summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/client/internal/JerseyClient.java39
-rw-r--r--utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java79
-rw-r--r--utils/src/test/java/org/onap/policy/common/utils/network/NetworkUtilTest.java86
3 files changed, 165 insertions, 39 deletions
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/client/internal/JerseyClient.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/client/internal/JerseyClient.java
index ca0611cb..d4ccc494 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/client/internal/JerseyClient.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/client/internal/JerseyClient.java
@@ -8,9 +8,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,13 +25,9 @@ import com.fasterxml.jackson.annotation.JsonIgnore;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.Map.Entry;
import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
@@ -42,6 +38,7 @@ import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
import org.onap.policy.common.endpoints.event.comm.bus.internal.BusTopicParams;
import org.onap.policy.common.endpoints.http.client.HttpClient;
import org.onap.policy.common.gson.annotation.GsonJsonIgnore;
+import org.onap.policy.common.utils.network.NetworkUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -54,7 +51,7 @@ public class JerseyClient implements HttpClient {
* Logger.
*/
private static Logger logger = LoggerFactory.getLogger(JerseyClient.class);
-
+
protected static final String JERSEY_DEFAULT_SERIALIZATION_PROVIDER =
"com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider";
@@ -74,11 +71,11 @@ public class JerseyClient implements HttpClient {
/**
* Constructor.
- *
+ *
* <p>name the name https is it https or not selfSignedCerts are there self signed certs
* hostname the hostname port port being used basePath base context userName user
* password password
- *
+ *
* @param busTopicParams Input parameters object
* @throws KeyManagementException key exception
* @throws NoSuchAlgorithmException no algorithm exception
@@ -116,25 +113,7 @@ public class JerseyClient implements HttpClient {
ClientBuilder clientBuilder;
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
if (this.selfSignedCerts) {
- sslContext.init(null, new TrustManager[] {new X509TrustManager() {
- @Override
- public void checkClientTrusted(X509Certificate[] chain, String authType)
- throws CertificateException {
- // always trusted
- }
-
- @Override
- public void checkServerTrusted(X509Certificate[] chain, String authType)
- throws CertificateException {
- // always trusted
- }
-
- @Override
- public X509Certificate[] getAcceptedIssuers() {
- return new X509Certificate[0];
- }
-
- } }, new SecureRandom());
+ sslContext.init(null, NetworkUtil.getAlwaysTrustingManager(), new SecureRandom());
clientBuilder =
ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier((host, session) -> true);
} else {
@@ -153,7 +132,7 @@ public class JerseyClient implements HttpClient {
}
registerSerProviders(busTopicParams.getSerializationProvider());
-
+
this.client.property(ClientProperties.METAINF_SERVICES_LOOKUP_DISABLE, "true");
this.baseUrl = tmpBaseUrl.append(this.hostname).append(":").append(this.port).append("/")
@@ -162,7 +141,7 @@ public class JerseyClient implements HttpClient {
/**
* Registers the serialization provider(s) with the client.
- *
+ *
* @param serializationProvider comma-separated list of serialization providers
* @throws ClassNotFoundException if the serialization provider cannot be found
*/
diff --git a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java
index ae70ba44..aca34bbe 100644
--- a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java
+++ b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java
@@ -1,8 +1,8 @@
-/*-
+/*
* ============LICENSE_START=======================================================
* ONAP
* ================================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -23,9 +23,13 @@ package org.onap.policy.common.utils.network;
import java.io.IOException;
import java.net.ConnectException;
import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
-
+import java.security.cert.X509Certificate;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -41,11 +45,80 @@ public class NetworkUtil {
*/
public static final String IPv4_WILDCARD_ADDRESS = "0.0.0.0";
+
+ /**
+ * A trust manager that always trusts certificates.
+ */
+ // @formatter:off
+ private static final TrustManager[] ALWAYS_TRUST_MANAGER = new TrustManager[] {
+ new X509TrustManager() {
+
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return new X509Certificate[0];
+ }
+
+ @Override
+ public void checkClientTrusted(final java.security.cert.X509Certificate[] certs,
+ final String authType) {}
+
+ @Override
+ public void checkServerTrusted(final java.security.cert.X509Certificate[] certs,
+ final String authType) {}
+ }
+ };
+ // @formatter:on
+
private NetworkUtil() {
// Empty constructor
}
/**
+ * Allocates an available port on which a server may listen.
+ *
+ * @return an available port
+ * @throws IOException if a socket cannot be created
+ */
+ public static int allocPort() throws IOException {
+ return allocPort((InetSocketAddress) null);
+ }
+
+ /**
+ * Allocates an available port on which a server may listen.
