Module io.netty5.handler

Package io.netty5.handler.ssl

Class ReferenceCountedOpenSslContext

java.lang.Object

io.netty5.handler.ssl.SslContext

io.netty5.handler.ssl.ReferenceCountedOpenSslContext

All Implemented Interfaces:

ReferenceCounted

Direct Known Subclasses:

OpenSslContext, ReferenceCountedOpenSslClientContext, ReferenceCountedOpenSslServerContext

public abstract class ReferenceCountedOpenSslContext
extends SslContext
implements ReferenceCounted

An implementation of SslContext which works with libraries that support the OpenSsl C library API.

Instances of this class must be released or else native memory will leak!

Instances of this class must not be released before any ReferenceCountedOpenSslEngine which depends upon the instance of this class is released. Otherwise if any method of ReferenceCountedOpenSslEngine is called which uses this class's JNI resources the JVM may crash.

Field Summary

Fields

Modifier and Type	Field	Description
protected long	ctx	The OpenSSL SSL_CTX object.
protected static int	VERIFY_DEPTH

Method Summary

Modifier and Type	Method	Description
ApplicationProtocolNegotiator	applicationProtocolNegotiator()	Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
protected static X509Certificate[]	certificates(byte[][] chain)
protected static X509TrustManager	chooseTrustManager(TrustManager[] managers)
protected static X509KeyManager	chooseX509KeyManager(KeyManager[] kms)
List<String>	cipherSuites()	Returns the list of enabled cipher suites, in the order of preference.
long	context()	Deprecated. this method is considered unsafe as the returned pointer may be released later.
int	getBioNonApplicationBufferSize()	Returns the size of the buffer used by the BIO for non-application based writes
boolean	getRejectRemoteInitiatedRenegotiation()	Deprecated.
boolean	isClient()	Returns the true if and only if this context is for client-side.
SSLEngine	newEngine(BufferAllocator alloc)	Returns a new server-side SSLEngine with the current configuration.
SSLEngine	newEngine(BufferAllocator alloc, String peerHost, int peerPort)	Creates a new SSLEngine using advisory peer information.
protected SslHandler	newHandler(BufferAllocator alloc, boolean startTls)	Create a new SslHandler.
protected SslHandler	newHandler(BufferAllocator alloc, boolean startTls, Executor executor)	Create a new SslHandler.
protected SslHandler	newHandler(BufferAllocator alloc, String peerHost, int peerPort, boolean startTls)	Create a new SslHandler.
protected SslHandler	newHandler(BufferAllocator alloc, String peerHost, int peerPort, boolean startTls, Executor executor)
int	refCnt()	Returns the reference count of this object.
boolean	release()	Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.
boolean	release(int decrement)	Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.
ReferenceCounted	retain()	Increases the reference count by 1.
ReferenceCounted	retain(int increment)	Increases the reference count by the specified increment.
abstract OpenSslSessionContext	sessionContext()	Returns the SSLSessionContext object held by this context.
void	setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)	Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).
void	setPrivateKeyMethod(OpenSslPrivateKeyMethod method)	Deprecated. use SslContextBuilder.option(SslContextOption, Object) with OpenSslContextOption.PRIVATE_KEY_METHOD.
void	setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)	Deprecated.
void	setTicketKeys(byte[] keys)	Deprecated. use OpenSslSessionContext.setTicketKeys(byte[])
void	setUseTasks(boolean useTasks)	Deprecated. use SslContextBuilder.option(SslContextOption, Object) with OpenSslContextOption.USE_TASKS.
long	sslCtxPointer()	Deprecated. this method is considered unsafe as the returned pointer may be released later.
OpenSslSessionStats	stats()	Deprecated. use {@link #sessionContext#stats()}
ReferenceCounted	touch()	Records the current access location of this object for debugging purposes.
ReferenceCounted	touch(Object hint)	Records the current access location of this object with an additional arbitrary information for debugging purposes.

Methods inherited from class io.netty5.handler.ssl.SslContext

attributes, buildKeyManagerFactory, buildKeyStore, buildTrustManagerFactory, buildTrustManagerFactory, buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols, sessionCacheSize, sessionTimeout, toPrivateKey, toPrivateKey, toX509Certificates, toX509Certificates

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VERIFY_DEPTH

protected static final int VERIFY_DEPTH

See Also:

Constant Field Values

ctx

protected long ctx

The OpenSSL SSL_CTX object. ctxLock must be hold while using ctx!

Method Detail

cipherSuites

public final List<String> cipherSuites()

Description copied from class: SslContext

Returns the list of enabled cipher suites, in the order of preference.

Specified by:

cipherSuites in class SslContext

applicationProtocolNegotiator

public ApplicationProtocolNegotiator applicationProtocolNegotiator()

Description copied from class: SslContext

Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.

Specified by:

applicationProtocolNegotiator in class SslContext

isClient

public final boolean isClient()

Description copied from class: SslContext

Returns the true if and only if this context is for client-side.

Specified by:

isClient in class SslContext

newEngine

public final SSLEngine newEngine(BufferAllocator alloc,
                                 String peerHost,
                                 int peerPort)

Description copied from class: SslContext

Creates a new SSLEngine using advisory peer information.

If SslProvider.OPENSSL_REFCNT is used then the object must be released. One way to do this is to wrap in a SslHandler and insert it into a pipeline. See SslContext.newHandler(BufferAllocator, String, int).

Specified by:

newEngine in class SslContext

peerHost - the non-authoritative name of the host

peerPort - the non-authoritative port

Returns:

a new SSLEngine

newHandler

protected final SslHandler newHandler(BufferAllocator alloc,
                                      boolean startTls)

Description copied from class: SslContext

Create a new SslHandler.

Overrides:

newHandler in class SslContext

See Also:

SslContext.newHandler(BufferAllocator)

newHandler

protected final SslHandler newHandler(BufferAllocator alloc,
                                      String peerHost,
                                      int peerPort,
                                      boolean startTls)

Description copied from class: SslContext

Create a new SslHandler.

Overrides:

newHandler in class SslContext

See Also:

SslContext.newHandler(BufferAllocator, String, int, boolean, Executor)

newHandler

protected SslHandler newHandler(BufferAllocator alloc,
                                boolean startTls,
                                Executor executor)

Description copied from class: SslContext

Create a new SslHandler.

Overrides:

newHandler in class SslContext

See Also:

SslContext.newHandler(BufferAllocator, String, int, boolean, Executor)

newHandler

protected SslHandler newHandler(BufferAllocator alloc,
                                String peerHost,
                                int peerPort,
                                boolean startTls,
                                Executor executor)

Overrides:

newHandler in class SslContext

newEngine

public final SSLEngine newEngine(BufferAllocator alloc)

Returns a new server-side SSLEngine with the current configuration.

Specified by:

newEngine in class SslContext

Returns:

a new SSLEngine

context

@Deprecated
public final long context()

Deprecated.

this method is considered unsafe as the returned pointer may be released later. Dont use it!

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the Object.finalize() method is called. At this point 0 will be returned.

stats

@Deprecated
public final OpenSslSessionStats stats()

Deprecated.

use {@link #sessionContext#stats()}

Returns the stats of this context.

setRejectRemoteInitiatedRenegotiation

@Deprecated
public void setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)

Deprecated.

{@deprecated Renegotiation is not supported} Specify if remote initiated renegotiation is supported or not. If not supported and the remote side tries to initiate a renegotiation a SSLHandshakeException will be thrown during decoding.

getRejectRemoteInitiatedRenegotiation

@Deprecated
public boolean getRejectRemoteInitiatedRenegotiation()

Deprecated.

{@deprecated Renegotiation is not supported}

Returns:

true because renegotiation is not supported.

setBioNonApplicationBufferSize

public void setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)

Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).

getBioNonApplicationBufferSize

public int getBioNonApplicationBufferSize()

Returns the size of the buffer used by the BIO for non-application based writes

setTicketKeys

@Deprecated
public final void setTicketKeys(byte[] keys)

Deprecated.

use OpenSslSessionContext.setTicketKeys(byte[])

Sets the SSL session ticket keys of this context.

sessionContext

public abstract OpenSslSessionContext sessionContext()

Description copied from class: SslContext

Returns the SSLSessionContext object held by this context.

Specified by:

sessionContext in class SslContext

sslCtxPointer

@Deprecated
public final long sslCtxPointer()

Deprecated.

this method is considered unsafe as the returned pointer may be released later. Dont use it!

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the release() method is called. At this point 0 will be returned.

setPrivateKeyMethod

@Deprecated
@UnstableApi
public final void setPrivateKeyMethod(OpenSslPrivateKeyMethod method)

Deprecated.

use SslContextBuilder.option(SslContextOption, Object) with OpenSslContextOption.PRIVATE_KEY_METHOD.

Set the OpenSslPrivateKeyMethod to use. This allows to offload private-key operations if needed. This method is currently only supported when BoringSSL is used.

Parameters:

method - method to use.

setUseTasks

@Deprecated
public final void setUseTasks(boolean useTasks)

Deprecated.

use SslContextBuilder.option(SslContextOption, Object) with OpenSslContextOption.USE_TASKS.

certificates

protected static X509Certificate[] certificates(byte[][] chain)

chooseTrustManager

protected static X509TrustManager chooseTrustManager(TrustManager[] managers)

chooseX509KeyManager

protected static X509KeyManager chooseX509KeyManager(KeyManager[] kms)

refCnt

public final int refCnt()

Description copied from interface: ReferenceCounted

Returns the reference count of this object. If 0, it means this object has been deallocated.

Specified by:

refCnt in interface ReferenceCounted

retain

public final ReferenceCounted retain()

Description copied from interface: ReferenceCounted

Increases the reference count by 1.

Specified by:

retain in interface ReferenceCounted

retain

public final ReferenceCounted retain(int increment)

Description copied from interface: ReferenceCounted

Increases the reference count by the specified increment.

Specified by:

retain in interface ReferenceCounted

touch

public final ReferenceCounted touch()

Description copied from interface: ReferenceCounted

Records the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector. This method is a shortcut to touch(null).

Specified by:

touch in interface ReferenceCounted

touch

public final ReferenceCounted touch(Object hint)

Description copied from interface: ReferenceCounted

Records the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector.

Specified by:

touch in interface ReferenceCounted

release

public final boolean release()

Description copied from interface: ReferenceCounted

Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated

release

public final boolean release(int decrement)

Description copied from interface: ReferenceCounted

Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated