hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject [1/4] httpcomponents-core git commit: Improved TLS integration test coverage
Date Tue, 14 Nov 2017 16:56:41 GMT
Repository: httpcomponents-core
Updated Branches:
  refs/heads/master a0a45e1e5 -> 502f9d9ac


Improved TLS integration test coverage


Project: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/commit/e59d926e
Tree: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/tree/e59d926e
Diff: http://git-wip-us.apache.org/repos/asf/httpcomponents-core/diff/e59d926e

Branch: refs/heads/master
Commit: e59d926e110f50699a49ad0327708e2133953511
Parents: a0a45e1
Author: Oleg Kalnichevski <olegk@apache.org>
Authored: Tue Nov 14 11:45:41 2017 +0100
Committer: Oleg Kalnichevski <olegk@apache.org>
Committed: Tue Nov 14 11:48:49 2017 +0100

----------------------------------------------------------------------
 .../hc/core5/http2/ssl/FixedPortStrategy.java   | 56 -----------------
 .../hc/core5/http2/ssl/H2ServerTlsStrategy.java |  2 +
 .../hc/core5/http2/ssl/SecurePortStrategy.java  | 41 -------------
 .../apache/hc/core5/testing/TestingSupport.java | 49 +++++++++++++++
 .../nio/Http1ServerAndRequesterTest.java        | 45 ++++++++++++--
 .../nio/Http2ProtocolNegotiationTest.java       | 29 +++++----
 ...Http2ServerAndMultiplexingRequesterTest.java | 63 ++++++++++++++++++--
 .../nio/Http2ServerAndRequesterTest.java        | 57 ++++++++++++++----
 .../impl/bootstrap/AsyncServerBootstrap.java    |  3 +-
 .../http/nio/ssl/BasicServerTlsStrategy.java    | 32 +++++-----
 .../core5/http/nio/ssl/FixedPortStrategy.java   | 56 +++++++++++++++++
 .../core5/http/nio/ssl/SecurePortStrategy.java  | 41 +++++++++++++
 12 files changed, 319 insertions(+), 155 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/FixedPortStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/FixedPortStrategy.java
b/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/FixedPortStrategy.java
deleted file mode 100644
index 35ebe2b..0000000
--- a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/FixedPortStrategy.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.hc.core5.http2.ssl;
-
-import java.net.InetSocketAddress;
-import java.net.SocketAddress;
-
-import org.apache.hc.core5.util.Args;
-
-/**
- * @since 5.0
- */
-public final class FixedPortStrategy implements SecurePortStrategy {
-
-    private final int[] securePorts;
-
-    public FixedPortStrategy(final int[] securePorts) {
-        this.securePorts = Args.notNull(securePorts, "Secure ports");
-    }
-
-    public boolean isSecure(final SocketAddress localAddress) {
-        final int port = ((InetSocketAddress) localAddress).getPort();
-        for (final int securePort: securePorts) {
-            if (port == securePort) {
-                return true;
-            }
-        }
-        return false;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/H2ServerTlsStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/H2ServerTlsStrategy.java
b/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/H2ServerTlsStrategy.java
index c6113fb..675a4dd 100644
--- a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/H2ServerTlsStrategy.java
+++ b/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/H2ServerTlsStrategy.java
@@ -37,7 +37,9 @@ import org.apache.hc.core5.reactor.ssl.SSLBufferManagement;
 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
+import org.apache.hc.core5.http.nio.ssl.FixedPortStrategy;
 import org.apache.hc.core5.ssl.SSLContexts;
+import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
 import org.apache.hc.core5.util.Args;
 
 /**

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/SecurePortStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/SecurePortStrategy.java
b/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/SecurePortStrategy.java
deleted file mode 100644
index 3a4538d..0000000
--- a/httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/SecurePortStrategy.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.hc.core5.http2.ssl;
-
-import java.net.SocketAddress;
-
-/**
- * Side-side strategy to determine if local endpoint should be secured with TLS.
- *
- * @since 5.0
- */
-public interface SecurePortStrategy {
-
-    boolean isSecure(SocketAddress localAddress);
-
-}

