Search in sources :

Example 6 with ConfigManager

use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.

the class SslContexts method buildServerSslContext.

public static SslContext buildServerSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder sslClientContextBuilder = null;
    InputStream serverKeyCertChainPathStream = null;
    InputStream serverPrivateKeyPathStream = null;
    InputStream serverTrustCertStream = null;
    try {
        serverKeyCertChainPathStream = sslConfig.getServerKeyCertChainPathStream();
        serverPrivateKeyPathStream = sslConfig.getServerPrivateKeyPathStream();
        serverTrustCertStream = sslConfig.getServerTrustCertCollectionPathStream();
        String password = sslConfig.getServerKeyPassword();
        if (password != null) {
            sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream, password);
        } else {
            sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream);
        }
        if (serverTrustCertStream != null) {
            sslClientContextBuilder.trustManager(serverTrustCertStream);
            sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
        }
        if (sslConfig.getCiphers() != null) {
            sslClientContextBuilder.ciphers(sslConfig.getCiphers());
        }
        if (sslConfig.getProtocols() != null) {
            sslClientContextBuilder.protocols(sslConfig.getProtocols());
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or the certificate is invalid.", e);
    } finally {
        safeCloseStream(serverKeyCertChainPathStream);
        safeCloseStream(serverPrivateKeyPathStream);
        safeCloseStream(serverTrustCertStream);
    }
    try {
        return sslClientContextBuilder.sslProvider(findSslProvider()).build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Example 7 with ConfigManager

use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.

the class SslContexts method buildClientSslContext.

public static SslContext buildClientSslContext(URL url) {
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
    SslContextBuilder builder = SslContextBuilder.forClient();
    InputStream clientTrustCertCollectionPath = null;
    InputStream clientCertChainFilePath = null;
    InputStream clientPrivateKeyFilePath = null;
    try {
        clientTrustCertCollectionPath = sslConfig.getClientTrustCertCollectionPathStream();
        if (clientTrustCertCollectionPath != null) {
            builder.trustManager(clientTrustCertCollectionPath);
        }
        clientCertChainFilePath = sslConfig.getClientKeyCertChainPathStream();
        clientPrivateKeyFilePath = sslConfig.getClientPrivateKeyPathStream();
        if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
            String password = sslConfig.getClientKeyPassword();
            if (password != null) {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath, password);
            } else {
                builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath);
            }
        }
        if (sslConfig.getCiphers() != null) {
            builder.ciphers(sslConfig.getCiphers());
        }
        if (sslConfig.getProtocols() != null) {
            builder.protocols(sslConfig.getProtocols());
        }
    } catch (Exception e) {
        throw new IllegalArgumentException("Could not find certificate file or find invalid certificate.", e);
    } finally {
        safeCloseStream(clientTrustCertCollectionPath);
        safeCloseStream(clientCertChainFilePath);
        safeCloseStream(clientPrivateKeyFilePath);
    }
    try {
        return builder.sslProvider(findSslProvider()).build();
    } catch (SSLException e) {
        throw new IllegalStateException("Build SslSession failed.", e);
    }
}
Also used : SslConfig(org.apache.dubbo.config.SslConfig) SslContextBuilder(io.netty.handler.ssl.SslContextBuilder) InputStream(java.io.InputStream) SSLException(javax.net.ssl.SSLException) ConfigManager(org.apache.dubbo.config.context.ConfigManager) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException)

Example 8 with ConfigManager

use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.

the class SslContextsTest method testSslContextsItem.

protected void testSslContextsItem() throws NoSuchFieldException, IllegalAccessException {
    String cipher = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
    String protocol = "TLSv1.3";
    ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
    SslConfig sslConfig = new SslConfig();
    sslConfig.setCiphers(Arrays.asList(cipher));
    sslConfig.setProtocols(Arrays.asList(protocol));
    globalConfigManager.setSsl(sslConfig);
    SslContext sslContext = SslContexts.buildClientSslContext(null);
    if (sslContext instanceof JdkSslContext) {
        JdkSslContext jdkSslContext = (JdkSslContext) sslContext;
        List<String> cipherSuites = jdkSslContext.cipherSuites();
        Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
        Field protocols = JdkSslContext.class.getDeclaredField("protocols");
        protocols.setAccessible(true);
        String[] item = (String[]) protocols.get(jdkSslContext);
        Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
    } else if (sslContext instanceof OpenSslContext) {
        OpenSslContext openSslContext = (OpenSslContext) sslContext;
        Assertions.assertTrue(openSslContext instanceof ReferenceCountedOpenSslContext);
        List<String> cipherSuites = openSslContext.cipherSuites();
        Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
        Field protocols = ReferenceCountedOpenSslContext.class.getDeclaredField("protocols");
        protocols.setAccessible(true);
        final String[] item = (String[]) protocols.get(openSslContext);
        Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
    }
}
Also used : Field(java.lang.reflect.Field) SslConfig(org.apache.dubbo.config.SslConfig) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext) JdkSslContext(io.netty.handler.ssl.JdkSslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext) List(java.util.List) ConfigManager(org.apache.dubbo.config.context.ConfigManager) JdkSslContext(io.netty.handler.ssl.JdkSslContext) SslContext(io.netty.handler.ssl.SslContext) OpenSslContext(io.netty.handler.ssl.OpenSslContext) ReferenceCountedOpenSslContext(io.netty.handler.ssl.ReferenceCountedOpenSslContext)

Example 9 with ConfigManager

use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.

the class AbstractInterfaceConfig method setApplication.

@Deprecated
public void setApplication(ApplicationConfig application) {
    this.application = application;
    if (application != null) {
        ConfigManager configManager = ApplicationModel.getConfigManager();
        configManager.getApplication().orElseGet(() -> {
            configManager.setApplication(application);
            return application;
        });
    }
}
Also used : ConfigManager(org.apache.dubbo.config.context.ConfigManager)

Example 10 with ConfigManager

use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.

the class AbstractInterfaceConfig method setMetadataReportConfig.

@Deprecated
public void setMetadataReportConfig(MetadataReportConfig metadataReportConfig) {
    this.metadataReportConfig = metadataReportConfig;
    if (metadataReportConfig != null) {
        ConfigManager configManager = ApplicationModel.getConfigManager();
        Collection<MetadataReportConfig> configs = configManager.getMetadataConfigs();
        if (CollectionUtils.isEmpty(configs) || configs.stream().noneMatch(existed -> existed.equals(metadataReportConfig))) {
            configManager.addMetadataReport(metadataReportConfig);
        }
    }
}
Also used : Arrays(java.util.Arrays) Assert(org.apache.dubbo.common.utils.Assert) Version(org.apache.dubbo.common.Version) COMMA_SPLIT_PATTERN(org.apache.dubbo.common.constants.CommonConstants.COMMA_SPLIT_PATTERN) ConfigManager(org.apache.dubbo.config.context.ConfigManager) TIMESTAMP_KEY(org.apache.dubbo.common.constants.CommonConstants.TIMESTAMP_KEY) StringUtils(org.apache.dubbo.common.utils.StringUtils) ArrayList(java.util.ArrayList) URL(org.apache.dubbo.common.URL) RELEASE_KEY(org.apache.dubbo.common.constants.CommonConstants.RELEASE_KEY) INVOKER_LISTENER_KEY(org.apache.dubbo.common.constants.CommonConstants.INVOKER_LISTENER_KEY) Map(java.util.Map) ReflectUtils(org.apache.dubbo.common.utils.ReflectUtils) ServiceMetadata(org.apache.dubbo.rpc.model.ServiceMetadata) TAG_KEY(org.apache.dubbo.common.constants.CommonConstants.TAG_KEY) ApplicationModel(org.apache.dubbo.rpc.model.ApplicationModel) CollectionUtils(org.apache.dubbo.common.utils.CollectionUtils) Collection(java.util.Collection) PID_KEY(org.apache.dubbo.common.constants.CommonConstants.PID_KEY) REFERENCE_FILTER_KEY(org.apache.dubbo.common.constants.CommonConstants.REFERENCE_FILTER_KEY) ConfigUtils(org.apache.dubbo.common.utils.ConfigUtils) DUBBO_VERSION_KEY(org.apache.dubbo.common.constants.CommonConstants.DUBBO_VERSION_KEY) List(java.util.List) Parameter(org.apache.dubbo.config.support.Parameter) Optional(java.util.Optional) ConfigManager(org.apache.dubbo.config.context.ConfigManager)

Aggregations

ConfigManager (org.apache.dubbo.config.context.ConfigManager)14 SslConfig (org.apache.dubbo.config.SslConfig)5 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)4 IOException (java.io.IOException)4 InputStream (java.io.InputStream)4 SSLException (javax.net.ssl.SSLException)4 Collection (java.util.Collection)3 List (java.util.List)3 ArrayList (java.util.ArrayList)2 Arrays (java.util.Arrays)2 Map (java.util.Map)2 Optional (java.util.Optional)2 URL (org.apache.dubbo.common.URL)2 Version (org.apache.dubbo.common.Version)2 COMMA_SPLIT_PATTERN (org.apache.dubbo.common.constants.CommonConstants.COMMA_SPLIT_PATTERN)2 DUBBO_VERSION_KEY (org.apache.dubbo.common.constants.CommonConstants.DUBBO_VERSION_KEY)2 INVOKER_LISTENER_KEY (org.apache.dubbo.common.constants.CommonConstants.INVOKER_LISTENER_KEY)2 PID_KEY (org.apache.dubbo.common.constants.CommonConstants.PID_KEY)2 REFERENCE_FILTER_KEY (org.apache.dubbo.common.constants.CommonConstants.REFERENCE_FILTER_KEY)2 RELEASE_KEY (org.apache.dubbo.common.constants.CommonConstants.RELEASE_KEY)2