Support SslMasterKeyHandler in NettyServerBuilder · grpc/grpc-java#7199

(15 comments) (1 reaction) (0 assignees)Java (11,124 stars) (3,742 forks)batch import

enhancementgood first issue

Description

I have a problem with adding SslMasterKeyHandler#newWireSharkSslMasterKeyHandler on the server side. I tried to do this with channelFactory:

builder.channelFactory(() -> {
          final ServerChannel ch = GrpcUtil.getDefaultServerChannelFactory().newChannel();
          final ChannelPipeline pipeline = ch.pipeline();
          pipeline.addLast(SslMasterKeyHandler.newWireSharkSslMasterKeyHandler());
          return ch;
        })

and later with ProtocolNegotiator:

final SslContext sslContext = GrpcSslContexts.configure(sslClientContextBuilder).build();
final io.grpc.netty.ProtocolNegotiator negotiator = ProtocolNegotiators.serverTls(sslContext);
builder.protocolNegotiator(tlsNegotiator(negotiator);

In the first case, the setting had no effect. In the second case, the server worked incorrectly (it stopped accepting connections, even without a handler, just with a negotiator wrapper).

What should be the proper implementation?

Contributor guide

Tech stack: java
Domain: backendapi
Issue type: feature
Difficulty: 4
Estimated time: 1-2 days
Activity status: needs maintainer response
Clarity: needs investigation
Prerequisites: Java programminggRPC basicsNetty SSL configuration
Newbie friendliness: 25
Research direction: Investigate the NettyServerBuilder class in io.grpc.netty to see if there is a public API to set an SslMasterKeyHandler. Examine the source of GrpcSslContexts and ProtocolNegotiators.serverTls to understand how SSL contexts are applied. Review the comments in the issue (especially maintainer responses) to identify the correct approach. Suggested files: NettyServerBuilder.java, ProtocolNegotiators.java, GrpcSslContexts.java.