Skip to content

Commit

Permalink
Updating a TCP server SSL options only affects the actual server (the…
Browse files Browse the repository at this point in the history
… first started) and other scaled servers will not see the SSL options update.

Scaled TCP servers should use the actual server ssl channel handler provider in order to always use the most up to date SSL options.
  • Loading branch information
vietj committed Jun 15, 2023
1 parent 0798bfd commit 41eb1a3
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 6 deletions.
3 changes: 1 addition & 2 deletions src/main/java/io/vertx/core/net/impl/TCPServerBase.java
Original file line number Diff line number Diff line change
Expand Up @@ -236,9 +236,8 @@ private synchronized Future<Channel> listen(SocketAddress localAddress, ContextI
// Server already exists with that host/port - we will use that
actualServer = main;
metrics = main.metrics;
sslChannelProvider = main.sslChannelProvider;
childHandler = childHandler(listenContext, localAddress);
worker = ch -> childHandler.accept(ch, sslChannelProvider.result().sslChannelProvider());
worker = ch -> childHandler.accept(ch, actualServer.sslChannelProvider.result().sslChannelProvider());
actualServer.servers.add(this);
actualServer.channelBalancer.addWorker(eventLoop, worker);
listenContext.addCloseHook(this);
Expand Down
33 changes: 29 additions & 4 deletions src/test/java/io/vertx/core/http/HttpTLSTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@

import javax.net.ssl.*;

import io.vertx.core.*;
import io.vertx.core.impl.VertxThread;
import io.vertx.core.net.SSLOptions;
import io.vertx.core.net.impl.KeyStoreHelper;
Expand All @@ -43,9 +44,6 @@
import org.junit.rules.TemporaryFolder;

import io.netty.util.internal.PlatformDependent;
import io.vertx.core.Future;
import io.vertx.core.Vertx;
import io.vertx.core.VertxOptions;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.net.JdkSSLEngineOptions;
import io.vertx.core.net.JksOptions;
Expand Down Expand Up @@ -1641,11 +1639,38 @@ public void testHAProxy() throws Exception {

@Test
public void testUpdateSSLOptions() throws Exception {
testUpdateSSLOptions(false);
}

@Test
public void testUpdateSSLOptionsWithScaledServer() throws Exception {
testUpdateSSLOptions(true);
}

private void testUpdateSSLOptions(boolean scaled) throws Exception {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
});
startServer(testAddress);
if (scaled) {
CountDownLatch latch = new CountDownLatch(1);
vertx.deployVerticle(new AbstractVerticle() {
private HttpServer server;
@Override
public void start(Promise<Void> startPromise) {
server = createHttpServer(createBaseServerOptions().setSsl(true).setKeyCertOptions(Cert.SERVER_JKS.get()))
.requestHandler(req -> {
req.response().end("Hello World");
});
server
.listen(testAddress)
.<Void>mapEmpty()
.onComplete(startPromise);
}
}).onComplete(onSuccess(v -> latch.countDown()));
awaitLatch(latch);
}
Supplier<Future<Buffer>> request = () -> client.request(requestOptions).compose(req -> req.send().compose(HttpClientResponse::body));
client = createHttpClient(new HttpClientOptions().setKeepAlive(false).setSsl(true).setTrustOptions(Trust.SERVER_JKS.get()));
request.get().onComplete(onSuccess(body1 -> {
Expand Down

0 comments on commit 41eb1a3

Please sign in to comment.