summaryrefslogtreecommitdiffstats
path: root/hv-collector-main/src
diff options
context:
space:
mode:
authorPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2018-05-29 13:35:11 +0200
committerPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2018-08-01 09:48:32 +0200
commita4becf29f32de7467793867c3be1d5ab5876477e (patch)
tree1e32d3e71188b36e712c8a8ac35c774da70537e1 /hv-collector-main/src
parenta150bc08ad326699717e09903e42d462e5e9c935 (diff)
Use SSL for encrypting the connection
Netty's OpenSSL bindings are used Closes ONAP-179 Change-Id: I8249fbaaed1dd869b733db04a27cebf53962c80c Issue-ID: DCAEGEN2-601 Signed-off-by: Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Diffstat (limited to 'hv-collector-main/src')
-rw-r--r--hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfiguration.kt95
-rw-r--r--hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/main.kt2
-rw-r--r--hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfigurationTest.kt45
-rw-r--r--hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/NioBuffersTest.kt9
4 files changed, 114 insertions, 37 deletions
diff --git a/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfiguration.kt b/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfiguration.kt
index 4e614cdb..5689a3e6 100644
--- a/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfiguration.kt
+++ b/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfiguration.kt
@@ -20,54 +20,55 @@
package org.onap.dcae.collectors.veshv.main
import org.apache.commons.cli.*
+import org.onap.dcae.collectors.veshv.domain.SecurityConfiguration
import org.onap.dcae.collectors.veshv.domain.ServerConfiguration
+import java.io.File
+import java.nio.file.Paths
internal object DefaultValues {
- const val PORT = 8600
+ const val PORT = 6061
const val CONFIG_URL = ""
+ const val PRIVATE_KEY_FILE = "/etc/ves-hv/server.key"
+ const val CERT_FILE = "/etc/ves-hv/server.crt"
+ const val TRUST_CERT_FILE = "/etc/ves-hv/trust.crt"
}
-internal object ArgBasedServerConfiguration {
- private val OPT_PORT = Option.builder("p")
- .longOpt("listen-port")
- .hasArg()
- .desc("Listen port")
- .build()
-
- private val OPT_CONFIG_URL = Option.builder("c")
- .longOpt("config-url")
- .optionalArg(true)
- .hasArg()
- .desc("Url of ves configuration on consul")
- .build()
-
- private val options by lazy {
- val options = Options()
- options.addOption(OPT_PORT)
- options.addOption(OPT_CONFIG_URL)
- options
- }
+internal class ArgBasedServerConfiguration {
fun parse(args: Array<out String>): ServerConfiguration {
val parser = DefaultParser()
try {
- parser.parse(options, args).run {
- return ServerConfiguration(
- stringValue(OPT_CONFIG_URL, DefaultValues.CONFIG_URL),
- intValue(OPT_PORT, DefaultValues.PORT))
- }
+ val cmdLine = parser.parse(options, args)
+ val port = cmdLine.intValue(OPT_PORT, DefaultValues.PORT)
+ val configUrl = cmdLine.stringValue(OPT_CONFIG_URL, DefaultValues.CONFIG_URL)
+ val secConf = createSecurityConfiguration(cmdLine)
+ return ServerConfiguration(port, configUrl, secConf)
} catch (ex: Exception) {
throw WrongArgumentException(ex)
}
}
+ private fun createSecurityConfiguration(cmdLine: CommandLine): SecurityConfiguration {
+
+ val pkFile = cmdLine.stringValue(OPT_PK_FILE, DefaultValues.PRIVATE_KEY_FILE)
+ val certFile = cmdLine.stringValue(OPT_CERT_FILE, DefaultValues.CERT_FILE)
+ val trustCertFile = cmdLine.stringValue(OPT_TRUST_CERT_FILE, DefaultValues.TRUST_CERT_FILE)
+
+ return SecurityConfiguration(
+ privateKey = stringPathToPath(pkFile),
+ cert = stringPathToPath(certFile),
+ trustedCert = stringPathToPath(trustCertFile)
+ )
+ }
+
private fun CommandLine.intValue(option: Option, default: Int) =
getOptionValue(option.opt)?.toInt() ?: default
private fun CommandLine.stringValue(option: Option, default: String) =
getOptionValue(option.opt) ?: default
+ private fun stringPathToPath(path: String) = Paths.get(File(path).toURI())
class WrongArgumentException(parent: Exception) : Exception(parent.message, parent) {
fun printMessage() {
@@ -79,4 +80,46 @@ internal object ArgBasedServerConfiguration {
formatter.printHelp(programName, options)
}
}
+
+ companion object {
+ private val OPT_PORT = Option.builder("p")
+ .longOpt("listen-port")
+ .hasArg()
+ .desc("Listen port")
+ .build()
+
+ private val OPT_CONFIG_URL = Option.builder("c")
+ .longOpt("config-url")
+ .hasArg()
+ .desc("URL of ves configuration on consul")
+ .build()
+
+ private val OPT_PK_FILE = Option.builder("k")
+ .longOpt("private-key-file")
+ .hasArg()
+ .desc("File with private key in PEM format")
+ .build()
+
+ private val OPT_CERT_FILE = Option.builder("e")
+ .longOpt("cert-file")
+ .hasArg()
+ .desc("File with server certificate bundle")
+ .build()
+
+ private val OPT_TRUST_CERT_FILE = Option.builder("t")
+ .longOpt("trust-cert-file")
+ .hasArg()
+ .desc("File with trusted certificate bundle for authenticating clients")
+ .build()
+
+ private val options by lazy {
+ val options = Options()
+ options.addOption(OPT_PORT)
