Package io.netty.handler.ssl
Class ReferenceCountedOpenSslEngine
- java.lang.Object
-
- javax.net.ssl.SSLEngine
-
- io.netty.handler.ssl.ReferenceCountedOpenSslEngine
-
- All Implemented Interfaces:
ReferenceCounted
- Direct Known Subclasses:
OpenSslEngine
public class ReferenceCountedOpenSslEngine extends javax.net.ssl.SSLEngine implements ReferenceCounted
Implements aSSLEngine
using OpenSSL BIO abstractions.Instances of this class must be
released
or else native memory will leak!Instances of this class must be released before the
ReferenceCountedOpenSslContext
the instance depends upon are released. Otherwise if any method of this class is called which uses the theReferenceCountedOpenSslContext
JNI resources the JVM may crash.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
beginHandshake()
void
closeInbound()
void
closeOutbound()
java.lang.String
getApplicationProtocol()
java.lang.Runnable
getDelegatedTask()
java.lang.String[]
getEnabledCipherSuites()
java.lang.String[]
getEnabledProtocols()
boolean
getEnableSessionCreation()
java.lang.String
getHandshakeApplicationProtocol()
javax.net.ssl.SSLSession
getHandshakeSession()
javax.net.ssl.SSLEngineResult.HandshakeStatus
getHandshakeStatus()
boolean
getNeedClientAuth()
java.lang.String
getNegotiatedApplicationProtocol()
byte[]
getOcspResponse()
Returns the OCSP response ornull
if the server didn't provide a stapled OCSP response.javax.net.ssl.SSLSession
getSession()
javax.net.ssl.SSLParameters
getSSLParameters()
java.lang.String[]
getSupportedCipherSuites()
java.lang.String[]
getSupportedProtocols()
boolean
getUseClientMode()
boolean
getWantClientAuth()
boolean
isInboundDone()
boolean
isOutboundDone()
int
refCnt()
Returns the reference count of this object.boolean
release()
Decreases the reference count by1
and deallocates this object if the reference count reaches at0
.boolean
release(int decrement)
Decreases the reference count by the specifieddecrement
and deallocates this object if the reference count reaches at0
.ReferenceCounted
retain()
Increases the reference count by1
.ReferenceCounted
retain(int increment)
Increases the reference count by the specifiedincrement
.void
setEnabledCipherSuites(java.lang.String[] cipherSuites)
void
setEnabledProtocols(java.lang.String[] protocols)
TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.void
setEnableSessionCreation(boolean b)
void
setNeedClientAuth(boolean b)
void
setOcspResponse(byte[] response)
Sets the OCSP response.void
setSSLParameters(javax.net.ssl.SSLParameters sslParameters)
void
setUseClientMode(boolean clientMode)
void
setVerify(int verifyMode, int depth)
See SSL_set_verify andSSL.setVerify(long, int, int)
.void
setWantClientAuth(boolean b)
void
shutdown()
Destroys this engine.long
sslPointer()
Returns the pointer to theSSL
object for thisReferenceCountedOpenSslEngine
.ReferenceCounted
touch()
Records the current access location of this object for debugging purposes.ReferenceCounted
touch(java.lang.Object hint)
Records the current access location of this object with an additional arbitrary information for debugging purposes.javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer[] dsts, int dstsOffset, int dstsLength)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer[] srcs, java.nio.ByteBuffer[] dsts)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts)
javax.net.ssl.SSLEngineResult
unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts, int offset, int length)
javax.net.ssl.SSLEngineResult
wrap(java.nio.ByteBuffer[] srcs, int offset, int length, java.nio.ByteBuffer dst)
javax.net.ssl.SSLEngineResult
wrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst)
-
-
-
Method Detail
-
setOcspResponse
@UnstableApi public void setOcspResponse(byte[] response)
Sets the OCSP response.
