io.netty.handler.ssl.ApplicationProtocolConfig.Protocol Java Examples
The following examples show how to use
io.netty.handler.ssl.ApplicationProtocolConfig.Protocol.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 6 votes |
|
@Test
public void testAlpnCompatibleProtocolsDifferentClientOrder() throws Exception {
try {
providerType.activate(this);
if (providerType == ProviderType.NPN_JETTY) {
// This test only applies to ALPN.
throw tlsExtensionNotFound(providerType.protocol());
}
// Even the preferred application protocol appears second in the client's list, it will be picked
// because it's the first one on server's list.
ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
FALLBACK_APPLICATION_LEVEL_PROTOCOL, PREFERRED_APPLICATION_LEVEL_PROTOCOL);
ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
PREFERRED_APPLICATION_LEVEL_PROTOCOL, FALLBACK_APPLICATION_LEVEL_PROTOCOL);
setupHandlers(serverApn, clientApn);
assertNull(serverException);
runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
} catch (SkipTestException e) {
// ALPN availability is dependent on the java version. If ALPN is not available because of
// java version incompatibility don't fail the test, but instead just skip the test
assumeNoException(e);
}
}
Example #2
| Source File: HttpServerSPDY.java From netty-cookbook with Apache License 2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String ip = "127.0.0.1";
int port = 8080;
// Configure SSL.
SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslCtx = SslContext.newServerContext(
ssc.certificate(), ssc.privateKey(), null, null,
IdentityCipherSuiteFilter.INSTANCE,
new ApplicationProtocolConfig(Protocol.ALPN,
SelectorFailureBehavior.FATAL_ALERT,
SelectedListenerFailureBehavior.FATAL_ALERT,
SelectedProtocol.SPDY_3_1.protocolName(),
SelectedProtocol.HTTP_1_1.protocolName()), 0, 0);
ChannelInitializer<SocketChannel> channelInit = new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
p.addLast(sslCtx.newHandler(ch.alloc()));
p.addLast(new SpdyOrHttpHandler());
}
};
NettyServerUtil.newHttpServerBootstrap(ip, port, channelInit);
}
Example #3
| Source File: TlsUtil.java From nitmproxy with MIT License | 6 votes |
|
private static ApplicationProtocolConfig applicationProtocolConfig(NitmProxyConfig config, boolean http2) {
if (http2) {
return new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1);
} else {
return new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_1_1);
}
}
Example #4
| Source File: NettyHttp2Client.java From jmeter-http2-plugin with Apache License 2.0 | 6 votes |
|
private SslContext getSslContext() {
SslContext sslCtx = null;
final SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
try {
sslCtx = SslContextBuilder.forClient()
.sslProvider(provider)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2))
.build();
} catch(SSLException exception) {
return null;
}
return sslCtx;
}
Example #5
| Source File: Http2Util.java From tutorials with MIT License | 5 votes |
|
public static SslContext createSSLContext(boolean isServer) throws SSLException, CertificateException {
SslContext sslCtx;
SelfSignedCertificate ssc = new SelfSignedCertificate();
if (isServer) {
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(SslProvider.JDK)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = SslContextBuilder.forClient()
.sslProvider(SslProvider.JDK)
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2))
.build();
}
return sslCtx;
}
Example #6
| Source File: SpdyServer.java From netty4.0.27Learn with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
SelfSignedCertificate ssc = new SelfSignedCertificate();
SslContext sslCtx = SslContext.newServerContext(
ssc.certificate(), ssc.privateKey(), null, null, IdentityCipherSuiteFilter.INSTANCE,
new ApplicationProtocolConfig(
Protocol.NPN,
SelectorFailureBehavior.FATAL_ALERT,
SelectedListenerFailureBehavior.FATAL_ALERT,
SelectedProtocol.SPDY_3_1.protocolName(),
SelectedProtocol.HTTP_1_1.protocolName()),
0, 0);
// Configure the server.