+ *
+ * @param hostName the server's host name
+ * @return an available port
+ * @throws IOException if a socket cannot be created
+ */
+ public static int allocPort(String hostName) throws IOException {
+ return allocPort(new InetSocketAddress(hostName, 0));
+ }
+
+ /**
+ * Allocates an available port on which a server may listen.
+ *
+ * @param hostAddr the server's host address on which to listen
+ * @return an available port
+ * @throws IOException if a socket cannot be created
+ */
+ public static int allocPort(InetSocketAddress hostAddr) throws IOException {
+ try (ServerSocket socket = new ServerSocket()) {
+ socket.bind(hostAddr);
+
+ return socket.getLocalPort();
+ }
+ }
+
+ /**
+ * Gets a trust manager that accepts all certificates.
+ *
+ * @return a trust manager that accepts all certificates
+ */
+ public static TrustManager[] getAlwaysTrustingManager() {
+ return ALWAYS_TRUST_MANAGER;
+ }
+
+ /**
* try to connect to $host:$port $retries times while we are getting connection failures.
*
* @param host host
diff --git a/utils/src/test/java/org/onap/policy/common/utils/network/NetworkUtilTest.java b/utils/src/test/java/org/onap/policy/common/utils/network/NetworkUtilTest.java
index 6dd09d6e..c29da2c7 100644
--- a/utils/src/test/java/org/onap/policy/common/utils/network/NetworkUtilTest.java
+++ b/utils/src/test/java/org/onap/policy/common/utils/network/NetworkUtilTest.java
@@ -1,15 +1,15 @@
-/*-
+/*
* ============LICENSE_START=======================================================
* policy-utils
* ================================================================================
- * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,21 +20,95 @@
package org.onap.policy.common.utils.network;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
import java.io.IOException;
-
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class NetworkUtilTest {
+ protected static Logger logger = LoggerFactory.getLogger(NetworkUtilTest.class);
+
+ private static final String LOCALHOST = "localhost";
@Test
public void test() throws InterruptedException, IOException {
assertNotNull(NetworkUtil.IPv4_WILDCARD_ADDRESS);
- assertFalse(NetworkUtil.isTcpPortOpen("localhost", 8180, 1, 5));
+ assertFalse(NetworkUtil.isTcpPortOpen(LOCALHOST, NetworkUtil.allocPort(), 1, 5));
assertNotNull(NetworkUtil.getHostname());
assertNotNull(NetworkUtil.getHostIp());
}
+ @Test
+ public void testAlwaysTrustManager() throws Exception {
+ TrustManager[] mgrarr = NetworkUtil.getAlwaysTrustingManager();
+ assertEquals(1, mgrarr.length);
+ assertTrue(mgrarr[0] instanceof X509TrustManager);
+
+ X509TrustManager mgr = (X509TrustManager) mgrarr[0];
+ assertNotNull(mgr.getAcceptedIssuers());
+ assertEquals(0, mgr.getAcceptedIssuers().length);
+
+ // these should not throw exceptions
+ mgr.checkClientTrusted(null, null);
+ mgr.checkServerTrusted(null, null);
+ }
+
+ @Test
+ public void testAllocPort_testAllocPortString__testAllocPortInetSocketAddress() throws Exception {
+ // allocate wild-card port
+ int wildCardPort = NetworkUtil.allocPort();
+ assertTrue(wildCardPort != 0);
+
+ // verify that we can listen on the port
+ try (ServerSocket wildSocket = new ServerSocket(wildCardPort)) {
+ new Accepter(wildSocket).start();
+ assertTrue(NetworkUtil.isTcpPortOpen(LOCALHOST, wildCardPort, 5, 1000L));
+ }
+
+
+ // allocate port using host name
+ int localPort = NetworkUtil.allocPort(LOCALHOST);
+ assertTrue(localPort != 0);
+
+ // the OS should have allocated a new port, even though the first has been closed
+ assertTrue(localPort != wildCardPort);
+
+ try (ServerSocket localSocket = new ServerSocket()) {
+ localSocket.bind(new InetSocketAddress(LOCALHOST, localPort));
+ new Accepter(localSocket).start();
+ assertTrue(NetworkUtil.isTcpPortOpen(LOCALHOST, localPort, 5, 1000L));
+ }
+ }
+
+ /**
+ * Thread that accepts a connection on a socket.
+ */
+ private static class Accepter extends Thread {
+ private ServerSocket socket;
+
+ public Accepter(ServerSocket socket) {
+ this.socket = socket;
+ setDaemon(true);
+ }
+
+ @Override
+ public void run() {
+ try (Socket server = socket.accept()) {
+ // do nothing
+
+ } catch (IOException e) {
+ logger.error("socket not accepted", e);
+ }
+ }
+ }
}