/* * Copyright 2012 The Netty Project * * The Netty Project licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the * License for the specific language governing permissions and limitations * under the License. */ package fr.zng.xxzx.netty.wss; import io.netty.channel.ChannelInitializer; import io.netty.channel.ChannelPipeline; import io.netty.channel.socket.SocketChannel; import io.netty.handler.codec.DelimiterBasedFrameDecoder; import io.netty.handler.codec.Delimiters; import io.netty.handler.codec.string.StringDecoder; import io.netty.handler.codec.string.StringEncoder; import io.netty.handler.ssl.SslHandler; import javax.net.ssl.SSLEngine; /** * Creates a newly configured {@link ChannelPipeline} for a new channel. */ public class SecureChatServerInitializer extends ChannelInitializer { private String tlsMode; public SecureChatServerInitializer(String TLS_MODE) { tlsMode = TLS_MODE; } @Override public void initChannel(SocketChannel ch) throws Exception { ChannelPipeline pipeline = ch.pipeline(); // Add SSL handler first to encrypt and decrypt everything. // In this example, we use a bogus certificate in the server side // and accept any invalid certificates in the client side. // You will need something more complicated to identify both // and server in the real world. // // Read SecureChatSslContextFactory // if you need client certificate authentication. SSLEngine engine = null; if (SSLMODE.CA.toString().equals(tlsMode)) { engine = SecureSslContextFactory .getServerContext( tlsMode, System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/client/sChat.jks", null,"pwdtesla2017").createSSLEngine(); } else if (SSLMODE.CSA.toString().equals(tlsMode)) { engine = SecureSslContextFactory .getServerContext( tlsMode, System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks", System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks","pwdtesla2017") .createSSLEngine(); // engine = SecureChatSslContextFactory // .getServerContext( // tlsMode, // System.getProperty("user.dir") // + "/src/com/phei/netty/ssl/conf/client/sChat.jks", // System.getProperty("user.dir") // + "/src/com/phei/netty/ssl/conf/client/sChat.jks") // .createSSLEngine(); } else { System.err.println("ERROR : " + tlsMode); System.exit(-1); } engine.setUseClientMode(false); // Client auth if (SSLMODE.CSA.toString().equals(tlsMode)) engine.setNeedClientAuth(true); pipeline.addLast("ssl", new SslHandler(engine)); // On top of the SSL handler, add the text line codec. pipeline.addLast("framer", new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter())); pipeline.addLast("decoder", new StringDecoder()); pipeline.addLast("encoder", new StringEncoder()); // and then business logic. pipeline.addLast("handler", new SecureChatServerHandler()); } }