我需要编写一个服务器和一个使用SSLv3协议和netty的客户端。这是我的服务器代码:
private final SslContext sslCtx = SslContextBuilder.forServer(new File("/path/to/sslkeys/server.crt.pem"),
new File("/path/to/sslkeys/server.key.pem")).protocols("SSLv3").build();
@Override
public void run() {
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.handler(new LoggingHandler(LogLevel.INFO))
.childHandler(new ChannelInitializer<SocketChannel>() {
@Override
protected void initChannel(SocketChannel socketChannel) {
socketChannel.pipeline().addLast(
sslCtx.newHandler(socketChannel.alloc()));
}
})
.childOption(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(BUFFER_SIZE))
.childOption(ChannelOption.AUTO_READ, false)
.bind(LISTEN_PORT).sync().channel().closeFuture().sync();
} catch (InterruptedException e) {
e.printStackTrace();
} finally {
workerGroup.shutdownGracefully();
bossGroup.shutdownGracefully();
}
}
以下是尝试连接服务器的客户端代码:
private final SslContext SSL_CTX =
SslContextBuilder.forClient().trustManager(new File("/home/okv/sslkeys/server.crt.pem"))
.protocols("SSLv3").build();
@Override
public void channelActive(ChannelHandlerContext ctx) {
final Channel inboundChannel = ctx.channel();
// Start the connection attempt.
Bootstrap b = new Bootstrap();
b.group(inboundChannel.eventLoop())
.channel(ctx.channel().getClass())
.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel channel) throws Exception {
channel.pipeline()
.addLast(SSL_CTX.newHandler(channel.alloc(), REMOTE_HOST, REMOTE_PORT),
new Decoder(), new ServerHandler(inboundChannel), new Encoder(BUFFER_SIZE));
}
})
.option(ChannelOption.AUTO_READ, false);
ChannelFuture f = b.connect(REMOTE_HOST, REMOTE_PORT);
outboundChannel = f.channel();
f.addListener((ChannelFutureListener) future -> {
if (future.isSuccess()) {
// connection complete start to read first data
inboundChannel.read();
} else {
// Close the connection if the connection attempt has failed.
inboundChannel.close();
}
});
}
但不幸的是,连接没有建立,错误是:
11:05:55 INFO - [id:0xb5674d2c,L:/127.0.0.1:4444! R:/127.0.0.1:57180] USER_EVENT:SslHandshakeCompletionEvent(java.nio.channels.ClosedChannelException)
11:05:55 INFO - [id:0xb5674d2c,L:/127.0.0.1:4444! R:/127.0.0.1:57180)USER_EVENT: SslCloseCompletionEvent(java.nio.channels.ClosedChannelException)
如果删除协议SSLv3,那么一切正常。什么是我的错误以及如何在netty中使用SSLv3?提前谢谢你的回答