use of io.netty.handler.ssl.SslContext in project jackrabbit-oak by apache.
the class StandbyClient method connect.
void connect(String host, int port) throws Exception {
final SslContext sslContext;
if (secure) {
sslContext = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
} else {
sslContext = null;
}
Bootstrap b = new Bootstrap().group(group).channel(NioSocketChannel.class).option(ChannelOption.CONNECT_TIMEOUT_MILLIS, readTimeoutMs).option(ChannelOption.TCP_NODELAY, true).option(ChannelOption.SO_REUSEADDR, true).option(ChannelOption.SO_KEEPALIVE, true).handler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if (sslContext != null) {
p.addLast(sslContext.newHandler(ch.alloc()));
}
p.addLast(new ReadTimeoutHandler(readTimeoutMs, TimeUnit.MILLISECONDS));
// Decoders
p.addLast(new SnappyFramedDecoder(true));
// Such a big max frame length is needed because blob
// values are sent in one big message. In future
// versions of the protocol, sending binaries in chunks
// should be considered instead.
p.addLast(new LengthFieldBasedFrameDecoder(Integer.MAX_VALUE, 0, 4));
p.addLast(new ResponseDecoder());
// Encoders
p.addLast(new StringEncoder(CharsetUtil.UTF_8));
p.addLast(new GetHeadRequestEncoder());
p.addLast(new GetSegmentRequestEncoder());
p.addLast(new GetBlobRequestEncoder());
p.addLast(new GetReferencesRequestEncoder());
// Handlers
p.addLast(new GetHeadResponseHandler(headQueue));
p.addLast(new GetSegmentResponseHandler(segmentQueue));
p.addLast(new GetBlobResponseHandler(blobQueue));
p.addLast(new GetReferencesResponseHandler(referencesQueue));
// Exception handler
p.addLast(new ExceptionHandler(clientId));
}
});
channel = b.connect(host, port).sync().channel();
}
use of io.netty.handler.ssl.SslContext in project pravega by pravega.
the class PravegaConnectionListener method startListening.
// endregion
public void startListening() {
// Configure SSL.
final SslContext sslCtx;
if (ssl) {
try {
sslCtx = SslContextBuilder.forServer(new File(this.certFile), new File(this.keyFile)).build();
} catch (SSLException e) {
throw new RuntimeException(e);
}
} else {
sslCtx = null;
}
boolean nio = false;
try {
bossGroup = new EpollEventLoopGroup(1);
workerGroup = new EpollEventLoopGroup();
} catch (ExceptionInInitializerError | UnsatisfiedLinkError | NoClassDefFoundError e) {
nio = true;
bossGroup = new NioEventLoopGroup(1);
workerGroup = new NioEventLoopGroup();
}
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup).channel(nio ? NioServerSocketChannel.class : EpollServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if (sslCtx != null) {
SslHandler handler = sslCtx.newHandler(ch.alloc());
p.addLast(handler);
}
ServerConnectionInboundHandler lsh = new ServerConnectionInboundHandler();
// p.addLast(new LoggingHandler(LogLevel.INFO));
p.addLast(new ExceptionLoggingHandler(ch.remoteAddress().toString()), new CommandEncoder(null), new LengthFieldBasedFrameDecoder(MAX_WIRECOMMAND_SIZE, 4, 4), new CommandDecoder(), new AppendDecoder(), lsh);
lsh.setRequestProcessor(new AppendProcessor(store, lsh, new PravegaRequestProcessor(store, lsh, statsRecorder, tokenVerifier), statsRecorder, tokenVerifier));
}
});
// Start the server.
serverChannel = b.bind(host, port).awaitUninterruptibly().channel();
}
use of io.netty.handler.ssl.SslContext in project web3sdk by FISCO-BCOS.
the class ChannelConnections method startConnect.
public void startConnect() {
if (running) {
logger.debug("服务已启动");
return;
}
logger.debug("初始化connections connect");
// 初始化netty
EventLoopGroup workerGroup = new NioEventLoopGroup();
bootstrap.group(workerGroup);
bootstrap.channel(NioSocketChannel.class);
bootstrap.option(ChannelOption.SO_KEEPALIVE, true);
final ChannelConnections selfService = this;
final ThreadPoolTaskExecutor selfThreadPool = threadPool;
ResourcePatternResolver resolver = new PathMatchingResourcePatternResolver();
final Resource keystoreResource = resolver.getResource(getClientKeystorePath());
final Resource caResource = resolver.getResource(getCaCertPath());
bootstrap.handler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel ch) throws Exception {
KeyStore ks = KeyStore.getInstance("JKS");
InputStream ksInputStream = keystoreResource.getInputStream();
ks.load(ksInputStream, getKeystorePassWord().toCharArray());
/*
* 每次连接使用新的handler 连接信息从socketChannel中获取
*/
ChannelHandler handler = new ChannelHandler();
handler.setConnections(selfService);
handler.setIsServer(false);
handler.setThreadPool(selfThreadPool);
SslContext sslCtx = SslContextBuilder.forClient().trustManager(caResource.getFile()).keyManager((PrivateKey) ks.getKey("client", getClientCertPassWord().toCharArray()), (X509Certificate) ks.getCertificate("client")).build();
ch.pipeline().addLast(sslCtx.newHandler(ch.alloc()), new LengthFieldBasedFrameDecoder(1024 * 1024 * 4, 0, 4, -4, 0), new IdleStateHandler(idleTimeout, idleTimeout, idleTimeout, TimeUnit.MILLISECONDS), handler);
}
});
running = true;
Thread loop = new Thread() {
public void run() {
try {
while (true) {
if (!running) {
return;
}
// 尝试重连
reconnect();
Thread.sleep(heartBeatDelay);
}
} catch (InterruptedException e) {
logger.error("系统错误", e);
}
}
};
loop.start();
}
Aggregations