2015年12月4日:让 Netty 使用 openssl

原创
2015/12/04 17:46
阅读数 4.6K

2015年12月4日,风轻云淡

参考这篇文档《Forked Tomcat Native》。

两点注意

  1. netty-tcnative 的版本最高只能是 1.1.33.Fork6,否则会有 libnetty-tcnative<random_number>.so 无法加载的问题。这个问题在 Netty 的 Github 上已经有记录。
  2. 参考这篇文章([HOW TO INSTALL AND UPDATE OPENSSL ON CENTOS 6 / CENTOS 7]()手工编译部署 1.0.2 版本的 openssl。

代码参考

pom.xml 参考配置

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 
    <dependencies>
        <dependency>
            <groupId>io.netty</groupId>
            <artifactId>netty-tcnative</artifactId>
            <version>1.1.33.Fork6</version>
            <classifier>${os.detected.classifier}</classifier>
        </dependency>
    </dependencies>
 
    <build>
        <plugins>
        </plugins>
 
        <extensions>
            <extension>
                <groupId>kr.motd.maven</groupId>
                <artifactId>os-maven-plugin</artifactId>
                <version>1.4.1.Final</version>
            </extension>
        </extensions>
    </build>
</project>

Channel 初始化参考

public class ProxyInitializer extends ChannelInitializer<SocketChannel> {
    private static SslContext sslContext;
 
    @Override
    public void initChannel(SocketChannel ch) throws SSLException, CertificateException {
        ChannelPipeline pipeline = ch.pipeline();
 
        if (sslContext != null)
            pipeline.addLast(new SslHandler(sslContext.newEngine(ch.alloc())));
        pipeline.addLast(new HttpServerCodec());
        pipeline.addLast(new HttpObjectAggregator(1024 * 1024 + 2048));
        pipeline.addLast(new Dispatcher());
    }
 
    private void initNetty() throws InterruptedException, SSLException, CertificateException {
        InternalLoggerFactory.setDefaultFactory(new Slf4JLoggerFactory());
 
        LOGGER.info("OpenSsl.isAvailable(): {}", OpenSsl.isAvailable());
 
        if (OpenSsl.isAvailable()) {
            SelfSignedCertificate ssc = new SelfSignedCertificate();
            SslContextBuilder sslContextBuilder = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(SslProvider.OPENSSL);
            sslContext = sslContextBuilder.build();
        }
 
        // Configure the bootstrap.
        EventLoopGroup bossGroup = new NioEventLoopGroup(1);
        EventLoopGroup workerGroup = new NioEventLoopGroup();
        try {
            ServerBootstrap b = new ServerBootstrap();
            b.group(bossGroup, workerGroup)
                    .channel(NioServerSocketChannel.class)
                    .handler(new LoggingHandler(LogLevel.INFO))
                    .childHandler(this)
                    .childOption(ChannelOption.TCP_NODELAY, true)
                    .bind(7000).sync().channel().closeFuture().sync();
        } finally {
            bossGroup.shutdownGracefully();
            workerGroup.shutdownGracefully();
        }
    }
 
    public static void main(String[] args) {
        ProxyInitializer initializer = new ProxyInitializer();
        initializer.initialize();
    }
}
展开阅读全文
加载中
点击引领话题📣 发布并加入讨论🔥
打赏
0 评论
7 收藏
0
分享
返回顶部
顶部