Skip to content

Commit 4beb9c8

Browse files
author
Stephane Landelle
committed
Add host and port to SSLEngine, close AsyncHttpClient#527, close AsyncHttpClient#513
1 parent 4f34eee commit 4beb9c8

File tree

3 files changed

+78
-17
lines changed

3 files changed

+78
-17
lines changed

providers/netty/src/main/java/org/asynchttpclient/providers/netty/channel/Channels.java

Lines changed: 17 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -15,11 +15,11 @@
1515
*/
1616
package org.asynchttpclient.providers.netty.channel;
1717

18+
import static org.asynchttpclient.providers.netty.handler.Processor.newHttpProcessor;
19+
import static org.asynchttpclient.providers.netty.handler.Processor.newWsProcessor;
1820
import static org.asynchttpclient.providers.netty.util.HttpUtil.WEBSOCKET;
1921
import static org.asynchttpclient.providers.netty.util.HttpUtil.isSecure;
2022
import static org.asynchttpclient.providers.netty.util.HttpUtil.isWebSocket;
21-
import static org.asynchttpclient.providers.netty.handler.Processor.newHttpProcessor;
22-
import static org.asynchttpclient.providers.netty.handler.Processor.newWsProcessor;
2323

2424
import org.asynchttpclient.AsyncHandler;
2525
import org.asynchttpclient.AsyncHttpClientConfig;
@@ -202,20 +202,26 @@ private Timer newNettyTimer() {
202202
return nettyTimer;
203203
}
204204

205-
private SSLEngine createSSLEngine() throws IOException, GeneralSecurityException {
205+
public SslHandler createSslHandler(String peerHost, int peerPort) throws IOException, GeneralSecurityException {
206206

207+
SSLEngine sslEngine = null;
207208
if (nettyProviderConfig.getSslEngineFactory() != null) {
208-
return nettyProviderConfig.getSslEngineFactory().newSSLEngine();
209+
sslEngine = nettyProviderConfig.getSslEngineFactory().newSSLEngine();
209210

210211
} else {
211212
SSLContext sslContext = config.getSSLContext();
212213
if (sslContext == null)
213214
sslContext = SslUtils.getInstance().getSSLContext(config.isAcceptAnyCertificate());
214215

215-
SSLEngine sslEngine = sslContext.createSSLEngine();
216+
sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
216217
sslEngine.setUseClientMode(true);
217-
return sslEngine;
218218
}
219+
220+
SslHandler sslHandler = new SslHandler(sslEngine);
221+
if (handshakeTimeoutInMillis > 0)
222+
sslHandler.setHandshakeTimeoutMillis(handshakeTimeoutInMillis);
223+
224+
return sslHandler;
219225
}
220226

221227
public void configureProcessor(NettyRequestSender requestSender, AtomicBoolean closed) {
@@ -258,13 +264,8 @@ protected void initChannel(Channel ch) throws Exception {
258264
@Override
259265
protected void initChannel(Channel ch) throws Exception {
260266

261-
SSLEngine sslEngine = createSSLEngine();
262-
SslHandler sslHandler = new SslHandler(sslEngine);
263-
if (handshakeTimeoutInMillis > 0)
264-
sslHandler.setHandshakeTimeoutMillis(handshakeTimeoutInMillis);
265-
266267
ChannelPipeline pipeline = ch.pipeline()//
267-
.addLast(SSL_HANDLER, sslHandler)//
268+
.addLast(SSL_HANDLER, new SslInitializer(Channels.this))
268269
.addLast(HTTP_HANDLER, newHttpClientCodec());
269270

270271
if (config.isCompressionEnabled()) {
@@ -284,7 +285,7 @@ protected void initChannel(Channel ch) throws Exception {
284285
@Override
285286
protected void initChannel(Channel ch) throws Exception {
286287
ch.pipeline()//
287-
.addLast(SSL_HANDLER, new SslHandler(createSSLEngine()))//
288+
.addLast(SSL_HANDLER, new SslInitializer(Channels.this))//
288289
.addLast(HTTP_HANDLER, newHttpClientCodec())//
289290
.addLast(WS_PROCESSOR, wsProcessor);
290291

