:

Add netty-tcnative to example/pom.xml
2014-05-18 04:30:05 +09:00
Trustin Lee
c58f28dfdd Add an OpenSslEngine and the universal API for enabling SSL
Motivation:

Some users already use an SSLEngine implementation in finagle-native. It
wraps OpenSSL to get higher SSL performance.  However, to take advantage
of it, finagle-native must be compiled manually, and it means we cannot
pull it in as a dependency and thus we cannot test our SslHandler
against the OpenSSL-based SSLEngine.  For an instance, we had #2216.

Because the construction procedures of JDK SSLEngine and OpenSslEngine
are very different from each other, we also need to provide a universal
way to enable SSL in a Netty application.

Modifications:

- Pull netty-tcnative in as an optional dependency.
  http://netty.io/wiki/forked-tomcat-native.html
- Backport NativeLibraryLoader from 4.0
- Move OpenSSL-based SSLEngine implementation into our code base.
  - Copied from finagle-native; originally written by @jpinner et al.
  - Overall cleanup by @trustin.
- Run all SslHandler tests with both default SSLEngine and OpenSslEngine
- Add a unified API for creating an SSL context
  - SslContext allows you to create a new SSLEngine or a new SslHandler
    with your PKCS#8 key and X.509 certificate chain.
  - Add JdkSslContext and its subclasses
  - Add OpenSslServerContext
- Add ApplicationProtocolSelector to ensure the future support for NPN
  (NextProtoNego) and ALPN (Application Layer Protocol Negotiation) on
  the client-side.
- Add SimpleTrustManagerFactory to help a user write a
  TrustManagerFactory easily, which should be useful for those who need
  to write an alternative verification mechanism. For example, we can
  use it to implement an unsafe TrustManagerFactory that accepts
  self-signed certificates for testing purposes.
- Add InsecureTrustManagerFactory and FingerprintTrustManager for quick
  and dirty testing
- Add SelfSignedCertificate class which generates a self-signed X.509
  certificate very easily.
- Update all our examples to use SslContext.newClient/ServerContext()
- SslHandler now logs the chosen cipher suite when handshake is
  finished.

Result:

- Cleaner unified API for configuring an SSL client and an SSL server
  regardless of its internal implementation.
- When native libraries are available, OpenSSL-based SSLEngine
  implementation is selected automatically to take advantage of its
  performance benefit.
- Examples take advantage of this modification and thus are cleaner.
2014-05-18 02:54:23 +09:00
Norman Maurer
a597087a9f [maven-release-plugin] prepare for next development iteration 2014-04-30 15:40:54 +02:00
Norman Maurer
b562148e2d [maven-release-plugin] prepare release netty-4.0.19.Final 2014-04-30 15:40:31 +02:00
Jeff Pinner
2360142b89 SPDY: refactor frame codec implementation
Motivation:

Currently, the SPDY frame encoding and decoding code is based upon
the ChannelHandler abstraction. This requires maintaining multiple
versions for 3.x and 4.x (and possibly 5.x moving forward).

Modifications:

The SPDY frame encoding and decoding code is separated from the
ChannelHandler and SpdyFrame abstractions. Also test coverage is
improved.

Result:

SpdyFrameCodec now implements the ChannelHandler abstraction and is
responsible for creating and handling SpdyFrame objects.

Conflicts:
	codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyFrameCodec.java
2014-04-15 20:05:05 +02:00
Norman Maurer
012166803a [#2353] Use a privileged block to get ClassLoader and System property if needed
Motivation:
When using System.getProperty(...) and various methods to get a ClassLoader it will fail when a SecurityManager is in place.

Modifications:
Use a priveled block if needed. This work is based in the PR #2353 done by @anilsaldhana .

Result:
Code works also when SecurityManager is present
2014-04-08 13:59:03 +02:00
Norman Maurer
816165c96a [maven-release-plugin] prepare for next development iteration 2014-04-01 07:21:40 +02:00
Norman Maurer
1512a4dcca [maven-release-plugin] prepare release netty-4.0.18.Final 2014-04-01 07:20:16 +02:00
Daniel Bevenius
14b962a434 Adding origins whitelist support for CORS
Motivation:
Currently the CORS support only handles a single origin, or a wildcard
origin. This task should enhance Netty's CORS support to allow multiple
origins to be specified. Just being allowed to specify one origin is
particulary limiting when a site support both http and https for
example.

Modifications:
- Updated CorsConfig and its Builder to accept multiple origins.

Result:
Users are now able to configure multiple origins for CORS.

[https://github.com/netty/netty/issues/2346]
2014-03-30 19:35:48 +02:00
Norman Maurer
641b6e5bbe Ensure the HttpResponseEncoder is always placed before the HttpObjectAggregator. Part of [#2219] 2014-03-05 06:56:21 +01:00
Jakob Buchgraber
216fce193b Added a secure WebSocket client example
Merged WebSocketClient and WebSocketSslClient

Add private constructors to fix checkstyle errors.

