use of io.netty.handler.ssl.JdkSslContext in project ratpack by ratpack.
the class ServerConfigDataDeserializer method deserialize.
@Override
public ServerConfigData deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException {
ObjectCodec codec = jp.getCodec();
ObjectNode serverNode = jp.readValueAsTree();
ServerConfigData data = new ServerConfigData(baseDirSupplier.get(), address, port, development, publicAddress);
if (serverNode.hasNonNull("port")) {
data.setPort(parsePort(serverNode.get("port")));
}
if (serverNode.hasNonNull("address")) {
data.setAddress(toValue(codec, serverNode.get("address"), InetAddress.class));
}
if (serverNode.hasNonNull("idleTimeout")) {
data.setIdleTimeout(toValue(codec, serverNode.get("idleTimeout"), Duration.class));
}
if (serverNode.hasNonNull("development")) {
data.setDevelopment(serverNode.get("development").asBoolean(false));
}
if (serverNode.hasNonNull("threads")) {
data.setThreads(serverNode.get("threads").asInt(ServerConfig.DEFAULT_THREADS));
}
if (serverNode.hasNonNull("registerShutdownHook")) {
data.setRegisterShutdownHook(serverNode.get("registerShutdownHook").asBoolean(true));
}
if (serverNode.hasNonNull("publicAddress")) {
data.setPublicAddress(toValue(codec, serverNode.get("publicAddress"), URI.class));
}
if (serverNode.hasNonNull("maxContentLength")) {
data.setMaxContentLength(serverNode.get("maxContentLength").asInt(ServerConfig.DEFAULT_MAX_CONTENT_LENGTH));
}
if (serverNode.hasNonNull("maxChunkSize")) {
data.setMaxChunkSize(serverNode.get("maxChunkSize").asInt(ServerConfig.DEFAULT_MAX_CHUNK_SIZE));
}
if (serverNode.hasNonNull("maxInitialLineLength")) {
data.setMaxInitialLineLength(serverNode.get("maxInitialLineLength").asInt(ServerConfig.DEFAULT_MAX_INITIAL_LINE_LENGTH));
}
if (serverNode.hasNonNull("maxHeaderSize")) {
data.setMaxHeaderSize(serverNode.get("maxHeaderSize").asInt(ServerConfig.DEFAULT_MAX_HEADER_SIZE));
}
if (serverNode.hasNonNull("requireClientSslAuth")) {
data.setRequireClientSslAuth(serverNode.get("requireClientSslAuth").asBoolean(false));
}
if (serverNode.hasNonNull("ssl")) {
data.setSslContext(toValue(codec, serverNode.get("ssl"), SslContext.class));
} else if (serverNode.hasNonNull("jdkSsl")) {
SSLContext jdkSslContext = toValue(codec, serverNode.get("jdkSsl"), SSLContext.class);
data.setSslContext(new JdkSslContext(jdkSslContext, false, data.isRequireClientSslAuth() ? ClientAuth.REQUIRE : ClientAuth.NONE));
}
if (serverNode.hasNonNull("baseDir")) {
throw new IllegalStateException("baseDir value cannot be set via config, it must be set directly via ServerConfigBuilder.baseDir()");
}
if (serverNode.hasNonNull("connectTimeoutMillis")) {
parseOptionalIntValue("connectTimeoutMillis", serverNode.get("connectTimeoutMillis")).ifPresent(data::setConnectTimeoutMillis);
}
if (serverNode.hasNonNull("maxMessagesPerRead")) {
parseOptionalIntValue("maxMessagesPerRead", serverNode.get("maxMessagesPerRead")).ifPresent(data::setMaxMessagesPerRead);
}
if (serverNode.hasNonNull("receiveBufferSize")) {
parseOptionalIntValue("receiveBufferSize", serverNode.get("receiveBufferSize")).ifPresent(data::setReceiveBufferSize);
}
if (serverNode.hasNonNull("writeSpinCount")) {
parseOptionalIntValue("writeSpinCount", serverNode.get("writeSpinCount")).ifPresent(data::setWriteSpinCount);
}
if (serverNode.hasNonNull("connectQueueSize")) {
parseOptionalIntValue("connectQueueSize", serverNode.get("connectQueueSize")).ifPresent(data::setConnectQueueSize);
}
return data;
}
use of io.netty.handler.ssl.JdkSslContext in project reactor-netty by reactor.
the class ClientOptions method groupAndChannel.
@SuppressWarnings("unchecked")
final void groupAndChannel(Bootstrap bootstrap) {
LoopResources loops = Objects.requireNonNull(getLoopResources(), "loopResources");
boolean useNative = this.protocolFamily == null && preferNative() && !(sslContext() instanceof JdkSslContext);
EventLoopGroup elg = loops.onClient(useNative);
if (this.poolResources != null && elg instanceof Supplier) {
// don't colocate
bootstrap.group(((Supplier<EventLoopGroup>) elg).get());
} else {
bootstrap.group(elg);
}
if (useDatagramChannel()) {
if (useNative) {
bootstrap.channel(loops.onDatagramChannel(elg));
} else {
bootstrap.channelFactory(() -> new NioDatagramChannel(protocolFamily));
}
} else {
bootstrap.channel(loops.onChannel(elg));
}
}
use of io.netty.handler.ssl.JdkSslContext in project reactor-netty by reactor.
the class ServerOptions method groupAndChannel.
final void groupAndChannel(ServerBootstrap bootstrap) {
LoopResources loops = Objects.requireNonNull(getLoopResources(), "loopResources");
boolean useNative = preferNative() && !(sslContext() instanceof JdkSslContext);
final EventLoopGroup selectorGroup = loops.onServerSelect(useNative);
final EventLoopGroup elg = loops.onServer(useNative);
bootstrap.group(selectorGroup, elg).channel(loops.onServerChannel(elg));
}
use of io.netty.handler.ssl.JdkSslContext in project rest.li by linkedin.
the class Http2ClientPipelineInitializer method configureHttpsPipeline.
/**
* Sets up HTTP/2 over TLS through ALPN (h2) pipeline
*/
@SuppressWarnings("deprecation")
private void configureHttpsPipeline(NioSocketChannel ctx, Http2Connection connection) throws Exception {
JdkSslContext context = new JdkSslContext(_sslContext, IS_CLIENT, Arrays.asList(_sslParameters.getCipherSuites()), IdentityCipherSuiteFilter.INSTANCE, // until we dont have a shadowed version of Netty
new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1), _sslParameters.getNeedClientAuth() ? ClientAuth.REQUIRE : ClientAuth.OPTIONAL);
Http2StreamCodec http2Codec = new Http2StreamCodecBuilder().connection(connection).maxContentLength(_maxResponseSize).gracefulShutdownTimeoutMillis(_gracefulShutdownTimeout).build();
Http2AlpnHandler alpnHandler = new Http2AlpnHandler(context, http2Codec, _enableSSLSessionResumption, _sslHandShakeTimeout);
Http2SchemeHandler schemeHandler = new Http2SchemeHandler(HttpScheme.HTTPS.toString());
Http2StreamResponseHandler responseHandler = new Http2StreamResponseHandler();
ctx.pipeline().addLast(Http2AlpnHandler.PIPELINE_ALPN_HANDLER, alpnHandler);
ctx.pipeline().addLast("schemeHandler", schemeHandler);
ctx.pipeline().addLast("responseHandler", responseHandler);
}
use of io.netty.handler.ssl.JdkSslContext in project flink by apache.
the class SSLUtils method createRestSSLContext.
/**
* Creates an SSL context for clients against the external REST endpoint.
*/
@Nullable
@VisibleForTesting
public static SSLContext createRestSSLContext(Configuration config, boolean clientMode) throws Exception {
ClientAuth clientAuth = SecurityOptions.isRestSSLAuthenticationEnabled(config) ? ClientAuth.REQUIRE : ClientAuth.NONE;
JdkSslContext nettySSLContext = (JdkSslContext) createRestNettySSLContext(config, clientMode, clientAuth, JDK);
if (nettySSLContext != null) {
return nettySSLContext.context();
} else {
return null;
}
}
Aggregations