List of usage examples for io.netty.handler.ssl SslHandler SslHandler
public SslHandler(SSLEngine engine)
From source file:com.ning.http.client.providers.netty_4.NettyAsyncHttpProvider.java
License:Apache License
private Channel verifyChannelPipeline(Channel channel, String scheme) throws IOException, GeneralSecurityException { if (channel.pipeline().get(SSL_HANDLER) != null && HTTP.equalsIgnoreCase(scheme)) { channel.pipeline().remove(SSL_HANDLER); } else if (channel.pipeline().get(HTTP_HANDLER) != null && HTTP.equalsIgnoreCase(scheme)) { return channel; } else if (channel.pipeline().get(SSL_HANDLER) == null && isSecure(scheme)) { channel.pipeline().addFirst(SSL_HANDLER, new SslHandler(createSSLEngine())); }/*from w ww .ja va 2 s . c om*/ return channel; }
From source file:com.ning.http.client.providers.netty_4.NettyAsyncHttpProvider.java
License:Apache License
private void upgradeProtocol(ChannelPipeline p, String scheme) throws IOException, GeneralSecurityException { if (p.get(HTTP_HANDLER) != null) { p.remove(HTTP_HANDLER);/*w w w . j a v a2 s. com*/ } if (isSecure(scheme)) { if (p.get(SSL_HANDLER) == null) { p.addFirst(HTTP_HANDLER, newHttpClientCodec()); p.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine())); } else { p.addAfter(SSL_HANDLER, HTTP_HANDLER, newHttpClientCodec()); } } else { p.addFirst(HTTP_HANDLER, newHttpClientCodec()); } }
From source file:com.relayrides.pushy.apns.ApnsConnection.java
License:Open Source License
/** * Asynchronously connects to the APNs gateway in this connection's environment. The outcome of the connection * attempt is reported via this connection's listener. * * @see ApnsConnectionListener#handleConnectionSuccess(ApnsConnection) * @see ApnsConnectionListener#handleConnectionFailure(ApnsConnection, Throwable) *///from ww w . ja va 2 s. c om @SuppressWarnings("deprecation") public synchronized void connect() { final ApnsConnection<T> apnsConnection = this; if (this.connectFuture != null) { throw new IllegalStateException(String.format("%s already started a connection attempt.", this.name)); } final Bootstrap bootstrap = new Bootstrap(); bootstrap.group(this.eventLoopGroup); bootstrap.channel(NioSocketChannel.class); bootstrap.option(ChannelOption.SO_KEEPALIVE, true); bootstrap.option(ChannelOption.ALLOCATOR, PooledByteBufAllocator.DEFAULT); // TODO Remove this when Netty 5 is available bootstrap.option(ChannelOption.AUTO_CLOSE, false); bootstrap.handler(new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(final SocketChannel channel) { final ChannelPipeline pipeline = channel.pipeline(); final SSLEngine sslEngine = apnsConnection.sslContext.createSSLEngine(); sslEngine.setUseClientMode(true); pipeline.addLast("ssl", new SslHandler(sslEngine)); pipeline.addLast("decoder", new RejectedNotificationDecoder()); pipeline.addLast("encoder", new ApnsPushNotificationEncoder()); pipeline.addLast("handler", new ApnsConnectionHandler(apnsConnection)); } }); log.debug("{} beginning connection process.", apnsConnection.name); this.connectFuture = bootstrap.connect(this.environment.getApnsGatewayHost(), this.environment.getApnsGatewayPort()); this.connectFuture.addListener(new GenericFutureListener<ChannelFuture>() { public void operationComplete(final ChannelFuture connectFuture) { if (connectFuture.isSuccess()) { log.debug("{} connected; waiting for TLS handshake.", apnsConnection.name); final SslHandler sslHandler = connectFuture.channel().pipeline().get(SslHandler.class); try { sslHandler.handshakeFuture().addListener(new GenericFutureListener<Future<Channel>>() { public void operationComplete(final Future<Channel> handshakeFuture) { if (handshakeFuture.isSuccess()) { log.debug("{} successfully completed TLS handshake.", apnsConnection.name); apnsConnection.handshakeCompleted = true; apnsConnection.listener.handleConnectionSuccess(apnsConnection); } else { log.debug("{} failed to complete TLS handshake with APNs gateway.", apnsConnection.name, handshakeFuture.cause()); connectFuture.channel().close(); apnsConnection.listener.handleConnectionFailure(apnsConnection, handshakeFuture.cause()); } } }); } catch (NullPointerException e) { log.warn("{} failed to get SSL handler and could not wait for a TLS handshake.", apnsConnection.name); connectFuture.channel().close(); apnsConnection.listener.handleConnectionFailure(apnsConnection, e); } } else { log.debug("{} failed to connect to APNs gateway.", apnsConnection.name, connectFuture.cause()); apnsConnection.listener.handleConnectionFailure(apnsConnection, connectFuture.cause()); } } }); }
From source file:com.relayrides.pushy.apns.FeedbackServiceClient.java
License:Open Source License
/** * <p>Retrieves a list of expired tokens from the APNs feedback service. Be warned that this is a * <strong>destructive operation</strong>. According to Apple's documentation:</p> * * <blockquote>The feedback service's list is cleared after you read it. Each time you connect to the feedback * service, the information it returns lists only the failures that have happened since you last * connected.</blockquote>// ww w. j a v a 2s . c om * * @param timeout the time after the last received data after which the connection to the feedback service should * be closed * @param timeoutUnit the unit of time in which the given {@code timeout} is measured * * @return a list of tokens that have expired since the last connection to the feedback service * * @throws InterruptedException if interrupted while waiting for a response from the feedback service * @throws FeedbackConnectionException if the connection to the feedback service failed for any reason */ public synchronized List<ExpiredToken> getExpiredTokens(final long timeout, final TimeUnit timeoutUnit) throws InterruptedException, FeedbackConnectionException { this.expiredTokens.clear(); final Bootstrap bootstrap = new Bootstrap(); bootstrap.group(this.eventLoopGroup); bootstrap.channel(NioSocketChannel.class); final FeedbackServiceClient feedbackClient = this; bootstrap.handler(new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(final SocketChannel channel) throws Exception { final ChannelPipeline pipeline = channel.pipeline(); final SSLEngine sslEngine = feedbackClient.sslContext.createSSLEngine(); sslEngine.setUseClientMode(true); pipeline.addLast("ssl", new SslHandler(sslEngine)); pipeline.addLast("readTimeoutHandler", new ReadTimeoutHandler(timeout, timeoutUnit)); pipeline.addLast("decoder", new ExpiredTokenDecoder()); pipeline.addLast("handler", new FeedbackClientHandler(feedbackClient)); } }); final ChannelFuture connectFuture = bootstrap .connect(this.environment.getFeedbackHost(), this.environment.getFeedbackPort()).await(); if (connectFuture.isSuccess()) { log.debug("Connected to feedback service."); final SslHandler sslHandler = connectFuture.channel().pipeline().get(SslHandler.class); if (sslHandler != null) { final Future<Channel> handshakeFuture = sslHandler.handshakeFuture().await(); if (handshakeFuture.isSuccess()) { log.debug("Completed TLS handshake with feedback service."); // The feedback service will send us a list of device tokens as soon as we complete the SSL // handshake, then hang up. While we're waiting to sync with the connection closure, we'll be // receiving messages from the feedback service from another thread. connectFuture.channel().closeFuture().await(); } else { log.debug("Failed to complete TLS handshake with feedback service.", handshakeFuture.cause()); connectFuture.channel().close().await(); throw new FeedbackConnectionException(handshakeFuture.cause()); } } else { log.warn("Feedback client failed to get SSL handler and could not wait for TLS handshake."); connectFuture.channel().close().await(); throw new FeedbackConnectionException(null); } } else { log.debug("Failed to connect to feedback service.", connectFuture.cause()); throw new FeedbackConnectionException(connectFuture.cause()); } return new ArrayList<ExpiredToken>(this.expiredTokens); }
From source file:com.relayrides.pushy.apns.FeedbackServiceConnection.java
License:Open Source License
/** * <p>Connects to the APNs feedback service and waits for expired tokens to arrive. Be warned that this is a * <strong>destructive operation</strong>. According to Apple's documentation:</p> * * <blockquote>The feedback service's list is cleared after you read it. Each time you connect to the feedback * service, the information it returns lists only the failures that have happened since you last * connected.</blockquote>/*from w w w .jav a 2 s. c om*/ */ public synchronized void connect() { if (this.connectFuture != null) { throw new IllegalStateException(String.format("%s already started a connection attempt.", this.name)); } final Bootstrap bootstrap = new Bootstrap(); bootstrap.group(this.eventLoopGroup); bootstrap.channel(NioSocketChannel.class); final FeedbackServiceConnection feedbackConnection = this; bootstrap.handler(new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(final SocketChannel channel) throws Exception { final ChannelPipeline pipeline = channel.pipeline(); final SSLEngine sslEngine = feedbackConnection.sslContext.createSSLEngine(); sslEngine.setUseClientMode(true); pipeline.addLast("ssl", new SslHandler(sslEngine)); pipeline.addLast("readTimeoutHandler", new ReadTimeoutHandler(feedbackConnection.configuration.getReadTimeout())); pipeline.addLast("decoder", new ExpiredTokenDecoder()); pipeline.addLast("handler", new FeedbackClientHandler(feedbackConnection)); } }); this.connectFuture = bootstrap.connect(this.environment.getFeedbackHost(), this.environment.getFeedbackPort()); this.connectFuture.addListener(new GenericFutureListener<ChannelFuture>() { @Override public void operationComplete(final ChannelFuture connectFuture) { if (connectFuture.isSuccess()) { log.debug("{} connected; waiting for TLS handshake.", feedbackConnection.name); final SslHandler sslHandler = connectFuture.channel().pipeline().get(SslHandler.class); try { sslHandler.handshakeFuture().addListener(new GenericFutureListener<Future<Channel>>() { @Override public void operationComplete(final Future<Channel> handshakeFuture) { if (handshakeFuture.isSuccess()) { log.debug("{} successfully completed TLS handshake.", feedbackConnection.name); if (feedbackConnection.listener != null) { feedbackConnection.listener.handleConnectionSuccess(feedbackConnection); } } else { log.debug("{} failed to complete TLS handshake with APNs feedback service.", feedbackConnection.name, handshakeFuture.cause()); connectFuture.channel().close(); if (feedbackConnection.listener != null) { feedbackConnection.listener.handleConnectionFailure(feedbackConnection, handshakeFuture.cause()); } } } }); } catch (NullPointerException e) { log.warn("{} failed to get SSL handler and could not wait for a TLS handshake.", feedbackConnection.name); connectFuture.channel().close(); if (feedbackConnection.listener != null) { feedbackConnection.listener.handleConnectionFailure(feedbackConnection, e); } } } else { log.debug("{} failed to connect to APNs feedback service.", feedbackConnection.name, connectFuture.cause()); if (feedbackConnection.listener != null) { feedbackConnection.listener.handleConnectionFailure(feedbackConnection, connectFuture.cause()); } } } }); }
From source file:com.relayrides.pushy.apns.MockApnsServer.java
License:Open Source License
public synchronized void start() throws InterruptedException { final ServerBootstrap bootstrap = new ServerBootstrap(); bootstrap.group(this.eventLoopGroup); bootstrap.channel(NioServerSocketChannel.class); bootstrap.childOption(ChannelOption.SO_KEEPALIVE, true); final MockApnsServer server = this; bootstrap.childHandler(new ChannelInitializer<SocketChannel>() { @Override//from w ww . j av a2s . c o m protected void initChannel(final SocketChannel channel) throws Exception { channel.pipeline().addLast("ssl", new SslHandler(SSLTestUtil.createSSLEngineForMockServer())); channel.pipeline().addLast("encoder", new ApnsErrorEncoder()); channel.pipeline().addLast("decoder", new ApnsPushNotificationDecoder()); channel.pipeline().addLast("handler", new MockApnsServerHandler(server)); } }); this.channel = bootstrap.bind(this.port).await().channel(); }
From source file:com.relayrides.pushy.apns.MockFeedbackServer.java
License:Open Source License
public synchronized void start() throws InterruptedException { final ServerBootstrap bootstrap = new ServerBootstrap(); bootstrap.group(this.eventLoopGroup); bootstrap.channel(NioServerSocketChannel.class); final MockFeedbackServer server = this; bootstrap.childHandler(new ChannelInitializer<SocketChannel>() { @Override/*from w w w .ja v a 2 s . co m*/ protected void initChannel(final SocketChannel channel) throws Exception { channel.pipeline().addLast("ssl", new SslHandler(SSLTestUtil.createSSLEngineForMockServer())); channel.pipeline().addLast("encoder", new ExpiredTokenEncoder()); channel.pipeline().addLast("handler", new MockFeedbackServerHandler(server)); } }); this.channel = bootstrap.bind(this.port).await().channel(); }
From source file:com.relayrides.pushy.apns.SslHandlerUtil.java
License:Open Source License
protected static SslHandler createSslHandler(final KeyStore keyStore, final char[] keyStorePassword) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException { String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); if (algorithm == null) { algorithm = DEFAULT_ALGORITHM;//from ww w. j av a 2s. c o m } final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(algorithm); trustManagerFactory.init((KeyStore) null); final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); keyManagerFactory.init(keyStore, keyStorePassword); final SSLContext sslContext = SSLContext.getInstance(PROTOCOL); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); final SSLEngine sslEngine = sslContext.createSSLEngine(); sslEngine.setUseClientMode(true); return new SslHandler(sslEngine); }
From source file:com.seagate.kinetic.client.io.provider.nio.http.HttpChannelInitializer.java
License:Open Source License
@Override protected void initChannel(SocketChannel ch) throws Exception { boolean ssl = Boolean.getBoolean("kinetic.io.https"); ChannelPipeline p = ch.pipeline();/* w ww .j av a 2s . com*/ // Enable HTTPS if necessary. if (ssl) { SSLEngine engine = SslContextFactory.getClientContext().createSSLEngine(); engine.setUseClientMode(true); p.addLast("ssl", new SslHandler(engine)); } p.addLast("codec", new HttpClientCodec(1024, 4 * 1024, 4 * 1024 * 1024)); p.addLast("aggregator", new HttpObjectAggregator(4 * 1024 * 1024)); p.addLast("handler", new HttpMessageServiceHandler(mservice)); logger.info("http/s channel initialized, use ssl handler=" + ssl); }
From source file:com.seagate.kinetic.client.io.provider.nio.ssl.SslChannelInitializer.java
License:Open Source License
@Override protected void initChannel(SocketChannel ch) throws Exception { if (mservice.getConfiguration().getConnectTimeoutMillis() > 0) { ch.config().setConnectTimeoutMillis(mservice.getConfiguration().getConnectTimeoutMillis()); }/*from w w w . j a v a 2 s .c o m*/ ChannelPipeline pipeline = ch.pipeline(); SSLEngine engine = SslContextFactory.getClientContext().createSSLEngine(); engine.setUseClientMode(true); /** * enable TLS V1.x protocols. */ TlsUtil.enableSupportedProtocols(engine); // add ssl handler pipeline.addLast("ssl", new SslHandler(engine)); // decoder pipeline.addLast("decoder", new KineticDecoder()); // encoder pipeline.addLast("encoder", new KineticEncoder()); pipeline.addLast("handler", new SslMessageServiceHandler(mservice)); logger.info("ssl channel initialized ... "); }