From 31e0f768722b30d694afc511502a9143d2647273 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Mon, 28 Sep 2020 12:02:01 -0500 Subject: [PATCH] Issue #5362 - Adding SslContextFactory.Client to Proxy's HttpClient Signed-off-by: Joakim Erdfelt --- .../jetty/proxy/AbstractProxyServlet.java | 4 +- tests/test-webapps/test-proxy-webapp/pom.xml | 17 +- .../src/main/webapp/WEB-INF/web.xml | 6 +- .../jetty/TestTransparentProxyServer.java | 156 +++++++----------- .../test/resources/jetty-logging.properties | 5 + 5 files changed, 75 insertions(+), 113 deletions(-) create mode 100644 tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties diff --git a/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java b/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java index 26998e4eae40..022d41d90abf 100644 --- a/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java +++ b/jetty-proxy/src/main/java/org/eclipse/jetty/proxy/AbstractProxyServlet.java @@ -55,6 +55,7 @@ import org.eclipse.jetty.util.StringUtil; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; +import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.util.thread.QueuedThreadPool; /** @@ -362,7 +363,8 @@ protected HttpClient newHttpClient() String value = getServletConfig().getInitParameter("selectors"); if (value != null) selectors = Integer.parseInt(value); - return new HttpClient(new HttpClientTransportOverHTTP(selectors), null); + SslContextFactory.Client clientSsl = new SslContextFactory.Client(); + return new HttpClient(new HttpClientTransportOverHTTP(selectors), clientSsl); } protected HttpClient getHttpClient() diff --git a/tests/test-webapps/test-proxy-webapp/pom.xml b/tests/test-webapps/test-proxy-webapp/pom.xml index bf82f7a15235..a0283367565f 100644 --- a/tests/test-webapps/test-proxy-webapp/pom.xml +++ b/tests/test-webapps/test-proxy-webapp/pom.xml @@ -45,14 +45,6 @@ javax.servlet-api provided - - org.eclipse.jetty jetty-webapp @@ -61,13 +53,14 @@ org.eclipse.jetty - jetty-jmx + jetty-client ${project.version} - test + provided - org.eclipse.jetty.toolchain - jetty-test-helper + org.eclipse.jetty + jetty-jmx + ${project.version} test diff --git a/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml b/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml index 342181c61c92..ac033c1d1d1f 100644 --- a/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml +++ b/tests/test-webapps/test-proxy-webapp/src/main/webapp/WEB-INF/web.xml @@ -7,10 +7,12 @@ JavadocTransparentProxy org.eclipse.jetty.proxy.ProxyServlet$Transparent - proxyTohttp://www.eclipse.org/jetty/javadoc/ + proxyTo + https://www.eclipse.org/jetty/javadoc/ - hostHeadereclipse.org + hostHeader + www.eclipse.org 1 true diff --git a/tests/test-webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java b/tests/test-webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java index 8d1839c21b12..4ba4244daa11 100644 --- a/tests/test-webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java +++ b/tests/test-webapps/test-proxy-webapp/src/test/java/org/eclipse/jetty/TestTransparentProxyServer.java @@ -18,118 +18,78 @@ package org.eclipse.jetty; -import java.lang.management.ManagementFactory; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.TimeoutException; -import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory; -import org.eclipse.jetty.http2.HTTP2Cipher; -import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory; -import org.eclipse.jetty.jmx.MBeanContainer; -import org.eclipse.jetty.server.ForwardedRequestCustomizer; -import org.eclipse.jetty.server.Handler; -import org.eclipse.jetty.server.HttpConfiguration; -import org.eclipse.jetty.server.HttpConnectionFactory; -import org.eclipse.jetty.server.SecureRequestCustomizer; +import org.eclipse.jetty.client.HttpClient; +import org.eclipse.jetty.client.api.ContentResponse; +import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; -import org.eclipse.jetty.server.SslConnectionFactory; -import org.eclipse.jetty.server.handler.ContextHandlerCollection; -import org.eclipse.jetty.server.handler.DefaultHandler; -import org.eclipse.jetty.server.handler.HandlerCollection; -import org.eclipse.jetty.util.log.Log; -import org.eclipse.jetty.util.log.StdErrLog; -import org.eclipse.jetty.util.ssl.SslContextFactory; -import org.eclipse.jetty.util.thread.QueuedThreadPool; +import org.eclipse.jetty.toolchain.test.MavenTestingUtils; +import org.eclipse.jetty.util.component.LifeCycle; +import org.eclipse.jetty.util.resource.PathResource; import org.eclipse.jetty.webapp.WebAppContext; -import org.junit.jupiter.api.Disabled; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Tag; +import org.junit.jupiter.api.Test; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.is; -@Disabled("Not a test case") public class TestTransparentProxyServer { - public static void main(String[] args) throws Exception - { - ((StdErrLog)Log.getLog()).setSource(false); - - String