Search in sources :

Example 61 with SslContext

use of io.netty.handler.ssl.SslContext in project pulsar by yahoo.

the class PulsarChannelInitializer method initChannel.

@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        if (serviceConfig.isTlsAllowInsecureConnection()) {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (serviceConfig.getTlsTrustCertsFilePath().isEmpty()) {
                // Use system default
                builder.trustManager((File) null);
            } else {
                File trustCertCollection = new File(serviceConfig.getTlsTrustCertsFilePath());
                builder.trustManager(trustCertCollection);
            }
        }
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new PulsarLengthFieldFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerCnx(brokerService));
}
Also used : SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) PulsarLengthFieldFrameDecoder(com.yahoo.pulsar.common.api.PulsarLengthFieldFrameDecoder) File(java.io.File) SslContext(io.netty.handler.ssl.SslContext)

Example 62 with SslContext

use of io.netty.handler.ssl.SslContext in project pulsar by yahoo.

the class ServiceChannelInitializer method initChannel.

@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        // allows insecure connection
        builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new PulsarLengthFieldFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerConnection(discoveryService));
}
Also used : SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) PulsarLengthFieldFrameDecoder(com.yahoo.pulsar.common.api.PulsarLengthFieldFrameDecoder) File(java.io.File) SslContext(io.netty.handler.ssl.SslContext)

Example 63 with SslContext

use of io.netty.handler.ssl.SslContext in project jackrabbit-oak by apache.

the class StandbyClient method connect.

void connect(String host, int port) throws Exception {
    final SslContext sslContext;
    if (secure) {
        sslContext = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
    } else {
        sslContext = null;
    }
    Bootstrap b = new Bootstrap().group(group).channel(NioSocketChannel.class).option(ChannelOption.CONNECT_TIMEOUT_MILLIS, readTimeoutMs).option(ChannelOption.TCP_NODELAY, true).option(ChannelOption.SO_REUSEADDR, true).option(ChannelOption.SO_KEEPALIVE, true).handler(new ChannelInitializer<SocketChannel>() {

        @Override
        public void initChannel(SocketChannel ch) throws Exception {
            ChannelPipeline p = ch.pipeline();
            if (sslContext != null) {
                p.addLast(sslContext.newHandler(ch.alloc()));
            }
            p.addLast(new ReadTimeoutHandler(readTimeoutMs, TimeUnit.MILLISECONDS));
            // Decoders
            p.addLast(new SnappyFramedDecoder(true));
            // Such a big max frame length is needed because blob
            // values are sent in one big message. In future
            // versions of the protocol, sending binaries in chunks
            // should be considered instead.
            p.addLast(new LengthFieldBasedFrameDecoder(Integer.MAX_VALUE, 0, 4));
            p.addLast(new ResponseDecoder());
            // Encoders
            p.addLast(new StringEncoder(CharsetUtil.UTF_8));
            p.addLast(new GetHeadRequestEncoder());
            p.addLast(new GetSegmentRequestEncoder());
            p.addLast(new GetBlobRequestEncoder());
            p.addLast(new GetReferencesRequestEncoder());
            // Handlers
            p.addLast(new GetHeadResponseHandler(headQueue));
            p.addLast(new GetSegmentResponseHandler(segmentQueue));
            p.addLast(new GetBlobResponseHandler(blobQueue));
            p.addLast(new GetReferencesResponseHandler(referencesQueue));
            // Exception handler
            p.addLast(new ExceptionHandler(clientId));
        }
    });
    channel = b.connect(host, port).sync().channel();
}
Also used : GetReferencesRequestEncoder(org.apache.jackrabbit.oak.segment.standby.codec.GetReferencesRequestEncoder) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) SocketChannel(io.netty.channel.socket.SocketChannel) GetSegmentRequestEncoder(org.apache.jackrabbit.oak.segment.standby.codec.GetSegmentRequestEncoder) ChannelPipeline(io.netty.channel.ChannelPipeline) NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel) StringEncoder(io.netty.handler.codec.string.StringEncoder) ResponseDecoder(org.apache.jackrabbit.oak.segment.standby.codec.ResponseDecoder) GetBlobRequestEncoder(org.apache.jackrabbit.oak.segment.standby.codec.GetBlobRequestEncoder) GetHeadRequestEncoder(org.apache.jackrabbit.oak.segment.standby.codec.GetHeadRequestEncoder) Bootstrap(io.netty.bootstrap.Bootstrap) ReadTimeoutHandler(io.netty.handler.timeout.ReadTimeoutHandler) SnappyFramedDecoder(io.netty.handler.codec.compression.SnappyFramedDecoder) LengthFieldBasedFrameDecoder(io.netty.handler.codec.LengthFieldBasedFrameDecoder) SslContext(io.netty.handler.ssl.SslContext)

Aggregations

SslContext (io.netty.handler.ssl.SslContext)63 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)37 EventLoopGroup (io.netty.channel.EventLoopGroup)35 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)22 Channel (io.netty.channel.Channel)20 NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)19 LoggingHandler (io.netty.handler.logging.LoggingHandler)19 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)19 Bootstrap (io.netty.bootstrap.Bootstrap)16 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)16 SocketChannel (io.netty.channel.socket.SocketChannel)15 ChannelFuture (io.netty.channel.ChannelFuture)11 File (java.io.File)11 ChannelPipeline (io.netty.channel.ChannelPipeline)10 Test (org.junit.Test)10 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)7 ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)5 SSLHelper (io.vertx.core.net.impl.SSLHelper)4 BufferedReader (java.io.BufferedReader)4 InputStreamReader (java.io.InputStreamReader)4