public abstract class ReferenceCountedOpenSslContext extends SslContext implements ReferenceCounted
SslContext
which works with libraries that support the
OpenSsl C library API.
Instances of this class must be released
or else native memory will leak!
Instances of this class must not be released before any ReferenceCountedOpenSslEngine
which depends upon the instance of this class is released. Otherwise if any method of
ReferenceCountedOpenSslEngine
is called which uses this class's JNI resources the JVM may crash.
Modifier and Type | Field and Description |
---|---|
protected long |
ctx
The OpenSSL SSL_CTX object.
|
protected static int |
VERIFY_DEPTH |
Modifier and Type | Method and Description |
---|---|
ApplicationProtocolNegotiator |
applicationProtocolNegotiator()
Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
|
protected static java.security.cert.X509Certificate[] |
certificates(byte[][] chain) |
protected static javax.net.ssl.X509TrustManager |
chooseTrustManager(javax.net.ssl.TrustManager[] managers) |
protected static javax.net.ssl.X509KeyManager |
chooseX509KeyManager(javax.net.ssl.KeyManager[] kms) |
java.util.List<java.lang.String> |
cipherSuites()
Returns the list of enabled cipher suites, in the order of preference.
|
long |
context()
Deprecated.
this method is considered unsafe as the returned pointer may be released later. Dont use it!
|
int |
getBioNonApplicationBufferSize()
Returns the size of the buffer used by the BIO for non-application based writes
|
boolean |
getRejectRemoteInitiatedRenegotiation()
Deprecated.
|
boolean |
isClient()
Returns the
true if and only if this context is for client-side. |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc)
Returns a new server-side
SSLEngine with the current configuration. |
javax.net.ssl.SSLEngine |
newEngine(ByteBufAllocator alloc,
java.lang.String peerHost,
int peerPort)
Creates a new
SSLEngine using advisory peer information. |
protected SslHandler |
newHandler(ByteBufAllocator alloc,
boolean startTls)
Create a new SslHandler.
|
protected SslHandler |
newHandler(ByteBufAllocator alloc,
java.lang.String peerHost,
int peerPort,
boolean startTls)
Create a new SslHandler.
|
int |
refCnt()
Returns the reference count of this object.
|
boolean |
release()
Decreases the reference count by
1 and deallocates this object if the reference count reaches at
0 . |
boolean |
release(int decrement)
Decreases the reference count by the specified
decrement and deallocates this object if the reference
count reaches at 0 . |
ReferenceCounted |
retain()
Increases the reference count by
1 . |
ReferenceCounted |
retain(int increment)
Increases the reference count by the specified
increment . |
long |
sessionCacheSize()
Returns the size of the cache used for storing SSL session objects.
|
abstract OpenSslSessionContext |
sessionContext()
Returns the
SSLSessionContext object held by this context. |
long |
sessionTimeout()
Returns the timeout for the cached SSL session objects, in seconds.
|
void |
setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)
Set the size of the buffer used by the BIO for non-application based writes
(e.g. handshake, renegotiation, etc...).
|
void |
setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)
Deprecated.
|
void |
setTicketKeys(byte[] keys)
Deprecated.
|
long |
sslCtxPointer()
Deprecated.
this method is considered unsafe as the returned pointer may be released later. Dont use it!
|
OpenSslSessionStats |
stats()
Deprecated.
use
#sessionContext#stats() |
buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols
protected static final int VERIFY_DEPTH
protected long ctx
ctxLock
must be hold while using ctx!public final java.util.List<java.lang.String> cipherSuites()
SslContext
cipherSuites
in class SslContext
public final long sessionCacheSize()
SslContext
sessionCacheSize
in class SslContext
public final long sessionTimeout()
SslContext
sessionTimeout
in class SslContext
public ApplicationProtocolNegotiator applicationProtocolNegotiator()
SslContext
applicationProtocolNegotiator
in class SslContext
public final boolean isClient()
SslContext
true
if and only if this context is for client-side.isClient
in class SslContext
public final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc, java.lang.String peerHost, int peerPort)
SslContext
SSLEngine
using advisory peer information.
If SslProvider.OPENSSL_REFCNT
is used then the object must be released. One way to do this is to
wrap in a SslHandler
and insert it into a pipeline.
See SslContext.newHandler(ByteBufAllocator, String, int)
.
newEngine
in class SslContext
peerHost
- the non-authoritative name of the hostpeerPort
- the non-authoritative portSSLEngine
protected final SslHandler newHandler(ByteBufAllocator alloc, boolean startTls)
SslContext
newHandler
in class SslContext
SslContext.newHandler(ByteBufAllocator)
protected final SslHandler newHandler(ByteBufAllocator alloc, java.lang.String peerHost, int peerPort, boolean startTls)
SslContext
newHandler
in class SslContext
SslContext.newHandler(ByteBufAllocator, String, int, boolean)
public final javax.net.ssl.SSLEngine newEngine(ByteBufAllocator alloc)
SSLEngine
with the current configuration.newEngine
in class SslContext
SSLEngine
@Deprecated public final long context()
SSL_CTX
object for this ReferenceCountedOpenSslContext
.
Be aware that it is freed as soon as the Object.finalize()
method is called.
At this point 0
will be returned.@Deprecated public final OpenSslSessionStats stats()
#sessionContext#stats()
@Deprecated public void setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)
SSLHandshakeException
will be thrown during decoding.@Deprecated public boolean getRejectRemoteInitiatedRenegotiation()
true
because renegotiation is not supported.public void setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)
public int getBioNonApplicationBufferSize()
@Deprecated public final void setTicketKeys(byte[] keys)
OpenSslSessionContext.setTicketKeys(byte[])
public abstract OpenSslSessionContext sessionContext()
SslContext
SSLSessionContext
object held by this context.sessionContext
in class SslContext
@Deprecated public final long sslCtxPointer()
SSL_CTX
object for this ReferenceCountedOpenSslContext
.
Be aware that it is freed as soon as the release()
method is called.
At this point 0
will be returned.protected static java.security.cert.X509Certificate[] certificates(byte[][] chain)
protected static javax.net.ssl.X509TrustManager chooseTrustManager(javax.net.ssl.TrustManager[] managers)
protected static javax.net.ssl.X509KeyManager chooseX509KeyManager(javax.net.ssl.KeyManager[] kms)
public final int refCnt()
ReferenceCounted
0
, it means this object has been deallocated.refCnt
in interface ReferenceCounted
public final ReferenceCounted retain()
ReferenceCounted
1
.retain
in interface ReferenceCounted
public final ReferenceCounted retain(int increment)
ReferenceCounted
increment
.retain
in interface ReferenceCounted
public final boolean release()
ReferenceCounted
1
and deallocates this object if the reference count reaches at
0
.release
in interface ReferenceCounted
true
if and only if the reference count became 0
and this object has been deallocatedpublic final boolean release(int decrement)
ReferenceCounted
decrement
and deallocates this object if the reference
count reaches at 0
.release
in interface ReferenceCounted
true
if and only if the reference count became 0
and this object has been deallocatedCopyright © 2008–2018 The Netty Project. All rights reserved.