root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Merge branch '2.1.x' 

Closes gh-18083
This commit is contained in:
Andy Wilkinson 2019-09-01 20:10:57 +01:00
parent ad9e82190c ee89e0effd
commit 6017f2f529
5 changed files with 14 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java
View File

@ -69,6 +69,7 @@ class SslServerCustomizer implements JettyServerCustomizer {
@Override @Override
public void customize(Server server) { public void customize(Server server) {
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
sslContextFactory.setEndpointIdentificationAlgorithm(null);
configureSsl(sslContextFactory, this.ssl, this.sslStoreProvider); configureSsl(sslContextFactory, this.ssl, this.sslStoreProvider);
ServerConnector connector = createConnector(server, sslContextFactory, this.address); ServerConnector connector = createConnector(server, sslContextFactory, this.address);
server.setConnectors(new Connector[] { connector }); server.setConnectors(new Connector[] { connector });

17
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/reactive/server/AbstractReactiveWebServerFactoryTests.java
View File

@ -21,15 +21,11 @@ import java.io.FileInputStream;
import java.net.InetSocketAddress; import java.net.InetSocketAddress;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.time.Duration; import java.time.Duration;
import java.util.Arrays; import java.util.Arrays;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException; import javax.net.ssl.SSLException;
import javax.net.ssl.X509KeyManager;
import io.netty.channel.ChannelHandlerContext; import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter; import io.netty.channel.ChannelInboundHandlerAdapter;
@ -165,23 +161,12 @@ public abstract class AbstractReactiveWebServerFactoryTests {
KeyManagerFactory clientKeyManagerFactory = KeyManagerFactory KeyManagerFactory clientKeyManagerFactory = KeyManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm()); .getInstance(KeyManagerFactory.getDefaultAlgorithm());
clientKeyManagerFactory.init(clientKeyStore, "password".toCharArray()); clientKeyManagerFactory.init(clientKeyStore, "password".toCharArray());
for (KeyManager keyManager : clientKeyManagerFactory.getKeyManagers()) {
if (keyManager instanceof X509KeyManager) {
X509KeyManager x509KeyManager = (X509KeyManager) keyManager;
PrivateKey privateKey = x509KeyManager.getPrivateKey("spring-boot");
if (privateKey != null) {
X509Certificate[] certificateChain = x509KeyManager.getCertificateChain("spring-boot");
SslContextBuilder builder = SslContextBuilder.forClient().sslProvider(SslProvider.JDK) SslContextBuilder builder = SslContextBuilder.forClient().sslProvider(SslProvider.JDK)
.trustManager(InsecureTrustManagerFactory.INSTANCE) .trustManager(InsecureTrustManagerFactory.INSTANCE).keyManager(clientKeyManagerFactory);
.keyManager(privateKey, certificateChain);
HttpClient client = HttpClient.create().wiretap(true) HttpClient client = HttpClient.create().wiretap(true)
.secure((sslContextSpec) -> sslContextSpec.sslContext(builder)); .secure((sslContextSpec) -> sslContextSpec.sslContext(builder));
return new ReactorClientHttpConnector(client); return new ReactorClientHttpConnector(client);
} }
}
}
throw new IllegalStateException("Key with alias 'spring-boot' not found");
}
protected void testClientAuthSuccess(Ssl sslConfiguration, ReactorClientHttpConnector clientConnector) { protected void testClientAuthSuccess(Ssl sslConfiguration, ReactorClientHttpConnector clientConnector) {
AbstractReactiveWebServerFactory factory = getFactory(); AbstractReactiveWebServerFactory factory = getFactory();

16
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java
View File

@ -397,7 +397,7 @@ public abstract class AbstractServletWebServerFactoryTests {
new ExampleServlet(true, false), "/hello"); new ExampleServlet(true, false), "/hello");
this.webServer = factory.getWebServer(registration); this.webServer = factory.getWebServer(registration);
this.webServer.start(); this.webServer.start();
TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("5c7ae101"); TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("3a3aaec8");
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build(); SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext)) HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext))
.build(); .build();
@ -459,7 +459,7 @@ public abstract class AbstractServletWebServerFactoryTests {
keyStore.load(new FileInputStream(new File("src/test/resources/test.p12")), "secret".toCharArray()); keyStore.load(new FileInputStream(new File("src/test/resources/test.p12")), "secret".toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()) new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, "secret".toCharArray(), (aliases, socket) -> "spring-boot").build()); .loadKeyMaterial(keyStore, "secret".toCharArray()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test"); assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
@ -474,9 +474,9 @@ public abstract class AbstractServletWebServerFactoryTests {
this.webServer.start(); this.webServer.start();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray()); keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder() SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
.loadTrustMaterial(null, new TrustSelfSignedStrategy()) new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, "password".toCharArray(), (aliases, socket) -> "spring-boot").build()); .loadKeyMaterial(keyStore, "password".toCharArray()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test"); assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
@ -545,9 +545,9 @@ public abstract class AbstractServletWebServerFactoryTests {
this.webServer.start(); this.webServer.start();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray()); keyStore.load(new FileInputStream(new File("src/test/resources/test.jks")), "secret".toCharArray());
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder() SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
.loadTrustMaterial(null, new TrustSelfSignedStrategy()) new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, "password".toCharArray(), (aliases, socket) -> "spring-boot").build()); .loadKeyMaterial(keyStore, "password".toCharArray()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test"); assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");

BIN
spring-boot-project/spring-boot/src/test/resources/test.jks
View File

Binary file not shown.

BIN
spring-boot-project/spring-boot/src/test/resources/test.p12
View File

Binary file not shown.