now capable of accepting a quic connection
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
This commit is contained in:
parent
1f588d719d
commit
e347074975
|
@ -24,6 +24,11 @@
|
||||||
<artifactId>jetty-server</artifactId>
|
<artifactId>jetty-server</artifactId>
|
||||||
<version>${project.version}</version>
|
<version>${project.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.eclipse.jetty.http3</groupId>
|
||||||
|
<artifactId>cloudflare-quiche-jna</artifactId>
|
||||||
|
<version>${project.version}</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.eclipse.jetty</groupId>
|
<groupId>org.eclipse.jetty</groupId>
|
||||||
<artifactId>jetty-slf4j-impl</artifactId>
|
<artifactId>jetty-slf4j-impl</artifactId>
|
||||||
|
|
|
@ -75,10 +75,7 @@ public class DatagramAdaptingEndPoint implements EndPoint
|
||||||
if (filled == 0)
|
if (filled == 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
int headerPosition = buffer.position();
|
|
||||||
remoteAddress = ServerDatagramEndPoint.decodeInetSocketAddress(buffer);
|
remoteAddress = ServerDatagramEndPoint.decodeInetSocketAddress(buffer);
|
||||||
buffer.position(headerPosition + ServerDatagramEndPoint.ENCODED_ADDRESS_LENGTH);
|
|
||||||
|
|
||||||
return filled;
|
return filled;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,81 +1,133 @@
|
||||||
package org.eclipse.jetty.http3.server;
|
package org.eclipse.jetty.http3.server;
|
||||||
|
|
||||||
import java.util.EventListener;
|
import java.io.File;
|
||||||
|
import java.net.InetSocketAddress;
|
||||||
|
import java.nio.ByteBuffer;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
|
import java.util.concurrent.ConcurrentMap;
|
||||||
|
import java.util.concurrent.Executor;
|
||||||
|
|
||||||
import org.eclipse.jetty.io.Connection;
|
import org.eclipse.jetty.http3.quiche.QuicheConfig;
|
||||||
import org.eclipse.jetty.io.EndPoint;
|
import org.eclipse.jetty.http3.quiche.QuicheConnection;
|
||||||
|
import org.eclipse.jetty.http3.quiche.QuicheConnectionId;
|
||||||
|
import org.eclipse.jetty.http3.quiche.ffi.LibQuiche;
|
||||||
|
import org.eclipse.jetty.io.AbstractConnection;
|
||||||
|
import org.eclipse.jetty.io.ByteBufferPool;
|
||||||
|
import org.eclipse.jetty.util.BufferUtil;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
public class QuicConnection implements Connection
|
public class QuicConnection extends AbstractConnection
|
||||||
{
|
{
|
||||||
@Override
|
private static final Logger LOG = LoggerFactory.getLogger(QuicConnection.class);
|
||||||
public void addEventListener(EventListener listener)
|
|
||||||
{
|
|
||||||
|
|
||||||
|
private final ByteBufferPool byteBufferPool;
|
||||||
|
private final ConcurrentMap<QuicheConnectionId, QuicheConnection> connections = new ConcurrentHashMap<>();
|
||||||
|
private final QuicheConfig quicheConfig;
|
||||||
|
|
||||||
|
public QuicConnection(ByteBufferPool byteBufferPool, Executor executor, ServerDatagramEndPoint endp)
|
||||||
|
{
|
||||||
|
super(endp, executor);
|
||||||
|
this.byteBufferPool = byteBufferPool;
|
||||||
|
|
||||||
|
File[] files;
|
||||||
|
try
|
||||||
|
{
|
||||||
|
SSLKeyPair keyPair;
|
||||||
|
keyPair = new SSLKeyPair(new File("src/test/resources/keystore.p12"), "PKCS12", "storepwd".toCharArray(), "mykey", "storepwd".toCharArray());
|
||||||
|
files = keyPair.export(new File(System.getProperty("java.io.tmpdir")));
|
||||||
|
}
|
||||||
|
catch (Exception e)
|
||||||
|
{
|
||||||
|
throw new RuntimeException(e);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
quicheConfig = new QuicheConfig();
|
||||||
public void removeEventListener(EventListener listener)
|
quicheConfig.setPrivKeyPemPath(files[0].getPath());
|
||||||
{
|
quicheConfig.setCertChainPemPath(files[1].getPath());
|
||||||
|
quicheConfig.setVerifyPeer(false);
|
||||||
|
quicheConfig.setMaxIdleTimeout(5000L);
|
||||||
|
