do not keep the httpChannelInitializer in the netty client
This commit is contained in:
parent
a270ea2854
commit
7e6a5a5485
2 changed files with 17 additions and 20 deletions
|
@ -24,7 +24,6 @@ import io.netty.handler.timeout.ReadTimeoutHandler;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.UncheckedIOException;
|
import java.io.UncheckedIOException;
|
||||||
import java.net.InetSocketAddress;
|
import java.net.InetSocketAddress;
|
||||||
import java.security.Provider;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -114,6 +113,7 @@ public class Https1ChannelInitializer implements HttpChannelInitializer {
|
||||||
ChannelPipeline pipeline = channel.pipeline();
|
ChannelPipeline pipeline = channel.pipeline();
|
||||||
try {
|
try {
|
||||||
SslHandler sslHandler = createSslHandler(nettyHttpClientConfig, httpAddress);
|
SslHandler sslHandler = createSslHandler(nettyHttpClientConfig, httpAddress);
|
||||||
|
logger.log(Level.FINEST, "new SslHandler created = " + sslHandler);
|
||||||
channel.attr(NettyHttpsClientConfig.ATTRIBUTE_KEY_SSL_HANDLER).set(sslHandler);
|
channel.attr(NettyHttpsClientConfig.ATTRIBUTE_KEY_SSL_HANDLER).set(sslHandler);
|
||||||
pipeline.addLast("client-ssl-handler", sslHandler);
|
pipeline.addLast("client-ssl-handler", sslHandler);
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
|
@ -149,7 +149,7 @@ public class Https1ChannelInitializer implements HttpChannelInitializer {
|
||||||
ClientSecureSocketProvider clientSecureSocketProvider = null;
|
ClientSecureSocketProvider clientSecureSocketProvider = null;
|
||||||
for (ClientSecureSocketProvider provider : ServiceLoader.load(ClientSecureSocketProvider.class)) {
|
for (ClientSecureSocketProvider provider : ServiceLoader.load(ClientSecureSocketProvider.class)) {
|
||||||
if (logger.isLoggable(Level.FINEST)) {
|
if (logger.isLoggable(Level.FINEST)) {
|
||||||
logger.log(Level.FINEST, "trying secure socket provider = " + provider.name());
|
logger.log(Level.FINEST, "trying secure socket provider = " + provider);
|
||||||
}
|
}
|
||||||
if (nettyHttpClientConfig.getSecureSocketProviderName().equals(provider.name())) {
|
if (nettyHttpClientConfig.getSecureSocketProviderName().equals(provider.name())) {
|
||||||
sslContextBuilder.sslProvider(provider.sslProvider(httpAddress))
|
sslContextBuilder.sslProvider(provider.sslProvider(httpAddress))
|
||||||
|
@ -161,8 +161,7 @@ public class Https1ChannelInitializer implements HttpChannelInitializer {
|
||||||
ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1));
|
ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1));
|
||||||
}
|
}
|
||||||
if (provider.securityProvider(httpAddress) != null) {
|
if (provider.securityProvider(httpAddress) != null) {
|
||||||
Provider p = provider.securityProvider(httpAddress);
|
sslContextBuilder.sslContextProvider(provider.securityProvider(httpAddress));
|
||||||
sslContextBuilder.sslContextProvider(p);
|
|
||||||
}
|
}
|
||||||
if (nettyHttpClientConfig.getTrustManagerFactory() != null) {
|
if (nettyHttpClientConfig.getTrustManagerFactory() != null) {
|
||||||
sslContextBuilder.trustManager(nettyHttpClientConfig.getTrustManagerFactory());
|
sslContextBuilder.trustManager(nettyHttpClientConfig.getTrustManagerFactory());
|
||||||
|
@ -178,6 +177,9 @@ public class Https1ChannelInitializer implements HttpChannelInitializer {
|