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/TestingSupport.java
----------------------------------------------------------------------
diff --git a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/TestingSupport.java
b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/TestingSupport.java
new file mode 100644
index 0000000..3e79548
--- /dev/null
+++ b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/TestingSupport.java
@@ -0,0 +1,49 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.hc.core5.testing;
+
+public final class TestingSupport {
+
+    public static int determineJRELevel() {
+        final String s = System.getProperty("java.version");
+        final String[] parts = s.split("\\.");
+        if (parts.length > 0) {
+            try {
+                final int majorVersion = Integer.parseInt(parts[0]);
+                if (majorVersion > 1) {
+                    return majorVersion;
+                } else if (majorVersion == 1 && parts.length > 1) {
+                    return Integer.parseInt(parts[1]);
+                }
+            } catch (final NumberFormatException ignore) {
+            }
+        }
+        return 7;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http1ServerAndRequesterTest.java
----------------------------------------------------------------------
diff --git a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http1ServerAndRequesterTest.java
b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http1ServerAndRequesterTest.java
index b258f91..3bba0e5 100644
--- a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http1ServerAndRequesterTest.java
+++ b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http1ServerAndRequesterTest.java
@@ -29,6 +29,9 @@ package org.apache.hc.core5.testing.nio;
 
 import java.io.IOException;
 import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.util.Arrays;
+import java.util.Collection;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Queue;
@@ -45,6 +48,7 @@ import org.apache.hc.core5.http.HttpRequest;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.HttpStatus;
 import org.apache.hc.core5.http.Message;
+import org.apache.hc.core5.http.URIScheme;
 import org.apache.hc.core5.http.impl.bootstrap.AsyncRequesterBootstrap;
 import org.apache.hc.core5.http.impl.bootstrap.AsyncServerBootstrap;
 import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncRequester;
@@ -61,11 +65,15 @@ import org.apache.hc.core5.http.nio.BasicRequestProducer;
 import org.apache.hc.core5.http.nio.BasicResponseConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer;
+import org.apache.hc.core5.http.nio.ssl.BasicClientTlsStrategy;
+import org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy;
+import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
 import org.apache.hc.core5.http.protocol.HttpContext;
 import org.apache.hc.core5.io.ShutdownType;
 import org.apache.hc.core5.reactor.ExceptionEvent;
 import org.apache.hc.core5.reactor.IOReactorConfig;
 import org.apache.hc.core5.reactor.ListenerEndpoint;
+import org.apache.hc.core5.testing.SSLTestContexts;
 import org.apache.hc.core5.testing.classic.LoggingConnPoolListener;
 import org.apache.hc.core5.util.Timeout;
 import org.apache.logging.log4j.LogManager;
@@ -75,12 +83,28 @@ import org.junit.Assert;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExternalResource;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
 
+@RunWith(Parameterized.class)
 public class Http1ServerAndRequesterTest {
 
+    private final Logger log = LogManager.getLogger(getClass());
+
+    @Parameterized.Parameters(name = "{0}")
+    public static Collection<Object[]> protocols() {
+        return Arrays.asList(new Object[][]{
+                { URIScheme.HTTP },
+                { URIScheme.HTTPS }
+        });
+    }
     private static final Timeout TIMEOUT = Timeout.ofSeconds(30);
 
-    private final Logger log = LogManager.getLogger(getClass());
+    private final URIScheme scheme;
+
+    public Http1ServerAndRequesterTest(final URIScheme scheme) {
+        this.scheme = scheme;
+    }
 
     private HttpAsyncServer server;
 
