Skip to content

Commit

Permalink
Improve a few things in the HTTP tls tests
Browse files Browse the repository at this point in the history 
- creation of base options should be achieved in create base options methods for each protocol
- SSL options update tests are actually not configured for HTTP/2
  • Loading branch information
@vietj
vietj committed Nov 13, 2023
1 parent 433d282 commit 29ebcb1
Show file tree
Hide file tree
Showing 3 changed files with 72 additions and 57 deletions.
20 changes: 10 additions & 10 deletions src/test/java/io/vertx/core/http/Http1xTLSTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,7 @@

import io.netty.buffer.ByteBufUtil;
import io.vertx.core.AbstractVerticle;
import io.vertx.core.CompositeFuture;
import io.vertx.core.DeploymentOptions;
import io.vertx.core.Future;
import io.vertx.core.Promise;
import io.vertx.core.VertxOptions;
import io.vertx.test.tls.Cert;
Expand All @@ -29,7 +27,6 @@
import java.util.HashSet;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Collectors;

Expand All @@ -39,17 +36,20 @@
public class Http1xTLSTest extends HttpTLSTest {

@Override
HttpServer createHttpServer(HttpServerOptions options) {
return vertx.createHttpServer(options);
}
protected HttpServerOptions createBaseServerOptions() {
return new HttpServerOptions()
.setPort(HttpTestBase.DEFAULT_HTTPS_PORT)
.setSsl(true);
};

@Override
HttpClient createHttpClient(HttpClientOptions options) {
return vertx.createHttpClient(options);
protected HttpClientOptions createBaseClientOptions() {
return new HttpClientOptions()
.setSsl(true)
.setProtocolVersion(HttpVersion.HTTP_1_1);
}


// ALPN tests
// ALPN tests

@Test
// Client and server uses ALPN
Expand Down
14 changes: 10 additions & 4 deletions src/test/java/io/vertx/core/http/Http2TLSTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,19 @@
public class Http2TLSTest extends HttpTLSTest {

@Override
HttpServer createHttpServer(HttpServerOptions options) {
return vertx.createHttpServer(options.setUseAlpn(true));
protected HttpServerOptions createBaseServerOptions() {
return new HttpServerOptions()
.setPort(HttpTestBase.DEFAULT_HTTPS_PORT)
.setUseAlpn(true)
.setSsl(true);
}

@Override
HttpClient createHttpClient(HttpClientOptions options) {
return vertx.createHttpClient(options.setUseAlpn(true));
protected HttpClientOptions createBaseClientOptions() {
return new HttpClientOptions()
.setUseAlpn(true)
.setSsl(true)
.setProtocolVersion(HttpVersion.HTTP_2);
}

@Override
Expand Down
95 changes: 52 additions & 43 deletions src/test/java/io/vertx/core/http/HttpTLSTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -978,7 +978,7 @@ class TLSTest {
TrustOptions serverTrust;
boolean serverUsesCrl;
boolean serverOpenSSL;
boolean serverUsesAlpn;
Boolean serverUsesAlpn;
boolean serverSSL = true;
boolean serverUsesProxyProtocol = false;
ProxyType proxyType;
Expand Down Expand Up @@ -1175,8 +1175,7 @@ TLSTest run(boolean shouldPass) {
// The test with proxy that fails will not connect
waitFor(2);
}
server.close();
HttpClientOptions options = new HttpClientOptions();
HttpClientOptions options = createBaseClientOptions();
options.setProtocolVersion(version);
options.setSsl(clientSSL);
options.setForceSni(clientForceSNI);
Expand Down Expand Up @@ -1218,8 +1217,8 @@ TLSTest run(boolean shouldPass) {
}
options.setProxyOptions(proxyOptions);
}
client = createHttpClient(options);
HttpServerOptions serverOptions = new HttpServerOptions();
client = vertx.createHttpClient(options);
HttpServerOptions serverOptions = createBaseServerOptions();
serverOptions.setTrustOptions(serverTrust);
serverOptions.setKeyCertOptions(serverCert);
if (requiresClientAuth) {
Expand All @@ -1231,7 +1230,9 @@ TLSTest run(boolean shouldPass) {
if (serverOpenSSL) {
serverOptions.setOpenSslEngineOptions(new OpenSSLEngineOptions());
}
serverOptions.setUseAlpn(serverUsesAlpn);
if (serverUsesAlpn == Boolean.TRUE) {
serverOptions.setUseAlpn(serverUsesAlpn);
}
serverOptions.setSsl(serverSSL);
serverOptions.setSni(serverSNI);
serverOptions.setUseProxyProtocol(serverUsesProxyProtocol);
Expand All @@ -1244,7 +1245,8 @@ TLSTest run(boolean shouldPass) {
for (String protocol : serverEnabledSecureTransportProtocol) {
serverOptions.addEnabledSecureTransportProtocol(protocol);
}
server = createHttpServer(serverOptions.setPort(4043));
server.close();
server = vertx.createHttpServer(serverOptions.setPort(4043));
server.connectionHandler(conn -> complete());
AtomicInteger count = new AtomicInteger();
server.exceptionHandler(err -> {
Expand Down Expand Up @@ -1318,10 +1320,6 @@ TLSTest run(boolean shouldPass) {
}
}