jettyRoot = "../../.."; - - // Setup Threadpool - QueuedThreadPool threadPool = new QueuedThreadPool(); - threadPool.setMaxThreads(100); - - // Setup server - Server server = new Server(threadPool); - server.manage(threadPool); - - // Setup JMX - MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer()); - server.addBean(mbContainer); - server.addBean(Log.getLog()); - - // Common HTTP configuration - HttpConfiguration config = new HttpConfiguration(); - config.setSecurePort(8443); - config.addCustomizer(new ForwardedRequestCustomizer()); - config.setSendDateHeader(true); - config.setSendServerVersion(true); - - // Http Connector - HttpConnectionFactory http = new HttpConnectionFactory(config); - ServerConnector httpConnector = new ServerConnector(server, http); - httpConnector.setPort(8080); - httpConnector.setIdleTimeout(30000); - server.addConnector(httpConnector); - - // SSL configurations - SslContextFactory sslContextFactory = new SslContextFactory.Server(); - sslContextFactory.setKeyStorePath(jettyRoot + "/jetty-server/src/main/config/etc/keystore"); - sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); - sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g"); - sslContextFactory.setTrustStorePath(jettyRoot + "/jetty-server/src/main/config/etc/keystore"); - sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); - sslContextFactory.setExcludeCipherSuites( - "SSL_RSA_WITH_DES_CBC_SHA", - "SSL_DHE_RSA_WITH_DES_CBC_SHA", - "SSL_DHE_DSS_WITH_DES_CBC_SHA", - "SSL_RSA_EXPORT_WITH_RC4_40_MD5", - "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", - "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); - sslContextFactory.setCipherComparator(new HTTP2Cipher.CipherComparator()); + private Server server; + private HttpClient client; - // HTTPS Configuration - HttpConfiguration httpsConfig = new HttpConfiguration(config); - httpsConfig.addCustomizer(new SecureRequestCustomizer()); + @BeforeEach + public void setup() throws Exception + { + server = new Server(); - // HTTP2 factory - HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig); - ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory(); - alpn.setDefaultProtocol(h2.getProtocol()); + ServerConnector connector = new ServerConnector(server); + connector.setPort(0); + server.addConnector(connector); - // SSL Factory - SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol()); + WebAppContext webapp = new WebAppContext(); + // This is a pieced together WebApp. + // We don't have a valid WEB-INF/lib to rely on at this point. + // So, open up server classes here, for purposes of this testcase. + webapp.getServerClasspathPattern().add( + "-org.eclipse.jetty.proxy.", + "-org.eclipse.jetty.client.", + "-org.eclipse.jetty.util.ssl."); + webapp.getSystemClasspathPattern().add( + "org.eclipse.jetty.proxy.", + "org.eclipse.jetty.client.", + "org.eclipse.jetty.util.ss."); + webapp.setBaseResource(new PathResource(MavenTestingUtils.getProjectDirPath("src/main/webapp"))); + webapp.setExtraClasspath(MavenTestingUtils.getTargetPath().resolve("classes").toString()); + server.setHandler(webapp); - // HTTP2 Connector - ServerConnector http2Connector = - new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(httpsConfig)); - http2Connector.setPort(8443); - http2Connector.setIdleTimeout(15000); - server.addConnector(http2Connector); + server.start(); - // Handlers - HandlerCollection handlers = new HandlerCollection(); - ContextHandlerCollection contexts = new ContextHandlerCollection(); - handlers.setHandlers(new Handler[] - {contexts, new DefaultHandler()}); + client = new HttpClient(); + client.start(); + } - server.setHandler(handlers); + @AfterEach + public void teardown() + { + LifeCycle.stop(client); + LifeCycle.stop(server); + } - // Setup proxy webapp - WebAppContext webapp = new WebAppContext(); - webapp.setResourceBase("src/main/webapp"); - contexts.addHandler(webapp); + @Test + @Tag("external") + public void testProxyRequest() throws InterruptedException, ExecutionException, TimeoutException + { + ContentResponse response = client.newRequest(server.getURI().resolve("/proxy/current/")) + .followRedirects(false) + .send(); - // start server - server.setStopAtShutdown(true); - server.start(); - server.join(); + // Expecting a 200 OK (not a 302 redirect or other error) + assertThat("response status", response.getStatus(), is(HttpStatus.OK_200)); } } diff --git a/tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties b/tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties new file mode 100644 index 000000000000..bf725104bbd2 --- /dev/null +++ b/tests/test-webapps/test-proxy-webapp/src/test/resources/jetty-logging.properties @@ -0,0 +1,5 @@ +org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog +#org.eclipse.jetty.LEVEL=WARN +#org.eclipse.jetty.client.LEVEL=DEBUG +#org.eclipse.jetty.http.LEVEL=DEBUG +#org.eclipse.jetty.proxy.LEVEL=DEBUG