@@ -140,6 +164,16 @@ public class Http1ServerAndRequesterTest {
                             });
                         }
                     })
+                    .setTlsStrategy(scheme == URIScheme.HTTPS ? new BasicServerTlsStrategy(
+                            SSLTestContexts.createServerSSLContext(),
+                            new SecurePortStrategy() {
+
+                                @Override
+                                public boolean isSecure(final SocketAddress localAddress)
{
+                                    return true;
+                                }
+
+                            }) : null)
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER)
                     .setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE)
@@ -179,6 +213,7 @@ public class Http1ServerAndRequesterTest {
                     .setIOReactorConfig(IOReactorConfig.custom()
                             .setSoTimeout(TIMEOUT)
                             .build())
+                    .setTlsStrategy(new BasicClientTlsStrategy(SSLTestContexts.createClientSSLContext()))
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT)
                     .setConnPoolListener(LoggingConnPoolListener.INSTANCE)
@@ -215,7 +250,7 @@ public class Http1ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
                 new BasicRequestProducer("POST", target, "/stuff",
                         new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
@@ -258,7 +293,7 @@ public class Http1ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
                 new BasicRequestProducer("POST", target, "/no-keep-alive/stuff",
                         new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
@@ -301,7 +336,7 @@ public class Http1ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<AsyncClientEndpoint> endpointFuture = requester.connect(target,
Timeout.ofSeconds(5));
         final AsyncClientEndpoint endpoint = endpointFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
         try {
@@ -352,7 +387,7 @@ public class Http1ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<AsyncClientEndpoint> endpointFuture = requester.connect(target,
Timeout.ofSeconds(5));
         final AsyncClientEndpoint endpoint = endpointFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
         try {

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ProtocolNegotiationTest.java
----------------------------------------------------------------------
diff --git a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ProtocolNegotiationTest.java
b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ProtocolNegotiationTest.java
index 109e03e..9b9530e 100644
--- a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ProtocolNegotiationTest.java
+++ b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ProtocolNegotiationTest.java
@@ -47,18 +47,19 @@ import org.apache.hc.core5.http.nio.BasicRequestProducer;
 import org.apache.hc.core5.http.nio.BasicResponseConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer;
+import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
 import org.apache.hc.core5.http2.HttpVersionPolicy;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.H2RequesterBootstrap;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.H2ServerBootstrap;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.Http2AsyncRequester;
 import org.apache.hc.core5.http2.ssl.H2ClientTlsStrategy;
 import org.apache.hc.core5.http2.ssl.H2ServerTlsStrategy;
-import org.apache.hc.core5.http2.ssl.SecurePortStrategy;
 import org.apache.hc.core5.io.ShutdownType;
 import org.apache.hc.core5.reactor.ExceptionEvent;
 import org.apache.hc.core5.reactor.IOReactorConfig;
 import org.apache.hc.core5.reactor.ListenerEndpoint;
 import org.apache.hc.core5.testing.SSLTestContexts;
+import org.apache.hc.core5.testing.TestingSupport;
 import org.apache.hc.core5.testing.classic.LoggingConnPoolListener;
 import org.apache.hc.core5.testing.classic.LoggingHttp1StreamListener;
 import org.apache.hc.core5.util.Timeout;
@@ -101,6 +102,16 @@ public class Http2ProtocolNegotiationTest {
                             IOReactorConfig.custom()
                                     .setSoTimeout(TIMEOUT)
                                     .build())
+                    .setTlsStrategy(new H2ServerTlsStrategy(
+                            SSLTestContexts.createServerSSLContext(),
+                            new SecurePortStrategy() {
+
+                                @Override
+                                public boolean isSecure(final SocketAddress localAddress)
{
+                                    return true;
+                                }
+
+                            }))
                     .register("*", new Supplier<AsyncServerExchangeHandler>() {
 
                         @Override
@@ -151,6 +162,7 @@ public class Http2ProtocolNegotiationTest {
                     .setIOReactorConfig(IOReactorConfig.custom()
                             .setSoTimeout(TIMEOUT)
                             .build())
+                    .setTlsStrategy(new H2ClientTlsStrategy(SSLTestContexts.createClientSSLContext()))
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setStreamListener(LoggingHttp2StreamListener.INSTANCE)
                     .setStreamListener(LoggingHttp1StreamListener.INSTANCE)
@@ -184,20 +196,7 @@ public class Http2ProtocolNegotiationTest {
 
