You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by cl...@apache.org on 2018/05/24 20:29:23 UTC
[08/33] activemq-artemis git commit: ARTEMIS-1853 Adding Netty
OpenSSL provider test
ARTEMIS-1853 Adding Netty OpenSSL provider test
Added some netty openssl tests
Fix a NPE issue
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/8b458b56
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/8b458b56
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/8b458b56
Branch: refs/heads/2.6.x
Commit: 8b458b568268e4364bae94d25535d9373a8a49f8
Parents: ef03ce4
Author: Howard Gao <ho...@gmail.com>
Authored: Fri May 18 06:50:37 2018 +0800
Committer: Clebert Suconic <cl...@apache.org>
Committed: Mon May 21 18:09:29 2018 -0400
----------------------------------------------------------------------
.../core/remoting/impl/ssl/SSLSupport.java | 2 +-
.../tests/integration/ssl/SSLProviderTest.java | 84 +++++++++++++++
.../integration/ssl/SSLProviderTwoWayTest.java | 101 +++++++++++++++++
.../tests/integration/ssl/SSLTestBase.java | 108 +++++++++++++++++++
4 files changed, 294 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/8b458b56/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java
----------------------------------------------------------------------
diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java
index 85c2c50..905e19e 100644
--- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java
+++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java
@@ -125,7 +125,7 @@ public class SSLSupport {
final boolean trustAll ) throws Exception {
KeyStore keyStore = SSLSupport.loadKeystore(keystoreProvider, keystorePath, keystorePassword);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- keyManagerFactory.init(keyStore, keystorePassword.toCharArray());
+ keyManagerFactory.init(keyStore, keystorePassword == null ? null : keystorePassword.toCharArray());
return SslContextBuilder.forClient().sslProvider(SslProvider.valueOf(sslProvider)).keyManager(keyManagerFactory).trustManager(SSLSupport.loadTrustManagerFactory(trustStoreProvider, trustStorePath, trustStorePassword, trustAll, null)).build();
}
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/8b458b56/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTest.java
----------------------------------------------------------------------
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTest.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTest.java
new file mode 100644
index 0000000..3fa976f
--- /dev/null
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTest.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.tests.integration.ssl;
+
+import org.apache.activemq.artemis.api.core.RoutingType;
+import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
+import org.apache.activemq.artemis.api.core.client.ClientConsumer;
+import org.apache.activemq.artemis.api.core.client.ClientMessage;
+import org.apache.activemq.artemis.api.core.client.ClientProducer;
+import org.apache.activemq.artemis.api.core.client.ClientSession;
+import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
+import org.apache.activemq.artemis.api.core.client.ServerLocator;
+import org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptor;
+import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+@RunWith(Parameterized.class)
+public class SSLProviderTest extends SSLTestBase {
+
+ public SSLProviderTest(String sslProvider, String clientSslProvider) {
+ super(sslProvider, clientSslProvider);
+ }
+
+ @Test
+ public void testProviderConfig() {
+ NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor(getNettyAcceptorName());
+ assertNotNull(acceptor);
+ String sslProviderInUse = (String) acceptor.getConfiguration().get(TransportConstants.SSL_PROVIDER);
+ assertEquals(sslProvider, sslProviderInUse);
+ }
+
+ @Test
+ public void testProviderLoading() throws Exception {
+ if (!isOpenSSLSupported()) {
+ System.out.println("*** Skip test on un-supported platform.");
+ return;
+ }
+
+ final String text = "Hello SSL!";
+ StringBuilder uri = new StringBuilder("tcp://" + tc.getParams().get(TransportConstants.HOST_PROP_NAME).toString()
+ + ":" + tc.getParams().get(TransportConstants.PORT_PROP_NAME).toString());
+
+ uri.append("?").append(TransportConstants.SSL_ENABLED_PROP_NAME).append("=true");
+ uri.append("&").append(TransportConstants.SSL_PROVIDER).append("=").append(clientSslProvider);
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME).append("=JKS");
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PATH_PROP_NAME).append("=").append(CLIENT_SIDE_TRUSTSTORE);
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME).append("=").append(PASSWORD);
+
