You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dubbo.apache.org by al...@apache.org on 2021/08/11 04:23:55 UTC
[dubbo] branch 2.6.x updated: backport hessian protocol change from
2.7 (#8432)
This is an automated email from the ASF dual-hosted git repository.
albumenj pushed a commit to branch 2.6.x
in repository https://gitbox.apache.org/repos/asf/dubbo.git
The following commit(s) were added to refs/heads/2.6.x by this push:
new 86b5e00 backport hessian protocol change from 2.7 (#8432)
86b5e00 is described below
commit 86b5e00ba2d0399ac53ce1ca57b85d7c94ad3794
Author: ken.lj <ke...@gmail.com>
AuthorDate: Wed Aug 11 12:23:38 2021 +0800
backport hessian protocol change from 2.7 (#8432)
* backport hessian protocol change from 2.7
* add spi configuration
---
dependencies-bom/pom.xml | 2 +-
.../rpc/protocol/hessian/HessianProtocol.java | 5 ++-
.../AbstractHessian2FactoryInitializer.java | 36 +++++++++++++++
.../DefaultHessian2FactoryInitializer.java | 26 +++++++++++
.../serialization/Hessian2FactoryInitializer.java | 25 +++++++++++
.../hessian/serialization/Hessian2FactoryUtil.java | 36 +++++++++++++++
.../WhitelistHessian2FactoryInitializer.java | 52 ++++++++++++++++++++++
...essian.serialization.Hessian2FactoryInitializer | 2 +
8 files changed, 181 insertions(+), 3 deletions(-)
diff --git a/dependencies-bom/pom.xml b/dependencies-bom/pom.xml
index 0e91323..95a45d5 100644
--- a/dependencies-bom/pom.xml
+++ b/dependencies-bom/pom.xml
@@ -102,7 +102,7 @@
<xmemcached_version>1.3.6</xmemcached_version>
<cxf_version>3.1.15</cxf_version>
<thrift_version>0.8.0</thrift_version>
- <hessian_version>4.0.38</hessian_version>
+ <hessian_version>4.0.51</hessian_version>
<servlet_version>3.1.0</servlet_version>
<jetty_version>6.1.26</jetty_version>
<validation_version>1.1.0.Final</validation_version>
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/HessianProtocol.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/HessianProtocol.java
index b0e4a82..d9004fa 100644
--- a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/HessianProtocol.java
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/HessianProtocol.java
@@ -24,7 +24,7 @@ import com.alibaba.dubbo.remoting.http.HttpServer;
import com.alibaba.dubbo.rpc.RpcContext;
import com.alibaba.dubbo.rpc.RpcException;
import com.alibaba.dubbo.rpc.protocol.AbstractProxyProtocol;
-
+import com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryUtil;
import com.alibaba.dubbo.rpc.service.GenericService;
import com.alibaba.dubbo.rpc.support.ProtocolUtils;
import com.caucho.hessian.HessianException;
@@ -122,6 +122,7 @@ public class HessianProtocol extends AbstractProxyProtocol {
int timeout = url.getParameter(Constants.TIMEOUT_KEY, Constants.DEFAULT_TIMEOUT);
hessianProxyFactory.setConnectTimeout(timeout);
hessianProxyFactory.setReadTimeout(timeout);
+ hessianProxyFactory.setSerializerFactory(Hessian2FactoryUtil.getInstance().getSerializerFactory());
return (T) hessianProxyFactory.create(serviceType, url.setProtocol("http").toJavaURL(), Thread.currentThread().getContextClassLoader());
}
@@ -181,7 +182,7 @@ public class HessianProtocol extends AbstractProxyProtocol {
}
try {
- skeleton.invoke(request.getInputStream(), response.getOutputStream());
+ skeleton.invoke(request.getInputStream(), response.getOutputStream(), Hessian2FactoryUtil.getInstance().getSerializerFactory());
} catch (Throwable e) {
throw new ServletException(e);
}
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/AbstractHessian2FactoryInitializer.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/AbstractHessian2FactoryInitializer.java
new file mode 100644
index 0000000..96c4497
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/AbstractHessian2FactoryInitializer.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.alibaba.dubbo.rpc.protocol.hessian.serialization;
+
+import com.caucho.hessian.io.SerializerFactory;
+
+public abstract class AbstractHessian2FactoryInitializer implements Hessian2FactoryInitializer {
+ private static SerializerFactory SERIALIZER_FACTORY;
+
+ @Override
+ public SerializerFactory getSerializerFactory() {
+ if (SERIALIZER_FACTORY != null) {
+ return SERIALIZER_FACTORY;
+ }
+ synchronized (this) {
+ SERIALIZER_FACTORY = createSerializerFactory();
+ }
+ return SERIALIZER_FACTORY;
+ }
+
+ protected abstract SerializerFactory createSerializerFactory();
+}
\ No newline at end of file
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/DefaultHessian2FactoryInitializer.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/DefaultHessian2FactoryInitializer.java
new file mode 100644
index 0000000..fdcf726
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/DefaultHessian2FactoryInitializer.java
@@ -0,0 +1,26 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.alibaba.dubbo.rpc.protocol.hessian.serialization;
+
+import com.caucho.hessian.io.SerializerFactory;
+
+public class DefaultHessian2FactoryInitializer extends AbstractHessian2FactoryInitializer {
+ @Override
+ protected SerializerFactory createSerializerFactory() {
+ return new SerializerFactory();
+ }
+}
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryInitializer.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryInitializer.java
new file mode 100644
index 0000000..96f2f8b
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryInitializer.java
@@ -0,0 +1,25 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.alibaba.dubbo.rpc.protocol.hessian.serialization;
+
+import com.alibaba.dubbo.common.extension.SPI;
+import com.caucho.hessian.io.SerializerFactory;
+
+@SPI("default")
+public interface Hessian2FactoryInitializer {
+ SerializerFactory getSerializerFactory();
+}
\ No newline at end of file
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryUtil.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryUtil.java
new file mode 100644
index 0000000..c5673aa
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/Hessian2FactoryUtil.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.alibaba.dubbo.rpc.protocol.hessian.serialization;
+
+import com.alibaba.dubbo.common.extension.ExtensionLoader;
+import com.alibaba.dubbo.common.utils.ConfigUtils;
+import com.alibaba.dubbo.common.utils.StringUtils;
+
+public class Hessian2FactoryUtil {
+ static String WHITELIST = "dubbo.application.hessian2.whitelist";
+ static String ALLOW = "dubbo.application.hessian2.allow";
+ static String DENY = "dubbo.application.hessian2.deny";
+ static ExtensionLoader<Hessian2FactoryInitializer> loader = ExtensionLoader.getExtensionLoader(Hessian2FactoryInitializer.class);
+
+ public static Hessian2FactoryInitializer getInstance() {
+ String whitelist = ConfigUtils.getProperty(WHITELIST);
+ if (StringUtils.isNotEmpty(whitelist)) {
+ return loader.getExtension("whitelist");
+ }
+ return loader.getDefaultExtension();
+ }
+}
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/WhitelistHessian2FactoryInitializer.java b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/WhitelistHessian2FactoryInitializer.java
new file mode 100644
index 0000000..eec2928
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/java/com/alibaba/dubbo/rpc/protocol/hessian/serialization/WhitelistHessian2FactoryInitializer.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.alibaba.dubbo.rpc.protocol.hessian.serialization;
+
+import com.alibaba.dubbo.common.utils.ConfigUtils;
+import com.alibaba.dubbo.common.utils.StringUtils;
+import com.caucho.hessian.io.SerializerFactory;
+
+import static com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryUtil.ALLOW;
+import static com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryUtil.DENY;
+import static com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryUtil.WHITELIST;
+
+/**
+ * see https://github.com/ebourg/hessian/commit/cf851f5131707891e723f7f6a9718c2461aed826
+ */
+public class WhitelistHessian2FactoryInitializer extends AbstractHessian2FactoryInitializer {
+
+ @Override
+ public SerializerFactory createSerializerFactory() {
+ SerializerFactory serializerFactory = new SerializerFactory();
+ String whiteList = ConfigUtils.getProperty(WHITELIST);
+ if ("true".equals(whiteList)) {
+ serializerFactory.getClassFactory().setWhitelist(true);
+ String allowPattern = ConfigUtils.getProperty(ALLOW);
+ if (StringUtils.isNotEmpty(allowPattern)) {
+ serializerFactory.getClassFactory().allow(allowPattern);
+ }
+ } else {
+ serializerFactory.getClassFactory().setWhitelist(false);
+ String denyPattern = ConfigUtils.getProperty(DENY);
+ if (StringUtils.isNotEmpty(denyPattern)) {
+ serializerFactory.getClassFactory().deny(denyPattern);
+ }
+ }
+ return serializerFactory;
+ }
+
+}
diff --git a/dubbo-rpc/dubbo-rpc-hessian/src/main/resources/META-INF/dubbo/internal/com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryInitializer b/dubbo-rpc/dubbo-rpc-hessian/src/main/resources/META-INF/dubbo/internal/com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryInitializer
new file mode 100644
index 0000000..4796b5c
--- /dev/null
+++ b/dubbo-rpc/dubbo-rpc-hessian/src/main/resources/META-INF/dubbo/internal/com.alibaba.dubbo.rpc.protocol.hessian.serialization.Hessian2FactoryInitializer
@@ -0,0 +1,2 @@
+default=com.alibaba.dubbo.rpc.protocol.hessian.serialization.DefaultHessian2FactoryInitializer
+whitelist=com.alibaba.dubbo.rpc.protocol.hessian.serialization.WhitelistHessian2FactoryInitializer
\ No newline at end of file