||||||
params.setEndpointIdentificationAlgorithm("HTTPS");
|
params.setEndpointIdentificationAlgorithm("HTTPS");
|
||||||
List<SNIServerName> sniServerNames = new ArrayList<>();
|
List<SNIServerName> sniServerNames = new ArrayList<>();
|
||||||
sniServerNames.add(new SNIHostName(httpAddress.getHost())); // only single host_name allowed
|
sniServerNames.add(new SNIHostName(httpAddress.getHost())); // only single host_name allowed
|
||||||
|
if (logger.isLoggable(Level.FINEST)) {
|
||||||
|
logger.log(Level.FINEST, "SNI server names = " + sniServerNames);
|
||||||
|
}
|
||||||
params.setServerNames(sniServerNames);
|
params.setServerNames(sniServerNames);
|
||||||
engine.setSSLParameters(params);
|
engine.setSSLParameters(params);
|
||||||
switch (nettyHttpClientConfig.getClientAuthMode()) {
|
switch (nettyHttpClientConfig.getClientAuthMode()) {
|
||||||
|
@ -196,20 +198,21 @@ public class Https1ChannelInitializer implements HttpChannelInitializer {
|
||||||
if (nettyHttpClientConfig.getSecureProtocolName() != null) {
|
if (nettyHttpClientConfig.getSecureProtocolName() != null) {
|
||||||
String[] enabledProtocols = nettyHttpClientConfig.getSecureProtocolName();
|
String[] enabledProtocols = nettyHttpClientConfig.getSecureProtocolName();
|
||||||
engine.setEnabledProtocols(enabledProtocols);
|
engine.setEnabledProtocols(enabledProtocols);
|
||||||
logger.log(Level.FINEST, "TLS: configured protocol = " +
|
if (logger.isLoggable(Level.FINEST)) {
|
||||||
|
logger.log(Level.FINEST, "configured TLS protocols = " +
|
||||||
Arrays.asList(nettyHttpClientConfig.getSecureProtocolName()));
|
Arrays.asList(nettyHttpClientConfig.getSecureProtocolName()));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
sslHandler.setHandshakeTimeoutMillis(nettyHttpClientConfig.getSocketConfig().getSslHandshakeTimeoutMillis());
|
sslHandler.setHandshakeTimeoutMillis(nettyHttpClientConfig.getSocketConfig().getSslHandshakeTimeoutMillis());
|
||||||
if (logger.isLoggable(Level.FINEST)) {
|
if (logger.isLoggable(Level.FINEST)) {
|
||||||
logger.log(Level.FINEST, "TLS: selected secure socket provider = " +
|
logger.log(Level.FINEST, "TLS: selected secure socket provider = " +
|
||||||
(clientSecureSocketProvider != null ? clientSecureSocketProvider.name() : "<none>"));
|
(clientSecureSocketProvider != null ? clientSecureSocketProvider.name() : "<none>") +
|
||||||
logger.log(Level.FINEST, "TLS:" +
|
|
||||||
" enabled protocols = " + Arrays.asList(engine.getEnabledProtocols()) +
|
" enabled protocols = " + Arrays.asList(engine.getEnabledProtocols()) +
|
||||||
" supported protocols = " + Arrays.asList(engine.getSupportedProtocols()) +
|
" supported protocols = " + Arrays.asList(engine.getSupportedProtocols()) +
|
||||||
" application protocol = " + engine.getApplicationProtocol() +
|
" application protocol = " + engine.getApplicationProtocol() +
|
||||||
" handshake application protocol = " + engine.getHandshakeApplicationProtocol());
|
" handshake application protocol = " + engine.getHandshakeApplicationProtocol() +
|
||||||
logger.log(Level.FINEST, "TLS: client need auth = " +
|
" client need auth = " + engine.getNeedClientAuth() +
|
||||||
engine.getNeedClientAuth() + " client want auth = " + engine.getWantClientAuth());
|
" client want auth = " + engine.getWantClientAuth());
|
||||||
}
|
}
|
||||||
return sslHandler;