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new SpdyServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your SPDY-enabled web browser and navigate to https://127.0.0.1:" + PORT + '/');
System.err.println("If using Chrome browser, check your SPDY sessions at chrome://net-internals/#spdy");
ch.closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #7
| Source File: SslContext.java From netty4.0.27Learn with Apache License 2.0 | 5 votes |
|
static ApplicationProtocolConfig toApplicationProtocolConfig(Iterable<String> nextProtocols) {
ApplicationProtocolConfig apn;
if (nextProtocols == null) {
apn = ApplicationProtocolConfig.DISABLED;
} else {
apn = new ApplicationProtocolConfig(
Protocol.NPN_AND_ALPN, SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
SelectedListenerFailureBehavior.ACCEPT, nextProtocols);
}
return apn;
}
Example #8
| Source File: OpenSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
private static ApplicationProtocolConfig acceptingNegotiator(Protocol protocol,
String... supportedProtocols) {
return new ApplicationProtocolConfig(protocol,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
supportedProtocols);
}
Example #9
| Source File: OpenSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
@Test
public void testAlpnCompatibleProtocolsDifferentClientOrder() throws Exception {
assumeTrue(OpenSsl.isAlpnSupported());
ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
FALLBACK_APPLICATION_LEVEL_PROTOCOL, PREFERRED_APPLICATION_LEVEL_PROTOCOL);
ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.ALPN,
PREFERRED_APPLICATION_LEVEL_PROTOCOL, FALLBACK_APPLICATION_LEVEL_PROTOCOL);
setupHandlers(serverApn, clientApn);
assertNull(serverException);
runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
}
Example #10
| Source File: OpenSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
@Test
public void testAlpn() throws Exception {
assumeTrue(OpenSsl.isAlpnSupported());
ApplicationProtocolConfig apn = acceptingNegotiator(Protocol.ALPN,
PREFERRED_APPLICATION_LEVEL_PROTOCOL);
setupHandlers(apn);
runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
}
Example #11
| Source File: OpenSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
@Test
public void testNpn() throws Exception {
ApplicationProtocolConfig apn = acceptingNegotiator(Protocol.NPN,
PREFERRED_APPLICATION_LEVEL_PROTOCOL);
setupHandlers(apn);
runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
}
Example #12
| Source File: SslContext.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
static ApplicationProtocolConfig toApplicationProtocolConfig(Iterable<String> nextProtocols) {
ApplicationProtocolConfig apn;
if (nextProtocols == null) {
apn = ApplicationProtocolConfig.DISABLED;
} else {
apn = new ApplicationProtocolConfig(
Protocol.NPN_AND_ALPN, SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
SelectedListenerFailureBehavior.ACCEPT, nextProtocols);
}
return apn;
}
Example #13
| Source File: SpdyServer.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
SelfSignedCertificate ssc = new SelfSignedCertificate();
SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.NPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.SPDY_3_1,
ApplicationProtocolNames.HTTP_1_1))
.build();
// Configure the server.
