本文整理了Java中io.netty.handler.ssl.SslContext.newHandler()方法的一些代码示例,展示了SslContext.newHandler()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。SslContext.newHandler()方法的具体详情如下:
包路径:io.netty.handler.ssl.SslContext
类名称:SslContext
方法名:newHandler
[英]Creates a new SslHandler.
If SslProvider#OPENSSL_REFCNT is used then the returned SslHandler will release the engine that is wrapped. If the returned SslHandler is not inserted into a pipeline then you may leak native memory!
Beware: the underlying generated SSLEngine won't have hostname verification enabled by default. If you create SslHandler for the client side and want proper security, we advice that you configure the SSLEngine (see javax.net.ssl.SSLParameters#setEndpointIdentificationAlgorithm(String)):
SSLEngine sslEngine = sslHandler.engine();
SSLParameters sslParameters = sslEngine.getSSLParameters();
// only available since Java 7
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
sslEngine.setSSLParameters(sslParameters);The underlying SSLEngine may not follow the restrictions imposed by the SSLEngine javadocs which limits wrap/unwrap to operate on a single SSL/TLS packet.
[中]创建一个新的SslHandler。
如果使用SslProvider#OPENSSL _REFCNT,则返回的SslHandler将释放包裹的引擎。如果返回的SslHandler未插入管道,则可能会泄漏本机内存!
注意:默认情况下,底层生成的SSLEngine不会启用hostname verification。如果您为客户端创建SslHandler并希望获得适当的安全性,我们建议您配置SSLEngine(请参阅javax.net.ssl.sslparemeters#setEndpointIdentificationAlgorithm(String)):
SSLEngine sslEngine = sslHandler.engine();
SSLParameters sslParameters = sslEngine.getSSLParameters();
// only available since Java 7
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
sslEngine.setSSLParameters(sslParameters);底层SSLEngine可能不遵循SSLEngine javadocs所施加的限制,该限制将wrap/unwrap限制为对单个SSL/TLS数据包进行操作。
代码示例来源:origin: spring-projects/spring-framework
@Override
protected void initChannel(SocketChannel channel) throws Exception {
configureChannel(channel.config());
ChannelPipeline pipeline = channel.pipeline();
if (isSecure) {
Assert.notNull(sslContext, "sslContext should not be null");
pipeline.addLast(sslContext.newHandler(channel.alloc(), uri.getHost(), uri.getPort()));
}
pipeline.addLast(new HttpClientCodec());
pipeline.addLast(new HttpObjectAggregator(maxResponseSize));
if (readTimeout > 0) {
pipeline.addLast(new ReadTimeoutHandler(readTimeout,
TimeUnit.MILLISECONDS));
}
}
});代码示例来源:origin: neo4j/neo4j
private void enableSsl( ChannelHandlerContext ctx )
{
ChannelPipeline p = ctx.pipeline();
p.addLast( sslCtx.newHandler( ctx.alloc() ) );
p.addLast( new TransportSelectionHandler( boltChannel, null, encryptionRequired, true, logging, boltProtocolFactory ) );
p.remove( this );
}代码示例来源:origin: com.datastax.cassandra/cassandra-driver-core
@Override
public SslHandler newSSLHandler(SocketChannel channel) {
return context.newHandler(channel.alloc());
}
}代码示例来源:origin: line/armeria
@Override
public void initChannel(SocketChannel ch) throws Exception {
final ChannelPipeline p = ch.pipeline();
final Http2Connection conn = new DefaultHttp2Connection(false);
final HttpToHttp2ConnectionHandler connHandler = new HttpToHttp2ConnectionHandlerBuilder()
.connection(conn)
.frameListener(new DelegatingDecompressorFrameListener(
conn,
new InboundHttp2ToHttpAdapterBuilder(conn)
.maxContentLength(Integer.MAX_VALUE)
.propagateSettings(true).build()))
.build();
clientHandler = new THttp2ClientHandler(ch.eventLoop());
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(p.channel().alloc()));
p.addLast(connHandler);
configureEndOfPipeline(p);
} else {
final Http1ClientCodec sourceCodec = new Http1ClientCodec();
final HttpClientUpgradeHandler upgradeHandler = new HttpClientUpgradeHandler(
sourceCodec, new Http2ClientUpgradeCodec(connHandler), 65536);
p.addLast(sourceCodec, upgradeHandler, new UpgradeRequestHandler());
}
}代码示例来源:origin: jersey/jersey
/**
* Configure the pipeline for TLS NPN negotiation to HTTP/2.