|
return sslHandler;
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,8 +37,6 @@ public class NettyHttpClient implements HttpClient<HttpRequest, HttpResponse>, C
|
||||||
|
|
||||||
private final AtomicBoolean closed;
|
private final AtomicBoolean closed;
|
||||||
|
|
||||||
private HttpChannelInitializer httpChannelInitializer;
|
|
||||||
|
|
||||||
private Pool pool;
|
private Pool pool;
|
||||||
|
|
||||||
private final List<Interaction> interactions;
|
private final List<Interaction> interactions;
|
||||||
|
@ -50,7 +48,6 @@ public class NettyHttpClient implements HttpClient<HttpRequest, HttpResponse>, C
|
||||||
this.eventLoopGroup = eventLoopGroup;
|
this.eventLoopGroup = eventLoopGroup;
|
||||||
this.bootstrap = bootstrap;
|
this.bootstrap = bootstrap;
|
||||||
this.closed = new AtomicBoolean(false);
|
this.closed = new AtomicBoolean(false);
|
||||||
this.httpChannelInitializer = builder.httpChannelInitializer;
|
|
||||||
createBoundedPool(builder.nettyHttpClientConfig, bootstrap);
|
createBoundedPool(builder.nettyHttpClientConfig, bootstrap);
|
||||||
this.interactions = new CopyOnWriteArrayList<>();
|
this.interactions = new CopyOnWriteArrayList<>();
|
||||||
}
|
}
|
||||||
|
@ -171,8 +168,7 @@ public class NettyHttpClient implements HttpClient<HttpRequest, HttpResponse>, C
|
||||||
if (closed.compareAndSet(false, true)) {
|
if (closed.compareAndSet(false, true)) {
|
||||||
try {
|
try {
|
||||||
for (Interaction interaction : interactions) {
|
for (Interaction interaction : interactions) {
|
||||||
logger.log(Level.FINER, "waiting for unfinshed interaction " + interaction);
|
logger.log(Level.FINER, "waiting for unfinished interaction " + interaction);
|
||||||
//interaction.get();
|
|
||||||
interaction.close();
|
interaction.close();
|
||||||
}
|
}
|
||||||
if (hasPooledNodes()) {
|
if (hasPooledNodes()) {
|
||||||
|
@ -207,18 +203,16 @@ public class NettyHttpClient implements HttpClient<HttpRequest, HttpResponse>, C
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Always create a new channel initializer because the HTTP address is implanted into
|
||||||
|
* a possible SSL handler for DNS subject alternative name resolution.
|
||||||
* The lookup here needs to be thread-safe.
|
* The lookup here needs to be thread-safe.
|
||||||
* @param httpAddress the HTTP address for the channel initializer to look up.
|
* @param httpAddress the HTTP address for the channel initializer to look up.
|
||||||
* @return the channel initializer
|
* @return the channel initializer
|
||||||
*/
|
*/
|
||||||
private HttpChannelInitializer lookupChannelInitializer(HttpAddress httpAddress) {
|
private HttpChannelInitializer lookupChannelInitializer(HttpAddress httpAddress) {
|
||||||
if (httpChannelInitializer != null || httpAddress == null) {
|
|
||||||
return httpChannelInitializer;
|
|
||||||
}
|
|
||||||
synchronized (this) {
|
synchronized (this) {
|
||||||
for (HttpChannelInitializer initializer : ServiceLoader.load(HttpChannelInitializer.class)) {
|
for (HttpChannelInitializer initializer : ServiceLoader.load(HttpChannelInitializer.class)) {
|
||||||
if (initializer.supports(httpAddress)) {
|
if (initializer.supports(httpAddress)) {
|
||||||
httpChannelInitializer = initializer;
|
|
||||||
return initializer;
|
return initializer;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue