use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.
the class SslContexts method buildServerSslContext.
public static SslContext buildServerSslContext(URL url) {
ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
SslContextBuilder sslClientContextBuilder = null;
InputStream serverKeyCertChainPathStream = null;
InputStream serverPrivateKeyPathStream = null;
InputStream serverTrustCertStream = null;
try {
serverKeyCertChainPathStream = sslConfig.getServerKeyCertChainPathStream();
serverPrivateKeyPathStream = sslConfig.getServerPrivateKeyPathStream();
serverTrustCertStream = sslConfig.getServerTrustCertCollectionPathStream();
String password = sslConfig.getServerKeyPassword();
if (password != null) {
sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream, password);
} else {
sslClientContextBuilder = SslContextBuilder.forServer(serverKeyCertChainPathStream, serverPrivateKeyPathStream);
}
if (serverTrustCertStream != null) {
sslClientContextBuilder.trustManager(serverTrustCertStream);
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
}
if (sslConfig.getCiphers() != null) {
sslClientContextBuilder.ciphers(sslConfig.getCiphers());
}
if (sslConfig.getProtocols() != null) {
sslClientContextBuilder.protocols(sslConfig.getProtocols());
}
} catch (Exception e) {
throw new IllegalArgumentException("Could not find certificate file or the certificate is invalid.", e);
} finally {
safeCloseStream(serverKeyCertChainPathStream);
safeCloseStream(serverPrivateKeyPathStream);
safeCloseStream(serverTrustCertStream);
}
try {
return sslClientContextBuilder.sslProvider(findSslProvider()).build();
} catch (SSLException e) {
throw new IllegalStateException("Build SslSession failed.", e);
}
}
use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.
the class SslContexts method buildClientSslContext.
public static SslContext buildClientSslContext(URL url) {
ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
SslConfig sslConfig = globalConfigManager.getSsl().orElseThrow(() -> new IllegalStateException("Ssl enabled, but no ssl cert information provided!"));
SslContextBuilder builder = SslContextBuilder.forClient();
InputStream clientTrustCertCollectionPath = null;
InputStream clientCertChainFilePath = null;
InputStream clientPrivateKeyFilePath = null;
try {
clientTrustCertCollectionPath = sslConfig.getClientTrustCertCollectionPathStream();
if (clientTrustCertCollectionPath != null) {
builder.trustManager(clientTrustCertCollectionPath);
}
clientCertChainFilePath = sslConfig.getClientKeyCertChainPathStream();
clientPrivateKeyFilePath = sslConfig.getClientPrivateKeyPathStream();
if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
String password = sslConfig.getClientKeyPassword();
if (password != null) {
builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath, password);
} else {
builder.keyManager(clientCertChainFilePath, clientPrivateKeyFilePath);
}
}
if (sslConfig.getCiphers() != null) {
builder.ciphers(sslConfig.getCiphers());
}
if (sslConfig.getProtocols() != null) {
builder.protocols(sslConfig.getProtocols());
}
} catch (Exception e) {
throw new IllegalArgumentException("Could not find certificate file or find invalid certificate.", e);
} finally {
safeCloseStream(clientTrustCertCollectionPath);
safeCloseStream(clientCertChainFilePath);
safeCloseStream(clientPrivateKeyFilePath);
}
try {
return builder.sslProvider(findSslProvider()).build();
} catch (SSLException e) {
throw new IllegalStateException("Build SslSession failed.", e);
}
}
use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.
the class SslContextsTest method testSslContextsItem.
protected void testSslContextsItem() throws NoSuchFieldException, IllegalAccessException {
String cipher = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
String protocol = "TLSv1.3";
ConfigManager globalConfigManager = ApplicationModel.getConfigManager();
SslConfig sslConfig = new SslConfig();
sslConfig.setCiphers(Arrays.asList(cipher));
sslConfig.setProtocols(Arrays.asList(protocol));
globalConfigManager.setSsl(sslConfig);
SslContext sslContext = SslContexts.buildClientSslContext(null);
if (sslContext instanceof JdkSslContext) {
JdkSslContext jdkSslContext = (JdkSslContext) sslContext;
List<String> cipherSuites = jdkSslContext.cipherSuites();
Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
Field protocols = JdkSslContext.class.getDeclaredField("protocols");
protocols.setAccessible(true);
String[] item = (String[]) protocols.get(jdkSslContext);
Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
} else if (sslContext instanceof OpenSslContext) {
OpenSslContext openSslContext = (OpenSslContext) sslContext;
Assertions.assertTrue(openSslContext instanceof ReferenceCountedOpenSslContext);
List<String> cipherSuites = openSslContext.cipherSuites();
Assertions.assertTrue(cipherSuites.size() == 1 && cipherSuites.get(0).equals(cipher));
Field protocols = ReferenceCountedOpenSslContext.class.getDeclaredField("protocols");
protocols.setAccessible(true);
final String[] item = (String[]) protocols.get(openSslContext);
Assertions.assertTrue(item.length == 1 && item[0].equals(protocol));
}
}
use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.
the class AbstractInterfaceConfig method setApplication.
@Deprecated
public void setApplication(ApplicationConfig application) {
this.application = application;
if (application != null) {
ConfigManager configManager = ApplicationModel.getConfigManager();
configManager.getApplication().orElseGet(() -> {
configManager.setApplication(application);
return application;
});
}
}
use of org.apache.dubbo.config.context.ConfigManager in project dubbo by alibaba.
the class AbstractInterfaceConfig method setMetadataReportConfig.
@Deprecated
public void setMetadataReportConfig(MetadataReportConfig metadataReportConfig) {
this.metadataReportConfig = metadataReportConfig;
if (metadataReportConfig != null) {
ConfigManager configManager = ApplicationModel.getConfigManager();
Collection<MetadataReportConfig> configs = configManager.getMetadataConfigs();
if (CollectionUtils.isEmpty(configs) || configs.stream().noneMatch(existed -> existed.equals(metadataReportConfig))) {
configManager.addMetadataReport(metadataReportConfig);
}
}
}
Aggregations