3

我有一个 netty 客户端等待等待服务器发送一些东西。这似乎在 3.7 版中运行良好。我试图将它迁移到 4.0,但我不断收到异常:

    javax.net.ssl.SSLException:握手超时
    nioEventLoopGroup-2-1,调用 closeOutbound()
    nioEventLoopGroup-2-1, closeOutboundInternal()
    nioEventLoopGroup-2-1,发送 TLSv1 ALERT:警告,描述 = close_notify
    nioEventLoopGroup-2-1,写入:TLSv1 警报,长度 = 2
    nioEventLoopGroup-2-1,调用 closeInbound()
    nioEventLoopGroup-2-1,致命错误:80:入站在收到对等方的 close_notify 之前关闭:可能的截断攻击?
    javax.net.ssl.SSLException:入站在收到对等方的 close_notify 之前关闭:可能的截断攻击?
    nioEventLoopGroup-2-1,发送 TLSv1 ALERT:致命,描述 = internal_error
    nioEventLoopGroup-2-1,异常发送警报:java.io.IOException:写入端已关闭。

我在 3.7 netty 版本中有这段代码:



    public class CtraderClient {
        private final String host;
        private final int port;
        Channel channel = null;

        public CtraderClient(String host, int port) {
            this.host = host;
            this.port = port;
        }

        public void run() {
            // Configure the client.
            ClientBootstrap bootstrap = new ClientBootstrap(
                    new NioClientSocketChannelFactory(
                            Executors.newCachedThreadPool(),
                            Executors.newCachedThreadPool()));

            bootstrap.setOption("keepAlive", true);

            HashedWheelTimer timer = new HashedWheelTimer();
            // Configure the pipeline factory.
            bootstrap.setPipelineFactory(new SecurePipelineFactory(timer));

            // Start the connection attempt.
            ChannelFuture future = bootstrap.connect(new InetSocketAddress(host,
                    port));

            // Wait until the connection attempt succeeds or fails.
            channel = future.awaitUninterruptibly().getChannel();
            if (!future.isSuccess()) {
                future.getCause().printStackTrace();
                bootstrap.releaseExternalResources();
                return;
            }

        }
    }

    public class SecurePipelineFactory implements ChannelPipelineFactory {

        private final ChannelHandler idleStateHandler;
        private Timer timer;

        public SecurePipelineFactory(Timer timer) {
            this.timer = timer;
            this.idleStateHandler = new IdleStateHandler(timer, 0, 20, 0); // timer must be shared.
        }

        public ChannelPipeline getPipeline() throws Exception {
            ChannelPipeline pipeline = pipeline();

            SSLContext sslcontext = SSLContext.getInstance("SSL");
            sslcontext.init(null, null, null);
            SSLEngine engine = sslcontext.createSSLEngine();

            engine.setUseClientMode(true);
            SslHandler sslHandler = new SslHandler(engine);

            pipeline.addLast("ssl", sslHandler);


            pipeline.addLast(
                    "frameDecoder",
                    new LengthFieldBasedFrameDecoder(
                            1048576, 0, 4, 0, 4));

            pipeline.addLast("protobufDecoder",
                    new ProtobufDecoder(
                            ProtoMessage.getDefaultInstance()));

            pipeline.addLast("frameEncoder",
                    new LengthFieldPrepender(4));

            pipeline.addLast("protobufEncoder",
                    new ProtobufEncoder());

    //      pipeline.addLast("handler", new SecureHandler());

            pipeline.addLast("protoHandler", new ProtoMessageHandler());

            pipeline.addLast("idleStateHandler", idleStateHandler);

            pipeline.addLast("heartHandler", new HeartbeatHandler());

            return pipeline;
        }

我已经改成这个以适应 4.0 版本:





       public class CtraderClient {

        private final String host;
        private final int port;
        Channel channel = null;

        private static final Logger LOGGER = LoggerFactory
                .getLogger(CtraderClient.class);

        public CtraderClient(String host, int port) {
            this.host = host;
            this.port = port;
        }

        public void run() throws InterruptedException {
            // Configure the client.
            EventLoopGroup group = new NioEventLoopGroup();
            Bootstrap b = new Bootstrap();
            b.group(group);
            b.channel(NioSocketChannel.class);
            b.option(ChannelOption.SO_KEEPALIVE, true);
            b.handler(new MyChannelInitializer ());

            // Start the connection attempt.
            ChannelFuture future = b.connect(new InetSocketAddress(host, port))
                    .sync();

            channel = future.awaitUninterruptibly().channel();
            if (!future.isSuccess()) {
                future.cause().printStackTrace();
                //bootstrap.releaseExternalResources();
                return;
            }

        }
        }



        public class MyChannelInitializer extends ChannelInitializer {
        private static final String PROTOCOL = "SSL";

        @Override
           public void initChannel(SocketChannel channel) throws Exception {

                SslHandler sslHandler = createSSLHandler();
                channel.pipeline().addLast("ssl", sslHandler);

                channel.pipeline().addLast(
                        "frameDecoder",
                        new LengthFieldBasedFrameDecoder(
                                1048576, 0, 4, 0, 4));

                channel.pipeline().addLast("protobufDecoder",
                        new ProtobufDecoder(
                                ProtoMessage.getDefaultInstance()));

                channel.pipeline().addLast("frameEncoder",
                        new LengthFieldPrepender(4));

                channel.pipeline().addLast("protobufEncoder",
                        new ProtobufEncoder());

                channel.pipeline().addLast("protoHandler", new ProtoMessageHandler());

                channel.pipeline().addLast("idleStateHandler", new IdleStateHandler(0, 20, 0));

                channel.pipeline().addLast("heartHandler", new HeartbeatHandler());


           }

        private SslHandler createSSLHandler() throws NoSuchAlgorithmException,
                KeyManagementException {

            SSLEngine engine = createSSLEngine();       
            engine.setUseClientMode(true);
            SslHandler sslHandler = new SslHandler(engine);     
            return sslHandler;
        }

        private SSLEngine createSSLEngine() throws NoSuchAlgorithmException,
                KeyManagementException {

            SSLContext sslcontext = SSLContext.getInstance(PROTOCOL);
            sslcontext.init(null, null, null); //SecureTrustManagerFactory.getTrustManagers()  --- I tried it with a dummy
    // x09Trustmanager that returns new X509Certificate[0] in getAcceptedIssuers(), 
    //but I get the same exception
            SSLEngine engine = sslcontext.createSSLEngine();
            return engine;
        }   
    }

有没有人知道我做错了什么?提前谢谢!

4

0 回答 0