Merge pull request #2 from UncleCatMySelf/master

sychronized recently
AwakenCN · Jan 9, 2019 · 9456f37 · 9456f37
2 parents b58b89e + 1d2b5d2
commit 9456f37
Show file tree

Hide file tree

Showing 17 changed files with 848 additions and 10 deletions.
diff --git a/Front-End-Testing/chat90.html b/Front-End-Testing/chat90.html
@@ -54,7 +54,7 @@
         window.WebSocket = window.MozWebSocket;
     }
     if (window.WebSocket) {
-        socket = new WebSocket("ws://192.168.1.121:8090/ws");
+        socket = new WebSocket("wss://192.168.1.121:8090/ws");
         socket.onmessage = function(event) {
             var ta = document.getElementById('responseText');
             ta.value = ta.value + '\n' + event.data

diff --git a/README.md b/README.md
@@ -19,6 +19,8 @@
 
 **欢迎参与QQ群交流与提供建议、业务场景、需求功能等**
 
+**[代码贡献指南](http://www.imooc.com/article/272573)**
+
 ## Maven版本
 
 功能列表：

diff --git a/doc/Project-Log-cn.md b/doc/Project-Log-cn.md
@@ -27,5 +27,5 @@
 * 【2018-01-04】 修复文档，确定版本，新增Redis对接
 * 【2018-01-05】 初步转分布式、处理netty集群（未完成）
 * 【2018-01-07】 完成netty集群，多用户跨服务器的消息通讯(HTTP版本)
-* 【2018-01-08】 设定下一版本目标
+* 【2018-01-08】 设定下一版本目标，完成ssl加密，构建代码贡献文档
 
diff --git a/pom.xml b/pom.xml
@@ -54,10 +54,10 @@
 		<java.version>1.8</java.version>
 		<redis.clients.version>3.0.1</redis.clients.version>
 		<slf4j.version>1.7.25</slf4j.version>
-		<fastjson.version>1.2.53</fastjson.version>
+		<fastjson.version>1.2.54</fastjson.version>
 		<gson.version>2.8.5</gson.version>
 		<netty.version>4.1.32.Final</netty.version>
-		<commons.lang3.version>3.0.1</commons.lang3.version>
+		<commons.lang3.version>3.8.1</commons.lang3.version>
 	</properties>
 
 	<dependencies>

diff --git a/src/main/java/com/github/unclecatmyself/bootstrap/AbstractBootstrapServer.java b/src/main/java/com/github/unclecatmyself/bootstrap/AbstractBootstrapServer.java
@@ -6,26 +6,58 @@
 import com.github.unclecatmyself.bootstrap.handler.DefaultHandler;
 import com.github.unclecatmyself.common.bean.InitNetty;
 import com.github.unclecatmyself.common.constant.BootstrapConstant;
+import com.github.unclecatmyself.common.constant.NotInChatConstant;
+import com.github.unclecatmyself.common.ssl.SecureSocketSslContextFactory;
+import com.github.unclecatmyself.common.utils.SslUtil;
 import com.github.unclecatmyself.task.DataAsynchronousTask;
 import io.netty.channel.ChannelPipeline;
 import io.netty.handler.codec.http.HttpObjectAggregator;
 import io.netty.handler.codec.http.HttpRequestDecoder;
 import io.netty.handler.codec.http.HttpResponseEncoder;
 import io.netty.handler.codec.http.HttpServerCodec;
 import io.netty.handler.codec.http.websocketx.WebSocketServerProtocolHandler;
+import io.netty.handler.ssl.SslHandler;
 import io.netty.handler.stream.ChunkedWriteHandler;
 import io.netty.handler.timeout.IdleStateHandler;
+import io.netty.util.internal.SystemPropertyUtil;
+import org.apache.commons.lang3.ObjectUtils;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import java.security.KeyStore;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
 
 /**
  * Create by UncleCatMySelf in 2018/12/06
  **/
 public abstract class AbstractBootstrapServer implements BootstrapServer {
 
+    private   String PROTOCOL = "TLS";
+
+    private   SSLContext SERVER_CONTEXT;
+
     /**
      * @param channelPipeline  channelPipeline
      * @param serverBean  服务配置参数
      */
     protected  void initHandler(ChannelPipeline channelPipeline, InitNetty serverBean){
+        if (serverBean.isSsl()){
+            if (!ObjectUtils.allNotNull(serverBean.getJksCertificatePassword(),serverBean.getJksFile(),serverBean.getJksStorePassword())){
+                throw new NullPointerException(NotInChatConstant.SSL_NOT_FIND);
+            }
+            try {
+                SSLContext context = SslUtil.createSSLContext("JKS",serverBean.getJksFile(),serverBean.getJksStorePassword());
+                SSLEngine engine = context.createSSLEngine();
+                engine.setUseClientMode(false);
+                engine.setNeedClientAuth(false);
+                channelPipeline.addLast(BootstrapConstant.SSL,new SslHandler(engine));
+                System.out.println("open ssl  success");
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+        }
         intProtocolHandler(channelPipeline,serverBean);
         channelPipeline.addLast(new IdleStateHandler(serverBean.getHeart(),0,0));
         channelPipeline.addLast(new DefaultHandler(new HandlerServiceImpl(new DataAsynchronousTask(ConfigFactory.inChatToDataBaseService),ConfigFactory.inChatVerifyService)));
@@ -40,4 +72,28 @@ private  void intProtocolHandler(ChannelPipeline channelPipeline,InitNetty serve
         channelPipeline.addLast(BootstrapConstant.WEBSOCKETHANDLER,new WebSocketServerProtocolHandler(serverBean.getWebSocketPath()));
     }
 
