本文整理了Java中io.netty.handler.ssl.SslContext
类的一些代码示例,展示了SslContext
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。SslContext
类的具体详情如下:
包路径:io.netty.handler.ssl.SslContext
类名称:SslContext
[英]A secure socket protocol implementation which acts as a factory for SSLEngine and SslHandler. Internally, it is implemented via JDK's SSLContext or OpenSSL's SSL_CTX.
// In your
ChannelInitializer:
ChannelPipeline p = channel.pipeline();
SslContext sslCtx =
SslContextBuilder#forServer(File,File).build();
p.addLast("ssl",
#newHandler(ByteBufAllocator));
...
// In your
ChannelInitializer:
ChannelPipeline p = channel.pipeline();
SslContext sslCtx =
SslContextBuilder#forClient().build();
p.addLast("ssl",
#newHandler(ByteBufAllocator,String,int));
...
[中]一种安全套接字协议实现,充当SSLEngine和SslHandler的工厂。在内部,它是通过JDK的SSLContext或OpenSSL的SSL_CTX实现的。
####让您的服务器支持SSL/TLS
// In your
ChannelInitializer:
ChannelPipeline p = channel.pipeline();
SslContext sslCtx =
SslContextBuilder#forServer(File,File).build();
p.addLast("ssl",
#newHandler(ByteBufAllocator));
...
####让您的客户机支持SSL/TLS
// In your
ChannelInitializer:
ChannelPipeline p = channel.pipeline();
SslContext sslCtx =
SslContextBuilder#forClient().build();
p.addLast("ssl",
#newHandler(ByteBufAllocator,String,int));
...
代码示例来源:origin: spring-projects/spring-framework
@Override
protected void initChannel(SocketChannel channel) throws Exception {
configureChannel(channel.config());
ChannelPipeline pipeline = channel.pipeline();
if (isSecure) {
Assert.notNull(sslContext, "sslContext should not be null");
pipeline.addLast(sslContext.newHandler(channel.alloc(), uri.getHost(), uri.getPort()));
}
pipeline.addLast(new HttpClientCodec());
pipeline.addLast(new HttpObjectAggregator(maxResponseSize));
if (readTimeout > 0) {
pipeline.addLast(new ReadTimeoutHandler(readTimeout,
TimeUnit.MILLISECONDS));
}
}
});
代码示例来源:origin: normanmaurer/netty-in-action
@Override
protected void initChannel(Channel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
SSLEngine engine = context.newEngine(ch.alloc());
pipeline.addFirst("ssl", new SslHandler(engine));
if (isClient) {
pipeline.addLast("codec", new HttpClientCodec());
} else {
pipeline.addLast("codec", new HttpServerCodec());
}
}
}
代码示例来源:origin: redisson/redisson
/**
* Creates a new client-side {@link SslContext}.
*
* @return a new client-side {@link SslContext}
* @deprecated Replaced by {@link SslContextBuilder}
*/
@Deprecated
public static SslContext newClientContext() throws SSLException {
return newClientContext(null, null, null);
}
代码示例来源:origin: redisson/redisson
/**
* Creates a new server-side {@link SslContext}.
*
* @param provider the {@link SslContext} implementation to use.
* {@code null} to use the current default one.
* @param certChainFile an X.509 certificate chain file in PEM format
* @param keyFile a PKCS#8 private key file in PEM format
* @param keyPassword the password of the {@code keyFile}.
* {@code null} if it's not password-protected.
* @param ciphers the cipher suites to enable, in the order of preference.
* {@code null} to use the default cipher suites.
* @param nextProtocols the application layer protocols to accept, in the order of preference.
* {@code null} to disable TLS NPN/ALPN extension.
* @param sessionCacheSize the size of the cache used for storing SSL session objects.
* {@code 0} to use the default value.
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
* {@code 0} to use the default value.
