io.netty.handler.ssl.NotSslRecordException Java Examples
The following examples show how to use
io.netty.handler.ssl.NotSslRecordException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: OpenDistroSecuritySSLNettyTransport.java From deprecated-security-ssl with Apache License 2.0 | 7 votes |
|
@Override
public final void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if(cause instanceof DecoderException && cause != null) {
cause = cause.getCause();
}
errorHandler.logError(cause, false);
if(cause instanceof NotSslRecordException) {
log.warn("Someone ({}) speaks transport plaintext instead of ssl, will close the channel", ctx.channel().remoteAddress());
ctx.channel().close();
return;
} else if (cause instanceof SSLException) {
log.error("SSL Problem "+cause.getMessage(),cause);
ctx.channel().close();
return;
} else if (cause instanceof SSLHandshakeException) {
log.error("Problem during handshake "+cause.getMessage());
ctx.channel().close();
return;
}
super.exceptionCaught(ctx, cause);
}
Example #2
| Source File: XdsSdsClientServerTest.java From grpc-java with Apache License 2.0 | 7 votes |
|
@Test
public void plaintextServer_tlsClient_expectException() throws IOException, URISyntaxException {
buildServerWithTlsContext(/* downstreamTlsContext= */ null);
// for TLS, client only needs trustCa
UpstreamTlsContext upstreamTlsContext =
CommonTlsContextTestsUtil.buildUpstreamTlsContextFromFilenames(
/* privateKey= */ null, /* certChain= */ null, CA_PEM_FILE);
SimpleServiceGrpc.SimpleServiceBlockingStub blockingStub =
getBlockingStub(upstreamTlsContext, /* overrideAuthority= */ "foo.test.google.fr");
try {
unaryRpc("buddy", blockingStub);
fail("exception expected");
} catch (StatusRuntimeException sre) {
assertThat(sre).hasCauseThat().isInstanceOf(NotSslRecordException.class);
assertThat(sre).hasCauseThat().hasMessageThat().contains("not an SSL/TLS record");
}
}
Example #3
| Source File: OpenDistroSecuritySSLNettyHttpServerTransport.java From deprecated-security-ssl with Apache License 2.0 | 6 votes |
|
@Override
protected final void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if(this.lifecycle.started()) {
if(cause instanceof DecoderException && cause != null) {
cause = cause.getCause();
}
errorHandler.logError(cause, true);
if(cause instanceof NotSslRecordException) {
logger.warn("Someone ({}) speaks http plaintext instead of ssl, will close the channel", ctx.channel().remoteAddress());
ctx.channel().close();
return;
} else if (cause instanceof SSLException) {
logger.error("SSL Problem "+cause.getMessage(),cause);
ctx.channel().close();
return;
} else if (cause instanceof SSLHandshakeException) {
logger.error("Problem during handshake "+cause.getMessage());
ctx.channel().close();
return;
}
}
super.exceptionCaught(ctx, cause);
}
Example #4
| Source File: OpenDistroSecuritySSLNettyTransport.java From deprecated-security-ssl with Apache License 2.0 | 6 votes |
|
@Override
public void onException(TcpChannel channel, Exception e) {
if (lifecycle.started()) {
Throwable cause = e;
if(e instanceof DecoderException && e != null) {
cause = e.getCause();
}
errorHandler.logError(cause, false);
if(cause instanceof NotSslRecordException) {
logger.warn("Someone ({}) speaks transport plaintext instead of ssl, will close the channel", channel.getLocalAddress());
CloseableChannel.closeChannel(channel, false);
return;
} else if (cause instanceof SSLException) {
logger.error("SSL Problem "+cause.getMessage(),cause);
CloseableChannel.closeChannel(channel, false);
return;
} else if (cause instanceof SSLHandshakeException) {
logger.error("Problem during handshake "+cause.getMessage());
CloseableChannel.closeChannel(channel, false);
return;
}
}
super.onException(channel, e);
}
Example #5
| Source File: OpenDistroSecuritySSLNettyTransport.java From deprecated-security-ssl with Apache License 2.0 | 6 votes |
|
@Override
public final void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if(OpenDistroSecuritySSLNettyTransport.this.lifecycle.started()) {
if(cause instanceof DecoderException && cause != null) {
cause = cause.getCause();
}
errorHandler.logError(cause, false);
if(cause instanceof NotSslRecordException) {
logger.warn("Someone ({}) speaks transport plaintext instead of ssl, will close the channel", ctx.channel().remoteAddress());