-
getOcspResponse
@UnstableApi public byte[] getOcspResponse()
Returns the OCSP response ornull
if the server didn't provide a stapled OCSP response.
-
refCnt
public final int refCnt()
Description copied from interface:ReferenceCounted
Returns the reference count of this object. If0
, it means this object has been deallocated.- Specified by:
refCnt
in interfaceReferenceCounted
-
retain
public final ReferenceCounted retain()
Description copied from interface:ReferenceCounted
Increases the reference count by1
.- Specified by:
retain
in interfaceReferenceCounted
-
retain
public final ReferenceCounted retain(int increment)
Description copied from interface:ReferenceCounted
Increases the reference count by the specifiedincrement
.- Specified by:
retain
in interfaceReferenceCounted
-
touch
public final ReferenceCounted touch()
Description copied from interface:ReferenceCounted
Records the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector
. This method is a shortcut totouch(null)
.- Specified by:
touch
in interfaceReferenceCounted
-
touch
public final ReferenceCounted touch(java.lang.Object hint)
Description copied from interface:ReferenceCounted
Records the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector
.- Specified by:
touch
in interfaceReferenceCounted
-
release
public final boolean release()
Description copied from interface:ReferenceCounted
Decreases the reference count by1
and deallocates this object if the reference count reaches at0
.- Specified by:
release
in interfaceReferenceCounted
- Returns:
true
if and only if the reference count became0
and this object has been deallocated
-
release
public final boolean release(int decrement)
Description copied from interface:ReferenceCounted
Decreases the reference count by the specifieddecrement
and deallocates this object if the reference count reaches at0
.- Specified by:
release
in interfaceReferenceCounted
- Returns:
true
if and only if the reference count became0
and this object has been deallocated
-
getApplicationProtocol
public java.lang.String getApplicationProtocol()
- Overrides:
getApplicationProtocol
in classjavax.net.ssl.SSLEngine
-
getHandshakeApplicationProtocol
public java.lang.String getHandshakeApplicationProtocol()
- Overrides:
getHandshakeApplicationProtocol
in classjavax.net.ssl.SSLEngine
-
getHandshakeSession
public final javax.net.ssl.SSLSession getHandshakeSession()
- Overrides:
getHandshakeSession
in classjavax.net.ssl.SSLEngine
-
sslPointer
public final long sslPointer()
Returns the pointer to theSSL
object for thisReferenceCountedOpenSslEngine
. Be aware that it is freed as soon as therelease()
orshutdown()
methods are called. At this point0
will be returned.
-
shutdown
public final void shutdown()
Destroys this engine.
-
wrap
public final javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer[] srcs, int offset, int length, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Specified by:
wrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
public final javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer[] srcs, int srcsOffset, int srcsLength, java.nio.ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
unwrap
public final javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer[] srcs, java.nio.ByteBuffer[] dsts) throws javax.net.ssl.SSLException
- Throws:
javax.net.ssl.SSLException
-
unwrap
public final javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts, int offset, int length) throws javax.net.ssl.SSLException
- Specified by:
unwrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
wrap
public final javax.net.ssl.SSLEngineResult wrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Overrides:
wrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
public final javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer dst) throws javax.net.ssl.SSLException
- Overrides:
unwrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
unwrap
