NettyGrpcServer -- configure ALPN

Before this change the following exception was thrown when trying to
launch the chaincode server with TLS enabled:

java.lang.IllegalArgumentException: ALPN must be enabled and list HTTP/2 as a supported protocol.
	at com.google.common.base.Preconditions.checkArgument(Preconditions.java:142)
	at io.grpc.netty.shaded.io.grpc.netty.GrpcSslContexts.ensureAlpnAndH2Enabled(GrpcSslContexts.java:260)
	at io.grpc.netty.shaded.io.grpc.netty.NettyServerBuilder.sslContext(NettyServerBuilder.java:300)
	at org.hyperledger.fabric.shim.NettyGrpcServer.<init>(NettyGrpcServer.java:60)
	at org.hyperledger.fabric.shim.NettyChaincodeServer.<init>(NettyChaincodeServer.java:27)
	at org.hyperledger.fabric.shim.NettyGrpcServerTest.startAndStopTlsWithoutPassword(NettyGrpcServerTest.java:321)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

Signed-off-by: Fedor Tokarev <[email protected]>

Author: ftokarev

fabric-chaincode-shim/src/main/java/org/hyperledger/fabric/shim/NettyGrpcServer.java

@@ -9,6 +9,8 @@
 
 import io.grpc.Server;
 import io.grpc.netty.shaded.io.grpc.netty.NettyServerBuilder;
+import io.grpc.netty.shaded.io.netty.handler.ssl.ApplicationProtocolConfig;
+import io.grpc.netty.shaded.io.netty.handler.ssl.ApplicationProtocolNames;
 import io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -56,11 +58,21 @@ public NettyGrpcServer(final ChaincodeBase chaincodeBase, final ChaincodeServerP
             final File keyCertChainFile = Paths.get(chaincodeServerProperties.getKeyCertChainFile()).toFile();
             final File keyFile = Paths.get(chaincodeServerProperties.getKeyFile()).toFile();
 
+            SslContextBuilder sslContextBuilder;
             if (chaincodeServerProperties.getKeyPassword() == null || chaincodeServerProperties.getKeyPassword().isEmpty()) {
-                serverBuilder.sslContext(SslContextBuilder.forServer(keyCertChainFile, keyFile).build());
+                sslContextBuilder = SslContextBuilder.forServer(keyCertChainFile, keyFile);
             } else {
-                serverBuilder.sslContext(SslContextBuilder.forServer(keyCertChainFile, keyFile, chaincodeServerProperties.getKeyPassword()).build());
+                sslContextBuilder = SslContextBuilder.forServer(keyCertChainFile, keyFile, chaincodeServerProperties.getKeyPassword());
             }
+
+            ApplicationProtocolConfig apn = new ApplicationProtocolConfig(
+                    ApplicationProtocolConfig.Protocol.ALPN,
+                    ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
+                    ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
+                    ApplicationProtocolNames.HTTP_2);
+            sslContextBuilder.applicationProtocolConfig(apn);
+
+            serverBuilder.sslContext(sslContextBuilder.build());
         }
 
         logger.info("<<<<<<<<<<<<<chaincodeServerProperties>>>>>>>>>>>>:\n");