Netty ClientBootstrap SSL握手终止 - 通道/ ClientBootstrap关闭？

Question

我与我的测试应用程序的连接始终在同一个地方终止，没有任何错误。

我想也许有什么东西是触发渠道/连接关闭，但我不知道它可能是什么。如果我在代码中更改打印输出，其关闭位置会稍微改变，因此时间似乎在不同的线程上。

我一直在为此工作了四天，并列出了自己的官方卡住。

这里是我的连接代码：

final HttpQueryRequestImpl realRequest = (HttpQueryRequestImpl) getPredecessorQueryResolver().resolvePredecessorResults(getPredecessorResults(), getQueryRequest(), getId()); 


    // Configure the client. 
    // TODO determine if this ClientBootstrap object can be reused. Indications in the doucmentation 
    // seem to say yes, with caveats. Reusing the pool would improve performance. Caveats must be investigated. 
    final ClientBootstrap bootstrap = new ClientBootstrap(
      new NioClientSocketChannelFactory(
      Executors.newCachedThreadPool(), 
      Executors.newCachedThreadPool())); 

    // Set up the event pipeline factory. 
    bootstrap.setPipelineFactory(new HttpSnoopClientPipelineFactory()); 

    // TODO audit and timestamp logging 
    if (logger.isInfoEnabled()) { 
     logger.info("Starting connection to !" + realRequest.getUri()); 
    } 
    // Start the connection attempt. 
    // ChannelFuture future = bootstrap.connect(new InetSocketAddress(realRequest.getHost(), realRequest.getPort())); 
    logger.info(realRequest.getHost() + " " + realRequest.getPort()); 
    ChannelFuture future = bootstrap.connect(new InetSocketAddress("myname.organization.com", 8443)); 

    // register some things to happen after the channel completes  
    future.addListener(new ChannelFutureListener() { 

     @Override 
     public void operationComplete(ChannelFuture future) throws Exception { 


      if (!future.isSuccess()) { 
       logger.error("Error connecting to " + realRequest.getHost() + ":" + realRequest.getPort() + " " + realRequest.getUri()); 
       bootstrap.releaseExternalResources(); 

      } else { 

       if (logger.isInfoEnabled()) { 
        logger.info("Connected to " + realRequest.getHost() + ":" + realRequest.getPort() + " " + realRequest.getUri()); 
       } 

       // Send the HTTP request. 
       Channel channel = future.getChannel(); 

       HttpRequest request = new DefaultHttpRequest(
       HttpVersion.HTTP_1_1, HttpMethod.GET, "/factorial"); 
       request.setHeader(HttpHeaders.Names.HOST, "myname.organization.com"); 
       request.setHeader(HttpHeaders.Names.CONNECTION, HttpHeaders.Values.CLOSE); 
       request.setHeader(HttpHeaders.Names.ACCEPT_ENCODING, HttpHeaders.Values.GZIP); 

       ChannelFuture writeFuture = channel.write(request); 

       writeFuture.addListener(new ChannelFutureListener() { 

        @Override 
        public void operationComplete(ChannelFuture future) throws Exception { 

         logger.info("Wrote data complete"); 
         // TODO once bootstrap is reused, get rid of this 
         // Shut down executor threads to exit. 
         // bootstrap.releaseExternalResources(); 
        } 
       }); 

      } 
     } 
    }); 

这是我的输出看起来像启用了SSL调试：

32 [main] INFO nettyliteserver.remotequeries.HttpsQuery - Starting connection to !https://myname.organization.com:8443/factorial 
32 [main] INFO nettyliteserver.remotequeries.HttpsQuery - myname.organization.com 8443 
*** 
found key for : myname.organization.com 
chain [0] = [ 
[ 
    Version: V1 
    Subject: CN=myname.organization.com, OU=myname.organization.com, O=myname.organization.com, L=myname.organization.com, ST=myname.organization.com, C=US 
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 

    Key: Sun RSA public key, 1024 bits 
    modulus: 94642469145065852073118930371145672868332389407646565010478303790446281089121119363888463093443199472593726155607365724815252704927244864250811984977900576391208121343883948799873869280369621492901495505803717080952775289840654752626694613842653754724186814688913115288788127483906065658243886585022651573993 
    public exponent: 65537 
    Validity: [From: Fri Mar 09 13:29:22 EST 2012, 
       To: Sat Mar 09 13:29:22 EST 2013] 
    Issuer: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    SerialNumber: [ 71c8] 