+ options.addOption(OPT_CONFIG_URL)
+ options.addOption(OPT_PK_FILE)
+ options.addOption(OPT_CERT_FILE)
+ options.addOption(OPT_TRUST_CERT_FILE)
+ options
+ }
+ }
}
diff --git a/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/main.kt b/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/main.kt
index d81a063d..3685250a 100644
--- a/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/main.kt
+++ b/hv-collector-main/src/main/kotlin/org/onap/dcae/collectors/veshv/main/main.kt
@@ -35,7 +35,7 @@ private val logger = LoggerFactory.getLogger("main")
fun main(args: Array<String>) {
try {
- val serverConfiguration = ArgBasedServerConfiguration.parse(args)
+ val serverConfiguration = ArgBasedServerConfiguration().parse(args)
val collectorProvider = CollectorFactory(
resolveConfigurationProvider(serverConfiguration),
diff --git a/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfigurationTest.kt b/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfigurationTest.kt
index 0d2188ca..6eec5777 100644
--- a/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfigurationTest.kt
+++ b/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/ArgBasedServerConfigurationTest.kt
@@ -23,31 +23,60 @@ import org.assertj.core.api.Assertions.assertThat
import org.jetbrains.spek.api.Spek
import org.jetbrains.spek.api.dsl.given
import org.jetbrains.spek.api.dsl.it
+import org.onap.dcae.collectors.veshv.domain.SecurityConfiguration
+import org.onap.dcae.collectors.veshv.domain.ServerConfiguration
+import java.nio.file.Paths
/**
* @author Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
* @since May 2018
*/
object ArgBasedServerConfigurationTest : Spek({
- val cut = ArgBasedServerConfiguration
+ lateinit var cut: ArgBasedServerConfiguration
val configurationUrl = "http://test-address/test"
+ val pk = Paths.get("/", "etc", "ves", "pk.pem")
+ val cert = Paths.get("/", "etc", "ssl", "certs", "ca-bundle.crt")
+ val trustCert = Paths.get("/", "etc", "ves", "trusted.crt")
+
+ beforeEachTest {
+ cut = ArgBasedServerConfiguration()
+ }
fun parse(vararg cmdLine: String) = cut.parse(cmdLine)
given("all parameters are present in the long form") {
- val result = parse("--listen-port", "6969", "--config-url", configurationUrl)
+ lateinit var result: ServerConfiguration
+
+ beforeEachTest {
+ result = parse("--listen-port", "6969",
+ "--config-url", configurationUrl,
+ "--private-key-file", pk.toFile().absolutePath,
+ "--cert-file", cert.toFile().absolutePath,
+ "--trust-cert-file", trustCert.toFile().absolutePath)
+ }
it("should set proper port") {
assertThat(result.port).isEqualTo(6969)
}
+
it("should set proper config url") {
assertThat(result.configurationUrl).isEqualTo(configurationUrl)
}
+
+ it("should set proper security configuration") {
+ assertThat(result.securityConfiguration).isEqualTo(
+ SecurityConfiguration(pk, cert, trustCert)
+ )
+ }
}
- given("all parameters are present in the short form") {
- val result = parse("-p", "666", "-c", configurationUrl)
+ given("some parameters are present in the short form") {
+ lateinit var result: ServerConfiguration
+
+ beforeEachTest {
+ result = parse("-p", "666", "-c", configurationUrl)
+ }
it("should set proper port") {
assertThat(result.port).isEqualTo(666)
@@ -59,7 +88,11 @@ object ArgBasedServerConfigurationTest : Spek({
}
given("all optional parameters are absent") {
- val result = parse()
+ lateinit var result: ServerConfiguration
+
+ beforeEachTest {
+ result = parse()
+ }
it("should set default port") {
assertThat(result.port).isEqualTo(DefaultValues.PORT)
@@ -69,4 +102,4 @@ object ArgBasedServerConfigurationTest : Spek({
assertThat(result.configurationUrl).isEqualTo(DefaultValues.CONFIG_URL)
}
}
-}) \ No newline at end of file
+})
diff --git a/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/NioBuffersTest.kt b/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/NioBuffersTest.kt
index b46d5a28..42bf363c 100644
--- a/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/NioBuffersTest.kt
+++ b/hv-collector-main/src/test/kotlin/org/onap/dcae/collectors/veshv/main/NioBuffersTest.kt
@@ -22,13 +22,14 @@ package org.onap.dcae.collectors.veshv.main
import org.jetbrains.spek.api.Spek
import org.jetbrains.spek.api.dsl.describe
import org.jetbrains.spek.api.dsl.it
+import org.jetbrains.spek.api.dsl.xdescribe
import java.nio.ByteBuffer
-fun Int.toKibibytes(): Int = this * 1024
-fun Int.toMebibytes(): Int = this * 1024 * 1024
+object NioBuffersTest : Spek({
+ fun Int.toKibibytes(): Int = this * 1024
+ fun Int.toMebibytes(): Int = this * 1024 * 1024
-object NioBuffersTest : Spek({
val BUFFER_SIZES = listOf(128.toKibibytes(), 512.toKibibytes(), 1.toMebibytes(), 2.toMebibytes())
val NUMBER_OF_ITERATIONS = 100
@@ -53,7 +54,7 @@ object NioBuffersTest : Spek({
for (singleBufferSize in BUFFER_SIZES) {
- describe("$singleBufferSize bytes buffers") {
+ xdescribe("$singleBufferSize bytes buffers") {
describe("direct buffers") {
val bb1 = ByteBuffer.allocateDirect(singleBufferSize)