Class ReferenceCountedOpenSslEngine
java.lang.Object
javax.net.ssl.SSLEngine
io.netty.handler.ssl.ReferenceCountedOpenSslEngine
- All Implemented Interfaces:
ReferenceCounted
- Direct Known Subclasses:
OpenSslEngine
Implements a
SSLEngine using
OpenSSL BIO abstractions.
Instances of this class must be released or else native memory will leak!
Instances of this class must be released before the ReferenceCountedOpenSslContext
the instance depends upon are released. Otherwise if any method of this class is called which uses the
the ReferenceCountedOpenSslContext JNI resources the JVM may crash.
-
Method Summary
Modifier and TypeMethodDescriptionfinal voidfinal voidfinal voidfinal Runnablefinal String[]final String[]final booleanfinal SSLSessionfinal booleanbyte[]Returns the OCSP response ornullif the server didn't provide a stapled OCSP response.final SSLSessionfinal SSLParametersfinal String[]final String[]final booleanfinal booleanfinal booleanfinal booleanfinal intrefCnt()Returns the reference count of this object.final booleanrelease()Decreases the reference count by1and deallocates this object if the reference count reaches at0.final booleanrelease(int decrement) Decreases the reference count by the specifieddecrementand deallocates this object if the reference count reaches at0.final ReferenceCountedretain()Increases the reference count by1.final ReferenceCountedretain(int increment) Increases the reference count by the specifiedincrement.final voidsetEnabledCipherSuites(String[] cipherSuites) final voidsetEnabledProtocols(String[] protocols) TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.final voidsetEnableSessionCreation(boolean b) final voidsetNeedClientAuth(boolean b) voidsetOcspResponse(byte[] response) Sets the OCSP response.final voidsetSSLParameters(SSLParameters sslParameters) final voidsetUseClientMode(boolean clientMode) final voidsetVerify(int verifyMode, int depth) See SSL_set_verify andSSL.setVerify(long, int, int).final voidsetWantClientAuth(boolean b) final voidshutdown()Destroys this engine.final longReturns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine.final ReferenceCountedtouch()Records the current access location of this object for debugging purposes.final ReferenceCountedRecords the current access location of this object with an additional arbitrary information for debugging purposes.final SSLEngineResultunwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) final SSLEngineResultunwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer dst) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) final SSLEngineResultwrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) final SSLEngineResultwrap(ByteBuffer src, ByteBuffer dst) Methods inherited from class SSLEngine
getHandshakeApplicationProtocolSelector, getPeerHost, getPeerPort, setHandshakeApplicationProtocolSelector, wrap
-
Method Details
-
setOcspResponse
Sets the OCSP response. -
getOcspResponse
Returns the OCSP response ornullif the server didn't provide a stapled OCSP response. -
refCnt
public final int refCnt()Description copied from interface:ReferenceCountedReturns the reference count of this object. If0, it means this object has been deallocated.- Specified by:
refCntin interfaceReferenceCounted
-
retain
Description copied from interface:ReferenceCountedIncreases the reference count by1.- Specified by:
retainin interfaceReferenceCounted
-
retain
Description copied from interface:ReferenceCountedIncreases the reference count by the specifiedincrement.- Specified by:
retainin interfaceReferenceCounted
-
touch
Description copied from interface:ReferenceCountedRecords the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector. This method is a shortcut totouch(null).- Specified by:
touchin interfaceReferenceCounted
-
touch
Description copied from interface:ReferenceCountedRecords the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector.- Specified by:
touchin interfaceReferenceCounted
-
release
public final boolean release()Description copied from interface:ReferenceCountedDecreases the reference count by1and deallocates this object if the reference count reaches at0.- Specified by:
releasein interfaceReferenceCounted- Returns:
trueif and only if the reference count became0and this object has been deallocated
-
release
public final boolean release(int decrement) Description copied from interface:ReferenceCountedDecreases the reference count by the specifieddecrementand deallocates this object if the reference count reaches at0.- Specified by:
releasein interfaceReferenceCounted- Returns:
trueif and only if the reference count became0and this object has been deallocated
-
getApplicationProtocol
- Overrides:
getApplicationProtocolin classSSLEngine
-
getHandshakeApplicationProtocol
- Overrides:
getHandshakeApplicationProtocolin classSSLEngine
-
getHandshakeSession
- Overrides:
getHandshakeSessionin classSSLEngine
-
sslPointer
public final long sslPointer()Returns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine. Be aware that it is freed as soon as therelease()orshutdown()methods are called. At this point0will be returned. -
shutdown
public final void shutdown()Destroys this engine. -
wrap
public final SSLEngineResult wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) throws SSLException - Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException - Throws:
SSLException
-
unwrap
- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException - Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
getDelegatedTask
- Specified by:
getDelegatedTaskin classSSLEngine
-
closeInbound
- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
isInboundDone
public final boolean isInboundDone()- Specified by:
isInboundDonein classSSLEngine
-
closeOutbound
public final void closeOutbound()- Specified by:
closeOutboundin classSSLEngine
-
isOutboundDone
public final boolean isOutboundDone()- Specified by:
isOutboundDonein classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocolsin classSSLEngine
-
setEnabledProtocols
TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.- Specified by:
setEnabledProtocolsin classSSLEngine
-
getSession
- Specified by:
getSessionin classSSLEngine
-
beginHandshake
- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
getHandshakeStatus
- Specified by:
getHandshakeStatusin classSSLEngine
-
setUseClientMode
public final void setUseClientMode(boolean clientMode) - Specified by:
setUseClientModein classSSLEngine
-
getUseClientMode
public final boolean getUseClientMode()- Specified by:
getUseClientModein classSSLEngine
-
setNeedClientAuth
public final void setNeedClientAuth(boolean b) - Specified by:
setNeedClientAuthin classSSLEngine
-
getNeedClientAuth
public final boolean getNeedClientAuth()- Specified by:
getNeedClientAuthin classSSLEngine
-
setWantClientAuth
public final void setWantClientAuth(boolean b) - Specified by:
setWantClientAuthin classSSLEngine
-
getWantClientAuth
public final boolean getWantClientAuth()- Specified by:
getWantClientAuthin classSSLEngine
-
setVerify
See SSL_set_verify andSSL.setVerify(long, int, int). -
setEnableSessionCreation
public final void setEnableSessionCreation(boolean b) - Specified by:
setEnableSessionCreationin classSSLEngine
-
getEnableSessionCreation
public final boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreationin classSSLEngine
-
getSSLParameters
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParametersin classSSLEngine
-
getNegotiatedApplicationProtocol
-