] 
    Algorithm: [SHA1withRSA] 
    Signature: 
0000: C5 55 9C 1D 76 CE 05 87 45 0D C3 15 9C DB 0B 3A .U..v...E......: 
0010: 70 0E 50 0C DB DB B4 62 2F BA A3 30 48 C0 D2 E9 p.P....b/..0H... 
0020: 45 9C 3C C0 4A 84 7B 21 51 78 93 F1 63 4C 61 37 E.<.J..!Qx..cLa7 
0030: 21 97 E8 38 F9 62 C5 EA 02 53 28 4F F8 EC 01 F2 !..8.b...S(O.... 
0040: 08 70 DB 96 D5 1D 9E 0A 89 33 D3 1D C8 79 8B C1 .p.......3...y.. 
0050: 6E 07 C4 98 FA 55 85 80 D4 10 AF A7 E5 A7 94 FA n....U.......... 
0060: 45 CB DA 7C FA 66 C6 FC 69 A4 B2 05 01 C6 DC 8E E....f..i....... 
0070: AC 15 7D A2 FC 25 DF FE 19 80 D4 27 07 EA D6 3F .....%.....'...? 
0080: 5C 73 5F 63 0B 4E 02 FC 49 EA 76 69 FA 82 5B 1B \s_c.N..I.vi..[. 
0090: 3B 45 6B 95 DC 8F C2 E8 A9 6C 10 CD 9B E0 59 D7 ;Ek......l....Y. 
00A0: DC E6 69 2C F9 DB 99 F7 7F E3 76 81 13 CD B3 FE ..i,......v..... 
00B0: 1D AD 32 7D 6F 74 A9 12 4B 06 E2 9F E9 1F EF 8A ..2.ot..K....... 
00C0: 1F CA 1D B8 08 47 00 1D 19 53 87 0A E3 FA B4 B5 .....G...S...... 
00D0: 99 4F B9 97 5D D0 EE 0D DD 09 5F 3C 41 31 D6 18 .O..]....._<A1.. 
00E0: 5C 39 01 8E DA D9 27 85 FE 0F C5 EE 00 A3 27 44 \9....'.......'D 
00F0: C0 A1 42 EA 13 5B 66 3B 64 E3 EA 9B 23 20 0B C6 ..B..[f;d...# .. 
0100: 66 DB AB 79 77 97 3E 4A D0 C7 79 C4 D2 E7 BD 1A f..yw.>J..y..... 
0110: F3 90 39 A2 A4 69 A9 A1 4E A3 0B 92 93 9F 8F 4F ..9..i..N......O 
0120: C3 4F CE E7 20 D6 45 4D 9B E0 B2 58 EC 96 19 99 .O.. .EM...X.... 
0130: E0 F3 BB E4 EF 7E 1D C7 C3 48 8B D0 7D 2D 8C 3A .........H...-.: 
0140: 1A AF 77 3A 83 F4 51 C9 D6 DE BE 24 3B 03 7C A9 ..w:..Q....$;... 
0150: 4B 5C C4 6E 59 AB E2 02 63 73 CE 98 8A D0 45 D5 K\.nY...cs....E. 
0160: 6C FE 23 79 93 69 D5 74 0D AF FE 23 AE BB 3F E4 l.#y.i.t...#..?. 
0170: 9C 05 87 E1 2E 91 51 D6 44 55 7E 66 73 1D BB C2 ......Q.DU.fs... 
0180: F3 E8 4D CA 50 D9 6D 2A AD 84 EF C7 70 4B 15 EA ..M.P.m*....pK.. 
0190: C4 E0 33 3E 44 89 A3 97 8C 32 17 FD B9 DD 22 FB ..3>D....2....". 
01A0: 08 CF 1E 49 78 B7 2F 8E 60 66 58 3D 57 6F 21 72 ...Ix./.`fX=Wo!r 
01B0: D3 87 38 9C DD EB 60 D8 BD 06 A8 04 FD 2D 59 EA ..8...`......-Y. 
01C0: 82 A8 E8 E7 73 81 1E DE FD 51 33 0C F7 47 AE 34 ....s....Q3..G.4 
01D0: 58 57 DD CE FD 12 68 A6 A8 2E 58 4F C7 6A 1E 27 XW....h...XO.j.' 
01E0: 39 EF C7 BE 75 32 96 99 6B 1B E6 23 2A A5 0E 2F 9...u2..k..#*../ 
01F0: 35 0A 0C 0C FA 92 65 1D DC 17 56 57 C4 08 89 48 5.....e...VW...H 

] 
chain [1] = [ 
[ 
    Version: V1 
    Subject: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 