+    private void initSsl(InitNetty serverBean){
+        ExecutorService executorService = Executors.newCachedThreadPool();
+        executorService.submit(() -> {});
+        String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm");
+        if (algorithm == null) {
+            algorithm = "SunX509";
+        }
+        SSLContext serverContext;
+        try {
+            //
+            KeyStore ks = KeyStore.getInstance("JKS");
+            ks.load( SecureSocketSslContextFactory.class.getResourceAsStream(serverBean.getJksFile()),
+                    serverBean.getJksStorePassword().toCharArray());
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
+            kmf.init(ks,serverBean.getJksCertificatePassword().toCharArray());
+            serverContext = SSLContext.getInstance(PROTOCOL);
+            serverContext.init(kmf.getKeyManagers(), null, null);
+        } catch (Exception e) {
+            throw new Error(
+                    "Failed to initialize the server-side SSLContext", e);
+        }
+        SERVER_CONTEXT = serverContext;
+    }
+
 }
diff --git a/src/main/java/com/github/unclecatmyself/bootstrap/NettyBootstrapServer.java b/src/main/java/com/github/unclecatmyself/bootstrap/NettyBootstrapServer.java
@@ -32,10 +32,6 @@ public class NettyBootstrapServer extends AbstractBootstrapServer {
 
     private InitNetty serverBean;
 
-    public InitNetty getServerBean() {
-        return serverBean;
-    }
-
     public void setServerBean(InitNetty serverBean) {
         this.serverBean = serverBean;
     }

diff --git a/src/main/java/com/github/unclecatmyself/common/bean/InitNetty.java b/src/main/java/com/github/unclecatmyself/common/bean/InitNetty.java
@@ -6,7 +6,7 @@
  * 初始化Netty配置
  * Create by UncleCatMySelf in 2018/12/06
  */
-public class InitNetty {
+public abstract class InitNetty {
 
     private int webport = 8090;
 
@@ -40,6 +40,14 @@ public class InitNetty {
 
     private Boolean isDistributed = false;
 
+    private boolean ssl = false;
+
+    private String jksFile = "E:\\inchat\\InChat\\src\\main\\resources\\inchat.jks";
+
+    private String jksStorePassword = "123456";
+
+    private String jksCertificatePassword = "123456";
+
     private Class<DefaultHandler> webSocketHandler = DefaultHandler.class;
 
     public Boolean getDistributed() {
@@ -198,4 +206,35 @@ public Class<DefaultHandler> getWebSocketHandler() {
         return webSocketHandler;
     }
 
+    public boolean isSsl() {
+        return ssl;
+    }
+
+    public void setSsl(boolean ssl) {
+        this.ssl = ssl;
+    }
+
+    public String getJksFile() {
+        return jksFile;
+    }
+
+    public void setJksFile(String jksFile) {
+        this.jksFile = jksFile;
+    }
+
+    public String getJksStorePassword() {
+        return jksStorePassword;
+    }
+
+    public void setJksStorePassword(String jksStorePassword) {
+        this.jksStorePassword = jksStorePassword;
+    }
+
+    public String getJksCertificatePassword() {
+        return jksCertificatePassword;
+    }
+
+    public void setJksCertificatePassword(String jksCertificatePassword) {
+        this.jksCertificatePassword = jksCertificatePassword;
+    }
 }
diff --git a/src/main/java/com/github/unclecatmyself/common/constant/BootstrapConstant.java b/src/main/java/com/github/unclecatmyself/common/constant/BootstrapConstant.java
@@ -13,4 +13,6 @@ public class BootstrapConstant {
 
     public static final String WEBSOCKETHANDLER = "webSocketHandler";
 
+    public static final String SSL = "ssl";
+
 }
diff --git a/src/main/java/com/github/unclecatmyself/common/constant/NotInChatConstant.java b/src/main/java/com/github/unclecatmyself/common/constant/NotInChatConstant.java
@@ -15,4 +15,6 @@ public class NotInChatConstant {
 
     public static final String NOT_HANDLER = "Server Handler 不匹配";
 
+    public static final String SSL_NOT_FIND = "SSL file and password is null";
+
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -13,4 +13,6 @@ public class BootstrapConstant {

		public static final String WEBSOCKETHANDLER = "webSocketHandler";

		public static final String SSL = "ssl";

		}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -15,4 +15,6 @@ public class NotInChatConstant {

		public static final String NOT_HANDLER = "Server Handler 不匹配";

		public static final String SSL_NOT_FIND = "SSL file and password is null";

		}