     @BeforeClass
     public static void determineJavaVersion() {
-        javaVersion = 7;
-        final String s = System.getProperty("java.version");
-        final String[] parts = s.split("\\.");
-        if (parts.length > 0) {
-            try {
-                final int majorVersion = Integer.parseInt(parts[0]);
-                if (majorVersion > 1) {
-                    javaVersion = majorVersion;
-                } else if (majorVersion == 1 && parts.length > 1) {
-                    javaVersion = Integer.parseInt(parts[1]);
-                }
-            } catch (final NumberFormatException ignore) {
-            }
-        }
+        javaVersion = TestingSupport.determineJRELevel();
     }
 
     @Before

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndMultiplexingRequesterTest.java
----------------------------------------------------------------------
diff --git a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndMultiplexingRequesterTest.java
b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndMultiplexingRequesterTest.java
index b3f5180..d5d46c4 100644
--- a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndMultiplexingRequesterTest.java
+++ b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndMultiplexingRequesterTest.java
@@ -28,6 +28,9 @@
 package org.apache.hc.core5.testing.nio;
 
 import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.util.Arrays;
+import java.util.Collection;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Queue;
@@ -39,36 +42,59 @@ import org.apache.hc.core5.http.HttpHost;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.HttpStatus;
 import org.apache.hc.core5.http.Message;
+import org.apache.hc.core5.http.URIScheme;
 import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncServer;
 import org.apache.hc.core5.http.nio.AsyncServerExchangeHandler;
 import org.apache.hc.core5.http.nio.BasicRequestProducer;
 import org.apache.hc.core5.http.nio.BasicResponseConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer;
+import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.H2ServerBootstrap;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.Http2MultiplexingRequester;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.Http2MultiplexingRequesterBootstrap;
+import org.apache.hc.core5.http2.ssl.H2ClientTlsStrategy;
+import org.apache.hc.core5.http2.ssl.H2ServerTlsStrategy;
 import org.apache.hc.core5.io.ShutdownType;
 import org.apache.hc.core5.reactor.ExceptionEvent;
 import org.apache.hc.core5.reactor.IOReactorConfig;
 import org.apache.hc.core5.reactor.ListenerEndpoint;
+import org.apache.hc.core5.testing.SSLTestContexts;
+import org.apache.hc.core5.testing.TestingSupport;
 import org.apache.hc.core5.util.TimeValue;
 import org.apache.hc.core5.util.Timeout;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.hamcrest.CoreMatchers;
 import org.junit.Assert;
-import org.junit.Ignore;
+import org.junit.Assume;
+import org.junit.Before;
+import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExternalResource;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
 
-@Ignore
+@RunWith(Parameterized.class)
 public class Http2ServerAndMultiplexingRequesterTest {
 
     private final Logger log = LogManager.getLogger(getClass());
 
-    private static final Timeout TIMEOUT = Timeout.ofDays(30);
+    @Parameterized.Parameters(name = "{0}")
+    public static Collection<Object[]> protocols() {
+        return Arrays.asList(new Object[][]{
+                { URIScheme.HTTP },
+                { URIScheme.HTTPS }
+        });
+    }
+    private static final Timeout TIMEOUT = Timeout.ofSeconds(30);
+
+    private final URIScheme scheme;
+
+    public Http2ServerAndMultiplexingRequesterTest(final URIScheme scheme) {
+        this.scheme = scheme;
+    }
 
     private HttpAsyncServer server;
 
