Search in sources :

Example 1 with SSLProvider

use of com.predic8.membrane.core.transport.ssl.SSLProvider in project service-proxy by membrane.

the class RuleManager method openPorts.

public synchronized void openPorts() throws IOException {
    HashMap<IpPort, SSLProvider> sslProviders;
    try {
        HashMap<IpPort, SSLContextCollection.Builder> sslContexts = new HashMap<IpPort, SSLContextCollection.Builder>();
        for (Rule rule : rules) {
            SSLContext sslContext = rule.getSslInboundContext();
            if (sslContext != null) {
                IpPort ipPort = new IpPort(rule.getKey().getIp(), rule.getKey().getPort());
                SSLContextCollection.Builder builder = sslContexts.get(ipPort);
                if (builder == null) {
                    builder = new SSLContextCollection.Builder();
                    sslContexts.put(ipPort, builder);
                }
                builder.add(sslContext);
            }
        }
        sslProviders = new HashMap<IpPort, SSLProvider>();
        for (Map.Entry<IpPort, SSLContextCollection.Builder> entry : sslContexts.entrySet()) sslProviders.put(entry.getKey(), entry.getValue().build());
    } catch (ConfigurationException e) {
        throw new IOException(e);
    }
    for (Rule rule : rules) {
        IpPort ipPort = new IpPort(rule.getKey().getIp(), rule.getKey().getPort());
        router.getTransport().openPort(rule.getKey().getIp(), rule.getKey().getPort(), sslProviders.get(ipPort));
    }
}
Also used : SSLContextCollection(com.predic8.membrane.core.transport.ssl.SSLContextCollection) HashMap(java.util.HashMap) IpPort(com.predic8.membrane.core.transport.http.IpPort) SSLContext(com.predic8.membrane.core.transport.ssl.SSLContext) IOException(java.io.IOException) ConfigurationException(com.predic8.membrane.core.config.ConfigurationException) SSLProvider(com.predic8.membrane.core.transport.ssl.SSLProvider) Rule(com.predic8.membrane.core.rules.Rule) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with SSLProvider

use of com.predic8.membrane.core.transport.ssl.SSLProvider in project service-proxy by membrane.

the class HttpClient method call.

