From 893ed75c70a0182928f73f4254918f9cd7250384 Mon Sep 17 00:00:00 2001
From: aliiohs <renzhiyuan@wecash.net>
Date: Sun, 2 Aug 2020 19:53:40 +0800
Subject: [PATCH] add tls support
---
common/constant/key.go | 1 +
config/protocol_config.go | 7 ++++---
config/service_config.go | 1 +
config/ssl_config.go | 43 +++++++++++++++++++++++++++++++++++++++
go.mod | 4 +++-
protocol/dubbo/client.go | 1 +
protocol/dubbo/pool.go | 31 ++++++++++++++++++++--------
protocol/dubbo/server.go | 16 ++++++++++++---
8 files changed, 88 insertions(+), 16 deletions(-)
create mode 100644 config/ssl_config.go
diff --git a/common/constant/key.go b/common/constant/key.go
index 0aa6912e4..97262cead 100644
--- a/common/constant/key.go
+++ b/common/constant/key.go
@@ -46,6 +46,7 @@ const (
DUBBO_KEY = "dubbo"
RELEASE_KEY = "release"
ANYHOST_KEY = "anyhost"
+ SSL_ENABLED_KEY = "ssl-enabled"
)
const (
diff --git a/config/protocol_config.go b/config/protocol_config.go
index cee5b7aa7..3d9e1185d 100644
--- a/config/protocol_config.go
+++ b/config/protocol_config.go
@@ -27,9 +27,10 @@ import (
// ProtocolConfig is protocol configuration
type ProtocolConfig struct {
- Name string `required:"true" yaml:"name" json:"name,omitempty" property:"name"`
- Ip string `required:"true" yaml:"ip" json:"ip,omitempty" property:"ip"`
- Port string `required:"true" yaml:"port" json:"port,omitempty" property:"port"`
+ Name string `required:"true" yaml:"name" json:"name,omitempty" property:"name"`
+ Ip string `required:"true" yaml:"ip" json:"ip,omitempty" property:"ip"`
+ Port string `required:"true" yaml:"port" json:"port,omitempty" property:"port"`
+ SslEnabled bool `required:"false" yaml:"sslEnabled" json:"sslEnabled,omitempty" property:"sslEnabled"`
}
// nolint
diff --git a/config/service_config.go b/config/service_config.go
index 4351eea7c..728915381 100644
--- a/config/service_config.go
+++ b/config/service_config.go
@@ -188,6 +188,7 @@ func (c *ServiceConfig) Export() error {
common.WithPort(port),
common.WithParams(urlMap),
common.WithParamsValue(constant.BEAN_NAME_KEY, c.id),
+ common.WithParamsValue(constant.SSL_ENABLED_KEY, strconv.FormatBool(proto.SslEnabled)),
common.WithMethods(strings.Split(methods, ",")),
common.WithToken(c.Token),
)
diff --git a/config/ssl_config.go b/config/ssl_config.go
new file mode 100644
index 000000000..019f83d3c
--- /dev/null
+++ b/config/ssl_config.go
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package config
+
+import (
+ "github.com/dubbogo/getty"
+)
+
+var (
+ serverTlsConfigBuilder getty.TlsConfigBuilder
+ clientTlsConfigBuilder getty.TlsConfigBuilder
+)
+
+func GetServerTlsConfigBuilder() getty.TlsConfigBuilder {
+ return serverTlsConfigBuilder
+}
+
+func GetClientTlsConfigBuilder() getty.TlsConfigBuilder {
+ return clientTlsConfigBuilder
+}
+
+func SetServerTlsConfigBuilder(configBuilder getty.TlsConfigBuilder) {
+ serverTlsConfigBuilder = configBuilder
+}
+
+func SetClientTlsConfigBuilder(configBuilder getty.TlsConfigBuilder) {
+ clientTlsConfigBuilder = configBuilder
+}
diff --git a/go.mod b/go.mod
index c19627378..af6882adf 100644
--- a/go.mod
+++ b/go.mod
@@ -1,5 +1,7 @@
module github.com/apache/dubbo-go
+go 1.14
+
require (
cloud.google.com/go v0.39.0 // indirect
github.com/Microsoft/go-winio v0.4.13 // indirect
@@ -66,4 +68,4 @@ require (
k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a // indirect
)
-go 1.13