quicheConfig.setInitialMaxData(10000000L);
|
||||||
|
quicheConfig.setInitialMaxStreamDataBidiLocal(10000000L);
|
||||||
|
quicheConfig.setInitialMaxStreamDataBidiRemote(10000000L);
|
||||||
|
quicheConfig.setInitialMaxStreamDataUni(10000000L);
|
||||||
|
quicheConfig.setInitialMaxStreamsBidi(100L);
|
||||||
|
quicheConfig.setCongestionControl(QuicheConfig.CongestionControl.RENO);
|
||||||
|
quicheConfig.setApplicationProtos(getProtocols().toArray(new String[0]));
|
||||||
|
}
|
||||||
|
|
||||||
|
private Collection<String> getProtocols()
|
||||||
|
{
|
||||||
|
return Arrays.asList("http/0.9");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void onOpen()
|
public void onOpen()
|
||||||
{
|
{
|
||||||
|
super.onOpen();
|
||||||
|
fillInterested();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void onClose(Throwable cause)
|
public void onFillable()
|
||||||
{
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
ByteBuffer buffer = byteBufferPool.acquire(LibQuiche.QUICHE_MIN_CLIENT_INITIAL_LEN + ServerDatagramEndPoint.ENCODED_ADDRESS_LENGTH, true);
|
||||||
|
// Read data
|
||||||
|
int fill = getEndPoint().fill(buffer);
|
||||||
|
if (fill < 0)
|
||||||
|
{
|
||||||
|
byteBufferPool.release(buffer);
|
||||||
|
getEndPoint().shutdownOutput();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (fill == 0)
|
||||||
|
{
|
||||||
|
byteBufferPool.release(buffer);
|
||||||
|
fillInterested();
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
InetSocketAddress remoteAddress = ServerDatagramEndPoint.decodeInetSocketAddress(buffer);
|
||||||
public EndPoint getEndPoint()
|
QuicheConnectionId quicheConnectionId = QuicheConnectionId.fromPacket(buffer);
|
||||||
|
QuicheConnection quicheConnection = connections.get(quicheConnectionId);
|
||||||
|
if (quicheConnection == null)
|
||||||
{
|
{
|
||||||
return null;
|
quicheConnection = QuicheConnection.tryAccept(quicheConfig, remoteAddress, buffer);
|
||||||
|
if (quicheConnection == null)
|
||||||
|
{
|
||||||
|
ByteBuffer address = byteBufferPool.acquire(ServerDatagramEndPoint.ENCODED_ADDRESS_LENGTH, true);
|
||||||
|
BufferUtil.flipToFill(address);
|
||||||
|
ServerDatagramEndPoint.encodeInetSocketAddress(address, remoteAddress);
|
||||||
|
address.flip();
|
||||||
|
|
||||||
|
ByteBuffer buffer2 = byteBufferPool.acquire(LibQuiche.QUICHE_MIN_CLIENT_INITIAL_LEN, true);
|
||||||
|
BufferUtil.flipToFill(buffer2);
|
||||||
|
QuicheConnection.negotiate(remoteAddress, buffer, buffer2);
|
||||||
|
|
||||||
|
getEndPoint().flush(address, buffer2);
|
||||||
|
byteBufferPool.release(address);
|
||||||
|
byteBufferPool.release(buffer2);
|
||||||
}
|
}
|
||||||
|
else
|
||||||
@Override
|
|
||||||
public void close()
|
|
||||||
{
|
{
|
||||||
|
LOG.info("Quic connection accepted");
|
||||||
|
connections.put(quicheConnectionId, quicheConnection);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean onIdleExpired()
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
else
|
||||||
@Override
|
|
||||||
public long getMessagesIn()
|
|
||||||
{
|
{
|
||||||
return 0;
|
quicheConnection.feedCipherText(buffer);
|
||||||
}
|
}
|
||||||
|
byteBufferPool.release(buffer);
|
||||||
@Override
|
fillInterested();
|
||||||
public long getMessagesOut()
|
|
||||||
{
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
catch (Throwable x)
|
||||||
@Override
|
|
||||||
public long getBytesIn()
|
|
||||||
{
|
{
|
||||||
return 0;
|
close();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public long getBytesOut()
|
|
||||||
{
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public long getCreatedTimeStamp()
|
|
||||||
{
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,105 @@
|
||||||
|
//
|
||||||
|
// ========================================================================
|
||||||
|
// Copyright (c) 1995-2021 Mort Bay Consulting Pty Ltd and others.