*/
private void configureSsl(SocketChannel ch) {
ch.pipeline().addLast(sslCtx.newHandler(ch.alloc()), new HttpVersionChooser(baseUri, container));
}代码示例来源:origin: aws/aws-sdk-java
@Override
public void initChannel(Channel channel) throws Exception {
ChannelPipeline pipeline = channel.pipeline();
if (log.isDebugEnabled()) {
pipeline.addLast(new LoggingHandler());
}
if (sslContext != null) {
pipeline.addLast("ssl", sslContext.newHandler(channel.alloc()));
}
pipeline.addLast("http-codec", new HttpClientCodec());
for (ChannelHandler handler : handlers) {
pipeline.addLast(handler);
}
pipeline.addLast("chunkedWriter", new ChunkedWriteHandler());
}
}代码示例来源:origin: com.datastax.cassandra/cassandra-driver-core
@Override
public SslHandler newSSLHandler(SocketChannel channel, InetSocketAddress remoteEndpoint) {
return context.newHandler(
channel.alloc(), remoteEndpoint.getHostName(), remoteEndpoint.getPort());
}
}代码示例来源:origin: atomix/atomix
@Override
protected void initChannel(SocketChannel channel) throws Exception {
channel.pipeline().addLast("ssl", sslContext.newHandler(channel.alloc()))
.addLast("handshake", new ServerHandshakeHandlerAdapter());
}
}代码示例来源:origin: GlowstoneMC/Glowstone
@Override
protected void initChannel(Channel channel) throws Exception {
channel.pipeline()
.addLast("timeout", new ReadTimeoutHandler(6000, TimeUnit.MILLISECONDS));
if (sslCtx != null) {
channel.pipeline().addLast("ssl", sslCtx.newHandler(channel.alloc()));
}
channel.pipeline().addLast("codec", new HttpClientCodec());
channel.pipeline().addLast("handler", new HttpHandler(callback));
}
}代码示例来源:origin: ballerina-platform/ballerina-lang
@Override
protected void initChannel(SocketChannel ch) {
ChannelPipeline p = ch.pipeline();
if (sslCtx != null) {
p.addLast(sslCtx.newHandler(ch.alloc(), host, port));
}
p.addLast(
new HttpClientCodec(),
new HttpObjectAggregator(8192),
WebSocketClientCompressionHandler.INSTANCE,
handler
);
}
});代码示例来源:origin: Netflix/zuul
@Override
protected void initChannel(Channel ch) throws Exception {
final ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(new PassportStateOriginHandler());
if (connectionPoolConfig.isSecure()) {
pipeline.addLast("ssl", sslContext.newHandler(ch.alloc()));
}
pipeline.addLast(HTTP_CODEC_HANDLER_NAME, new HttpClientCodec(
BaseZuulChannelInitializer.MAX_INITIAL_LINE_LENGTH.get(),
BaseZuulChannelInitializer.MAX_HEADER_SIZE.get(),
BaseZuulChannelInitializer.MAX_CHUNK_SIZE.get(),
false,
false
));
pipeline.addLast(PassportStateHttpClientHandler.PASSPORT_STATE_HTTP_CLIENT_HANDLER_NAME, new PassportStateHttpClientHandler());
pipeline.addLast("originNettyLogger", nettyLogger);
pipeline.addLast(httpMetricsHandler);
addMethodBindingHandler(pipeline);
pipeline.addLast("httpLifecycle", new HttpClientLifecycleChannelHandler());
pipeline.addLast("connectionPoolHandler", connectionPoolHandler);
}代码示例来源:origin: org.springframework/spring-web
@Override
protected void initChannel(SocketChannel channel) throws Exception {
configureChannel(channel.config());
ChannelPipeline pipeline = channel.pipeline();
if (isSecure) {
Assert.notNull(sslContext, "sslContext should not be null");
pipeline.addLast(sslContext.newHandler(channel.alloc(), uri.getHost(), uri.getPort()));
}
pipeline.addLast(new HttpClientCodec());
pipeline.addLast(new HttpObjectAggregator(maxResponseSize));
if (readTimeout > 0) {
pipeline.addLast(new ReadTimeoutHandler(readTimeout,
TimeUnit.MILLISECONDS));
}
}
});代码示例来源:origin: line/armeria
final SslHandler sslHandler = sslCtx.newHandler(ch.alloc(),
remoteAddr.getHostString(),
remoteAddr.getPort());
p.addLast(configureSslHandler(sslHandler));
p.addLast(TrafficLoggingHandler.CLIENT);
p.addLast(new ChannelInboundHandlerAdapter() {
private boolean handshakeFailed;代码示例来源:origin: alipay/sofa-rpc
/**
* Configure the pipeline for TLS NPN negotiation to HTTP/2.
