List of usage examples for io.netty.handler.ssl SslProvider JDK
SslProvider JDK
To view the source code for io.netty.handler.ssl SslProvider JDK.
Click Source Link
From source file:jmeter.plugins.http2.sampler.NettyHttp2Client.java
License:Apache License
private SslContext getSslContext() { SslContext sslCtx = null;/*w ww .j av a 2s. c o m*/ final SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; try { sslCtx = SslContextBuilder.forClient().sslProvider(provider) .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .trustManager(InsecureTrustManagerFactory.INSTANCE) .applicationProtocolConfig( new ApplicationProtocolConfig(Protocol.ALPN, SelectorFailureBehavior.NO_ADVERTISE, SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2)) .build(); } catch (SSLException exception) { return null; } return sslCtx; }
From source file:majordodo.network.netty.NettyChannelAcceptor.java
License:Apache License
public void start() throws Exception { boolean useOpenSSL = NetworkUtils.isOpenSslAvailable(); if (ssl) {/*from w w w . j ava2s. co m*/ if (sslCertFile == null) { LOGGER.log(Level.SEVERE, "start SSL with self-signed auto-generated certificate, useOpenSSL:" + useOpenSSL); if (sslCiphers != null) { LOGGER.log(Level.SEVERE, "required sslCiphers " + sslCiphers); } SelfSignedCertificate ssc = new SelfSignedCertificate(); try { sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()) .sslProvider(useOpenSSL ? SslProvider.OPENSSL : SslProvider.JDK).ciphers(sslCiphers) .build(); } finally { ssc.delete(); } } else { LOGGER.log(Level.SEVERE, "start SSL with certificate " + sslCertFile.getAbsolutePath() + " chain file " + sslCertChainFile.getAbsolutePath() + " , useOpenSSL:" + useOpenSSL); if (sslCiphers != null) { LOGGER.log(Level.SEVERE, "required sslCiphers " + sslCiphers); } sslCtx = SslContextBuilder.forServer(sslCertChainFile, sslCertFile, sslCertPassword) .sslProvider(useOpenSSL ? SslProvider.OPENSSL : SslProvider.JDK).ciphers(sslCiphers) .build(); } } if (NetworkUtils.isEnableEpollNative()) { bossGroup = new EpollEventLoopGroup(workerThreads); workerGroup = new EpollEventLoopGroup(workerThreads); LOGGER.log(Level.INFO, "Using netty-native-epoll network type"); } else { bossGroup = new NioEventLoopGroup(workerThreads); workerGroup = new NioEventLoopGroup(workerThreads); } ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel( NetworkUtils.isEnableEpollNative() ? EpollServerSocketChannel.class : NioServerSocketChannel.class) .childHandler(new ChannelInitializer<SocketChannel>() { @Override public void initChannel(SocketChannel ch) throws Exception { NettyChannel session = new NettyChannel("client", ch, callbackExecutor, null); if (acceptor != null) { acceptor.createConnection(session); } // ch.pipeline().addLast(new LoggingHandler()); // Add SSL handler first to encrypt and decrypt everything. if (ssl) { ch.pipeline().addLast(sslCtx.newHandler(ch.alloc())); } ch.pipeline().addLast("lengthprepender", new LengthFieldPrepender(4)); ch.pipeline().addLast("lengthbaseddecoder", new LengthFieldBasedFrameDecoder(Integer.MAX_VALUE, 0, 4, 0, 4)); // ch.pipeline().addLast("messageencoder", new DodoMessageEncoder()); ch.pipeline().addLast("messagedecoder", new DodoMessageDecoder()); ch.pipeline().addLast(new InboundMessageHandler(session)); } }).option(ChannelOption.SO_BACKLOG, 128).childOption(ChannelOption.SO_KEEPALIVE, true); ChannelFuture f = b.bind(host, port).sync(); // (7) this.channel = f.channel(); }
From source file:majordodo.network.netty.NettyConnector.java
License:Apache License
public NettyChannel connect() throws Exception { boolean useOpenSSL = NetworkUtils.isOpenSslAvailable(); if (ssl) {// w w w . j a v a2s .c o m if (sslUnsecure) { this.sslCtx = SslContextBuilder.forClient() .sslProvider(useOpenSSL ? SslProvider.OPENSSL : SslProvider.JDK) .trustManager(InsecureTrustManagerFactory.INSTANCE).build(); } else { this.sslCtx = SslContextBuilder.forClient() .sslProvider(useOpenSSL ? SslProvider.OPENSSL : SslProvider.JDK).build(); } } if (NetworkUtils.isEnableEpollNative()) { group = new EpollEventLoopGroup(); } else { group = new NioEventLoopGroup(); } LOG.log(Level.INFO, "Trying to connect to broker at " + host + ":" + port + " ssl:" + ssl + ", sslUnsecure:" + sslUnsecure + " openSsl:" + useOpenSSL); Bootstrap b = new Bootstrap(); b.group(group) .channel(NetworkUtils.isEnableEpollNative() ? EpollSocketChannel.class : NioSocketChannel.class) .option(ChannelOption.TCP_NODELAY, true).handler(new ChannelInitializer<SocketChannel>() { @Override public void initChannel(SocketChannel