+ System.out.println("uri: " + uri.toString());
+ ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocator(uri.toString()));
+ ClientSessionFactory sf = addSessionFactory(createSessionFactory(locator));
+ ClientSession session = addClientSession(sf.createSession(false, true, true));
+ session.createQueue(QUEUE, RoutingType.ANYCAST, QUEUE);
+ ClientProducer producer = addClientProducer(session.createProducer(QUEUE));
+
+ ClientMessage message = createTextMessage(session, text);
+ producer.send(message);
+
+ ClientConsumer consumer = addClientConsumer(session.createConsumer(QUEUE));
+ session.start();
+
+ ClientMessage m = consumer.receive(1000);
+ Assert.assertNotNull(m);
+ Assert.assertEquals(text, m.getBodyBuffer().readString());
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/8b458b56/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTwoWayTest.java
----------------------------------------------------------------------
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTwoWayTest.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTwoWayTest.java
new file mode 100644
index 0000000..cc93d47
--- /dev/null
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLProviderTwoWayTest.java
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.tests.integration.ssl;
+
+import org.apache.activemq.artemis.api.core.RoutingType;
+import org.apache.activemq.artemis.api.core.client.ActiveMQClient;
+import org.apache.activemq.artemis.api.core.client.ClientConsumer;
+import org.apache.activemq.artemis.api.core.client.ClientMessage;
+import org.apache.activemq.artemis.api.core.client.ClientProducer;
+import org.apache.activemq.artemis.api.core.client.ClientSession;
+import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
+import org.apache.activemq.artemis.api.core.client.ServerLocator;
+import org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptor;
+import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+import java.util.Map;
+
+@RunWith(Parameterized.class)
+public class SSLProviderTwoWayTest extends SSLTestBase {
+
+ public SSLProviderTwoWayTest(String sslProvider, String clientSslProvider) {
+ super(sslProvider, clientSslProvider);
+ }
+
+ @Override
+ protected void configureSSLParameters(Map<String, Object> params) {
+ super.configureSSLParameters(params);
+
+ params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, SERVER_SIDE_TRUSTSTORE);
+ params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, PASSWORD);
+ params.put(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME, "JKS");
+ params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true);
+ }
+
+ @Test
+ public void testProviderConfig() {
+ NettyAcceptor acceptor = (NettyAcceptor) server.getRemotingService().getAcceptor(getNettyAcceptorName());
+ assertNotNull(acceptor);
+ String sslProviderInUse = (String) acceptor.getConfiguration().get(TransportConstants.SSL_PROVIDER);
+ assertEquals(sslProvider, sslProviderInUse);
+ assertTrue((Boolean) acceptor.getConfiguration().get(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME));
+ }
+
+ @Test
+ public void testProviderLoading2Way() throws Exception {
+ if (!isOpenSSLSupported()) {
+ System.out.println("*** Skip test on un-supported platform.");
+ return;
+ }
+
+ final String text = "Hello SSL!";
+ StringBuilder uri = new StringBuilder("tcp://" + tc.getParams().get(TransportConstants.HOST_PROP_NAME).toString()
+ + ":" + tc.getParams().get(TransportConstants.PORT_PROP_NAME).toString());
+
+ uri.append("?").append(TransportConstants.SSL_ENABLED_PROP_NAME).append("=true");
+ uri.append("&").append(TransportConstants.SSL_PROVIDER).append("=").append(clientSslProvider);
+ uri.append("&").append(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME).append("=").append("JKS");
+ uri.append("&").append(TransportConstants.KEYSTORE_PATH_PROP_NAME).append("=").append(CLIENT_SIDE_KEYSTORE);
+ uri.append("&").append(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME).append("=").append(PASSWORD);
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME).append("=JKS");
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PATH_PROP_NAME).append("=").append(CLIENT_SIDE_TRUSTSTORE);
+ uri.append("&").append(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME).append("=").append(PASSWORD);
+
+ System.out.println("uri: " + uri.toString());
+ ServerLocator locator = addServerLocator(ActiveMQClient.createServerLocator(uri.toString()));
+ ClientSessionFactory sf = addSessionFactory(createSessionFactory(locator));
+ ClientSession session = addClientSession(sf.createSession(false, true, true));
+ session.createQueue(QUEUE, RoutingType.ANYCAST, QUEUE);
+ ClientProducer producer = addClientProducer(session.createProducer(QUEUE));
