Examples with SslContext org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext used on opensource projects

Example 16 with SslContext

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project eat by nhnent.

the class SslHandler method initSSL.

public static SslContext initSSL() {
    Logger logger = LoggerFactory.getLogger("com.nhnent.eat.communication.netty.ws.SslHandler");
    SslContext sslContext = getSslContext(Config.obj().getServer().getSsl().getKeyCertChainPath(), Config.obj().getServer().getSsl().getPrivateKeyPath(), Config.obj().getServer().getSsl().getKeyPassword());
    if (sslContext != null) {
        logger.info("use ssl");
    }
    return sslContext;
}

Example 17 with SslContext

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project eat by nhnent.

the class SslHandler method getSslContext.

private static SslContext getSslContext(String keyCertChain, String privateKey, String keyPassword) {
    SslContext sslCtx = null;
    Logger logger = LoggerFactory.getLogger("com.nhnent.eat.communication.netty.ws.SslHandler");
    if (!keyCertChain.isEmpty() && !privateKey.isEmpty()) {
        File crtFile = new File(keyCertChain);
        File privateKeyFile = new File(privateKey);
        try {
            // sslCtx = SslContext.newServerContext(crtFile, pkFile,"1111");
            if (keyPassword.isEmpty()) {
                sslCtx = SslContextBuilder.forServer(crtFile, privateKeyFile).build();
            } else {
                sslCtx = SslContextBuilder.forServer(crtFile, privateKeyFile, keyPassword).build();
            }
        } catch (SSLException e) {
            logger.error(ExceptionUtils.getStackTrace(e));
        }
    }
    return sslCtx;
}

Example 18 with SslContext

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project xian by happyyangyuan.

the class RpcNettyClient method lazyInit.

/**
 * @param nodeId The node's id to which you want to initialize the connection. This method is thread-safe because it is synchronized.
 * @throws info.xiancloud.plugin.distribution.exception.ApplicationInstanceOfflineException Because the destination node is offline, of cause you cannot initialize the connection.
 * @throws Exception                                                                        Other unknown exceptions.
 */
private static void lazyInit(String nodeId) throws Exception {
    lock.lock();
    String host = null;
    int port = -1;
    try {
        if (channelAvailable(nodeId)) {
            LOG.debug(String.format("RpcClient:已经存在一个与%s的长连接，不再新建连接.", nodeId));
            return;
        }
        LOG.info(String.format("RpcClient:开始新建与%s的长连接...", nodeId));
        ApplicationInstance node = ApplicationRouter.singleton.getInstance(nodeId);
        // 如果是在同一台主机内部部署的两个节点，那么避免走交换机、路由器了
        host = Objects.equals(node.getAddress(), EnvUtil.getLocalIp()) ? "127.0.0.1" : node.getAddress();
        port = node.getPort();
        final SslContext sslCtx;
        if (SSL) {
            sslCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();
        } else {
            sslCtx = null;
        }
        EventLoopGroup group = new NioEventLoopGroup(1);
        Bootstrap b = new Bootstrap();
        b.group(group).option(ChannelOption.WRITE_BUFFER_WATER_MARK, new WriteBufferWaterMark(// 10m
        10 * 1024 * 1024, // 20m
        20 * 1024 * 1024)).channel(NioSocketChannel.class).handler(new RpcNettyClientInitializer(sslCtx, nodeId)).option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 100);
        Channel connectedChannel = b.connect(host, port).sync().channel();
        connectedChannel.closeFuture().addListener(future -> {
            group.shutdownGracefully();
            LOG.info("The EventLoopGroup has been terminated completely and all Channels that belong to the group have been closed.");
        });
        nodeId_to_connectedChannel_map.put(nodeId, connectedChannel);
        LOG.info(new JSONObject() {

            {
                put("toNodeId", nodeId);
                put("rpcRemoteAddress", connectedChannel.remoteAddress().toString());
                put("type", "rpcChannelConnected");
                put("description", String.format("RpcClient:与%s的长连接建立完毕, remoteAddress=%s", nodeId, connectedChannel.remoteAddress()));
            }
        }.toJSONString());
    } catch (Throwable e) {
        throw new Exception(String.format("与远程节点%s建立长连接失败:host=%s,port=%s", nodeId, host, port), e);
    } finally {
        lock.unlock();
    }
}

Example 19 with SslContext

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project xian by happyyangyuan.

the class RpcNettyServer method start.

private void start() throws Exception {
    if (Node.RPC_PORT < 0) {
        LOG.error("No rpc port is specified, rpc server starting failed.");
        return;
    }
    final SslContext sslCtx;
    if (SSL) {
        SelfSignedCertificate ssc = new SelfSignedCertificate();
        sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
    } else {
        sslCtx = null;
    }
    EventLoopGroup bossGroup = new NioEventLoopGroup(1);
    EventLoopGroup workerGroup = new NioEventLoopGroup(1);
    ServerBootstrap b = new ServerBootstrap();
    b.group(bossGroup, workerGroup).option(ChannelOption.WRITE_BUFFER_WATER_MARK, new WriteBufferWaterMark(// 10m
    10 * 1024 * 1024, // 20m
    20 * 1024 * 1024)).channel(NioServerSocketChannel.class).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new RpcServerInitializer(sslCtx));
    parentChannel = b.bind(Node.RPC_PORT).sync().channel();
    parentChannel.closeFuture().addListener(future -> {
        workerGroup.shutdownGracefully();
        bossGroup.shutdownGracefully();
        LOG.info("The EventLoopGroup has been terminated completely and all Channels that belong to the group have been closed.");
    });
}

Example 20 with SslContext

use of org.apache.flink.shaded.netty4.io.netty.handler.ssl.SslContext in project incubator-pulsar by apache.

the class ServiceChannelInitializer method initChannel.

@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        SslContext sslCtx = SecurityUtility.createNettySslContextForServer(serviceConfig.isTlsAllowInsecureConnection(), serviceConfig.getTlsTrustCertsFilePath(), serviceConfig.getTlsCertificateFilePath(), serviceConfig.getTlsKeyFilePath(), serviceConfig.getTlsCiphers(), serviceConfig.getTlsProtocols(), serviceConfig.getTlsRequireTrustedClientCertOnConnect());
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerConnection(discoveryService));
}