Пример #1
0
  /**
   * Tests opening an SSL/TLS connection to redis using the loopback address of 127.0.0.1. This test
   * should fail because "127.0.0.1" does not match the certificate subject common name and there
   * are no subject alternative names in the certificate.
   *
   * <p>NOTE: This test relies on a feature that is only available as of Java 7 and later. It is
   * commented out but not removed in case support for Java 6 is dropped or we find a way to have
   * the CI run a specific set of tests on Java 7 and above.
   */
  @Test
  public void connectWithShardInfoByIpAddress() throws Exception {
    final URI uri = URI.create("rediss://127.0.0.1:6390");
    final SSLSocketFactory sslSocketFactory = createTrustStoreSslSocketFactory();
    // These SSL parameters ensure that we use the same hostname verifier used
    // for HTTPS.
    // Note: this options is only available in Java 7.
    final SSLParameters sslParameters = new SSLParameters();
    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");

    JedisShardInfo shardInfo = new JedisShardInfo(uri, sslSocketFactory, sslParameters, null);
    shardInfo.setPassword("foobared");

    Jedis jedis = new Jedis(shardInfo);
    try {
      jedis.get("foo");
      Assert.fail("The code did not throw the expected JedisConnectionException.");
    } catch (JedisConnectionException e) {
      Assert.assertEquals(
          "Unexpected first inner exception.",
          SSLHandshakeException.class,
          e.getCause().getClass());
      Assert.assertEquals(
          "Unexpected second inner exception.",
          CertificateException.class,
          e.getCause().getCause().getClass());
    }

    try {
      jedis.close();
    } catch (Throwable e1) {
      // Expected.
    }
  }
Пример #2
0
  /**
   * Tests opening an SSL/TLS connection to redis. NOTE: This test relies on a feature that is only
   * available as of Java 7 and later. It is commented out but not removed in case support for Java
   * 6 is dropped or we find a way to have the CI run a specific set of tests on Java 7 and above.
   */
  @Test
  public void connectWithShardInfo() throws Exception {
    final URI uri = URI.create("rediss://localhost:6390");
    final SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    // These SSL parameters ensure that we use the same hostname verifier used
    // for HTTPS.
    // Note: this options is only available in Java 7.
    final SSLParameters sslParameters = new SSLParameters();
    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");

    JedisShardInfo shardInfo = new JedisShardInfo(uri, sslSocketFactory, sslParameters, null);
    shardInfo.setPassword("foobared");

    Jedis jedis = new Jedis(shardInfo);
    jedis.get("foo");
    jedis.disconnect();
    jedis.close();
  }
Пример #3
0
    @Override
    protected void initChannel(Channel channel) throws Exception {
      SslContext sslContext;

      SSLParameters sslParams = new SSLParameters();

      if (redisURI.isVerifyPeer()) {
        sslContext = SslContext.newClientContext(SslProvider.JDK);
        if (JavaRuntime.AT_LEAST_JDK_7) {
          sslParams.setEndpointIdentificationAlgorithm("HTTPS");
        }
      } else {
        sslContext =
            SslContext.newClientContext(SslProvider.JDK, InsecureTrustManagerFactory.INSTANCE);
      }

      SSLEngine sslEngine =
          sslContext.newEngine(channel.alloc(), redisURI.getHost(), redisURI.getPort());
      sslEngine.setSSLParameters(sslParams);

      removeIfExists(channel.pipeline(), SslHandler.class);

      if (channel.pipeline().get("first") == null) {
        channel
            .pipeline()
            .addFirst(
                "first",
                new ChannelDuplexHandler() {

                  @Override
                  public void channelActive(ChannelHandlerContext ctx) throws Exception {
                    eventBus.publish(new ConnectedEvent(local(ctx), remote(ctx)));
                    super.channelActive(ctx);
                  }

                  @Override
                  public void channelInactive(ChannelHandlerContext ctx) throws Exception {
                    eventBus.publish(new DisconnectedEvent(local(ctx), remote(ctx)));
                    super.channelInactive(ctx);
                  }
                });
      }

      SslHandler sslHandler = new SslHandler(sslEngine, redisURI.isStartTls());
      channel.pipeline().addLast(sslHandler);
      if (channel.pipeline().get("channelActivator") == null) {
        channel
            .pipeline()
            .addLast(
                "channelActivator",
                new RedisChannelInitializerImpl() {

                  private Command<?, ?, ?> pingCommand;

                  @Override
                  public Future<Boolean> channelInitialized() {
                    return initializedFuture;
                  }

                  @Override
                  public void channelInactive(ChannelHandlerContext ctx) throws Exception {
                    initializedFuture = SettableFuture.create();
                    pingCommand = null;
                    super.channelInactive(ctx);
                  }

                  @Override
                  public void channelActive(ChannelHandlerContext ctx) throws Exception {
                    if (initializedFuture.isDone()) {
                      super.channelActive(ctx);
                    }
                  }

                  @Override
                  public void userEventTriggered(ChannelHandlerContext ctx, Object evt)
                      throws Exception {
                    if (evt instanceof SslHandshakeCompletionEvent && !initializedFuture.isDone()) {

                      SslHandshakeCompletionEvent event = (SslHandshakeCompletionEvent) evt;
                      if (event.isSuccess()) {
                        if (pingBeforeActivate) {
                          pingCommand = INITIALIZING_CMD_BUILDER.ping();
                          pingBeforeActivate(pingCommand, initializedFuture, ctx, handlers);
                        } else {
                          ctx.fireChannelActive();
                        }
                      } else {
                        initializedFuture.setException(event.cause());
                      }
                    }

                    if (evt instanceof ConnectionEvents.Close) {
                      if (ctx.channel().isOpen()) {
                        ctx.channel().close();
                      }
                    }

                    if (evt instanceof ConnectionEvents.Activated) {
                      if (!initializedFuture.isDone()) {
                        initializedFuture.set(true);
                        eventBus.publish(new ConnectionActivatedEvent(local(ctx), remote(ctx)));
                      }
                    }

                    super.userEventTriggered(ctx, evt);
                  }

                  @Override
                  public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause)
                      throws Exception {

                    if (!initializedFuture.isDone()) {
                      initializedFuture.setException(cause);
                    }
                    super.exceptionCaught(ctx, cause);
                  }
                });
      }

      for (ChannelHandler handler : handlers) {
        removeIfExists(channel.pipeline(), handler.getClass());
        channel.pipeline().addLast(handler);
      }
    }