+
+ ClientMessage message = createTextMessage(session, text);
+ producer.send(message);
+
+ ClientConsumer consumer = addClientConsumer(session.createConsumer(QUEUE));
+ session.start();
+
+ ClientMessage m = consumer.receive(1000);
+ Assert.assertNotNull(m);
+ Assert.assertEquals(text, m.getBodyBuffer().readString());
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/8b458b56/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLTestBase.java
----------------------------------------------------------------------
diff --git a/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLTestBase.java b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLTestBase.java
new file mode 100644
index 0000000..92281e5
--- /dev/null
+++ b/tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/SSLTestBase.java
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.artemis.tests.integration.ssl;
+
+import io.netty.handler.ssl.OpenSsl;
+import org.apache.activemq.artemis.api.core.TransportConfiguration;
+import org.apache.activemq.artemis.core.config.impl.ConfigurationImpl;
+import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants;
+import org.apache.activemq.artemis.core.server.ActiveMQServer;
+import org.apache.activemq.artemis.core.server.ActiveMQServers;
+import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
+import org.junit.Before;
+import org.junit.runners.Parameterized;
+
+import java.lang.management.ManagementFactory;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+public abstract class SSLTestBase extends ActiveMQTestBase {
+
+ @Parameterized.Parameters(name = "sslProvider={0},clientProvider={1}")
+ public static Collection getParameters() {
+ return Arrays.asList(new Object[][]{{TransportConstants.OPENSSL_PROVIDER, TransportConstants.DEFAULT_SSL_PROVIDER},
+ {TransportConstants.OPENSSL_PROVIDER, TransportConstants.OPENSSL_PROVIDER},
+ {TransportConstants.DEFAULT_SSL_PROVIDER, TransportConstants.DEFAULT_SSL_PROVIDER},
+ {TransportConstants.DEFAULT_SSL_PROVIDER, TransportConstants.OPENSSL_PROVIDER}});
+ }
+
+ protected static final String QUEUE = "ssl.test.queue";
+
+ protected final String PASSWORD = "secureexample";
+ protected String SERVER_SIDE_KEYSTORE = "openssl-server-side-keystore.jks";
+ protected String SERVER_SIDE_TRUSTSTORE = "openssl-server-side-truststore.jks";
+ protected String CLIENT_SIDE_TRUSTSTORE = "openssl-client-side-truststore.jks";
+ protected String CLIENT_SIDE_KEYSTORE = "openssl-client-side-keystore.jks";
+
+ protected ActiveMQServer server;
+
+ protected TransportConfiguration tc;
+
+ protected String sslProvider;
+ protected String clientSslProvider;
+
+ public SSLTestBase(String sslProvider, String clientSslProvider) {
+ this.sslProvider = sslProvider;
+ this.clientSslProvider = clientSslProvider;
+ }
+
+ @Override
+ @Before
+ public void setUp() throws Exception {
+ super.setUp();
+ Map<String, Object> params = new HashMap<>();
+ configureSSLParameters(params);
+ ConfigurationImpl config = createBasicConfig();
+ config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params, getNettyAcceptorName()));
+ config.addAcceptorConfiguration(new TransportConfiguration(NETTY_ACCEPTOR_FACTORY));
+
+ server = addServer(ActiveMQServers.newActiveMQServer(config, ManagementFactory.getPlatformMBeanServer(), null, false));
+
+ server.start();
+ waitForServerToStart(server);
+ tc = new TransportConfiguration(NETTY_CONNECTOR_FACTORY);
+ tc.getParams().put(TransportConstants.HOST_PROP_NAME, params.get(TransportConstants.HOST_PROP_NAME));
+ tc.getParams().put(TransportConstants.PORT_PROP_NAME, params.get(TransportConstants.PORT_PROP_NAME));
+ tc.getParams().put(TransportConstants.SSL_PROVIDER, clientSslProvider);
+ }
+
+ protected void configureSSLParameters(Map<String, Object> params) {
+ System.out.println("*** Configure server SSL using provider: " + sslProvider);
+ params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true);
+ params.put(TransportConstants.SSL_PROVIDER, sslProvider);
+ params.put(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME, "JKS");
+ params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, SERVER_SIDE_KEYSTORE);
+ params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, PASSWORD);
+ params.put(TransportConstants.HOST_PROP_NAME, "localhost");
+ params.put(TransportConstants.PORT_PROP_NAME, "61617");
+ }
+
+ public String getNettyAcceptorName() {
+ return "SSLTestAcceptor";
+ }
+
+
+ protected boolean isOpenSSLSupported() {
+ if (sslProvider.equals(TransportConstants.OPENSSL_PROVIDER) || clientSslProvider.equals(TransportConstants.OPENSSL_PROVIDER)) {
+ return OpenSsl.isAvailable();
+ }
+ return true;
+ }
+
+}