|
||||||
|
//
|
||||||
|
// This program and the accompanying materials are made available under the
|
||||||
|
// terms of the Eclipse Public License v. 2.0 which is available at
|
||||||
|
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
|
||||||
|
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
|
||||||
|
// ========================================================================
|
||||||
|
//
|
||||||
|
|
||||||
|
package org.eclipse.jetty.http3.server;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.io.FileOutputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.OutputStream;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.Key;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
import java.security.KeyStoreException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.UnrecoverableKeyException;
|
||||||
|
import java.security.cert.Certificate;
|
||||||
|
import java.security.cert.CertificateEncodingException;
|
||||||
|
import java.security.cert.CertificateException;
|
||||||
|
import java.util.Base64;
|
||||||
|
|
||||||
|
public class SSLKeyPair
|
||||||
|
{
|
||||||
|
private static final String BEGIN_KEY = "-----BEGIN PRIVATE KEY-----";
|
||||||
|
private static final String END_KEY = "-----END PRIVATE KEY-----";
|
||||||
|
private static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
|
||||||
|
private static final String END_CERT = "-----END CERTIFICATE-----";
|
||||||
|
private static final String LINE_SEPARATOR = System.getProperty("line.separator");
|
||||||
|
private static final int LINE_LENGTH = 64;
|
||||||
|
|
||||||
|
private final Key key;
|
||||||
|
private final Certificate cert;
|
||||||
|
private final String alias;
|
||||||
|
|
||||||
|
public SSLKeyPair(Key key, Certificate cert, String alias)
|
||||||
|
{
|
||||||
|
this.key = key;
|
||||||
|
this.cert = cert;
|
||||||
|
this.alias = alias;
|
||||||
|
}
|
||||||
|
|
||||||
|
public SSLKeyPair(File storeFile, String storeType, char[] storePassword, String alias, char[] keyPassword) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, CertificateException
|
||||||
|
{
|
||||||
|
KeyStore keyStore = KeyStore.getInstance(storeType);
|
||||||
|
try (FileInputStream fis = new FileInputStream(storeFile))
|
||||||
|
{
|
||||||
|
keyStore.load(fis, storePassword);
|
||||||
|
this.alias = alias;
|
||||||
|
this.key = keyStore.getKey(alias, keyPassword);
|
||||||
|
this.cert = keyStore.getCertificate(alias);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return [0] is the key file, [1] is the cert file.
|
||||||
|
*/
|
||||||
|
public File[] export(File targetFolder) throws Exception
|
||||||
|
{
|
||||||
|
File[] files = new File[2];
|
||||||
|
files[0] = new File(targetFolder, alias + ".key");
|
||||||
|
files[1] = new File(targetFolder, alias + ".crt");
|
||||||
|
|
||||||
|
try (FileOutputStream fos = new FileOutputStream(files[0]))
|
||||||
|
{
|
||||||
|
writeAsPem(fos, key);
|
||||||
|
}
|
||||||
|
try (FileOutputStream fos = new FileOutputStream(files[1]))
|
||||||
|
{
|
||||||
|
writeAsPem(fos, cert);
|
||||||
|
}
|
||||||
|
return files;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void writeAsPem(OutputStream outputStream, Key key) throws IOException
|
||||||
|
{
|
||||||
|
Base64.Encoder encoder = Base64.getMimeEncoder(LINE_LENGTH, LINE_SEPARATOR.getBytes());
|
||||||
|
byte[] encoded = encoder.encode(key.getEncoded());
|
||||||
|
outputStream.write(BEGIN_KEY.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(LINE_SEPARATOR.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(encoded);
|
||||||
|
outputStream.write(LINE_SEPARATOR.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(END_KEY.getBytes(StandardCharsets.UTF_8));
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void writeAsPem(OutputStream outputStream, Certificate certificate) throws CertificateEncodingException, IOException
|
||||||
|
{
|
||||||
|
Base64.Encoder encoder = Base64.getMimeEncoder(LINE_LENGTH, LINE_SEPARATOR.getBytes());
|
||||||
|
byte[] encoded = encoder.encode(certificate.getEncoded());
|
||||||
|
outputStream.write(BEGIN_CERT.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(LINE_SEPARATOR.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(encoded);
|
||||||
|
outputStream.write(LINE_SEPARATOR.getBytes(StandardCharsets.UTF_8));
|
||||||
|
outputStream.write(END_CERT.getBytes(StandardCharsets.UTF_8));
