Comments (5)
I hacked this together: mheath@2c2b80d and it works. I'm not sure that getting the remote address for the SslHandler
from the Channel
is the best/right way to do it or not.
from reactor-netty.
+1 for SNI. Using the channel's remote address could conflict with proxy handlers. An unresolved InetSocketAddress
with the intended endpoint address (derived from a URI or similar) should work.
from reactor-netty.
@mp911de When you talk about a 'proxy handler' are you referring to an HTTP proxy or some kind of Java proxy?
If it's a HTTP proxy, you would have to use the proxy's address in the SNI request since the client would be doing TLS with the proxy and the proxy would be doing TLS with the intended endpoint. If the client were to send the intended endpoint's address and the proxy is using SNI, the TLS negotiation would fail.
from reactor-netty.
Sorry for being imprecise. The HTTP proxy endpoint vs. intended endpoint was my issue which you described above.
from reactor-netty.
@mheath after looking a bit more in depth at the issue with @smaldini, we don't think the approach of using the Channel
's SocketAddress
is the correct one.
I have put together a change that:
- captures the
SocketAddress
originally provided by the client (so not the resolved and actually connected address, but rather the one targeted by eg. a GET). - adds a
getSNI()
method toContextHandler
which is used when calling theaddSslAndLogHandlers
static method. By default it returnsnull
, which ignores SNI - implements
getSNI
so that http client context implementations extract the hostname and port out of the capturedSocketAddress
(provided it is not null and is anInetSocketAddress
), thus enabling SNI for the clients.
from reactor-netty.
Related Issues (20)
- WebSockets - MaxFramePayloadLength behaviour when using WebSocketServerSpec.compress(true) HOT 2
- Timeout leaves connection in the pool in configured state, blocking a pool slot HOT 17
- ERROR io.netty.util.ResourceLeakDetector - LEAK: ByteBuf.release() was not called before it's garbage-collected. HOT 3
- HTTP2 Client doesn't work/DefaultChannelPipeline wrongly configure for HTTP2 HOT 2
- Connection reset by peer; nested exception is io.netty.channel.unix.Errors$NativeIoException: readAddress(..) HOT 2
- springcloud gateway netty pool config HOT 1
- LEAK: ByteBuf.release() was not called before it's garbage-collected. HOT 16
- ClassNotFoundException for HttpDecoderConfig using reactor-netty-http HOT 3
- Mutable NewConnectionProvider HOT 10
- ByteBuf LEAK when PoolAcquirePendingLimitException is thrown HOT 9
- Consistent Memory Increase in Webflux Application HOT 5
- Build should not depend on `doc:antora`
- Ongoing connection reset by peer HOT 5
- Memory Leak in reactor-netty when using Spring WebClient with blocked flux. Issue: Databuffer is not released. HOT 15
- IllegalArgumentException: Failed to parse a port from request HOT 2
- Wiremock proxy : Connection prematurely closed BEFORE response HOT 2
- Add ability to set idle-timeout for websockets HOT 3
- Micrometer Prometheus metrics export fails due to conditional `proxy.address` tag HOT 2
- Intermittent error with connection reset by peer. HOT 1
- recordServerConnectionInactive never invoked after WebSocket upgrade HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reactor-netty.