    Key: Sun RSA public key, 4096 bits 
    modulus: 806866056348410276765741718640530245144236832502515305762072630647553277327953919063172921502880537921571234334570551528531888439605163701867371172813984927986527584575335107418628498623377289440387978453125866503947773575289298639780740830349842738718874502642354354786938153803982142709595698253667527748252780647208422256786989310056682111281793756866001585577762899819782647308899956239433307951381179494148030342543127196354965114705680137760255253494869690234155019595101679874833401305309080790668924554791611347641826073186513714032079267845800910995372117962695304732667441462587341743926848435668491205343373472147947564642450777593350053051331533112897445884090255314793988795654376385927964164743689070718825504556057816253883950563232708345137230621100544965407234099088514072120925433729718654307794068734283314839693884400349895261851764957828001331060077733384251643023885026867016629337741393451760864161087662305445338147618921663305526880031574988450298248773113067904762125722376437187045162922144483754266350990810318433387352520742359961188082219224300651116723774686748606066644650420169490565673256120050113505389581136874611045622641221693918773655462724374483166653830081719164259720121105179323613660081321 
    public exponent: 65537 
    Validity: [From: Fri Mar 09 13:29:15 EST 2012, 
       To: Sat Mar 09 13:29:15 EST 2013] 
    Issuer: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    SerialNumber: [ c1e2c18c f327ad81] 

] 
    Algorithm: [SHA1withRSA] 
    Signature: 
0000: 8A EB 65 0E 88 09 BE 9A BA 88 FB CA 9A D4 53 F4 ..e...........S. 
0010: B0 5C 91 67 BD C9 35 67 2D 37 78 2D 5C E6 4B 26 .\.g..5g-7x-\.K& 
0020: E9 8E 20 3D DE 92 9B 29 A7 CB CC 5F 4E E3 CD 1A .. =...)..._N... 
0030: FA 5B EB 0D 42 DC 17 05 4E D6 34 72 43 46 6C 55 .[..B...N.4rCFlU 
0040: 99 FF AC 00 2E BF 28 5D 4A 6A 21 DE 72 9E 6C 7A ......(]Jj!.r.lz 
0050: A6 10 28 27 21 72 0F 69 09 04 D3 FB A7 83 DF 81 ..('!r.i........ 
0060: E2 78 BD 0B 4F D7 AA B4 CC E2 E4 3B A5 30 A3 14 .x..O......;.0.. 
0070: B4 83 75 DC E6 8C 01 9A B2 BA FF 0D 3F AA F1 30 ..u.........?..0 
0080: A0 33 A9 CC 13 08 72 8F E2 75 1D 3B 30 B8 82 3C .3....r..u.;0..< 
0090: 9A A0 A3 68 18 60 C0 1F E4 2E 06 D6 1B B8 46 6F ...h.`........Fo 
00A0: AB D3 C9 AD 89 E6 E7 48 12 0F 90 A5 B8 A2 17 51 .......H.......Q 
00B0: 41 AF 1E 62 6C D2 48 B2 41 C6 CE 1D 4E B1 F7 90 A..bl.H.A...N... 
00C0: 34 26 E0 5D 95 7B BD 93 BA 4C D1 7A 08 A9 1E 57 4&.].....L.z...W 
00D0: 03 EE F2 EC BD 8E 36 43 1D 4F 9E 39 56 A8 E4 B6 ......6C.O.9V... 
00E0: 44 6C D5 D3 8C F0 FE 1F 87 87 67 2D E6 05 7E BA Dl........g-.... 
00F0: 18 FB 6C 0B D8 80 19 08 27 8F 60 09 A6 BA 68 55 ..l.....'.`...hU 
0100: 05 13 A8 9C 04 06 F8 24 A1 52 DB 67 69 2E FE 12 .......$.R.gi... 
0110: A5 23 D1 2E 56 EA 54 08 83 DD 91 43 45 8B F6 97 .#..V.T....CE... 
0120: 01 65 CC 32 4C FA D6 89 81 83 B4 21 92 F4 EC 29 .e.2L......!...) 
0130: 68 87 51 A0 FC B7 7D BD 90 F8 A1 F8 68 82 CF 03 h.Q.........h... 
0140: 4E 9C C2 FA AF 4A D3 AD 0B AB AB 73 4B B4 95 B0 N....J.....sK... 
0150: EC 64 6B 8E 2B D4 E1 41 96 19 EC E9 6B 92 51 8A .dk.+..A....k.Q. 
0160: D8 C1 87 FC DB B4 12 BD 14 AB 5C 07 73 AA DE CE ..........\.s... 
0170: E5 05 8F E9 CC 9F C4 2A B6 0F 5D 40 8E 7A 82 7E .......*..]@.z.. 
0180: CD 28 88 8F 01 3E 6C EF E7 01 58 2E C9 3F 0E 44 .(...>l...X..?.D 
0190: 4D 1A 2B BB 0D 51 76 38 26 D4 89 5C 9B AB 63 FA M.+..Qv8&..\..c. 
01A0: 4B 63 7C DC 0E 05 01 BB E4 97 73 03 4F 83 71 1E Kc........s.O.q. 
01B0: B6 CB A6 62 F9 21 1B F2 24 D3 85 1D E6 31 87 E4 ...b.!..$....1.. 
01C0: D6 74 09 70 C3 D0 4C 35 7E F1 49 5A 60 B7 02 72 .t.p..L5..IZ`..r 
01D0: 04 C9 83 AD 5E 63 1F 7B 97 4C 35 7F 15 88 D5 5D ....^c...L5....] 
01E0: DA 3B F6 80 9B 07 E5 86 4B 67 F6 B2 66 DE 81 6C .;......Kg..f..l 
01F0: FF B6 99 D1 06 EF 3A 27 68 8D F2 EE 72 C4 48 64 ......:'h...r.Hd 