|
||||||
|
}
|
||||||
|
}
|
|
@ -10,7 +10,6 @@ import java.nio.channels.Selector;
|
||||||
import java.util.EventListener;
|
import java.util.EventListener;
|
||||||
import java.util.concurrent.Executor;
|
import java.util.concurrent.Executor;
|
||||||
|
|
||||||
import org.eclipse.jetty.http.HttpCompliance;
|
|
||||||
import org.eclipse.jetty.io.ByteBufferPool;
|
import org.eclipse.jetty.io.ByteBufferPool;
|
||||||
import org.eclipse.jetty.io.Connection;
|
import org.eclipse.jetty.io.Connection;
|
||||||
import org.eclipse.jetty.io.EndPoint;
|
import org.eclipse.jetty.io.EndPoint;
|
||||||
|
@ -18,8 +17,6 @@ import org.eclipse.jetty.io.ManagedSelector;
|
||||||
import org.eclipse.jetty.io.SelectorManager;
|
import org.eclipse.jetty.io.SelectorManager;
|
||||||
import org.eclipse.jetty.server.AbstractNetworkConnector;
|
import org.eclipse.jetty.server.AbstractNetworkConnector;
|
||||||
import org.eclipse.jetty.server.ConnectionFactory;
|
import org.eclipse.jetty.server.ConnectionFactory;
|
||||||
import org.eclipse.jetty.server.HttpConfiguration;
|
|
||||||
import org.eclipse.jetty.server.HttpConnection;
|
|
||||||
import org.eclipse.jetty.server.Server;
|
import org.eclipse.jetty.server.Server;
|
||||||
import org.eclipse.jetty.util.IO;
|
import org.eclipse.jetty.util.IO;
|
||||||
import org.eclipse.jetty.util.annotation.Name;
|
import org.eclipse.jetty.util.annotation.Name;
|
||||||
|
@ -170,11 +167,7 @@ public class ServerDatagramConnector extends AbstractNetworkConnector
|
||||||
@Override
|
@Override
|
||||||
public Connection newConnection(SelectableChannel channel, EndPoint endpoint, Object attachment) throws IOException
|
public Connection newConnection(SelectableChannel channel, EndPoint endpoint, Object attachment) throws IOException
|
||||||
{
|
{
|
||||||
//TODO: return quic connection
|
return new QuicConnection(getByteBufferPool(), getExecutor(), (ServerDatagramEndPoint)endpoint);
|
||||||
//return new QuicConnection();
|
|
||||||
HttpConfiguration config = new HttpConfiguration();
|
|
||||||
config.setHttpCompliance(HttpCompliance.LEGACY); // enable HTTP/0.9
|
|
||||||
return new HttpConnection(config, ServerDatagramConnector.this, new DatagramAdaptingEndPoint((ServerDatagramEndPoint)endpoint), false);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -253,6 +253,7 @@ public class ServerDatagramEndPoint extends IdleTimeout implements EndPoint, Man
|
||||||
|
|
||||||
static InetSocketAddress decodeInetSocketAddress(ByteBuffer buffer) throws IOException
|
static InetSocketAddress decodeInetSocketAddress(ByteBuffer buffer) throws IOException
|
||||||
{
|
{
|
||||||
|
int headerPosition = buffer.position();
|
||||||
byte ipVersion = buffer.get();
|
byte ipVersion = buffer.get();
|
||||||
byte[] address;
|
byte[] address;
|
||||||
if (ipVersion == 4)
|
if (ipVersion == 4)
|
||||||
|
@ -262,11 +263,13 @@ public class ServerDatagramEndPoint extends IdleTimeout implements EndPoint, Man
|
||||||
else throw new IOException("Unsupported IP version: " + ipVersion);
|
else throw new IOException("Unsupported IP version: " + ipVersion);
|
||||||
buffer.get(address);
|
buffer.get(address);
|
||||||
int port = buffer.getChar();
|
int port = buffer.getChar();
|
||||||
|
buffer.position(headerPosition + ENCODED_ADDRESS_LENGTH);
|
||||||
return new InetSocketAddress(InetAddress.getByAddress(address), port);
|
return new InetSocketAddress(InetAddress.getByAddress(address), port);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void encodeInetSocketAddress(ByteBuffer buffer, InetSocketAddress peer) throws IOException
|
static void encodeInetSocketAddress(ByteBuffer buffer, InetSocketAddress peer) throws IOException
|
||||||
{
|
{
|
||||||
|
int headerPosition = buffer.position();
|
||||||
byte[] addressBytes = peer.getAddress().getAddress();
|
byte[] addressBytes = peer.getAddress().getAddress();
|
||||||
int port = peer.getPort();
|
int port = peer.getPort();
|
||||||
byte ipVersion;
|
byte ipVersion;
|
||||||
|
@ -279,5 +282,6 @@ public class ServerDatagramEndPoint extends IdleTimeout implements EndPoint, Man
|
||||||
buffer.put(ipVersion);
|
buffer.put(ipVersion);
|
||||||
buffer.put(addressBytes);
|
buffer.put(addressBytes);
|
||||||
buffer.putChar((char)port);
|
buffer.putChar((char)port);
|
||||||
|
buffer.position(headerPosition + ENCODED_ADDRESS_LENGTH);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue