Skip to content
Permalink
Browse files
Corrected TLS upgrade support in HttpAsyncRequester
  • Loading branch information
ok2c committed Apr 2, 2022
1 parent 9cd38f6 commit 7103d55bc433b5e68a8eb5b95afd770924d716f2
Showing 2 changed files with 202 additions and 2 deletions.
@@ -0,0 +1,197 @@
/*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/

package org.apache.hc.core5.testing.nio;

import static org.hamcrest.MatcherAssert.assertThat;

import java.net.InetSocketAddress;
import java.util.concurrent.Future;

import org.apache.hc.core5.concurrent.BasicFuture;
import org.apache.hc.core5.concurrent.FutureContribution;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.HttpResponse;
import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.Message;
import org.apache.hc.core5.http.Method;
import org.apache.hc.core5.http.URIScheme;
import org.apache.hc.core5.http.impl.bootstrap.AsyncRequesterBootstrap;
import org.apache.hc.core5.http.impl.bootstrap.AsyncServerBootstrap;
import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncRequester;
import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncServer;
import org.apache.hc.core5.http.nio.AsyncClientEndpoint;
import org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer;
import org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer;
import org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy;
import org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy;
import org.apache.hc.core5.http.nio.ssl.TlsUpgradeCapable;
import org.apache.hc.core5.http.nio.support.BasicRequestProducer;
import org.apache.hc.core5.http.nio.support.BasicResponseConsumer;
import org.apache.hc.core5.http.protocol.UriPatternMatcher;
import org.apache.hc.core5.io.CloseMode;
import org.apache.hc.core5.reactor.IOReactorConfig;
import org.apache.hc.core5.reactor.ListenerEndpoint;
import org.apache.hc.core5.reactor.ProtocolIOSession;
import org.apache.hc.core5.reactor.ssl.TlsDetails;
import org.apache.hc.core5.testing.SSLTestContexts;
import org.apache.hc.core5.testing.classic.LoggingConnPoolListener;
import org.apache.hc.core5.util.Timeout;
import org.hamcrest.CoreMatchers;
import org.junit.Rule;
import org.junit.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.rules.ExternalResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class TLSUpgradeTest {

private final Logger log = LoggerFactory.getLogger(getClass());

private static final Timeout TIMEOUT = Timeout.ofSeconds(30);

private HttpAsyncServer server;

@Rule
public ExternalResource serverResource = new ExternalResource() {

@Override
protected void before() throws Throwable {
log.debug("Starting up test server");
server = AsyncServerBootstrap.bootstrap()
.setLookupRegistry(new UriPatternMatcher<>())
.setIOReactorConfig(
IOReactorConfig.custom()
.setSoTimeout(TIMEOUT)
.build())
.register("*", () -> new EchoHandler(2048))
.setTlsStrategy(new BasicServerTlsStrategy(SSLTestContexts.createServerSSLContext()))
.setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER)
.setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE)
.setExceptionCallback(LoggingExceptionCallback.INSTANCE)
.setIOSessionListener(LoggingIOSessionListener.INSTANCE)
.create();
}

@Override
protected void after() {
log.debug("Shutting down test server");
if (server != null) {
server.close(CloseMode.GRACEFUL);
}
}

};

private HttpAsyncRequester requester;

@Rule
public ExternalResource clientResource = new ExternalResource() {

@Override
protected void before() throws Throwable {
log.debug("Starting up test client");
requester = AsyncRequesterBootstrap.bootstrap()
.setIOReactorConfig(IOReactorConfig.custom()
.setSoTimeout(TIMEOUT)
.build())
.setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext()))
.setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT)
.setConnPoolListener(LoggingConnPoolListener.INSTANCE)
.setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE)
.setExceptionCallback(LoggingExceptionCallback.INSTANCE)
.setIOSessionListener(LoggingIOSessionListener.INSTANCE)
.create();
}

@Override
protected void after() {
log.debug("Shutting down test client");
if (requester != null) {
requester.close(CloseMode.GRACEFUL);
}
}

};

@Test
public void testTLSUpgrade() throws Exception {
server.start();
final Future<ListenerEndpoint> future = server.listen(new InetSocketAddress(0), URIScheme.HTTPS);
final ListenerEndpoint listener = future.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
requester.start();

final HttpHost target = new HttpHost(URIScheme.HTTPS.id, "localhost", address.getPort());
final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
new BasicRequestProducer(Method.POST, target, "/stuff",
new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), TIMEOUT, null);
final Message<HttpResponse, String> message1 = resultFuture1.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
assertThat(message1, CoreMatchers.notNullValue());
final HttpResponse response1 = message1.getHead();
assertThat(response1.getCode(), CoreMatchers.equalTo(HttpStatus.SC_OK));
final String body1 = message1.getBody();
assertThat(body1, CoreMatchers.equalTo("some stuff"));

// Connect using plain HTTP scheme
final Future<AsyncClientEndpoint> endpointFuture = requester.connect(
new HttpHost(URIScheme.HTTP.id, "localhost", address.getPort()), TIMEOUT);

final AsyncClientEndpoint clientEndpoint = endpointFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
Assertions.assertInstanceOf(TlsUpgradeCapable.class, clientEndpoint);

// Upgrade to TLS
final BasicFuture<TlsDetails> tlsFuture = new BasicFuture<>(null);
((TlsUpgradeCapable) clientEndpoint).tlsUpgrade(target, new FutureContribution<ProtocolIOSession>(tlsFuture) {

@Override
public void completed(final ProtocolIOSession protocolIOSession) {
tlsFuture.completed(protocolIOSession.getTlsDetails());
}

});

final TlsDetails tlsDetails = tlsFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
Assertions.assertNotNull(tlsDetails);

// Execute request over HTTPS
final Future<Message<HttpResponse, String>> resultFuture2 = clientEndpoint.execute(
new BasicRequestProducer(Method.POST, target, "/stuff",
new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
new BasicResponseConsumer<>(new StringAsyncEntityConsumer()), null);
final Message<HttpResponse, String> message2 = resultFuture2.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
assertThat(message2, CoreMatchers.notNullValue());
final HttpResponse response2 = message2.getHead();
assertThat(response2.getCode(), CoreMatchers.equalTo(HttpStatus.SC_OK));
final String body2 = message2.getBody();
assertThat(body2, CoreMatchers.equalTo("some stuff"));
}

}
@@ -240,17 +240,20 @@ public HttpAsyncRequester create() {
null,
null,
streamListener);
final TlsStrategy tlsStrategyCopy = tlsStrategy != null ? tlsStrategy : new BasicClientTlsStrategy();
final IOEventHandlerFactory ioEventHandlerFactory = new ClientHttp1IOEventHandlerFactory(
streamDuplexerFactory,
tlsStrategy != null ? tlsStrategy : new BasicClientTlsStrategy(),
tlsStrategyCopy,
handshakeTimeout);
return new HttpAsyncRequester(
ioReactorConfig,
ioEventHandlerFactory,
ioSessionDecorator,
exceptionCallback,
sessionListener,
connPool);
connPool,
tlsStrategyCopy,
handshakeTimeout);
}

}

0 comments on commit 7103d55

Please sign in to comment.