*/
private void configureSsl(SocketChannel ch) {
SslContext sslCtx = SslContextBuilder.build();
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
// We must wait for the handshake to finish and the protocol to be negotiated before configuring
// the HTTP/2 components of the pipeline.
pipeline.addLast(new ApplicationProtocolNegotiationHandler("") {
@Override
protected void configurePipeline(ChannelHandlerContext ctx, String protocol) {
if (ApplicationProtocolNames.HTTP_2.equals(protocol)) {
ChannelPipeline p = ctx.pipeline();
p.addLast(connectionHandler);
configureEndOfPipeline(p);
return;
}
ctx.close();
throw new IllegalStateException("unknown protocol: " + protocol);
}
});
}代码示例来源:origin: Netflix/zuul
@Override
protected void initChannel(Channel ch) throws Exception {
SslHandler sslHandler = sslContext.newHandler(ch.alloc());
sslHandler.engine().setEnabledProtocols(serverSslConfig.getProtocols());
addPassportHandler(pipeline);
addTcpRelatedHandlers(pipeline);
pipeline.addLast(new Http2FrameLoggingPerClientIpHandler());
pipeline.addLast("ssl", sslHandler);
addSslInfoHandlers(pipeline, isSSlFromIntermediary);
addSslClientCertChecks(pipeline);
Http2ConnectionExpiryHandler connectionExpiryHandler = new Http2ConnectionExpiryHandler(maxRequestsPerConnection, maxRequestsPerConnectionInBrownout, connectionExpiry);
pipeline.addLast("http2CodecSwapper", new Http2OrHttpHandler(
new Http2StreamInitializer(ch, this::http1Handlers, http2MetricsChannelHandlers, connectionCloseHandler, connectionExpiryHandler),
channelConfig,代码示例来源:origin: alipay/sofa-rpc
/**
* Configure the pipeline for TLS NPN negotiation to HTTP/2.
*/
private void configureSsl(SocketChannel ch) {
SslContext sslCtx = SslContextBuilder.build();
ChannelPipeline pipeline = ch.pipeline();
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
// We must wait for the handshake to finish and the protocol to be negotiated before configuring
// the HTTP/2 components of the pipeline.
pipeline.addLast(new ApplicationProtocolNegotiationHandler("") {
@Override
protected void configurePipeline(ChannelHandlerContext ctx, String protocol) {
if (ApplicationProtocolNames.HTTP_2.equals(protocol)) {
ChannelPipeline p = ctx.pipeline();
p.addLast(connectionHandler);
configureEndOfPipeline(p);
return;
}
ctx.close();
throw new IllegalStateException("unknown protocol: " + protocol);
}
});
}代码示例来源:origin: Netflix/zuul
@Override
protected void initChannel(Channel ch) throws Exception
{
SslHandler sslHandler = sslContext.newHandler(ch.alloc());
sslHandler.engine().setEnabledProtocols(sslContextFactory.getProtocols());
// Configure our pipeline of ChannelHandlerS.
ChannelPipeline pipeline = ch.pipeline();
storeChannel(ch);
addTimeoutHandlers(pipeline);
addPassportHandler(pipeline);
addTcpRelatedHandlers(pipeline);
pipeline.addLast("ssl", sslHandler);
addSslInfoHandlers(pipeline, isSSlFromIntermediary);
addSslClientCertChecks(pipeline);
addHttp1Handlers(pipeline);
addHttpRelatedHandlers(pipeline);
addZuulHandlers(pipeline);
}
}代码示例来源:origin: atomix/atomix
@Override
protected void initChannel(SocketChannel channel) throws Exception {
channel.pipeline().addLast("ssl", sslContext.newHandler(channel.alloc(), address.host(), address.port()))
.addLast("handshake", new ClientHandshakeHandlerAdapter(future));
}
}代码示例来源:origin: micronaut-projects/micronaut-core
pipeline.addLast(sslContext.newHandler(ch.alloc()));
pipeline.addLast(new LoggingHandler(logLevel))
);
pipeline.addLast(new IdleStateHandler(
(int) serverConfiguration.getReadIdleTimeout().getSeconds(),
(int) serverConfiguration.getWriteIdleTimeout().getSeconds(),代码示例来源:origin: lets-blade/blade
@Override
protected void initChannel(SocketChannel ch) {
ChannelPipeline pipeline = ch.pipeline();
try {
if (sslCtx != null) {
pipeline.addLast(sslCtx.newHandler(ch.alloc()));
}
pipeline.addLast(new HttpServerCodec());
pipeline.addLast(new HttpServerExpectContinueHandler());
if (useGZIP) {
pipeline.addLast(new HttpContentCompressor());
}
if (isWebSocket) {
pipeline.addLast(new WebSocketHandler(blade));
}
pipeline.addLast(new MergeRequestHandler());
pipeline.addLast(httpServerHandler);
} catch (Exception e) {
log.error("Add channel pipeline error", e);
}
}内容来源于网络,如有侵权,请联系作者删除!