@@ -330,7 +331,7 @@ public void verifyChannelPipeline(ChannelPipeline pipeline, String scheme) throw
330331
pipeline.remove(SSL_HANDLER);
331332

332333
} else if (isSecure)
333-
pipeline.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine()));
334+
pipeline.addFirst(SSL_HANDLER, new SslInitializer(Channels.this));
334335
}
335336

336337
protected HttpClientCodec newHttpClientCodec() {
@@ -346,15 +347,15 @@ protected HttpClientCodec newHttpClientCodec() {
346347
}
347348
}
348349

349-
public void upgradeProtocol(ChannelPipeline p, String scheme) throws IOException, GeneralSecurityException {
350+
public void upgradeProtocol(ChannelPipeline p, String scheme, String host, int port) throws IOException, GeneralSecurityException {
350351
if (p.get(HTTP_HANDLER) != null) {
351352
p.remove(HTTP_HANDLER);
352353
}
353354

354355
if (isSecure(scheme)) {
355356
if (p.get(SSL_HANDLER) == null) {
356357
p.addFirst(HTTP_HANDLER, newHttpClientCodec());
357-
p.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine()));
358+
p.addFirst(SSL_HANDLER, createSslHandler(host, port));
358359
} else {
359360
p.addAfter(SSL_HANDLER, HTTP_HANDLER, newHttpClientCodec());
360361
}
Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
/*
2+
* Copyright 2014 AsyncHttpClient Project.
3+
*
4+
* Ning licenses this file to you under the Apache License, version 2.0
5+
* (the "License"); you may not use this file except in compliance with the
6+
* License. You may obtain a copy of the License at:
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13+
* License for the specific language governing permissions and limitations
14+
* under the License.
15+
*/
16+
package org.asynchttpclient.providers.netty.channel;
17+
18+
import io.netty.channel.ChannelHandlerContext;
19+
import io.netty.channel.ChannelOutboundHandlerAdapter;
20+
import io.netty.channel.ChannelPromise;
21+
import io.netty.handler.ssl.SslHandler;
22+
23+
import java.net.InetSocketAddress;
24+
import java.net.SocketAddress;
25+
26+
/**
27+
* On connect, replaces itself with a SslHandler that has a SSLEngine configured with the remote host and port.
28+
*
29+
* @author slandelle
30+
*/
31+
public class SslInitializer extends ChannelOutboundHandlerAdapter {
32+
33+
private final Channels channels;
34+
35+
public SslInitializer(Channels channels) {
36+
this.channels = channels;
37+
new Exception().printStackTrace();
38+
}
39+
40+
@Override
41+
public void connect(ChannelHandlerContext ctx, SocketAddress remoteAddress, SocketAddress localAddress, ChannelPromise promise)
42+
throws Exception {
43+
44+
InetSocketAddress remoteInetSocketAddress = (InetSocketAddress) remoteAddress;
45+
String peerHost = remoteInetSocketAddress.getHostName();
46+
int peerPort = remoteInetSocketAddress.getPort();
47+
48+
SslHandler sslHandler = channels.createSslHandler(peerHost, peerPort);
49+
50+
ctx.pipeline().replace(Channels.SSL_HANDLER, Channels.SSL_HANDLER, sslHandler);
51+
52+
ctx.connect(remoteAddress, localAddress, promise);
53+
}
54+
}

providers/netty/src/main/java/org/asynchttpclient/providers/netty/handler/HttpProtocol.java

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -347,7 +347,13 @@ private boolean handleConnectOKAndExit(int statusCode, Realm realm, final Reques
347347

348348
try {
349349
LOGGER.debug("Connecting to proxy {} for scheme {}", proxyServer, request.getUrl());
350-
channels.upgradeProtocol(channel.pipeline(), request.getURI().getScheme());
350+
351+
URI requestURI = request.getURI();
352+
String scheme = requestURI.getScheme();
353+
String host = AsyncHttpProviderUtils.getHost(requestURI);
354+
int port = AsyncHttpProviderUtils.getPort(requestURI);
355+
356+
channels.upgradeProtocol(channel.pipeline(), scheme, host, port);
351357
} catch (Throwable ex) {
352358
channels.abort(future, ex);
353359
}

0 commit comments

Comments
 (0)