www.zhblog.net

Netty SSL 验证实例

Netty 官方支持 SSL 验证,并自带有实例代码,下面代码示例基本源自官方 demo:


1.服务端

package com.learn.netty.ssl;



import io.netty.bootstrap.ServerBootstrap;

import io.netty.channel.ChannelFuture;

import io.netty.channel.ChannelInitializer;

import io.netty.channel.ChannelOption;

import io.netty.channel.EventLoopGroup;

import io.netty.channel.nio.NioEventLoopGroup;

import io.netty.channel.socket.SocketChannel;

import io.netty.channel.socket.nio.NioServerSocketChannel;

import io.netty.handler.logging.LogLevel;

import io.netty.handler.logging.LoggingHandler;

import io.netty.handler.ssl.SslContext;

import io.netty.handler.ssl.SslContextBuilder;

import io.netty.handler.ssl.util.SelfSignedCertificate;



import java.net.InetSocketAddress;



public class EchoServer {

    public static void main(String[] args) throws Exception {

        SelfSignedCertificate ssc = new SelfSignedCertificate();

        SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();



        EventLoopGroup bossGroup = new NioEventLoopGroup();

        EventLoopGroup workerGroup = new NioEventLoopGroup();



        try {

            ServerBootstrap bootstrap = new ServerBootstrap();

            bootstrap.group(bossGroup, workerGroup)

                    .channel(NioServerSocketChannel.class)

                    .localAddress(new InetSocketAddress(8888))

                    .option(ChannelOption.SO_BACKLOG, 100)

                    .handler(new LoggingHandler(LogLevel.INFO))

                    .childHandler(new ChannelInitializer<SocketChannel>() {

                        @Override

                        protected void initChannel(SocketChannel socketChannel) throws Exception {

                            socketChannel.pipeline()

                                    .addLast(sslCtx.newHandler(socketChannel.alloc()))

                                    .addLast(new ServerHandler());

                        }

                    });

            ChannelFuture future = bootstrap.bind().sync();

            future.channel().closeFuture().sync();

        } finally {

            bossGroup.shutdownGracefully();

            workerGroup.shutdownGracefully();

        }

    }

}


2.服务端 Handler

package com.learn.netty.ssl;



import io.netty.channel.ChannelHandlerContext;

import io.netty.channel.ChannelInboundHandlerAdapter;



public class ServerHandler extends ChannelInboundHandlerAdapter {

    @Override

    public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {

        ctx.write(msg);

    }



    @Override

    public void channelReadComplete(ChannelHandlerContext ctx) throws Exception {

        ctx.flush();

    }



    @Override

    public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {

        cause.printStackTrace();

        ctx.close();

    }

}


3.客户端

package com.learn.netty.ssl;



import io.netty.bootstrap.Bootstrap;

import io.netty.channel.ChannelFuture;

import io.netty.channel.ChannelInitializer;

import io.netty.channel.EventLoopGroup;

import io.netty.channel.nio.NioEventLoopGroup;

import io.netty.channel.socket.SocketChannel;

import io.netty.channel.socket.nio.NioSocketChannel;

import io.netty.handler.ssl.SslContext;

import io.netty.handler.ssl.SslContextBuilder;

import io.netty.handler.ssl.util.InsecureTrustManagerFactory;



public class EchoClient {

    private static final String HOST = "127.0.0.1";

    private static final int PORT = 8888;



    public static void main(String[] args) throws Exception {

        SslContext sslCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).build();



        EventLoopGroup group = new NioEventLoopGroup();

        Bootstrap bootstrap = new Bootstrap();

        try {

            bootstrap.group(group);

            bootstrap.channel(NioSocketChannel.class)

                    .remoteAddress(HOST, PORT)

                    .handler(new ChannelInitializer<SocketChannel>() {

                        @Override

                        protected void initChannel(SocketChannel socketChannel) throws Exception {

                            socketChannel.pipeline()

                                    .addLast(sslCtx.newHandler(socketChannel.alloc(), HOST, PORT))

                                    .addLast(new ClientHandler());

                        }

                    });

            ChannelFuture future = bootstrap.connect().sync();

            future.channel().closeFuture().sync();

        } finally {

            group.shutdownGracefully();

        }

    }

}


4.客户端Handler

package com.learn.netty.ssl;



import io.netty.buffer.ByteBuf;

import io.netty.buffer.Unpooled;

import io.netty.channel.ChannelHandlerContext;

import io.netty.channel.ChannelInboundHandlerAdapter;



import java.nio.charset.Charset;



public class ClientHandler extends ChannelInboundHandlerAdapter {

    private final ByteBuf firstMessage;



    public ClientHandler() {

        firstMessage = Unpooled.buffer(16);

        for (int i = 0; i < firstMessage.capacity(); i++) {

            firstMessage.writeByte(i);

        }

    }



    @Override

    public void channelActive(ChannelHandlerContext ctx) throws Exception {

        ctx.writeAndFlush(firstMessage);

    }



    @Override

    public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {

        ByteBuf buf = (ByteBuf) msg;

        while (buf.isReadable()) {

            System.out.println(buf.readByte());

        }

    }



    @Override

    public void channelReadComplete(ChannelHandlerContext ctx) throws Exception {

        ctx.flush();

    }



    @Override

    public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {

        cause.printStackTrace();

        ctx.close();

    }

}


 

展开阅读全文

评论

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 心情