aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java')
-rw-r--r--jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java74
1 files changed, 72 insertions, 2 deletions
diff --git a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java
index 1380abc03f3..25457c0c6c6 100644
--- a/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java
+++ b/jdisc_http_service/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java
@@ -1,20 +1,33 @@
// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.jdisc.http.server.jetty;
+import com.google.common.collect.ImmutableMap;
import com.yahoo.jdisc.Metric;
import com.yahoo.jdisc.http.ConnectorConfig;
import com.yahoo.jdisc.http.SecretStore;
+import com.yahoo.jdisc.http.ssl.ReaderForPath;
+import com.yahoo.jdisc.http.SslContextFactory;
+import com.yahoo.jdisc.http.ssl.SslKeyStore;
+import com.yahoo.jdisc.http.ssl.pem.PemKeyStore;
+import com.yahoo.jdisc.http.ssl.pem.PemSslKeyStore;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.testng.annotations.Test;
+import javax.net.ssl.SSLContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.InetSocketAddress;
+import java.nio.channels.FileChannel;
import java.nio.channels.ServerSocketChannel;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.StandardOpenOption;
+import java.util.Collections;
import java.util.Map;
import static com.yahoo.jdisc.http.ConnectorConfig.Ssl;
@@ -60,7 +73,7 @@ public class ConnectorFactoryTest {
ConnectorFactory factory = new ConnectorFactory(new ConnectorConfig(new ConnectorConfig.Builder()),
new ThrowingSecretStore());
ConnectorFactory.JDiscServerConnector connector =
- (ConnectorFactory.JDiscServerConnector)factory.createConnector(new DummyMetric(), server, null);
+ (ConnectorFactory.JDiscServerConnector)factory.createConnector(new DummyMetric(), server, null, Collections.emptyMap());
server.addConnector(connector);
server.setHandler(new HelloWorldHandler());
server.start();
@@ -86,7 +99,7 @@ public class ConnectorFactoryTest {
serverChannel.socket().bind(new InetSocketAddress(0));
ConnectorFactory factory = new ConnectorFactory(new ConnectorConfig(new ConnectorConfig.Builder()), new ThrowingSecretStore());
- ConnectorFactory.JDiscServerConnector connector = (ConnectorFactory.JDiscServerConnector) factory.createConnector(new DummyMetric(), server, serverChannel);
+ ConnectorFactory.JDiscServerConnector connector = (ConnectorFactory.JDiscServerConnector) factory.createConnector(new DummyMetric(), server, serverChannel, Collections.emptyMap());
server.addConnector(connector);
server.setHandler(new HelloWorldHandler());
server.start();
@@ -104,6 +117,63 @@ public class ConnectorFactoryTest {
}
}
+ @Test
+ public void pre_bound_keystore_file_channels_are_used() throws Exception {
+ Path pemKeyStoreDirectory = Paths.get("src/test/resources/pem/");
+
+ Path certificateFile = pemKeyStoreDirectory.resolve("test.crt");
+ Path privateKeyFile = pemKeyStoreDirectory.resolve("test.key");
+
+ Server server = new Server();
+ try {
+ ServerSocketChannel serverChannel = ServerSocketChannel.open();
+ serverChannel.socket().bind(new InetSocketAddress(0));
+
+ String fakeCertificatePath = "ensure-certificate-path-is-not-used-to-open-the-file";
+ String fakeKeyPath = "ensure-key-path-is-not-used-to-open-the-file";
+
+ ConnectorConfig.Builder builder = new ConnectorConfig.Builder();
+ builder.ssl(
+ new Ssl.Builder().
+ enabled(true).
+ keyStoreType(PEM).
+ pemKeyStore(new Ssl.PemKeyStore.Builder().
+ certificatePath(fakeCertificatePath).
+ keyPath(fakeKeyPath)));
+
+ FileChannel certificateChannel = FileChannel.open(certificateFile, StandardOpenOption.READ);
+ FileChannel privateKeyChannel = FileChannel.open(privateKeyFile, StandardOpenOption.READ);
+
+ Map<Path, FileChannel> keyStoreChannels = ImmutableMap.<Path, FileChannel>builder().
+ put(Paths.get(fakeCertificatePath), certificateChannel).
+ put(Paths.get(fakeKeyPath), privateKeyChannel).
+ build();
+
+
+ ConnectorFactory factory = new ConnectorFactory(new ConnectorConfig(builder), new ThrowingSecretStore());
+ ConnectorFactory.JDiscServerConnector connector = (ConnectorFactory.JDiscServerConnector) factory.createConnector(new DummyMetric(), server, serverChannel, keyStoreChannels);
+ server.addConnector(connector);
+ server.setHandler(new HelloWorldHandler());
+ server.start();
+
+ SslKeyStore trustStore = new PemSslKeyStore(
+ new PemKeyStore.TrustStoreLoadParameter(
+ new ReaderForPath(Files.newBufferedReader(certificateFile), certificateFile)));
+
+ SSLContext clientSslContext = SslContextFactory.newInstanceFromTrustStore(trustStore).getServerSSLContext();
+ SimpleHttpClient client = new SimpleHttpClient(clientSslContext, connector.getLocalPort(), false);
+ SimpleHttpClient.RequestExecutor ex = client.newGet("/ignored");
+ SimpleHttpClient.ResponseValidator val = ex.execute();
+ val.expectContent(equalTo("Hello world"));
+ } finally {
+ try {
+ server.stop();
+ } catch (Exception e) {
+ //ignore
+ }
+ }
+ }
+
private static class HelloWorldHandler extends AbstractHandler {
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {