Dear all, I have a small, maybe easy to solve problöem. But i'm stuck since a few hours.
Normally, my application uses this filterchain: LoggingFilter -> SslFilter -> ExecutorFilter -> ProtocolCodecFilter This works quite well ion server and client side. Now I want to connect via proxy. I read about the proxy filter already present in the MINA package. But I have some extra requirements that prevent me from using this one. So I wrote my own one with the additional features and things I need (don't ask :-) ). At first, my solution worked fine: I build the filterchain like this (at first without ssl): LoggingFilter -> "MyProxyLikeFilter" -> ExecutorFilter -> ProtocolCodecFilter and tried to connect. The connect logic detected that the "MyProxyLikeFilter" is in place and thus replaced the target host and port with the proxy host and port. In the "sessionCreated()" in "MyProxyLikeFilter" I backuped the filterchain and replaced it with this: LoggingFilter -> TextLineCodec -> "MyProxyLikeFilter" At the end of the "sessionCreated()" method, I send the commands to the proxy via "session.write()". In the "messageReceived()" method, I summed up the proxys answer-lines. If a "http 200" was returned, I cleared the filterchain, restored the backup and called "session.getFilterChain().fireSessionCreated()", so that the "rest" of the filterchain could continue like as always. This worked quite well. But now I want to use the SslFilter also in combination with "MyProxyLikeFilter". I tried different things. The "best" working, but not completely working one was this: I created the following filterchain: LoggingFilter -> SslFilter -> ExecutorFilter -> ProtocolCodecFilter then did a "backup" with "List<Entry> backupChain = filterChain.getAllReversed();". After that, I cleared the chain (yes, it's looks like a dirty hack), and added: LoggingFilter -> TextLineCodec -> "MyProxyLikeFilter" Now it's behaving like I already mention in the "without ssl" case: At the end of the "sessionCreated()" method, I send the commands to the proxy via "session.write()". In the "messageReceived()" method, I summed up the proxys answer-lines. If a "http 200" was returned, I cleared the filterchain, restored the backup and called "session.getFilterChain().fireSessionCreated()", so that the "rest" of the filterchain could continue like as always. The filterchain then looks like before: LoggingFilter -> SslFilter -> ExecutorFilter -> ProtocolCodecFilter The first sent and received message to and from the server works well. But the second message which is sent to the server gives me: --------- 2009-02-18 15:39:29,383 [FINEST ] t_id=12 de.root1.simon.Dispatcher.exceptionCaught -> exception Caught. session=0x016FD0B7 cause=javax.net.ssl.SSLException: Received fatal alert: internal_error com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown Source) com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown Source) javax.net.ssl.SSLEngine.unwrap(Unknown Source) org.apache.mina.filter.ssl.SslHandler.unwrap0(SslHandler.java:672) org.apache.mina.filter.ssl.SslHandler.unwrap(SslHandler.java:594) org.apache.mina.filter.ssl.SslHandler.decrypt(SslHandler.java:424) org.apache.mina.filter.ssl.SslHandler.messageReceived(SslHandler.java:302) org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:415) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48) org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802) org.apache.mina.filter.logging.LoggingFilter.messageReceived(LoggingFilter.java:181) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48) org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802) org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:120) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426) org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:586) org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:547) org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:539) org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:57) org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:867) org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:65) java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) java.lang.Thread.run(Unknown Source) ------------- At the server side I get: ------------- 2009-02-18 15:39:29,528 [SEVERE ] t_id=25 org.apache.mina.filter.logging.LoggingFilter.log -> EXCEPTION : 2009-02-18 15:39:29,529 [FINEST ] t_id=28 de.root1.simon.Dispatcher.exceptionCaught -> exception Caught. session=0x00BAC9B9 cause=javax.net.ssl.SSLException: Unsupported record version Unknown-23.3 com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:97) com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:754) com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:669) javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607) org.apache.mina.filter.ssl.SslHandler.unwrap0(SslHandler.java:672) org.apache.mina.filter.ssl.SslHandler.unwrap(SslHandler.java:594) org.apache.mina.filter.ssl.SslHandler.decrypt(SslHandler.java:424) org.apache.mina.filter.ssl.SslHandler.messageReceived(SslHandler.java:302) org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:415) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48) org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802) org.apache.mina.filter.logging.LoggingFilter.messageReceived(LoggingFilter.java:181) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48) org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802) org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:120) org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426) org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:586) org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:547) org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:539) org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:57) org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:867) org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:65) java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907) java.lang.Thread.run(Thread.java:619) -------------------- I think it's a because it's not so easy to "add ssl on the fly". Can someone help and give me a hint how to handle the ssl-filter on the client side on an already established, but not yet ssl-handshaked connection? br, Alex