+replace github.com/dubbogo/getty v1.2.2 => github.com/aliiohs/getty v1.1.1-0.20200802094147-169328c4ff38
diff --git a/protocol/dubbo/client.go b/protocol/dubbo/client.go
index 6d1b771bf..d73d481ac 100644
--- a/protocol/dubbo/client.go
+++ b/protocol/dubbo/client.go
@@ -229,6 +229,7 @@ func (c *Client) call(ct CallType, request *Request, response *Response, callbac
p.Service.Version = request.svcUrl.GetParam(constant.VERSION_KEY, "")
p.Service.Group = request.svcUrl.GetParam(constant.GROUP_KEY, "")
p.Service.Method = request.method
+ c.pool.sslEnabled = request.svcUrl.GetParamBool(constant.SSL_ENABLED_KEY, false)
p.Service.Timeout = c.opts.RequestTimeout
var timeout = request.svcUrl.GetParam(strings.Join([]string{constant.METHOD_KEYS, request.method + constant.RETRIES_KEY}, "."), "")
diff --git a/protocol/dubbo/pool.go b/protocol/dubbo/pool.go
index c9f5e34fa..cb1960a75 100644
--- a/protocol/dubbo/pool.go
+++ b/protocol/dubbo/pool.go
@@ -33,6 +33,7 @@ import (
import (
"github.com/apache/dubbo-go/common/logger"
+ "github.com/apache/dubbo-go/config"
)
type gettyRPCClient struct {
@@ -53,15 +54,26 @@ var (
)
func newGettyRPCClientConn(pool *gettyRPCClientPool, protocol, addr string) (*gettyRPCClient, error) {
- c := &gettyRPCClient{
- protocol: protocol,
- addr: addr,
- pool: pool,
- gettyClient: getty.NewTCPClient(
+ var gettyClient getty.Client
+ if pool.sslEnabled {
+ gettyClient = getty.NewTCPClient(
+ getty.WithServerAddress(addr),
+ getty.WithConnectionNumber((int)(pool.rpcClient.conf.ConnectionNum)),
+ getty.WithReconnectInterval(pool.rpcClient.conf.ReconnectInterval),
+ getty.WithClientTlsConfigBuilder(config.GetClientTlsConfigBuilder()),
+ )
+ } else {
+ gettyClient = getty.NewTCPClient(
getty.WithServerAddress(addr),
getty.WithConnectionNumber((int)(pool.rpcClient.conf.ConnectionNum)),
getty.WithReconnectInterval(pool.rpcClient.conf.ReconnectInterval),
- ),
+ )
+ }
+ c := &gettyRPCClient{
+ protocol: protocol,
+ addr: addr,
+ pool: pool,
+ gettyClient: gettyClient,
}
go c.gettyClient.RunEventLoop(c.newSession)
idx := 1
@@ -288,9 +300,10 @@ func (c *gettyRPCClient) close() error {
}
type gettyRPCClientPool struct {
- rpcClient *Client
- size int // size of []*gettyRPCClient
- ttl int64 // ttl of every gettyRPCClient, it is checked when getConn
+ rpcClient *Client
+ size int // size of []*gettyRPCClient
+ ttl int64 // ttl of every gettyRPCClient, it is checked when getConn
+ sslEnabled bool
sync.Mutex
conns []*gettyRPCClient
diff --git a/protocol/dubbo/server.go b/protocol/dubbo/server.go
index 8de353a0b..bef7b3f68 100644
--- a/protocol/dubbo/server.go
+++ b/protocol/dubbo/server.go
@@ -30,6 +30,7 @@ import (
import (
"github.com/apache/dubbo-go/common"
+ "github.com/apache/dubbo-go/common/constant"
"github.com/apache/dubbo-go/common/logger"
"github.com/apache/dubbo-go/config"
)
@@ -163,9 +164,18 @@ func (s *Server) Start(url common.URL) {
)
addr = url.Location
- tcpServer = getty.NewTCPServer(
- getty.WithLocalAddress(addr),
- )
+ if url.GetParamBool(constant.SSL_ENABLED_KEY, false) {
+ tcpServer = getty.NewTCPServer(
+ getty.WithLocalAddress(addr),
+ getty.WithServerSslEnabled(url.GetParamBool(constant.SSL_ENABLED_KEY, false)),
+ getty.WithServerTlsConfigBuilder(config.GetServerTlsConfigBuilder()),
+ )
+
+ } else {
+ tcpServer = getty.NewTCPServer(
+ getty.WithLocalAddress(addr),
+ )
+ }
tcpServer.RunEventLoop(s.newSession)
logger.Debugf("s bind addr{%s} ok!", addr)
s.tcpServer = tcpServer
--
GitLab