+ add ssl support

* edit table page
qiweiview · Nov 29, 2020 · 7e8950b · 7e8950b
1 parent 5348982
commit 7e8950b
Show file tree

Hide file tree

Showing 12 changed files with 300 additions and 61 deletions.
diff --git a/src/main/java/jndc/core/config/ServerConfig.java b/src/main/java/jndc/core/config/ServerConfig.java
@@ -8,21 +8,25 @@
 import jndc.utils.InetUtils;
 import jndc.utils.LogPrint;
 import jndc.utils.UUIDSimple;
+import org.apache.commons.io.FileUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import web.utils.AuthUtils;
+import web.utils.SslOneWayContextFactory;
 
+import javax.net.ssl.SSLContext;
+import java.io.ByteArrayInputStream;
+import java.io.File;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.util.*;
 import java.util.stream.Stream;
 
-public class ServerConfig  implements ParameterVerification {
+public class ServerConfig implements ParameterVerification {
 
-    private static final String UN_SUPPORT_VALUE="jndc";
-
-    private   final Logger logger = LoggerFactory.getLogger(getClass());
+    private static final String UN_SUPPORT_VALUE = "jndc";
 
+    private final Logger logger = LoggerFactory.getLogger(getClass());
 
     private String frontProjectPath;
 
@@ -46,21 +50,55 @@ public class ServerConfig  implements ParameterVerification {
 
     private String loginPassWord;
 
+    private boolean useSsl;
+
+    private String keyStoreFile;
 
+    private String keystorePass;
 
+    private SSLContext serverSSLContext;
 
 
     @Override
     public void performParameterVerification() {
         inetAddress = InetUtils.getByStringIpAddress(bindIp);
-        inetSocketAddress=new InetSocketAddress(inetAddress,adminPort);
+        inetSocketAddress = new InetSocketAddress(inetAddress, adminPort);
 
-        if (UN_SUPPORT_VALUE.equals(getLoginName())&&UN_SUPPORT_VALUE.equals(getLoginPassWord())){
+        if (UN_SUPPORT_VALUE.equals(getLoginName()) && UN_SUPPORT_VALUE.equals(getLoginPassWord())) {
             LogPrint.err("the default name and password 'jndc' is not safe,please edit the config file and retry");
             ApplicationExit.exit();
         }
-        AuthUtils.name=getLoginName();
-        AuthUtils.passWord=getLoginPassWord();
+        AuthUtils.name = getLoginName();
+        AuthUtils.passWord = getLoginPassWord();
+
+        //check ssl in web api
+        initSslInWebApi();
+
+    }
+
+    private void initSslInWebApi() {
+        if (isUseSsl()) {
+            try {
+                byte[]  bytes = FileUtils.readFileToByteArray(new File(getKeyStoreFile()));
+                reloadSslContext(bytes, getKeystorePass().toCharArray());
+                logger.info("open ssl in the web api");
+            } catch (Exception e) {
+                setUseSsl(false);
+                logger.error("init ssl context  fail cause:" + e);
+            }
+
+
+        }
+    }
+
+    public void reloadSslContext(byte[] keyStore, char[] keyStorePass) {
+        try {
+            serverSSLContext = SslOneWayContextFactory.getServerContext(new ByteArrayInputStream(keyStore),keyStorePass);
+        } catch (Exception e) {
+            setUseSsl(false);
+            logger.error("load ssl context  fail cause:" + e);
+            throw new RuntimeException(e);
+        }
     }
 
     @Override
@@ -69,58 +107,57 @@ public void lazyInitAfterVerification() {
 
         DBWrapper<IpFilterRule4V> dbWrapper = DBWrapper.getDBWrapper(IpFilterRule4V.class);
         List<IpFilterRule4V> ipFilterRule4VS = dbWrapper.listAll();
-        Map<String, IpFilterRule4V>  blackMap=new HashMap<>();
-        Map<String, IpFilterRule4V>  whiteMap=new HashMap<>();
-        ipFilterRule4VS.forEach(x->{
-            if (x.isBlack()){
-                blackMap.put(x.getIp(),x);
-            }else {
-                whiteMap.put(x.getIp(),x);
+        Map<String, IpFilterRule4V> blackMap = new HashMap<>();
+        Map<String, IpFilterRule4V> whiteMap = new HashMap<>();
+        ipFilterRule4VS.forEach(x -> {
+            if (x.isBlack()) {
+                blackMap.put(x.getIp(), x);
+            } else {
+                whiteMap.put(x.getIp(), x);
             }
         });
 
 
-
         IpChecker ipChecker = UniqueBeanManage.getBean(IpChecker.class);
-        if (blackList==null){
-            blackList=new String[0];
+        if (blackList == null) {
+            blackList = new String[0];
         }
 
-        if (whiteList==null){
-            whiteList=new String[0];
+        if (whiteList == null) {
+            whiteList = new String[0];
         }
 
-        List<IpFilterRule4V> storeList=new ArrayList<>();
+        List<IpFilterRule4V> storeList = new ArrayList<>();
 
-        Stream.of(blackList).forEach(x->{
-            if (!blackMap.containsKey(x)){
+        Stream.of(blackList).forEach(x -> {
+            if (!blackMap.containsKey(x)) {
 
                 IpFilterRule4V ipFilterRule4V = new IpFilterRule4V();
                 ipFilterRule4V.black();
                 ipFilterRule4V.setId(UUIDSimple.id());
                 ipFilterRule4V.setIp(x);
-                blackMap.put(x,ipFilterRule4V);
+                blackMap.put(x, ipFilterRule4V);
                 storeList.add(ipFilterRule4V);
             }
         });
 
-        Stream.of(whiteList).forEach(x->{
-            if (!whiteMap.containsKey(x)){
+        Stream.of(whiteList).forEach(x -> {
+            if (!whiteMap.containsKey(x)) {
                 IpFilterRule4V ipFilterRule4V = new IpFilterRule4V();
                 ipFilterRule4V.white();
                 ipFilterRule4V.setId(UUIDSimple.id());
                 ipFilterRule4V.setIp(x);
-                whiteMap.put(x,ipFilterRule4V);
+                whiteMap.put(x, ipFilterRule4V);
                 storeList.add(ipFilterRule4V);
             }
         });
 
-        if (storeList.size()>0){
+        if (storeList.size() > 0) {
             dbWrapper.insertBatch(storeList);
-            logger.info("add new ip filter rule:"+storeList);
+            logger.info("add new ip filter rule:" + storeList);
         }
 
-        ipChecker.loadRule(blackMap,whiteMap);
+        ipChecker.loadRule(blackMap, whiteMap);
 
     }
 
@@ -132,6 +169,41 @@ public String toString() {
                 '}';
     }
 
+
+    /* ----------------getter setter---------------- */
+
+    public SSLContext getServerSSLContext() {
+        return serverSSLContext;
+    }
+
+    public void setServerSSLContext(SSLContext serverSSLContext) {
+        this.serverSSLContext = serverSSLContext;
+    }
+
+    public String getKeystorePass() {
+        return keystorePass;
+    }
+
+    public void setKeystorePass(String keystorePass) {
+        this.keystorePass = keystorePass;
+    }
+
+    public String getKeyStoreFile() {
+        return keyStoreFile;
+    }
+
+    public void setKeyStoreFile(String keyStoreFile) {
+        this.keyStoreFile = keyStoreFile;
+    }
+
+    public boolean isUseSsl() {
+        return useSsl;
+    }
+
+    public void setUseSsl(boolean useSsl) {
+        this.useSsl = useSsl;
+    }
+
     public String getLoginName() {
         return loginName;
     }

diff --git a/src/main/java/jndc/core/data_store/BasicDatabaseOperations.java b/src/main/java/jndc/core/data_store/BasicDatabaseOperations.java
@@ -15,7 +15,7 @@ public interface BasicDatabaseOperations<T> {
 
     public List<T> customQuery(String sql,Object... params);
 
-    public List<T> customQueryByPage(String sql,int page,int rows,Object... params);
+    public PageResult<T> customQueryByPage(String sql,int page,int rows,Object... params);
 
     public Integer count();
 

diff --git a/src/main/java/jndc/core/data_store/DBWrapper.java b/src/main/java/jndc/core/data_store/DBWrapper.java
@@ -175,7 +175,9 @@ public List<T> customQuery(String sql, Object... params) {
     }
 
     @Override
-    public List<T> customQueryByPage(String sql, int page, int rows, Object... params) {
+    public PageResult<T> customQueryByPage(String sql, int page, int rows, Object... params) {
+
+        PageResult<T> pageResult=new PageResult();
         //min limit
         if (page < 1) {
             page = 1;
@@ -192,7 +194,11 @@ public List<T> customQueryByPage(String sql, int page, int rows, Object... param
 
         int noOfRows = (page-1) * rows;
         String newSql = "select * from (" +sql+ ") g limit " + noOfRows + "," + rows;
-        return customQuery(newSql, params);
+        List<T> list = customQuery(newSql, params);
+        pageResult.setData(list);
+        Integer count = customQuerySingleValue("count",  "select count(*) count from (" +sql+ ")", Integer.class);
+        pageResult.setTotal(count);
+        return pageResult;
     }
 
     @Override

diff --git a/src/main/java/jndc/core/data_store/PageResult.java b/src/main/java/jndc/core/data_store/PageResult.java
@@ -0,0 +1,24 @@
+package jndc.core.data_store;
+
+import java.util.List;
+
+public class PageResult<T>  {
+    private List<T> data;
+    private int total;
+
+    public List<T> getData() {
+        return data;
+    }
+
+    public void setData(List<T> data) {
+        this.data = data;
+    }
+
+    public int getTotal() {
+        return total;
+    }
+
+    public void setTotal(int total) {
+        this.total = total;
+    }
+}
diff --git a/src/main/java/web/core/AuthTokenChecker.java b/src/main/java/web/core/AuthTokenChecker.java
@@ -32,6 +32,7 @@ public class AuthTokenChecker extends SimpleChannelInboundHandler<FullHttpReques
     private static final Map<String, Long> tokenCacheMap = new ConcurrentHashMap<>();
 
     static {
+        releaseSet.add("/");
         releaseSet.add("/login");
         releaseSet.add("/getDeviceIp");
     }

diff --git a/src/main/java/web/core/CustomSslHandler.java b/src/main/java/web/core/CustomSslHandler.java
@@ -0,0 +1,29 @@
+package web.core;
+
+
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.handler.ssl.SslHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+import javax.net.ssl.SSLEngine;
+
+public class CustomSslHandler extends SslHandler {
+
+    private final Logger logger = LoggerFactory.getLogger(getClass());
+
+    public static String NAME = "CUSTOM_SSL_HANDLER";
+
+
+    public CustomSslHandler(SSLEngine engine) {
+        super(engine);
+    }
+
+
+    @Override
+    public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
+        logger.error("ssl error" + cause);
+        ctx.close();
+    }
+}
diff --git a/src/main/java/web/core/WebContentHandler.java b/src/main/java/web/core/WebContentHandler.java
@@ -7,6 +7,8 @@
 
 import jndc.core.UniqueBeanManage;
 import jndc.utils.LogPrint;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import web.utils.HttpResponseBuilder;
 
 import java.io.File;
@@ -15,6 +17,7 @@
 
 
 public class WebContentHandler extends SimpleChannelInboundHandler<JNDCHttpRequest> {
+    private final Logger logger = LoggerFactory.getLogger(getClass());
     public static String NAME = "WEB_CONTENT_HANDLER";
     private static final String SEPARATOR = Matcher.quoteReplacement(File.separator);
 
@@ -40,6 +43,11 @@ protected void channelRead0(ChannelHandlerContext channelHandlerContext, JNDCHtt
             //jndc inner front project
             FrontProjectLoader jndcStaticProject = FrontProjectLoader.jndcStaticProject;
 
+            if (jndcStaticProject==null){
+                channelHandlerContext.writeAndFlush(HttpResponseBuilder.notFoundResponse());
+                return;
+            }
+
             //find static file
             FrontProjectLoader.InnerFileDescription file = jndcStaticProject.findFile(s);
             FullHttpResponse fullHttpResponse;
@@ -97,8 +105,7 @@ protected void channelRead0(ChannelHandlerContext channelHandlerContext, JNDCHtt
 
     @Override
     public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
-        if (cause instanceof IOException){
-            LogPrint.debug("a manage connection interrupt ");
-        }
+        logger.error("unCatchableException: "+cause);
+
     }
 }