ch) throws Exception { channel = new NettyChannel(host + ":" + port, ch, callbackExecutor, NettyConnector.this); channel.setMessagesReceiver(receiver); channel.setRemoteHost(host); if (ssl) { ch.pipeline().addLast(sslCtx.newHandler(ch.alloc(), host, port)); } ch.pipeline().addLast("lengthprepender", new LengthFieldPrepender(4)); ch.pipeline().addLast("lengthbaseddecoder", new LengthFieldBasedFrameDecoder(Integer.MAX_VALUE, 0, 4, 0, 4)); // ch.pipeline().addLast("messageencoder", new DodoMessageEncoder()); ch.pipeline().addLast("messagedecoder", new DodoMessageDecoder()); ch.pipeline().addLast(new InboundMessageHandler(channel)); } }); ChannelFuture f = b.connect(host, port).sync(); socketchannel = f.channel(); return channel; }
From source file:me.jesonlee.jjfsserver.httpserver.HttpStaticFileServer.java
License:Apache License
public static void main(String[] args) throws Exception { port = Integer.parseInt(System.getProperty("httpPort")); if (port < 1000 || port > 65535) { logger.error("port can not less than 1000 or beyond 65535"); System.exit(1);/*from w w w . jav a 2s. c o m*/ } // Configure SSL. final SslContext sslCtx; if (SSL) { SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContext.newServerContext(SslProvider.JDK, ssc.certificate(), ssc.privateKey()); } else { sslCtx = null; } EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)) .childHandler(new HttpStaticFileServerInitializer(sslCtx)); Channel ch = b.bind(port).sync().channel(); System.out.println("http??" + port); logger.info("http??" + port); System.out.println("Open your web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + port + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:me.netty.http.HttpServer.java
License:Apache License
public void start() throws Exception { //?/* w ww.j a va2 s . c o m*/ serverContext.initContext(); // Configure SSL. final SslContext sslCtx; if (SSL) { SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(provider) /* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification. * Please refer to the HTTP/2 specification for cipher requirements. */ .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN, // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers. SelectorFailureBehavior.NO_ADVERTISE, // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers. SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)) .build(); } else { sslCtx = null; } // Configure the http2Orhttp. //CPU??workwork? // ????? int threads = Runtime.getRuntime().availableProcessors() * 2; EventLoopGroup bossGroup = new NioEventLoopGroup(threads); EventLoopGroup workerGroup = new NioEventLoopGroup(threads); try { ServerBootstrap b = new ServerBootstrap(); b.option(ChannelOption.SO_BACKLOG, 1024); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.DEBUG)).childHandler(new Http2ServerInitializer(sslCtx)); Channel ch = b.bind(PORT).sync().channel(); logger.info("Open your HTTP/2-enabled web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync().addListener(new GenericFutureListener<Future<? super Void>>() { public void operationComplete(Future<? super Void> future) throws Exception { logger.info("service has shutdown"); } }); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:net.NettyEngine4.file.HttpStaticFileServer.java
License:Apache License
public static void main(String[] args) throws Exception { PropertyConfigurator.configure(Config.DEFAULT_VALUE.FILE_PATH.LOG4J); // Configure SSL. final SslContext sslCtx; if (SSL) {/*from w ww .java 2s. co m*/ SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContext.newServerContext(SslProvider.JDK, ssc.certificate(), ssc.privateKey()); } else { sslCtx = null; } EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .handler(new LoggingHandler(LogLevel.INFO)) .childHandler(new HttpStaticFileServerInitializer(sslCtx)); Channel ch = b.bind(PORT).sync().channel(); LOGGER.debug("Open your web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:netty.http2.ConcurrentHttp2Client.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {/*from ww w. j ava2 s . co m*/ SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; sslCtx = SslContextBuilder.forClient().sslProvider(provider) /* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification. * Please refer to the HTTP/2 specification for cipher requirements. */ .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .trustManager(InsecureTrustManagerFactory.INSTANCE) .applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN, // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers. SelectorFailureBehavior.NO_ADVERTISE, // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers. SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)) .build(); } else { sslCtx = null; } EventLoopGroup workerGroup = new NioEventLoopGroup(); ConcurrentHttp2ClientInitializer initializer = new ConcurrentHttp2ClientInitializer(); try { // Configure the client. Bootstrap bootstrap = new Bootstrap(); bootstrap.group(workerGroup); bootstrap.channel(NioSocketChannel.class); bootstrap.option(ChannelOption.SO_KEEPALIVE, true); bootstrap.remoteAddress(HOST, PORT); bootstrap.handler(initializer); // Start the client. Channel channel = bootstrap.connect().syncUninterruptibly().channel(); System.out.println("Connected to [" + HOST + ':' + PORT + ']'); HttpScheme scheme = SSL ? HttpScheme.HTTPS : HttpScheme.HTTP; AsciiString hostName = new AsciiString(HOST + ':' + PORT); System.err.println("Sending request(s)..."); if (URL != null) { // Create a simple GET request. for (int i = 0; i < 1; i++) { StreamRequest request = new StreamRequestBuilder(new URI(URL)).setMethod("GET") //.setMethod("POST") .setHeader(HttpHeaderNames.HOST.toString(), hostName.toString()) //.build(EntityStreams.emptyStream()); .build(EntityStreams .newEntityStream(new ByteStringWriter(ByteString.copy(new byte[0 * 1024])))); channel.writeAndFlush(request); System.err.println("Sent request #" + i); } } System.err.println("Finished HTTP/2 request(s)"); long start = System.currentTimeMillis(); // Wait until the connection is closed. channel.closeFuture().sync(); long end = System.currentTimeMillis(); System.err.println("Server Idled for: " + (end - start) + " milliseconds"); } finally { workerGroup.shutdownGracefully(); } }
From source file:netty.mmb.http2.Client.Http2Client.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {/*from w w w. ja v a2 s . com*/ SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; sslCtx = SslContext.newClientContext(provider, null, InsecureTrustManagerFactory.INSTANCE, Http2SecurityUtil.CIPHERS, /* NOTE: the following filter may not include all ciphers required by the HTTP/2 specification * Please refer to the HTTP/2 specification for cipher requirements. */ SupportedCipherSuiteFilter.INSTANCE, new ApplicationProtocolConfig(Protocol.ALPN, SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL, SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL, SelectedProtocol.HTTP_2.protocolName(), SelectedProtocol.HTTP_1_1.protocolName()), 0, 0); } else { sslCtx = null; } EventLoopGroup workerGroup = new NioEventLoopGroup(); Http2ClientInitializer initializer = new Http2ClientInitializer(sslCtx, Integer.MAX_VALUE); try { // Configure the client. Bootstrap b = new Bootstrap(); b.group(workerGroup); b.channel(NioSocketChannel.class); b.option(ChannelOption.SO_KEEPALIVE, true); b.remoteAddress(HOST, PORT); b.handler(initializer); // Start the client. Channel channel = b.connect().syncUninterruptibly().channel(); System.out.println("Connected to [" + HOST + ':' + PORT + ']'); // Wait for the HTTP/2 upgrade to occur. Http2SettingsHandler http2SettingsHandler = initializer.settingsHandler(); http2SettingsHandler.awaitSettings(5, TimeUnit.SECONDS); HttpResponseHandler responseHandler = initializer.responseHandler(); int streamId = 3; URI hostName = URI.create((SSL ? "https" : "http") + "://" + HOST + ':' + PORT); System.err.println("Sending request(s)..."); if (URL != null) { // Create a simple GET request. FullHttpRequest request = new DefaultFullHttpRequest(HTTP_1_1, GET, URL); request.headers().add(HttpHeaderNames.HOST, hostName); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.GZIP); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.DEFLATE); channel.writeAndFlush(request); responseHandler.put(streamId, channel.newPromise()); streamId += 2; } if (URL2 != null) { // Create a simple POST request with a body. FullHttpRequest request = new DefaultFullHttpRequest(HTTP_1_1, POST, URL2, Unpooled.copiedBuffer(URL2DATA.getBytes(CharsetUtil.UTF_8))); request.headers().add(HttpHeaderNames.HOST, hostName); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.GZIP); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.DEFLATE); channel.writeAndFlush(request); responseHandler.put(streamId, channel.newPromise()); streamId += 2; } responseHandler.awaitResponses(5, TimeUnit.SECONDS); System.out.println("Finished HTTP/2 request(s)"); // Wait until the connection is closed. channel.close().syncUninterruptibly(); } finally { workerGroup.shutdownGracefully(); } }
From source file:netty.mmb.http2.Server.Http2Server.java
License:Apache License
public static void main(String[] args) throws Exception { // SSL/*from w w w . ja v a2 s. c om*/ final SslContext sslCtx; if (SSL) { SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; SelfSignedCertificate ssc = new SelfSignedCertificate(); sslCtx = SslContext.newServerContext(provider, ssc.certificate(), ssc.privateKey(), null, Http2SecurityUtil.CIPHERS, /* NOTE: the following filter may not include all ciphers required by the HTTP/2 specification * Please refer to the HTTP/2 specification for cipher requirements. */ SupportedCipherSuiteFilter.INSTANCE, new ApplicationProtocolConfig(Protocol.ALPN, SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL, SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL, SelectedProtocol.HTTP_2.protocolName(), SelectedProtocol.HTTP_1_1.protocolName()), 0, 0); } else { sslCtx = null; } // EventLoopGroup EventLoopGroup bossGroup = new NioEventLoopGroup(1); EventLoopGroup workerGroup = new NioEventLoopGroup(); try { ServerBootstrap b = new ServerBootstrap(); // b.option(ChannelOption.SO_BACKLOG, 1024); b.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) // log .handler(new LoggingHandler(LogLevel.INFO)) // Http2Server .childHandler(new Http2ServerInitializer(sslCtx)); // Channel ch = b.bind(PORT).sync().channel(); System.err.println("Open your HTTP/2-enabled web browser and navigate to " + (SSL ? "https" : "http") + "://127.0.0.1:" + PORT + '/'); ch.closeFuture().sync(); } finally { bossGroup.shutdownGracefully(); workerGroup.shutdownGracefully(); } }
From source file:netty5.http.client.Http2Client.java
License:Apache License
public static void main(String[] args) throws Exception { // Configure SSL. final SslContext sslCtx; if (SSL) {//from www . j a v a 2 s. c om SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK; sslCtx = SslContextBuilder.forClient().sslProvider(provider) /* NOTE: the cipher filter may not include all ciphers required by the HTTP/2 specification. * Please refer to the HTTP/2 specification for cipher requirements. */ .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .trustManager(InsecureTrustManagerFactory.INSTANCE) .applicationProtocolConfig(new ApplicationProtocolConfig(Protocol.ALPN, // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers. SelectorFailureBehavior.NO_ADVERTISE, // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers. SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)) .build(); } else { sslCtx = null; } EventLoopGroup workerGroup = new NioEventLoopGroup(); Http2ClientInitializer initializer = new Http2ClientInitializer(sslCtx, Integer.MAX_VALUE); try { // Configure the client. Bootstrap b = new Bootstrap(); b.group(workerGroup); b.channel(NioSocketChannel.class); b.option(ChannelOption.SO_KEEPALIVE, true); b.remoteAddress(HOST, PORT); b.handler(initializer); // Start the client. Channel channel = b.connect().syncUninterruptibly().channel(); System.out.println("Connected to [" + HOST + ':' + PORT + ']'); // Wait for the HTTP/2 upgrade to occur. Http2SettingsHandler http2SettingsHandler = initializer.settingsHandler(); http2SettingsHandler.awaitSettings(5, TimeUnit.SECONDS); HttpResponseHandler responseHandler = initializer.responseHandler(); int streamId = 3; URI hostName = URI.create((SSL ? "https" : "http") + "://" + HOST + ':' + PORT); System.err.println("Sending request(s)..."); if (URL != null) { // Create a simple GET request. FullHttpRequest request = new DefaultFullHttpRequest(HTTP_1_1, GET, URL); request.headers().addObject(HttpHeaderNames.HOST, hostName); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.GZIP); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.DEFLATE); channel.writeAndFlush(request); responseHandler.put(streamId, channel.newPromise()); streamId += 2; } if (URL2 != null) { // Create a simple POST request with a body. FullHttpRequest request = new DefaultFullHttpRequest(HTTP_1_1, POST, URL2, Unpooled.copiedBuffer(URL2DATA.getBytes(CharsetUtil.UTF_8))); request.headers().addObject(HttpHeaderNames.HOST, hostName); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.GZIP); request.headers().add(HttpHeaderNames.ACCEPT_ENCODING, HttpHeaderValues.DEFLATE); channel.writeAndFlush(request); responseHandler.put(streamId, channel.newPromise()); streamId += 2; } responseHandler.awaitResponses(5, TimeUnit.SECONDS); System.out.println("Finished HTTP/2 request(s)"); // Wait until the connection is closed. channel.close().syncUninterruptibly(); } finally { workerGroup.shutdownGracefully(); } }