* @return a new server-side {@link SslContext}
* @deprecated Replaced by {@link SslContextBuilder}
*/
@Deprecated
public static SslContext newServerContext(
SslProvider provider,
File certChainFile, File keyFile, String keyPassword,
Iterable<String> ciphers, Iterable<String> nextProtocols,
long sessionCacheSize, long sessionTimeout) throws SSLException {
return newServerContext(provider, certChainFile, keyFile, keyPassword,
ciphers, IdentityCipherSuiteFilter.INSTANCE,
toApplicationProtocolConfig(nextProtocols), sessionCacheSize, sessionTimeout);
}
代码示例来源:origin: redisson/redisson
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient().sslProvider(provided);
if (config.getSslTruststore() != null) {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
sslContextBuilder.trustManager(trustManagerFactory);
SSLEngine sslEngine = sslContext.newEngine(ch.alloc(), hostname, config.getAddress().getPort());
sslEngine.setSSLParameters(sslParams);
SslHandler sslHandler = new SslHandler(sslEngine);
ch.pipeline().addLast(sslHandler);
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
代码示例来源:origin: glowroot/glowroot
@Override
protected void initChannel(SocketChannel ch) throws Exception {
ChannelPipeline p = ch.pipeline();
if (httpProxyHandler != null) {
p.addLast(httpProxyHandler);
}
if (ssl) {
SslContext sslContext = SslContextBuilder.forClient().build();
p.addLast(sslContext.newHandler(ch.alloc(), host, port));
}
p.addLast(new HttpClientCodec());
p.addLast(new HttpObjectAggregator(1048576));
p.addLast(handler);
}
});
代码示例来源:origin: aws/aws-sdk-java
@Override
public void initChannel(Channel channel) throws Exception {
ChannelPipeline pipeline = channel.pipeline();
if (log.isDebugEnabled()) {
pipeline.addLast(new LoggingHandler());
}
if (sslContext != null) {
pipeline.addLast("ssl", sslContext.newHandler(channel.alloc()));
}
pipeline.addLast("http-codec", new HttpClientCodec());
for (ChannelHandler handler : handlers) {
pipeline.addLast(handler);
}
pipeline.addLast("chunkedWriter", new ChunkedWriteHandler());
}
}
代码示例来源:origin: Netflix/zuul
@Override
protected void initChannel(Channel ch) throws Exception
{
SslHandler sslHandler = sslContext.newHandler(ch.alloc());
sslHandler.engine().setEnabledProtocols(sslContextFactory.getProtocols());
// Configure our pipeline of ChannelHandlerS.
ChannelPipeline pipeline = ch.pipeline();
storeChannel(ch);
addTimeoutHandlers(pipeline);
addPassportHandler(pipeline);
addTcpRelatedHandlers(pipeline);
pipeline.addLast("ssl", sslHandler);
addSslInfoHandlers(pipeline, isSSlFromIntermediary);
addSslClientCertChecks(pipeline);
addHttp1Handlers(pipeline);
addHttpRelatedHandlers(pipeline);
addZuulHandlers(pipeline);
}
}
代码示例来源:origin: com.yahoo.pulsar/pulsar-discovery-service
@Override
protected void initChannel(SocketChannel ch) throws Exception {
if (enableTLS) {
File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
// allows insecure connection
builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
}
ch.pipeline().addLast("frameDecoder",
new PulsarLengthFieldFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
ch.pipeline().addLast("handler", new ServerConnection(discoveryService));
}
}
代码示例来源:origin: treasure-lau/NettyDemo4Android
@Override
protected void initChannel(SocketChannel ch) throws Exception {
SslContext sslCtx = SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(sslCtx.newHandler(ch.alloc())); // 开启SSL
pipeline.addLast(new LoggingHandler(LogLevel.INFO)); // 开启日志,可以设置日志等级
// pipeline.addLast(new IdleStateHandler(30, 60, 100));
pipeline.addLast(new NettyClientHandler(listener));
}
}
代码示例来源:origin: micronaut-projects/micronaut-core
ChannelPipeline p = ch.pipeline();
ch.config().setAutoRead(false);
SslHandler sslHandler = sslContext.newHandler(
ch.alloc(),
host,
port
);
p.addFirst(HANDLER_SSL, sslHandler);
readTimeout.ifPresent(duration -> {
if (!duration.isNegative()) {
p.addLast(HANDLER_READ_TIMEOUT, new ReadTimeoutHandler(duration.toMillis(), TimeUnit.MILLISECONDS));
Duration duration = readIdleTime.get();
if (!duration.isNegative()) {
p.addLast(HANDLER_IDLE_STATE, new IdleStateHandler(duration.toMillis(), duration.toMillis(), duration.toMillis(), TimeUnit.MILLISECONDS));
p.addLast(HANDLER_HTTP_CLIENT_CODEC, new HttpClientCodec());
p.addLast(HANDLER_DECODER, new HttpContentDecompressor());
代码示例来源:origin: oracle/helidon
@Override
public void initChannel(SocketChannel ch) {
final ChannelPipeline p = ch.pipeline();
SslHandler sslHandler = sslContext.newHandler(ch.alloc());
sslEngine = sslHandler.engine();
p.addLast(sslHandler);