More checkstyle madness.

made WebSocketClientRunner final
2014-03-03 06:49:30 +01:00
Norman Maurer
ccd135df01 [maven-release-plugin] prepare for next development iteration 2014-02-24 15:39:26 +01:00
Norman Maurer
33587eb183 [maven-release-plugin] prepare release netty-4.0.17.Final 2014-02-24 15:37:31 +01:00
Jeff Pinner
d838a07c14 SPDY: remove SPDY/3 support 2014-02-20 15:00:04 -08:00
Norman Maurer
66e2bb1e75 [maven-release-plugin] prepare for next development iteration 2014-02-19 03:41:24 +01:00
Norman Maurer
c466bb803d [maven-release-plugin] prepare release netty-4.0.16.Final 2014-02-19 03:36:54 +01:00
Trustin Lee
c8ec5be842 Remove a version clause added by mistake 2014-02-08 11:07:58 -08:00
Trustin Lee
aeeb2e7bac Fix a build error related with NPN version and JDK8 2014-02-08 10:48:42 -08:00
Trustin Lee
87b853c60d Use smaller number of boss threads in the example
.. because usually there's no need to use many boss threads.
2014-02-07 14:43:07 -08:00
Trustin Lee
617739c515 Simplify exec-maven-plugin configuration
- Move the version number to the parent pom's pluginManagement section
- Remove unnecessary system properties
- Increase the scope of execution from compile to runtime
2014-02-07 13:40:22 -08:00
Trustin Lee
8e854bbf18 Fix indentation 2014-02-07 10:30:49 -08:00
Daniel Bevenius
9ca71f2d8e Adding ability to start spdy server/client using maven. 2014-02-07 11:28:36 +01:00
Trustin Lee
417f7264fd Reorganize the SPDY example
- Move the server example to spdy.server
- Move the client example to spdy.client
- Fix inspection warnings
2014-02-05 14:54:02 -08:00
Leonardo Freitas Gomes
69a1095976 SPDY client example
Demonstrates the usage of SPDY from a client perspective. One can also
use a SPDY-enabled browser as a client, but it’s easier to understand
the internals of the protocol from a client point-of-view if you have
some code you can debug.
2014-02-05 14:44:01 -08:00
jwilson
38d04c927f Tweak snoop example to send a full HTTP request.
Without this, future HTTP requests on this channel will
silently fail because the HttpObjectEncoder will be left
in an unhappy state.
2014-02-01 18:35:38 +01:00
Norman Maurer
293e34e13f Run autobahntestsuite as part of the build 2014-01-28 07:23:10 +01:00
Norman Maurer
d67184b488 [maven-release-plugin] prepare for next development iteration 2014-01-21 08:18:32 +01:00
Norman Maurer
287515210d [maven-release-plugin] prepare release netty-4.0.15.Final 2014-01-21 08:18:26 +01:00
Norman Maurer
5f8a0cc10b Make use of a Logger in the SPDY example and simplify it a bit 2014-01-21 07:33:35 +01:00
Veebs
9a9f98ffcd SPDY example app 2014-01-21 07:33:35 +01:00
Norman Maurer
e0b0a99887 Fix compile error 2014-01-16 09:00:27 +01:00
Daniel Bevenius
75b0360867 Adding a Cross Origin Resource Sharing (CORS) handler. 2014-01-16 08:18:16 +01:00
Veebs
1326ba54ee Replaced deprecated 'sendUnsupportedWebSocketVersionResponse()' with 'sendUnsupportedVersionResponse()' 2014-01-13 06:33:57 +01:00
Trustin Lee
e83d2e0b4e [maven-release-plugin] prepare for next development iteration 2013-12-22 21:57:48 +09:00
Trustin Lee
cdb700c7a4 [maven-release-plugin] prepare release netty-4.0.14.Final 2013-12-22 21:57:40 +09:00
Trustin Lee
0b7aedb13b [maven-release-plugin] rollback the release of netty-4.0.14.Final 2013-12-22 21:53:24 +09:00
Trustin Lee
4bf6ec7171 [maven-release-plugin] prepare release netty-4.0.14.Final 2013-12-22 21:52:56 +09:00
Trustin Lee
9c1a49c58e [maven-release-plugin] rollback the release of netty-4.0.14.Final 2013-12-22 21:47:35 +09:00
Trustin Lee
008a049bf4 [maven-release-plugin] prepare for next development iteration 2013-12-22 21:43:55 +09:00
Trustin Lee
f6cb9088c6 [maven-release-plugin] prepare release netty-4.0.14.Final 2013-12-22 21:43:45 +09:00
Norman Maurer
17f5865e38 [maven-release-plugin] prepare for next development iteration 2013-11-29 19:31:01 +01:00
Norman Maurer
ead617fdcc [maven-release-plugin] prepare release netty-4.0.14.Beta1 2013-11-29 19:30:55 +01:00
Norman Maurer
6cf2748dbb [maven-release-plugin] prepare for next development iteration 2013-11-28 15:04:51 +01:00
Norman Maurer
5fe7596f49 [maven-release-plugin] prepare release netty-4.0.13.Final 2013-11-28 15:04:46 +01:00