ctx.channel().close();
return;
} else if (cause instanceof SSLException) {
logger.error("SSL Problem "+cause.getMessage(),cause);
ctx.channel().close();
return;
} else if (cause instanceof SSLHandshakeException) {
logger.error("Problem during handshake "+cause.getMessage());
ctx.channel().close();
return;
}
}
super.exceptionCaught(ctx, cause);
}
Example #6
| Source File: OpenDistroSecuritySSLNettyTransport.java From deprecated-security-ssl with Apache License 2.0 | 6 votes |
|
@Override
public final void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if(OpenDistroSecuritySSLNettyTransport.this.lifecycle.started()) {
if(cause instanceof DecoderException && cause != null) {
cause = cause.getCause();
}
errorHandler.logError(cause, false);
if(cause instanceof NotSslRecordException) {
logger.warn("Someone ({}) speaks transport plaintext instead of ssl, will close the channel", ctx.channel().remoteAddress());
ctx.channel().close();
return;
} else if (cause instanceof SSLException) {
logger.error("SSL Problem "+cause.getMessage(),cause);
ctx.channel().close();
return;
} else if (cause instanceof SSLHandshakeException) {
logger.error("Problem during handshake "+cause.getMessage());
ctx.channel().close();
return;
}
}
super.exceptionCaught(ctx, cause);
}
Example #7
| Source File: SslExceptionHandler.java From hivemq-community-edition with Apache License 2.0 | 6 votes |
|
private boolean ignorableException(final Throwable cause, final ChannelHandlerContext ctx) {
if (cause instanceof NotSslRecordException) {
if (log.isDebugEnabled()) {
log.debug("Client {} sent data which is not SSL/TLS to a SSL/TLS listener. Disconnecting client.", ChannelUtils.getChannelIP(ctx.channel()).or("UNKNOWN"));
log.trace("Original Exception:", cause);
}
//Just in case the client wasn't disconnected already
eventLog.clientWasDisconnected(ctx.channel(), "SSL handshake failed");
ctx.close();
return true;
}
return false;
}
Example #8
| Source File: AbstractSessionNettyHandler.java From x-pipe with Apache License 2.0 | 6 votes |
|
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
session.release();
if(cause instanceof NotSslRecordException) {
logger.warn("[NotSslRecordException]", cause);
return;
}
super.exceptionCaught(ctx, cause);
}
Example #9
| Source File: SslExceptionHandlerTest.java From hivemq-community-edition with Apache License 2.0 | 5 votes |
|
@Test
public void test_ignorable_exception() throws Exception {
sslExceptionHandler.exceptionCaught(ctx, new NotSslRecordException());
verify(ctx).close();
verify(ctx, never()).fireExceptionCaught(any(Throwable.class));
}
Example #10
| Source File: HttpBlobHandler.java From crate with Apache License 2.0 | 4 votes |
|
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if (cause instanceof ClosedChannelException) {
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("channel closed: {}", cause.toString());
}
return;
} else if (cause instanceof IOException) {
String message = cause.getMessage();
if (message != null && message.contains("Connection reset by peer")) {
LOGGER.debug(message);
} else if (cause instanceof NotSslRecordException) {
// Raised when clients try to send unencrypted data over an encrypted channel
// This can happen when old instances of the Admin UI are running because the
// ports of HTTP/HTTPS are the same.
LOGGER.debug("Received unencrypted message from '{}'", ctx.channel().remoteAddress());
} else {
LOGGER.warn(message, cause);
}
return;
}
HttpResponseStatus status;
String body = null;
if (cause instanceof DigestMismatchException || cause instanceof BlobsDisabledException
|| cause instanceof IllegalArgumentException) {
status = HttpResponseStatus.BAD_REQUEST;
body = String.format(Locale.ENGLISH, "Invalid request sent: %s", cause.getMessage());
} else if (cause instanceof DigestNotFoundException || cause instanceof IndexNotFoundException) {
status = HttpResponseStatus.NOT_FOUND;
} else if (cause instanceof EsRejectedExecutionException) {
status = HttpResponseStatus.TOO_MANY_REQUESTS;
body = String.format(Locale.ENGLISH, "Rejected execution: %s", cause.getMessage());
} else {
status = HttpResponseStatus.INTERNAL_SERVER_ERROR;
body = String.format(Locale.ENGLISH, "Unhandled exception: %s", cause);
}
if (body != null) {
LOGGER.debug(body);
}
simpleResponse(null, status, body);
}