@@ -83,6 +109,16 @@ public class Http2ServerAndMultiplexingRequesterTest {
                             IOReactorConfig.custom()
                                     .setSoTimeout(TIMEOUT)
                                     .build())
+                    .setTlsStrategy(scheme == URIScheme.HTTPS ? new H2ServerTlsStrategy(
+                            SSLTestContexts.createServerSSLContext(),
+                            new SecurePortStrategy() {
+
+                                @Override
+                                public boolean isSecure(final SocketAddress localAddress)
{
+                                    return true;
+                                }
+
+                            }) : null)
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE)
                     .setStreamListener(LoggingHttp2StreamListener.INSTANCE)
@@ -130,6 +166,7 @@ public class Http2ServerAndMultiplexingRequesterTest {
                     .setIOReactorConfig(IOReactorConfig.custom()
                             .setSoTimeout(TIMEOUT)
                             .build())
+                    .setTlsStrategy(new H2ClientTlsStrategy(SSLTestContexts.createClientSSLContext()))
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setIOSessionDecorator(LoggingIOSessionDecorator.INSTANCE)
                     .setStreamListener(LoggingHttp2StreamListener.INSTANCE)
@@ -157,6 +194,20 @@ public class Http2ServerAndMultiplexingRequesterTest {
 
     };
 
+    private static int javaVersion;
+
+    @BeforeClass
+    public static void determineJavaVersion() {
+        javaVersion = TestingSupport.determineJRELevel();
+    }
+
+    @Before
+    public void checkVersion() {
+        if (scheme == URIScheme.HTTPS) {
+            Assume.assumeTrue("Java version must be 1.8 or greater",  javaVersion > 7);
+        }
+    }
+
     @Test
     public void testSequentialRequests() throws Exception {
         server.start();
@@ -165,7 +216,7 @@ public class Http2ServerAndMultiplexingRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
                 new BasicRequestProducer("POST", target, "/stuff",
                         new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
@@ -208,7 +259,7 @@ public class Http2ServerAndMultiplexingRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Queue<Future<Message<HttpResponse, String>>> queue = new
LinkedList<>();
 
         queue.add(requester.execute(
@@ -244,7 +295,7 @@ public class Http2ServerAndMultiplexingRequesterTest {
         requester.start();
         requester.setValidateAfterInactivity(TimeValue.ofMillis(10));
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
                 new BasicRequestProducer("POST", target, "/stuff",
                         new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndRequesterTest.java
----------------------------------------------------------------------
diff --git a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndRequesterTest.java
b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndRequesterTest.java
index c06ae97..3e7f7d0 100644
--- a/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndRequesterTest.java
+++ b/httpcore5-testing/src/test/java/org/apache/hc/core5/testing/nio/Http2ServerAndRequesterTest.java
@@ -28,6 +28,7 @@
 package org.apache.hc.core5.testing.nio;
 
 import java.net.InetSocketAddress;
+import java.net.SocketAddress;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.LinkedList;
@@ -41,6 +42,7 @@ import org.apache.hc.core5.http.HttpHost;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.HttpStatus;
 import org.apache.hc.core5.http.Message;
+import org.apache.hc.core5.http.URIScheme;
 import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncRequester;
 import org.apache.hc.core5.http.impl.bootstrap.HttpAsyncServer;
 import org.apache.hc.core5.http.nio.AsyncClientEndpoint;
@@ -49,19 +51,27 @@ import org.apache.hc.core5.http.nio.BasicRequestProducer;
 import org.apache.hc.core5.http.nio.BasicResponseConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityConsumer;
 import org.apache.hc.core5.http.nio.entity.StringAsyncEntityProducer;
+import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
 import org.apache.hc.core5.http2.HttpVersionPolicy;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.H2RequesterBootstrap;
 import org.apache.hc.core5.http2.impl.nio.bootstrap.H2ServerBootstrap;
+import org.apache.hc.core5.http2.ssl.H2ClientTlsStrategy;
+import org.apache.hc.core5.http2.ssl.H2ServerTlsStrategy;
 import org.apache.hc.core5.io.ShutdownType;
 import org.apache.hc.core5.reactor.ExceptionEvent;
 import org.apache.hc.core5.reactor.IOReactorConfig;
 import org.apache.hc.core5.reactor.ListenerEndpoint;
+import org.apache.hc.core5.testing.SSLTestContexts;
+import org.apache.hc.core5.testing.TestingSupport;
 import org.apache.hc.core5.testing.classic.LoggingConnPoolListener;
 import org.apache.hc.core5.util.Timeout;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.hamcrest.CoreMatchers;
 import org.junit.Assert;
+import org.junit.Assume;
+import org.junit.Before;
+import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExternalResource;
@@ -76,18 +86,16 @@ public class Http2ServerAndRequesterTest {
     @Parameterized.Parameters(name = "{0}")
     public static Collection<Object[]> protocols() {
         return Arrays.asList(new Object[][]{
-                { HttpVersionPolicy.NEGOTIATE },
-                { HttpVersionPolicy.FORCE_HTTP_1 },
-                { HttpVersionPolicy.FORCE_HTTP_2 }
+                { URIScheme.HTTP },
+                { URIScheme.HTTPS }
         });
     }
-
     private static final Timeout TIMEOUT = Timeout.ofSeconds(30);
 
-    private final HttpVersionPolicy versionPolicy;
+    private final URIScheme scheme;
 
-    public Http2ServerAndRequesterTest(final HttpVersionPolicy versionPolicy) {
-        this.versionPolicy = versionPolicy;
+    public Http2ServerAndRequesterTest(final URIScheme scheme) {
+        this.scheme = scheme;
     }
 
     private HttpAsyncServer server;
@@ -99,11 +107,21 @@ public class Http2ServerAndRequesterTest {
         protected void before() throws Throwable {
             log.debug("Starting up test server");
             server = H2ServerBootstrap.bootstrap()
-                    .setVersionPolicy(versionPolicy)
+                    .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
                     .setIOReactorConfig(
                             IOReactorConfig.custom()
                                     .setSoTimeout(TIMEOUT)
                                     .build())
+                    .setTlsStrategy(scheme == URIScheme.HTTPS ? new H2ServerTlsStrategy(
+                            SSLTestContexts.createServerSSLContext(),
+                            new SecurePortStrategy() {
+
+                                @Override
+                                public boolean isSecure(final SocketAddress localAddress)
{
+                                    return true;
+                                }
+
+                            }) : null)
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setStreamListener(LoggingHttp1StreamListener.INSTANCE_SERVER)
                     .setStreamListener(LoggingHttp2StreamListener.INSTANCE)
@@ -149,10 +167,11 @@ public class Http2ServerAndRequesterTest {
         protected void before() throws Throwable {
             log.debug("Starting up test client");
             requester = H2RequesterBootstrap.bootstrap()
-                    .setVersionPolicy(versionPolicy)
+                    .setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
                     .setIOReactorConfig(IOReactorConfig.custom()
                             .setSoTimeout(TIMEOUT)
                             .build())
+                    .setTlsStrategy(new H2ClientTlsStrategy(SSLTestContexts.createClientSSLContext()))
                     .setIOSessionListener(LoggingIOSessionListener.INSTANCE)
                     .setStreamListener(LoggingHttp1StreamListener.INSTANCE_CLIENT)
                     .setStreamListener(LoggingHttp2StreamListener.INSTANCE)
@@ -182,6 +201,20 @@ public class Http2ServerAndRequesterTest {
 
     };
 
+    private static int javaVersion;
+
+    @BeforeClass
+    public static void determineJavaVersion() {
+        javaVersion = TestingSupport.determineJRELevel();
+    }
+
+    @Before
+    public void checkVersion() {
+        if (scheme == URIScheme.HTTPS) {
+            Assume.assumeTrue("Java version must be 1.8 or greater",  javaVersion > 7);
+        }
+    }
+
     @Test
     public void testSequentialRequests() throws Exception {
         server.start();
@@ -190,7 +223,7 @@ public class Http2ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<Message<HttpResponse, String>> resultFuture1 = requester.execute(
                 new BasicRequestProducer("POST", target, "/stuff",
                         new StringAsyncEntityProducer("some stuff", ContentType.TEXT_PLAIN)),
@@ -233,7 +266,7 @@ public class Http2ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<AsyncClientEndpoint> endpointFuture = requester.connect(target,
Timeout.ofSeconds(5));
         final AsyncClientEndpoint endpoint = endpointFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
         try {
@@ -284,7 +317,7 @@ public class Http2ServerAndRequesterTest {
         final InetSocketAddress address = (InetSocketAddress) listener.getAddress();
         requester.start();
 
-        final HttpHost target = new HttpHost("localhost", address.getPort());
+        final HttpHost target = new HttpHost("localhost", address.getPort(), scheme.id);
         final Future<AsyncClientEndpoint> endpointFuture = requester.connect(target,
Timeout.ofSeconds(5));
         final AsyncClientEndpoint endpoint = endpointFuture.get(TIMEOUT.getDuration(), TIMEOUT.getTimeUnit());
         try {

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5/src/main/java/org/apache/hc/core5/http/impl/bootstrap/AsyncServerBootstrap.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/http/impl/bootstrap/AsyncServerBootstrap.java
b/httpcore5/src/main/java/org/apache/hc/core5/http/impl/bootstrap/AsyncServerBootstrap.java
index bd6e279..0ed0a31 100644
--- a/httpcore5/src/main/java/org/apache/hc/core5/http/impl/bootstrap/AsyncServerBootstrap.java
+++ b/httpcore5/src/main/java/org/apache/hc/core5/http/impl/bootstrap/AsyncServerBootstrap.java
@@ -47,7 +47,6 @@ import org.apache.hc.core5.http.nio.AsyncFilterHandler;
 import org.apache.hc.core5.http.nio.AsyncServerExchangeHandler;
 import org.apache.hc.core5.http.nio.AsyncServerRequestHandler;
 import org.apache.hc.core5.http.nio.HandlerFactory;
-import org.apache.hc.core5.http.nio.ssl.BasicServerTlsStrategy;
 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
 import org.apache.hc.core5.http.nio.support.AsyncServerExpectationFilter;
 import org.apache.hc.core5.http.nio.support.AsyncServerFilterChainElement;
@@ -380,7 +379,7 @@ public class AsyncServerBootstrap {
                 streamListener);
         final IOEventHandlerFactory ioEventHandlerFactory = new ServerHttp1IOEventHandlerFactory(
                 streamHandlerFactory,
-                tlsStrategy != null ? tlsStrategy : new BasicServerTlsStrategy(new int[]
{443, 8443}));
+                tlsStrategy);
         return new HttpAsyncServer(ioEventHandlerFactory, ioReactorConfig, ioSessionDecorator,
sessionListener);
     }
 

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/BasicServerTlsStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/BasicServerTlsStrategy.java
b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/BasicServerTlsStrategy.java
index b76911f..93bf054 100644
--- a/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/BasicServerTlsStrategy.java
+++ b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/BasicServerTlsStrategy.java
@@ -27,7 +27,6 @@
 
 package org.apache.hc.core5.http.nio.ssl;
 
-import java.net.InetSocketAddress;
 import java.net.SocketAddress;
 
 import javax.net.ssl.SSLContext;
@@ -48,46 +47,46 @@ import org.apache.hc.core5.util.Args;
  */
 public class BasicServerTlsStrategy implements TlsStrategy {
 
-    private final int[] securePorts;
     private final SSLContext sslContext;
+    private final SecurePortStrategy securePortStrategy;
     private final SSLBufferManagement sslBufferManagement;
     private final SSLSessionInitializer initializer;
     private final SSLSessionVerifier verifier;
 
     public BasicServerTlsStrategy(
-            final int[] securePorts,
             final SSLContext sslContext,
+            final SecurePortStrategy securePortStrategy,
             final SSLBufferManagement sslBufferManagement,
             final SSLSessionInitializer initializer,
             final SSLSessionVerifier verifier) {
-        this.securePorts = Args.notNull(securePorts, "Array of ports");
         this.sslContext = Args.notNull(sslContext, "SSL context");
+        this.securePortStrategy = securePortStrategy;
         this.sslBufferManagement = sslBufferManagement;
         this.initializer = initializer;
         this.verifier = verifier;
     }
 
     public BasicServerTlsStrategy(
-            final int[] securePorts,
             final SSLContext sslContext,
+            final SecurePortStrategy securePortStrategy,
             final SSLSessionInitializer initializer,
             final SSLSessionVerifier verifier) {
-        this(securePorts, sslContext, null, initializer, verifier);
+        this(sslContext, securePortStrategy, null, initializer, verifier);
     }
 
     public BasicServerTlsStrategy(
-            final int[] securePorts,
             final SSLContext sslContext,
+            final SecurePortStrategy securePortStrategy,
             final SSLSessionVerifier verifier) {
-        this(securePorts, sslContext, null, null, verifier);
+        this(sslContext, securePortStrategy, null, null, verifier);
     }
 
-    public BasicServerTlsStrategy(final int[] securePorts, final SSLContext sslContext) {
-        this(securePorts, sslContext, null, null, null);
+    public BasicServerTlsStrategy(final SSLContext sslContext, final SecurePortStrategy securePortStrategy)
{
+        this(sslContext, securePortStrategy, null, null, null);
     }
 
-    public BasicServerTlsStrategy(final int[] securePorts) {
-        this(securePorts, SSLContexts.createSystemDefault());
+    public BasicServerTlsStrategy(final SecurePortStrategy securePortStrategy) {
+        this(SSLContexts.createSystemDefault(), securePortStrategy);
     }
 
     @Override
@@ -97,12 +96,9 @@ public class BasicServerTlsStrategy implements TlsStrategy {
             final SocketAddress localAddress,
             final SocketAddress remoteAddress,
             final Object attachment) {
-        final int port = ((InetSocketAddress) localAddress).getPort();
-        for (final int securePort: securePorts) {
-            if (port == securePort) {
-                tlsSession.startTls(sslContext, sslBufferManagement, initializer, verifier);
-                return true;
-            }
+        if (securePortStrategy != null && securePortStrategy.isSecure(localAddress))
{
+            tlsSession.startTls(sslContext, sslBufferManagement, initializer, verifier);
+            return true;
         }
         return false;
     }

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/FixedPortStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/FixedPortStrategy.java
b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/FixedPortStrategy.java
new file mode 100644
index 0000000..788fcd4
--- /dev/null
+++ b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/FixedPortStrategy.java
@@ -0,0 +1,56 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.hc.core5.http.nio.ssl;
+
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+
+import org.apache.hc.core5.util.Args;
+
+/**
+ * @since 5.0
+ */
+public final class FixedPortStrategy implements SecurePortStrategy {
+
+    private final int[] securePorts;
+
+    public FixedPortStrategy(final int[] securePorts) {
+        this.securePorts = Args.notNull(securePorts, "Secure ports");
+    }
+
+    public boolean isSecure(final SocketAddress localAddress) {
+        final int port = ((InetSocketAddress) localAddress).getPort();
+        for (final int securePort: securePorts) {
+            if (port == securePort) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/httpcomponents-core/blob/e59d926e/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/SecurePortStrategy.java
----------------------------------------------------------------------
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/SecurePortStrategy.java
b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/SecurePortStrategy.java
new file mode 100644
index 0000000..f30fe26
--- /dev/null
+++ b/httpcore5/src/main/java/org/apache/hc/core5/http/nio/ssl/SecurePortStrategy.java
@@ -0,0 +1,41 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.hc.core5.http.nio.ssl;
+
+import java.net.SocketAddress;
+
+/**
+ * Side-side strategy to determine if local endpoint should be secured with TLS.
+ *
+ * @since 5.0
+ */
+public interface SecurePortStrategy {
+
+    boolean isSecure(SocketAddress localAddress);
+
+}


Mime
View raw message