abstract HttpServer createHttpServer(HttpServerOptions options);

abstract HttpClient createHttpClient(HttpClientOptions options);

protected TLSTest testTLS(Cert<?> clientCert, Trust<?> clientTrust,
Cert<?> serverCert, Trust<?> serverTrust) throws Exception {
return new TLSTest(clientCert, clientTrust, serverCert, serverTrust);
Expand Down Expand Up @@ -1502,7 +1500,7 @@ private void testStore(HttpServerOptions serverOptions, List<String> expectedPos

@Test
public void testCrlInvalidPath() {
HttpClientOptions clientOptions = new HttpClientOptions();
HttpClientOptions clientOptions = createBaseClientOptions();
clientOptions.setTrustOptions(Trust.SERVER_PEM_ROOT_CA.get());
clientOptions.setSsl(true);
clientOptions.addCrlPath("/invalid.pem");
Expand Down Expand Up @@ -1648,7 +1646,7 @@ public void testUpdateSSLOptionsWithScaledServer() throws Exception {
}

private void testUpdateSSLOptions(boolean scaled) throws Exception {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
server = vertx.createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
Expand All @@ -1659,7 +1657,7 @@ private void testUpdateSSLOptions(boolean scaled) throws Exception {
private HttpServer server;
@Override
public void start(Promise<Void> startPromise) {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
server = vertx.createHttpServer(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
Expand All @@ -1671,14 +1669,15 @@ public void start(Promise<Void> startPromise) {
}).onComplete(onSuccess(v -> latch.countDown()));
awaitLatch(latch);
}
Supplier<Future<Buffer>> request = () -> client.request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body));
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_JKS.get()));
request.get().onComplete(onSuccess(body1 -> {
Function<HttpClient, Future<Buffer>> request = client -> client.request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body));
HttpClient client1 = vertx.createHttpClient(createBaseClientOptions().setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS.get()));
HttpClient client2 = vertx.createHttpClient(createBaseClientOptions().setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS.get()));
request.apply(client1).onComplete(onSuccess(body1 -> {
assertEquals("Hello World", body1.toString());
server.updateSSLOptions(new SSLOptions().setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get()), onSuccess(v -> {
request.get().onComplete(onFailure(err -> {
client.updateSSLOptions(new SSLOptions().setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()), onSuccess(v2 -> {
request.get().onComplete(onSuccess(body2 -> {
server.updateSSLOptions(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_JKS_ROOT_CA.get()).getSslOptions()).onComplete(onSuccess(v -> {
request.apply(client2).onComplete(onFailure(err -> {
client2.updateSSLOptions(createBaseClientOptions().setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()).getSslOptions()).onComplete(onSuccess(v2 -> {
request.apply(client2).onComplete(onSuccess(body2 -> {
assertEquals("Hello World", body2.toString());
testComplete();
}));
Expand All @@ -1691,13 +1690,15 @@ public void start(Promise<Void> startPromise) {

@Test
public void testUpdateWithInvalidSSLOptions() throws Exception {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
server = vertx.createHttpServer(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
startServer(testAddress);
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_JKS.get()));
Future<Void> last = server.updateSSLOptions(new SSLOptions().setKeyCertOptions(new JksOptions().setValue(TestUtils.randomBuffer(20)).setPassword("invalid")));
client = vertx.createHttpClient(createBaseClientOptions().setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS.get()));
Future<Void> last = server.updateSSLOptions(createBaseServerOptions()
.setKeyCertOptions(new JksOptions().setValue(TestUtils.randomBuffer(20)).setPassword("invalid"))
.getSslOptions());
last.onComplete(onFailure(err -> {
client
.request(requestOptions)
Expand All @@ -1712,12 +1713,12 @@ public void testUpdateWithInvalidSSLOptions() throws Exception {