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new SpdyServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your SPDY-enabled web browser and navigate to https://127.0.0.1:" + PORT + '/');
System.err.println("If using Chrome browser, check your SPDY sessions at chrome://net-internals/#spdy");
ch.closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
}
}
Example #14
| Source File: Http2Server.java From netty-4.1.22 with Apache License 2.0 | 5 votes |
|
private static SslContext configureTLS() throws CertificateException, SSLException {
SelfSignedCertificate ssc = new SelfSignedCertificate();
ApplicationProtocolConfig apn = new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1);
return SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey(), null)
.ciphers(CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(apn).build();
}
Example #15
| Source File: THttp2Client.java From armeria with Apache License 2.0 | 4 votes |
|
THttp2Client(String uriStr, HttpHeaders defaultHeaders) throws TTransportException {
uri = URI.create(uriStr);
this.defaultHeaders = defaultHeaders;
int port;
switch (uri.getScheme()) {
case "http":
port = uri.getPort();
if (port < 0) {
port = 80;
}
sslCtx = null;
break;
case "https":
port = uri.getPort();
if (port < 0) {
port = 443;
}
try {
sslCtx = SslContextBuilder.forClient()
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and
// JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and
// JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2))
.build();
} catch (SSLException e) {
throw new TTransportException(TTransportException.UNKNOWN, e);
}
break;
default:
throw new IllegalArgumentException("unknown scheme: " + uri.getScheme());
}
final String host = uri.getHost();
if (host == null) {
throw new IllegalArgumentException("host not specified: " + uriStr);
}
final String path = uri.getPath();
if (path == null) {
throw new IllegalArgumentException("path not specified: " + uriStr);
}
this.host = host;
this.port = port;
this.path = path;
}
Example #16
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
@Override
Protocol protocol() {
return Protocol.ALPN;
}
Example #17
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
private static SkipTestException tlsExtensionNotFound(Protocol protocol) {
throw new SkipTestException(protocol + " not on classpath");
}
Example #18
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
private static ApplicationProtocolConfig acceptingNegotiator(Protocol protocol, String... supportedProtocols) {
return new ApplicationProtocolConfig(protocol,
SelectorFailureBehavior.NO_ADVERTISE,
SelectedListenerFailureBehavior.ACCEPT,
supportedProtocols);
}
Example #19
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
private static ApplicationProtocolConfig failingNegotiator(Protocol protocol, String... supportedProtocols) {
return new ApplicationProtocolConfig(protocol,
SelectorFailureBehavior.FATAL_ALERT,
SelectedListenerFailureBehavior.FATAL_ALERT,
supportedProtocols);
}
Example #20
| Source File: Http2Server.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(provider)
/* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification.
* Please refer to the HTTP/2 specification for cipher requirements. */
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup group = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(group)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new Http2ServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your HTTP/2-enabled web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
group.shutdownGracefully();
}
}
Example #21
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
@Override
Protocol protocol() {
return Protocol.ALPN;
}
Example #22
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
@Override
Protocol protocol() {
return Protocol.ALPN;
}
Example #23
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
@Override
Protocol protocol() {
return Protocol.NPN;
}
Example #24
| Source File: Http2Server.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(provider)
/* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification.
* Please refer to the HTTP/2 specification for cipher requirements. */
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup group = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(group)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new Http2ServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your HTTP/2-enabled web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
group.shutdownGracefully();
}
}
Example #25
| Source File: Http2Server.java From netty-4.1.22 with Apache License 2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// Configure SSL.
final SslContext sslCtx;
if (SSL) {
SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
SelfSignedCertificate ssc = new SelfSignedCertificate();
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
.sslProvider(provider)
/* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification.
* Please refer to the HTTP/2 specification for cipher requirements. */
.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
.applicationProtocolConfig(new ApplicationProtocolConfig(
Protocol.ALPN,
// NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
SelectorFailureBehavior.NO_ADVERTISE,
// ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
SelectedListenerFailureBehavior.ACCEPT,
ApplicationProtocolNames.HTTP_2,
ApplicationProtocolNames.HTTP_1_1))
.build();
} else {
sslCtx = null;
}
// Configure the server.
EventLoopGroup group = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.option(ChannelOption.SO_BACKLOG, 1024);
b.group(group)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new Http2ServerInitializer(sslCtx));
Channel ch = b.bind(PORT).sync().channel();
System.err.println("Open your HTTP/2-enabled web browser and navigate to " +
(SSL? "https" : "http") + "://127.0.0.1:" + PORT + '/');
ch.closeFuture().sync();
} finally {
group.shutdownGracefully();
}
}
Example #26
| Source File: JdkSslEngineTest.java From netty-4.1.22 with Apache License 2.0 | votes |
|
abstract Protocol protocol();
