处理https网络服务器的非SSL客户端机器人程序

nwwlzxa7  于 2024-01-08  发布在  其他
关注(0)|答案(1)|浏览(265)

我正在使用KTor https服务器为我的Android应用程序,我注意到机器人试图连接到我的服务器失败,因为TLS握手没有发生。这是恼人的,因为我的日志文件充满了这些巨大的转储由netty为WARN标记与SL 4J日志。有没有办法处理这样的客户端,而不会导致错误/警告?我尝试在Ktor中使用请求验证插件,但它不起作用。这是我的logback.xml:

  1. <configuration>
  2. <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
  3. <encoder>
  4. <pattern>%d{dd-MM-YYYY HH:mm:ss.SSS} [%thread] [%-5level] %logger{36} - %msg%n</pattern>
  5. </encoder>
  6. </appender>
  7. <root level="trace">
  8. <appender-ref ref="STDOUT"/>
  9. </root>
  10. <logger name="org.eclipse.jetty" level="WARN"/>
  11. <logger name="io.netty" level="WARN"/>
  12. <logger name="io.ktor" level="WARN"/>
  13. </configuration>

字符串
这是我在/plugins文件夹中Validation.kt中的请求验证函数:

  1. fun Application.configureValidation() {
  2. println("Inside application validation")//this is printed at app startup
  3. install(RequestValidation) {
  4. validate<String> {bodyText ->
  5. if (bodyText.contains("mySite")) {
  6. println("Received request validation text: $bodyText")//this is never printed
  7. ValidationResult.Valid
  8. }
  9. else if (bodyText.contains("myApp")) {
  10. println("Received request validation text: $bodyText")//this is never printed
  11. ValidationResult.Valid
  12. }
  13. else {
  14. println("Received request validation text: $bodyText")//this is never printed
  15. ValidationResult.Invalid("Request Validation failed for bot")
  16. }
  17. }
  18. validate {
  19. filter { body ->
  20. body is Any
  21. }
  22. validation { body ->
  23. println("Received request validation 2 text: $body")//this is never printed
  24. if(body.toString().isNullOrEmpty())
  25. ValidationResult.Invalid("Request Validation failed because its empty")
  26. else
  27. ValidationResult.Valid
  28. }
  29. }
  30. }
  31. println("After application validation")//this is printed at app startup
  32. }


日志文件中不会打印任何接收到的请求验证println。
在我的Application.kt中:

  1. fun Application.module() {
  2. printMyStr("Inside Application")
  3. configureValidation()
  4. printMyStr("After validation")
  5. install(StatusPages) {
  6. exception<RequestValidationException> { call, cause ->
  7. call.respond(HttpStatusCode.BadRequest, cause.reasons.joinToString())
  8. }
  9. }
  10. install(ContentNegotiation) {
  11. json()
  12. }
  13. printMyStr("Before socket")
  14. configureSockets()
  15. printMyStr("Before routing")
  16. configureRouting()
  17. printMyStr("After routing")
  18. }


我的日志文件中的转储消息示例:

  1. 29-09-2023 18:39:13.240 [eventLoopGroupProxy-3-1] [WARN ] i.n.h.s.ApplicationProtocolNegotiationHandler - [id: 0x54c76869, L:0.0.0.0/0.0.0.0:1234 ! R:/34.756.619.638:9375] TLS handshake failed:
  2. io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000
  3. at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1225)
  4. at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1295)
  5. at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
  6. at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
  7. at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
  8. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
  9. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
  10. at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
  11. at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
  12. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
  13. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
  14. at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
  15. at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
  16. at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
  17. at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
  18. at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
  19. at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
  20. at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
  21. at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
  22. at io.ktor.server.netty.EventLoopGroupProxy$Companion.create$lambda$1$lambda$0(NettyApplicationEngine.kt:296)
  23. at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
  24. at java.lang.Thread.run(Thread.java:750)
  25. 30-09-2023 04:06:41.006 [eventLoopGroupProxy-3-1] [WARN ] i.n.h.s.ApplicationProtocolNegotiationHandler - [id: 0xe8b12e42, L:0.0.0.0/0.0.0.0:1234 ! R:/432.690.528.47:9264] TLS handshake failed:
  26. io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 0100000000cd00010000414e592d5343502020202020202020204543484f534355202020202020202020000000000000000000000000000000000000000000000000000000000000000010000015312e322e3834302e31303030382e332e312e312e312000002e0100ff0030000011312e322e3834302e31303030382e312e3140000011312e322e3834302e31303030382e312e325000003a51000004000040005200001b312e322e3237362e302e373233303031302e332e302e332e362e325500000f4f464649535f44434d544b5f333632
  27. at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1225)
  28. at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1295)
  29. at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
  30. at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:468)
  31. at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
  32. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
  33. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
  34. at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
  35. at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
  36. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
  37. at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
  38. at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
  39. at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
  40. at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
  41. at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
  42. at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
  43. at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
  44. at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
  45. at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
  46. at io.ktor.server.netty.EventLoopGroupProxy$Companion.create$lambda$1$lambda$0(NettyApplicationEngine.kt:296)
  47. at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
  48. at java.lang.Thread.run(Thread.java:750)

dojqjjoe

dojqjjoe1#

使用Janino过滤异常是不起作用的,正如Aleksei在上面的评论中所推荐的那样。下面是我的logback.xml:

  1. <configuration>
  2. <evaluator name="NotSslRecordExceptionSuppressor">
  3. <expression>throwable != null &amp;&amp; throwable instanceof io.netty.handler.ssl.NotSslRecordException</expression>
  4. </evaluator>
  5. <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
  6. <encoder>
  7. <pattern>%d{dd-MM-YYYY HH:mm:ss.SSS} [%thread] [%-5level] %logger{36} - %msg %ex{full,InvalidLoginExceptionSuppressor}%n</pattern>
  8. <immediateFlush>false</immediateFlush>
  9. </encoder>
  10. </appender>
  11. <root level="trace">
  12. <appender-ref ref="STDOUT"/>
  13. </root>
  14. <logger name="org.eclipse.jetty" level="WARN"/>
  15. <logger name="io.netty" level="WARN"/>
  16. <logger name="io.ktor" level="WARN"/>
  17. </configuration>

字符串
下面是打印在我的日志文件现在:

  1. 16:21:55,761 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]
  2. 16:21:55,761 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [jar:file:/mypath/abc.jar!/logback.xml]
  3. 16:21:55,848 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@49e202ad - URL [jar:file:/mypath/abc.jar!/logback.xml] is not of type file
  4. 16:21:56,166 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - debug attribute not set
  5. 16:21:56,178 |-INFO in ch.qos.logback.classic.joran.action.EvaluatorAction - Assuming default evaluator class [ch.qos.logback.classic.boolex.JaninoEventEvaluator]
  6. 16:21:56,180 |-INFO in ch.qos.logback.classic.joran.action.EvaluatorAction - Adding evaluator named [NotSslRecordExceptionSuppressor] to the object stack
  7. 16:21:56,373 |-INFO in ch.qos.logback.classic.boolex.JaninoEventEvaluator@1c72da34 - Adding [return] prefix and a semicolon suffix. Expression becomes [return throwable != null && throwable instanceof io.netty.handler.ssl.NotSslRecordException;]
  8. 16:21:56,373 |-INFO in ch.qos.logback.classic.boolex.JaninoEventEvaluator@1c72da34 - See also http://logback.qos.ch/codes.html#block
  9. 16:21:57,300 |-INFO in ch.qos.logback.classic.joran.action.EvaluatorAction - Starting evaluator named [NotSslRecordExceptionSuppressor]
  10. 16:21:57,300 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender]
  11. 16:21:57,338 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - Naming appender as [STDOUT]
  12. 16:21:57,349 |-INFO in ch.qos.logback.core.joran.action.NestedComplexPropertyIA - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property
  13. 16:21:57,360 |-WARN in ch.qos.logback.classic.encoder.PatternLayoutEncoder@6b0c2d26 - As of version 1.2.0 "immediateFlush" property should be set within the enclosing Appender.
  14. 16:21:57,360 |-WARN in ch.qos.logback.classic.encoder.PatternLayoutEncoder@6b0c2d26 - Please move "immediateFlush" property into the enclosing appender.
  15. 16:21:57,649 |-WARN in ch.qos.logback.classic.encoder.PatternLayoutEncoder@6b0c2d26 - Setting the "immediateFlush" property of the enclosing appender to false
  16. 16:21:57,650 |-INFO in ch.qos.logback.classic.joran.action.RootLoggerAction - Setting level of ROOT logger to TRACE
  17. 16:21:57,650 |-INFO in ch.qos.logback.core.joran.action.AppenderRefAction - Attaching appender named [STDOUT] to Logger[ROOT]
  18. 16:21:57,650 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [org.eclipse.jetty] to WARN
  19. 16:21:57,651 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [io.netty] to WARN
  20. 16:21:57,671 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [io.ktor] to WARN
  21. 16:21:57,671 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - End of configuration.
  22. 16:21:57,671 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@3d3fcdb0 - Registering current configuration as safe fallback point


由于这没有工作,并打印follwing仍然:

  1. 24-11-2023 16:22:09.749 [eventLoopGroupProxy-3-1] [WARN ] i.n.h.s.ApplicationProtocolNegotiationHandler - [id: 0x25f5cf98, L:0.0.0.0/0.0.0.0:1234 ! R:/415.589.36.796:9666] TLS handshake failed: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f746570706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3131392e302e302e30205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e370d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a4163636570742d4c616e67756167653a20656e2d55532c656e3b713d302e390d0a0d0a
  2. at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1225)
  3. at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1295)


所以唯一的解决办法似乎是将logger更改为只打印ERROR级别的消息,而不是logback.xml中的WARN级别:

  1. <configuration>
  2. <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
  3. <encoder>
  4. <pattern>%d{dd-MM-YYYY HH:mm:ss.SSS} [%thread] [%-5level] %logger{36} - %msg%n</pattern>
  5. </encoder>
  6. </appender>
  7. <root level="trace">
  8. <appender-ref ref="STDOUT"/>
  9. </root>
  10. <logger name="org.eclipse.jetty" level="WARN"/>
  11. <logger name="io.netty" level="ERROR"/>
  12. <logger name="io.ktor" level="WARN"/>
  13. </configuration>

展开查看全部

相关问题