] 
*** 
adding as trusted cert: 
    Subject: CN=myname.organization.com, OU=myname.organization.com, O=myname.organization.com, L=myname.organization.com, ST=myname.organization.com, C=US 
    Issuer: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    Algorithm: RSA; Serial number: 0x71c8 
    Valid from Fri Mar 09 13:29:22 EST 2012 until Sat Mar 09 13:29:22 EST 2013 

adding as trusted cert: 
    Subject: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    Issuer: C=US, CN=myname.organization.com, ST=myname.organization.com, L=myname.organization.com, EMAILADDRESS=myname.organization.com, OU=myname.organization.com, O=myname.organization.com 
    Algorithm: RSA; Serial number: 0xc1e2c18cf327ad81 
    Valid from Fri Mar 09 13:29:15 EST 2012 until Sat Mar 09 13:29:15 EST 2013 

trigger seeding of SecureRandom 
done seeding SecureRandom 
trigger seeding of SecureRandom 
done seeding SecureRandom 
Using SSLEngineImpl. 

985 [main] INFO nettyliteserver.ssl.FlexibleErrorSslHandler - handleDownstream 

这就是它终止。我已经改变了打印输出，所以有时我还得到一行，从logger.info打印输出（“连接到”+ realRequest.getHost（）+“：”+ realRequest.getPort（）+“”+ realRequest.getUri（））;但我真的不知道是什么导致它关闭。

我试着覆盖netty SSLHandler，并在所有的公共操作中添加了打印输出，但close（），channelConnected（），channelDisconnected（）等方法永远不会被调用。握手（）也不是。

我管线设置做握手：

public class HttpSnoopClientPipelineFactory implements ChannelPipelineFactory { 

    public ChannelPipeline getPipeline() throws Exception { 
     // Create a default pipeline implementation. 
     ChannelPipeline pipeline = pipeline(); 

     // Enable HTTPS 

     SSLEngine engine = 
      SecureChatSslContextFactory.getClientContext().createSSLEngine(); 
     engine.setUseClientMode(true); 

     System.out.println("HERE!!!!!!!!!!!!"); 

     pipeline.addLast("ssl", new SslHandler(engine)); 


     pipeline.addLast("codec", new HttpClientCodec()); 

     // Remove the following line if you don't want automatic content decompression. 
     pipeline.addLast("inflater", new HttpContentDecompressor()); 

     // Uncomment the following line if you don't want to handle HttpChunks. 
     //pipeline.addLast("aggregator", new HttpChunkAggregator(1048576)); 

     pipeline.addLast("handler", new HttpSnoopClientHandler()); 
     return pipeline; 
    } 
} 

我定制SSLHandler真的是一样的图书馆SslHandler，我只是推翻委托给超级版之前添加打印输出的方法。

它看起来像被调用它的唯一的事情就是handleDownstream（）

Answer 1

您需要连接成功后调用SslHandler.handshake（）自己。

喜欢的东西：

future.getChannel().getPipeline(SslHandler.class).handshake(); 

这需要得到你的ChannelFuture即得到由您添加到的ChannelPipeline

Answer 2

Netty的文档状态的连接方法或SimpleChannelUpstreamHandler实现返回做到：

握手

如果isIssueHandshake（）为false（默认值），您将需要照顾自己调用握手（）的 。在大多数情况下，SslHandler是 用于'客户端模式'，您想要在建立连接 后发出握手。如果setIssueHandshake（布尔值）设置为 ，那么您不需要担心这一点，因为SslHandler会花费 照顾它。

看到javadoc

所以，你应该在SslHandler estamblishing连接之前设置isIssueHandshake：为应对

SslHandler sslHandler = new SslHandler(engine); 
setIssueHandshake(boolean); 
pipeline.addLast("ssl", sslHandler);