if (experimental != null && experimental.http2() != null && experimental.http2().enable()) {
Http2Configuration http2Config = experimental.http2();
HttpServerCodec sourceCodec = new HttpServerCodec();
HelidonConnectionHandler helidonHandler = new HelidonHttp2ConnectionHandlerBuilder()
.maxContentLength(http2Config.maxContentLength()).build();
new CleartextHttp2ServerUpgradeHandler(sourceCodec, upgradeHandler, helidonHandler);
p.addLast(cleartextHttp2ServerUpgradeHandler);
p.addLast(new HelidonEventLogger());
} else {
p.addLast(new HttpRequestDecoder());
ch.eventLoop().execute(this::clearQueues);
代码示例来源:origin: normanmaurer/netty-in-action
@Override
protected void initChannel(Channel ch) throws Exception {
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(new SslHandler(sslCtx.newEngine(ch.alloc())));
pipeline.addLast(new ChunkedWriteHandler());
pipeline.addLast(new WriteStreamHandler());
}
代码示例来源:origin: SpigotMC/BungeeCord
@Override
protected void initChannel(Channel ch) throws Exception
{
ch.pipeline().addLast( "timeout", new ReadTimeoutHandler( HttpClient.TIMEOUT, TimeUnit.MILLISECONDS ) );
if ( ssl )
{
SSLEngine engine = SslContext.newClientContext().newEngine( ch.alloc(), host, port );
ch.pipeline().addLast( "ssl", new SslHandler( engine ) );
}
ch.pipeline().addLast( "http", new HttpClientCodec() );
ch.pipeline().addLast( "handler", new HttpHandler( callback ) );
}
}
代码示例来源:origin: neo4j/neo4j
private void enableSsl( ChannelHandlerContext ctx )
{
ChannelPipeline p = ctx.pipeline();
p.addLast( sslCtx.newHandler( ctx.alloc() ) );
p.addLast( new TransportSelectionHandler( boltChannel, null, encryptionRequired, true, logging, boltProtocolFactory ) );
p.remove( this );
}
代码示例来源:origin: SeanDragon/protools
@Override
public void channelCreated(Channel channel) {
NioSocketChannel nioSocketChannel = (NioSocketChannel) channel;
nioSocketChannel.config().setTcpNoDelay(true).setKeepAlive(true);
final ChannelPipeline p = nioSocketChannel.pipeline();
//HTTPS
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(channel.alloc()));
}
p.addLast(new HttpClientCodec(Integer.MAX_VALUE, Integer.MAX_VALUE, Integer.MAX_VALUE));
p.addLast(new HttpObjectAggregator(Integer.MAX_VALUE));
}
}
代码示例来源:origin: normanmaurer/netty-in-action
@Override
protected void initChannel(Channel ch) throws Exception {
SSLEngine engine = context.newEngine(ch.alloc());
ch.pipeline().addFirst("ssl",
new SslHandler(engine, startTls));
}
}
代码示例来源:origin: Graylog2/graylog2-server
private SSLEngine createSslEngine(MessageInput input) throws IOException, CertificateException {
final X509Certificate[] clientAuthCerts;
if (EnumSet.of(ClientAuth.OPTIONAL, ClientAuth.REQUIRE).contains(clientAuth)) {
if (clientAuthCertFile.exists()) {
clientAuthCerts = KeyUtil.loadCertificates(clientAuthCertFile.toPath()).stream()
.filter(certificate -> certificate instanceof X509Certificate)
.map(certificate -> (X509Certificate) certificate)
.toArray(X509Certificate[]::new);
} else {
LOG.warn("Client auth configured, but no authorized certificates / certificate authorities configured for input [{}/{}]",
input.getName(), input.getId());
clientAuthCerts = null;
}
} else {
clientAuthCerts = null;
}
final SslContext sslContext = SslContextBuilder.forServer(certFile, keyFile, Strings.emptyToNull(password))
.sslProvider(tlsProvider)
.clientAuth(clientAuth)
.trustManager(clientAuthCerts)
.build();
// TODO: Use byte buffer allocator of channel
return sslContext.newEngine(ByteBufAllocator.DEFAULT);
}
};
代码示例来源:origin: dremio/dremio-oss
@Override
public SSLEngine newServerEngine(ByteBufAllocator allocator, String peerHost, int peerPort)
throws SSLException {
final SslContext sslContext =
SslContextBuilder.forServer(keyManagerFactory)
.trustManager(trustManagerFactory)
.clientAuth(sslConfig.disablePeerVerification() ? ClientAuth.OPTIONAL : ClientAuth.REQUIRE)
.sslProvider(SSL_PROVIDER)
.protocols(SSL_PROTOCOLS)
.ciphers(SSL_CIPHERS)
.build();
final SSLEngine engine = sslContext.newEngine(allocator, peerHost, peerPort);
try {
engine.setEnableSessionCreation(true);
} catch (UnsupportedOperationException ignored) {
// see ReferenceCountedOpenSslEngine#setEnableSessionCreation
logger.trace("Session creation not enabled", ignored);
}
return engine;
}
代码示例来源:origin: ReactiveX/RxNetty
@Override
public SSLEngine call(ByteBufAllocator allocator) {
try {
return SslContextBuilder.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.build()
.newEngine(allocator);
} catch (Exception e) {
throw Exceptions.propagate(e);
}
}
}));
内容来源于网络,如有侵权,请联系作者删除!