add clientauth required

2023-04-27 19:23:50 +02:00 · 2023-04-27 19:23:50 +02:00 · 935074877e
parent fe4411ad06
commit 935074877e
2 changed files with 26 additions and 9 deletions
--- a/pom.xml
+++ b/pom.xml
@ -58,6 +58,12 @@
      <version>${junit-jupiter.version}</version>
      <scope>test</scope>
    </dependency>
+    <dependency>
+  <groupId>io.netty</groupId>
+  <artifactId>netty-tcnative-boringssl-static</artifactId>
+  <version>2.0.59.Final</version>
+  </dependency>
+
  </dependencies>

  <build>
--- a/src/main/java/cx/lehmann/gemini/gemini/MainVerticle.java
+++ b/src/main/java/cx/lehmann/gemini/gemini/MainVerticle.java
@ -1,8 +1,15 @@
 package cx.lehmann.gemini.gemini;

+import java.security.cert.Certificate;
+import java.util.List;
+
+import javax.net.ssl.SSLPeerUnverifiedException;
+
 import io.vertx.core.AbstractVerticle;
 import io.vertx.core.Promise;
+import io.vertx.core.http.ClientAuth;
 import io.vertx.core.net.NetServerOptions;
+//import io.vertx.core.net.OpenSSLEngineOptions;
 import io.vertx.core.net.PemKeyCertOptions;

 public class MainVerticle extends AbstractVerticle {
@ -16,26 +23,30 @@ public class MainVerticle extends AbstractVerticle {
    options.setPemKeyCertOptions(new PemKeyCertOptions()
        .setCertPath(certPath)
        .setKeyPath(certPath))
-    .setSsl(true);
-//    .setClientAuth(ClientAuth.REQUEST);
+    .setSsl(true)
+//    .setOpenSslEngineOptions(new OpenSSLEngineOptions())
+    .setClientAuth(ClientAuth.REQUIRED);

    vertx.createNetServer(options).connectHandler(conn -> {
      conn.handler(event -> {
+        System.out.println("accepted connection:"+conn.remoteAddress());
        String url=event.toString("UTF-8");
        if(!url.endsWith("\r\n")) {
          conn.write("40 format error\r\n");
          conn.close();
        } else {
          url=url.substring(0, url.length()-2);
+//          conn.write("60 cert required\r\n");
          conn.write("20 text/gemini\r\n");
-          conn.write(url);
+          conn.write("url:"+url);
          conn.write("\n");
-//          try {
-//            conn.write(conn.peerCertificates().toString());
-//          } catch (SSLPeerUnverifiedException ex) {
-//            // TODO Auto-generated catch block
-//            ex.printStackTrace();
-//          }
+          try {
+            List<Certificate> certs=conn.peerCertificates();
+            System.out.println("get certs");
+            conn.write(certs.toString());
+          } catch (SSLPeerUnverifiedException ex) {
+            ex.printStackTrace();
+          }
          conn.close();
        }
      }