public Exchange call(Exchange exc, boolean adjustHostHeader, boolean failOverOn5XX) throws Exception {
    if (exc.getDestinations().isEmpty())
        throw new IllegalStateException("List of destinations is empty. Please specify at least one destination.");
    int counter = 0;
    Exception exception = null;
    Object trackNodeStatusObj = exc.getProperty(Exchange.TRACK_NODE_STATUS);
    boolean trackNodeStatus = trackNodeStatusObj != null && trackNodeStatusObj instanceof Boolean && (Boolean) trackNodeStatusObj;
    disableStreamingForRetries(exc);
    while (counter < maxRetries) {
        Connection con = null;
        String dest = getDestination(exc, counter);
        HostColonPort target = null;
        try {
            log.debug("try # " + counter + " to " + dest);
            target = init(exc, dest, adjustHostHeader);
            if (counter == 0) {
                con = exc.getTargetConnection();
                if (con != null) {
                    if (!con.isSame(target.host, target.port)) {
                        con.close();
                        con = null;
                    } else {
                        con.setKeepAttachedToExchange(true);
                    }
                }
            }
            SSLProvider sslProvider = getOutboundSSLProvider(exc, target);
            if (con == null) {
                con = conMgr.getConnection(target.host, target.port, localAddr, sslProvider, connectTimeout, getSNIServerName(exc), proxy, proxySSLContext);
                con.setKeepAttachedToExchange(exc.getRequest().isBindTargetConnectionToIncoming());
                exc.setTargetConnection(con);
            }
            if (proxy != null && sslProvider == null)
                // if we use a proxy for a plain HTTP (=non-HTTPS) request, attach the proxy credentials.
                exc.getRequest().getHeader().setProxyAutorization(proxy.getCredentials());
            Response response;
            String newProtocol = null;
            if (exc.getRequest().isCONNECTRequest()) {
                handleConnectRequest(exc, con);
                response = Response.ok().build();
                newProtocol = "CONNECT";
            } else {
                response = doCall(exc, con);
                if (trackNodeStatus)
                    exc.setNodeStatusCode(counter, response.getStatusCode());
                if (exc.getProperty(Exchange.ALLOW_WEBSOCKET) == Boolean.TRUE && isUpgradeToResponse(response, "websocket")) {
                    log.debug("Upgrading to WebSocket protocol.");
                    newProtocol = "WebSocket";
                }
                if (exc.getProperty(Exchange.ALLOW_TCP) == Boolean.TRUE && isUpgradeToResponse(response, "tcp")) {
                    log.debug("Upgrading to TCP protocol.");
                    newProtocol = "TCP";
                }
                if (exc.getProperty(Exchange.ALLOW_SPDY) == Boolean.TRUE && isUpgradeToResponse(response, "SPDY/3.1")) {
                    log.debug("Upgrading to SPDY/3.1 protocol.");
                    newProtocol = "SPDY/3.1";
                }
            }
            if (newProtocol != null) {
                setupConnectionForwarding(exc, con, newProtocol, streamPumpStats);
                exc.getDestinations().clear();
                exc.getDestinations().add(dest);
                con.setExchange(exc);
                exc.setResponse(response);
                return exc;
            }
            boolean is5XX = 500 <= response.getStatusCode() && response.getStatusCode() < 600;
            if (!failOverOn5XX || !is5XX || counter == maxRetries - 1) {
                applyKeepAliveHeader(response, con);
                exc.getDestinations().clear();
                exc.getDestinations().add(dest);
                con.setExchange(exc);
                response.addObserver(con);
                exc.setResponse(response);
                return exc;
            }
        // java.net.SocketException: Software caused connection abort: socket write error
        } catch (ConnectException e) {
            exception = e;
            log.info("Connection to " + (target == null ? dest : target) + " refused.");
        } catch (SocketException e) {
            if (e.getMessage().contains("Software caused connection abort")) {
                log.info("Connection to " + dest + " was aborted externally. Maybe by the server or the OS Membrane is running on.");
            } else if (e.getMessage().contains("Connection reset")) {
                log.info("Connection to " + dest + " was reset externally. Maybe by the server or the OS Membrane is running on.");
            } else {
                logException(exc, counter, e);
            }
            exception = e;
        } catch (UnknownHostException e) {
            log.warn("Unknown host: " + (target == null ? dest : target));
            exception = e;
            if (exc.getDestinations().size() < 2) {
                // don't retry this host, it's useless. (it's very unlikely that it will work after timeBetweenTriesMs)
                break;
            }
        } catch (EOFWhileReadingFirstLineException e) {
            log.debug("Server connection to " + dest + " terminated before line was read. Line so far: " + e.getLineSoFar());
            exception = e;
        } catch (NoResponseException e) {
            throw e;
        } catch (Exception e) {
            logException(exc, counter, e);
            exception = e;
        } finally {
            if (trackNodeStatus) {
                if (exception != null) {
                    exc.setNodeException(counter, exception);
                }
            }
        }
        counter++;
        if (exc.getDestinations().size() == 1) {
            // as documented above, the sleep timeout is only applied between successive calls to the same destination.
            Thread.sleep(timeBetweenTriesMs);
        }
    }
    throw exception;
}
Also used : IOException(java.io.IOException) EndOfStreamException(com.predic8.membrane.core.util.EndOfStreamException) SSLProvider(com.predic8.membrane.core.transport.ssl.SSLProvider)

Example 3 with SSLProvider

use of com.predic8.membrane.core.transport.ssl.SSLProvider in project service-proxy by membrane.

the class Connection method open.