@Test
public void testConcurrentUpdateSSLOptions() throws Exception {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
server = vertx.createHttpServer(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
startServer(testAddress);
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()));
client = vertx.createHttpClient(createBaseClientOptions().setKeepAlive(false).setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS_ROOT_CA.get()));
List<KeyCertOptions> list = Arrays.asList(
Cert.SERVER_PKCS12.get(),
Cert.SERVER_PEM.get(),
Expand All @@ -1727,7 +1728,7 @@ public void testConcurrentUpdateSSLOptions() throws Exception {
Future<Void> last = null;
for (int i = 0;i < list.size();i++) {
int val = i;
last = server.updateSSLOptions(new SSLOptions().setKeyCertOptions(list.get(i)));
last = server.updateSSLOptions(createBaseServerOptions().setKeyCertOptions(list.get(i)).getSslOptions());
last.onComplete(onSuccess(v -> {
assertEquals(val, seq.getAndIncrement());
}));
Expand All @@ -1746,28 +1747,33 @@ public void testConcurrentUpdateSSLOptions() throws Exception {

@Test
public void testServerSharingUpdateSSLOptions() throws Exception {
int numServers = 4;
HttpServer[] servers = new HttpServer[numServers];
for (int i = 0;i < numServers;i++) {
int num = 4;
HttpServer[] servers = new HttpServer[num];
for (int i = 0;i < num;i++) {
String msg = "Hello World " + i;
servers[i] = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
servers[i] = vertx.createHttpServer(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end(msg);
});
servers[i].listen(testAddress).toCompletionStage().toCompletableFuture().get();
}
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_JKS.get()));
for (int i = 0;i < numServers;i++) {
Buffer body = client.request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body)).toCompletionStage().toCompletableFuture().get();
HttpClient[] clients = new HttpClient[num];
for (int i = 0;i < num;i++) {
clients[i] = vertx.createHttpClient(createBaseClientOptions().setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS.get()));
}
for (int i = 0;i < num;i++) {
Buffer body = clients[i].request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body)).toCompletionStage().toCompletableFuture().get();
assertEquals("Hello World " + i, body.toString());
}
client.close();
for (int i = 0;i < numServers;i++) {
servers[i].updateSSLOptions(new SSLOptions().setKeyCertOptions(Cert.SERVER_PKCS12.get())).toCompletionStage().toCompletableFuture().get();
for (int i = 0;i < num;i++) {
servers[i].updateSSLOptions(createBaseServerOptions().setKeyCertOptions(Cert.SERVER_PKCS12.get()).getSslOptions()).toCompletionStage().toCompletableFuture().get();
}
for (int i = 0;i < num;i++) {
clients[i].close();
clients[i] = vertx.createHttpClient(createBaseClientOptions().setVerifyHost(false).setTrustOptions(Trust.SERVER_JKS.get()));
}
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_PKCS12.get()));
for (int i = 0;i < numServers;i++) {
Buffer body = client.request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body)).toCompletionStage().toCompletableFuture().get();
for (int i = 0;i < num;i++) {
Buffer body = clients[i].request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body)).toCompletionStage().toCompletableFuture().get();
assertEquals("Hello World " + i, body.toString());
}
}
Expand Down Expand Up @@ -1977,9 +1983,8 @@ public PrivateKey getPrivateKey(String alias) {
}
};

server = createHttpServer(createBaseServerOptions()
server = vertx.createHttpServer(createBaseServerOptions()
.setJdkSslEngineOptions(new JdkSSLEngineOptions().setUseWorkerThread(useWorkerThreads))
.setSsl(true)
.setSni(useSni)
.setKeyCertOptions(testOptions)
)
Expand All @@ -1998,7 +2003,11 @@ public PrivateKey getPrivateKey(String alias) {
);
};
CountDownLatch latch = new CountDownLatch(1);
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustAll(true));
client = vertx.createHttpClient(createBaseClientOptions()
.setKeepAlive(false)
.setVerifyHost(false)
.setTrustAll(true)
);
request.get().onComplete(onSuccess(body1 -> {
assertEquals("Hello World", body1.toString());
latch.countDown();
Expand Down

0 comments on commit 29ebcb1

Please sign in to comment.