public final javax.net.ssl.SSLEngineResult unwrap(java.nio.ByteBuffer src, java.nio.ByteBuffer[] dsts) throws javax.net.ssl.SSLException
- Overrides:
unwrap
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
getDelegatedTask
public final java.lang.Runnable getDelegatedTask()
- Specified by:
getDelegatedTask
in classjavax.net.ssl.SSLEngine
-
closeInbound
public final void closeInbound() throws javax.net.ssl.SSLException
- Specified by:
closeInbound
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
isInboundDone
public final boolean isInboundDone()
- Specified by:
isInboundDone
in classjavax.net.ssl.SSLEngine
-
closeOutbound
public final void closeOutbound()
- Specified by:
closeOutbound
in classjavax.net.ssl.SSLEngine
-
isOutboundDone
public final boolean isOutboundDone()
- Specified by:
isOutboundDone
in classjavax.net.ssl.SSLEngine
-
getSupportedCipherSuites
public final java.lang.String[] getSupportedCipherSuites()
- Specified by:
getSupportedCipherSuites
in classjavax.net.ssl.SSLEngine
-
getEnabledCipherSuites
public final java.lang.String[] getEnabledCipherSuites()
- Specified by:
getEnabledCipherSuites
in classjavax.net.ssl.SSLEngine
-
setEnabledCipherSuites
public final void setEnabledCipherSuites(java.lang.String[] cipherSuites)
- Specified by:
setEnabledCipherSuites
in classjavax.net.ssl.SSLEngine
-
getSupportedProtocols
public final java.lang.String[] getSupportedProtocols()
- Specified by:
getSupportedProtocols
in classjavax.net.ssl.SSLEngine
-
getEnabledProtocols
public final java.lang.String[] getEnabledProtocols()
- Specified by:
getEnabledProtocols
in classjavax.net.ssl.SSLEngine
-
setEnabledProtocols
public final void setEnabledProtocols(java.lang.String[] protocols)
TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.- Specified by:
setEnabledProtocols
in classjavax.net.ssl.SSLEngine
-
getSession
public final javax.net.ssl.SSLSession getSession()
- Specified by:
getSession
in classjavax.net.ssl.SSLEngine
-
beginHandshake
public final void beginHandshake() throws javax.net.ssl.SSLException
- Specified by:
beginHandshake
in classjavax.net.ssl.SSLEngine
- Throws:
javax.net.ssl.SSLException
-
getHandshakeStatus
public final javax.net.ssl.SSLEngineResult.HandshakeStatus getHandshakeStatus()
- Specified by:
getHandshakeStatus
in classjavax.net.ssl.SSLEngine
-
setUseClientMode
public final void setUseClientMode(boolean clientMode)
- Specified by:
setUseClientMode
in classjavax.net.ssl.SSLEngine
-
getUseClientMode
public final boolean getUseClientMode()
- Specified by:
getUseClientMode
in classjavax.net.ssl.SSLEngine
-
setNeedClientAuth
public final void setNeedClientAuth(boolean b)
- Specified by:
setNeedClientAuth
in classjavax.net.ssl.SSLEngine
-
getNeedClientAuth
public final boolean getNeedClientAuth()
- Specified by:
getNeedClientAuth
in classjavax.net.ssl.SSLEngine
-
setWantClientAuth
public final void setWantClientAuth(boolean b)
- Specified by:
setWantClientAuth
in classjavax.net.ssl.SSLEngine
-
getWantClientAuth
public final boolean getWantClientAuth()
- Specified by:
getWantClientAuth
in classjavax.net.ssl.SSLEngine
-
setVerify
@UnstableApi public final void setVerify(int verifyMode, int depth)
See SSL_set_verify andSSL.setVerify(long, int, int)
.
-
setEnableSessionCreation
public final void setEnableSessionCreation(boolean b)
- Specified by:
setEnableSessionCreation
in classjavax.net.ssl.SSLEngine
-
getEnableSessionCreation
public final boolean getEnableSessionCreation()
- Specified by:
getEnableSessionCreation
in classjavax.net.ssl.SSLEngine
-
getSSLParameters
public final javax.net.ssl.SSLParameters getSSLParameters()
- Overrides:
getSSLParameters
in classjavax.net.ssl.SSLEngine
-
setSSLParameters
public final void setSSLParameters(javax.net.ssl.SSLParameters sslParameters)
- Overrides:
setSSLParameters
in classjavax.net.ssl.SSLEngine
-
getNegotiatedApplicationProtocol
public java.lang.String getNegotiatedApplicationProtocol()
-
-