New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https between components #7767
https between components #7767
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like an excellent start. Thank you!
Selenium Grid by default communicates over HTTP. This is fine for a lot | ||
of use cases, especially if everything is contained within the firewall | ||
and against test sites with testing data. However, if your server is | ||
exposed to the Internet or us being used in environments with production |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"us"?
create and sign your certificates. | ||
|
||
``` | ||
~/go/bin/minica --domains sessions.grid.com,distributor.grid.com,router.grid.com |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assume commands are on the PATH
already. If someone's installed minica via (eg) homebrew, the location will be different.
-import \ | ||
-file /path/to/minica.pem \ | ||
-alias minica \ | ||
-keystore /Library/Java/JavaVirtualMachines/jdk-11.jdk/Contents/Home/lib/security/cacerts \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$JAVA_HOME
, perhaps?
@@ -53,6 +53,18 @@ | |||
@ConfigValue(section = "server", name = "allow-cors") | |||
private boolean allowCORS = false; | |||
|
|||
@Parameter(description = "Whether the Selenium server should communicate over https", names = "--https") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would seem that having either --http-private-key
or --http-certificate
implies that the connections should be secured....
b.group(bossGroup, workerGroup) | ||
.channel(NioServerSocketChannel.class) | ||
.handler(new LoggingHandler(LogLevel.INFO)) | ||
.childHandler(new SeleniumHttpsInitializer(handler, sslCtx)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just modify the existing SeleniumHttpInitializer
to accept a null
sslCtx
and have it only add the SSL handler if the value is not null?
@Override | ||
protected void initChannel(SocketChannel ch) { | ||
ch.pipeline().addLast("ssl", sslCtx.newHandler(ch.alloc())); | ||
ch.pipeline().addLast("codec", new HttpServerCodec()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this the same as the SeleniumHttpInitializer
? If so, and you're not following the suggestion from above, consider something like:
ch.pipeline().addLast("ssl", sslCtx.newHandler(ch.alloc()));
new SeleniumHttpInitializer(seleniumHandler).initChannel(ch);
to minimise the amount of duplicated code, and to highlight the relationship between the two.
@@ -94,7 +97,7 @@ | |||
() -> { | |||
try { | |||
return createRemotes(); | |||
} catch (URISyntaxException e) { | |||
} catch (URISyntaxException | SSLException | CertificateException e) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit please alphabetise.
@@ -121,7 +124,7 @@ public void setFields() { | |||
this.clientFactory = (HttpClient.Factory) raw[1]; | |||
} | |||
|
|||
private static Object[] createInMemory() throws URISyntaxException, MalformedURLException { | |||
private static Object[] createInMemory() throws URISyntaxException, MalformedURLException, SSLException, CertificateException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At this point, throw Exception
is fine. It's just a test.
Adam Goucher seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. You have signed the CLA already but the status is still pending? Let us recheck it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like it's basically ready. I've left a few comments, but you should still have the commit bit. Land it when you feel good to go :) We can always iterate on this once it's in the tree.
return config.get("server", "https-private-key").isPresent() && config.get("server", "https-certificate").isPresent(); | ||
} | ||
|
||
public File getPrivateKey() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In a follow-up PR, we should make this a Path
Objects.requireNonNull(options, "Server options must be set."); | ||
Objects.requireNonNull(handler, "Handler to use must be set."); | ||
|
||
Boolean secure = options.isSecure(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
boolean
: we never expect this to be null
, and the unboxing that happens on the next line will throw an NPE if that happens.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the current implementation of isSecure ensures it always is Boolean.
} | ||
|
||
@Override | ||
protected void initChannel(SocketChannel ch) { | ||
if (sslCtx != null) { | ||
ch.pipeline().addLast("ssl", sslCtx.newHandler(ch.alloc())); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: weird indentation.
@@ -0,0 +1,53 @@ | |||
// Licensed to the Software Freedom Conservancy (SFC) under one |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file can be deleted now.
@@ -96,4 +97,24 @@ public URI getExternalUri() { | |||
public boolean getAllowCORS() { | |||
return config.getBool("server", "allow-cors").orElse(false); | |||
} | |||
|
|||
public boolean isSecure() { | |||
return config.get("server", "https-private-key").isPresent() && config.get("server", "https-certificate").isPresent(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: indentation
|
||
private Channel channel; | ||
|
||
public NettyServer(BaseServerOptions options, HttpHandler handler) { | ||
public NettyServer(BaseServerOptions options, HttpHandler handler) | ||
throws SSLException, CertificateException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider wrapping the SSLException
with an UncheckedIOException
so that everything coming out of this is a RuntimeException
. Our own code wraps and rethrows, so it's not like we're hiding much.
Merging in support to run the standalone server and/or component parts of the server as https. Default is still http due to configuration pain. Note: none of the client bindings have been updated to communicate to a https server
Alright. This is for #7662
Essentially there is a big on/off flag (--https) and then you need to provide a certificate (--https-certificate) and a key (--https-private-key). There is also an info section on how to wire it up including making yourself some certificates and how to teach Java to trust them.
Not sure how to write tests as it requires certificates, but can confirm I have locally been able to light up a browser and drive it.
This does not do the follow, each will have to be a separate item
secure zeromq which is still plain tcp
teach the client bindings about certificates (my tests were with the python ones and they just work by saying the remote_connection is https but it spits out a warning about verifying certificates on every communication over the wire)
By placing an
X
in the preceding checkbox, I verify that I have signed the Contributor License Agreement