public static Connection open(String host, int port, String localHost, SSLProvider sslProvider, ConnectionManager mgr, int connectTimeout, @Nullable String sniServername, @Nullable ProxyConfiguration proxy, @Nullable SSLProvider proxySSLProvider) throws UnknownHostException, IOException {
    Connection con = new Connection(mgr, host, sslProvider, sniServername, proxy);
    String origHost = host;
    int origPort = port;
    SSLProvider origSSLProvider = sslProvider;
    String origSniServername = sniServername;
    if (proxy != null) {
        sslProvider = proxySSLProvider;
        host = proxy.getHost();
        port = proxy.getPort();
        sniServername = null;
    }
    if (sslProvider != null) {
        if (isNullOrEmpty(localHost))
            con.socket = sslProvider.createSocket(host, port, connectTimeout, sniServername);
        else
            con.socket = sslProvider.createSocket(host, port, InetAddress.getByName(localHost), 0, connectTimeout, sniServername);
    } else {
        if (isNullOrEmpty(localHost)) {
            con.socket = new Socket();
        } else {
            con.socket = new Socket();
            con.socket.bind(new InetSocketAddress(InetAddress.getByName(localHost), 0));
        }
        con.socket.connect(new InetSocketAddress(host, port), connectTimeout);
    }
    if (proxy != null && origSSLProvider != null) {
        con.doTunnelHandshake(proxy, con.socket, origHost, origPort);
        con.socket = origSSLProvider.createSocket(con.socket, origHost, origPort, connectTimeout, origSniServername);
    }
    log.debug("Opened connection on localPort: " + con.socket.getLocalPort());
    // Creating output stream before input stream is suggested.
    con.out = new BufferedOutputStream(con.socket.getOutputStream(), 2048);
    con.in = new BufferedInputStream(con.socket.getInputStream(), 2048);
    return con;
}
Also used : InetSocketAddress(java.net.InetSocketAddress) SSLProvider(com.predic8.membrane.core.transport.ssl.SSLProvider) Socket(java.net.Socket) SSLSocket(javax.net.ssl.SSLSocket)

Example 4 with SSLProvider

use of com.predic8.membrane.core.transport.ssl.SSLProvider in project service-proxy by membrane.

the class HttpTransport method openPort.

/**
 * @param port
 * @throws IOException
 */
@Override
public synchronized void openPort(String ip, int port, SSLProvider sslProvider) throws IOException {
    if (isAnyThreadListeningAt(ip, port)) {
        return;
    }
    if (port == -1)
        throw new RuntimeException("The port-attribute is missing (probably on a <serviceProxy> element).");
    HttpEndpointListener portListenerThread = new HttpEndpointListener(ip, port, this, sslProvider);
    portListenerMapping.put(new IpPort(ip, port), portListenerThread);
    portListenerThread.start();
    for (IPortChangeListener listener : menuListeners) {
        listener.addPort(port);
    }
}
Also used : IPortChangeListener(com.predic8.membrane.core.model.IPortChangeListener)

Example 5 with SSLProvider

use of com.predic8.membrane.core.transport.ssl.SSLProvider in project service-proxy by membrane.

the class HttpServerHandler method setup.

private void setup() throws IOException {
    this.exchange = new Exchange(this);
    SSLProvider sslProvider = endpointListener.getSslProvider();
    if (sslProvider != null) {
        showSSLExceptions = sslProvider.showSSLExceptions();
        sourceSocket = sslProvider.wrapAcceptedSocket(sourceSocket);
    } else {
        // if there is no SSLProvider then there shouldn't be any ssl exceptions showing here
        showSSLExceptions = false;
    }
    log.debug("New ServerThread created. " + counter.incrementAndGet());
    srcIn = new BufferedInputStream(sourceSocket.getInputStream(), 2048);
    srcOut = new BufferedOutputStream(sourceSocket.getOutputStream(), 2048);
    sourceSocket.setSoTimeout(endpointListener.getTransport().getSocketTimeout());
    sourceSocket.setTcpNoDelay(endpointListener.getTransport().isTcpNoDelay());
}
Also used : Exchange(com.predic8.membrane.core.exchange.Exchange) BufferedInputStream(java.io.BufferedInputStream) SSLProvider(com.predic8.membrane.core.transport.ssl.SSLProvider) BufferedOutputStream(java.io.BufferedOutputStream)

Aggregations

SSLProvider (com.predic8.membrane.core.transport.ssl.SSLProvider)4 IOException (java.io.IOException)2 ConfigurationException (com.predic8.membrane.core.config.ConfigurationException)1 Exchange (com.predic8.membrane.core.exchange.Exchange)1 IPortChangeListener (com.predic8.membrane.core.model.IPortChangeListener)1 Rule (com.predic8.membrane.core.rules.Rule)1 IpPort (com.predic8.membrane.core.transport.http.IpPort)1 SSLContext (com.predic8.membrane.core.transport.ssl.SSLContext)1 SSLContextCollection (com.predic8.membrane.core.transport.ssl.SSLContextCollection)1 EndOfStreamException (com.predic8.membrane.core.util.EndOfStreamException)1 BufferedInputStream (java.io.BufferedInputStream)1 BufferedOutputStream (java.io.BufferedOutputStream)1 InetSocketAddress (java.net.InetSocketAddress)1 Socket (java.net.Socket)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 SSLSocket (javax.net.ssl.SSLSocket)1