Module io.netty5.handler

Package io.netty5.handler.ssl

Class ReferenceCountedOpenSslEngine

java.lang.Object

javax.net.ssl.SSLEngine

io.netty5.handler.ssl.ReferenceCountedOpenSslEngine

All Implemented Interfaces:

ReferenceCounted

Direct Known Subclasses:

OpenSslEngine

public class ReferenceCountedOpenSslEngine
extends SSLEngine
implements ReferenceCounted

Implements a SSLEngine using OpenSSL BIO abstractions.

Instances of this class must be released or else native memory will leak!

Instances of this class must be released before the ReferenceCountedOpenSslContext the instance depends upon are released. Otherwise if any method of this class is called which uses the the ReferenceCountedOpenSslContext JNI resources the JVM may crash.

Method Summary

Modifier and Type	Method	Description
void	beginHandshake()
void	closeInbound()
void	closeOutbound()
String	getApplicationProtocol()
Runnable	getDelegatedTask()
String[]	getEnabledCipherSuites()
String[]	getEnabledProtocols()
boolean	getEnableSessionCreation()
String	getHandshakeApplicationProtocol()
SSLSession	getHandshakeSession()
SSLEngineResult.HandshakeStatus	getHandshakeStatus()
boolean	getNeedClientAuth()
String	getNegotiatedApplicationProtocol()
byte[]	getOcspResponse()	Returns the OCSP response or null if the server didn't provide a stapled OCSP response.
SSLSession	getSession()
SSLParameters	getSSLParameters()
String[]	getSupportedCipherSuites()
String[]	getSupportedProtocols()
boolean	getUseClientMode()
boolean	getWantClientAuth()
boolean	isInboundDone()
boolean	isOutboundDone()
int	refCnt()	Returns the reference count of this object.
boolean	release()	Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.
boolean	release(int decrement)	Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.
ReferenceCounted	retain()	Increases the reference count by 1.
ReferenceCounted	retain(int increment)	Increases the reference count by the specified increment.
void	setEnabledCipherSuites(String[] cipherSuites)
void	setEnabledProtocols(String[] protocols)	TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.
void	setEnableSessionCreation(boolean b)
void	setNeedClientAuth(boolean b)
void	setOcspResponse(byte[] response)	Sets the OCSP response.
void	setSSLParameters(SSLParameters sslParameters)
void	setUseClientMode(boolean clientMode)
void	setVerify(int verifyMode, int depth)	See SSL_set_verify and SSL.setVerify(long, int, int).
void	setWantClientAuth(boolean b)
void	shutdown()	Destroys this engine.
long	sslPointer()	Returns the pointer to the SSL object for this ReferenceCountedOpenSslEngine.
ReferenceCounted	touch()	Records the current access location of this object for debugging purposes.
ReferenceCounted	touch(Object hint)	Records the current access location of this object with an additional arbitrary information for debugging purposes.
SSLEngineResult	unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength)
SSLEngineResult	unwrap(ByteBuffer[] srcs, ByteBuffer[] dsts)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer dst)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length)
SSLEngineResult	wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst)
SSLEngineResult	wrap(ByteBuffer src, ByteBuffer dst)

Methods inherited from class javax.net.ssl.SSLEngine

getHandshakeApplicationProtocolSelector, getPeerHost, getPeerPort, setHandshakeApplicationProtocolSelector, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setOcspResponse

@UnstableApi
public void setOcspResponse(byte[] response)

Sets the OCSP response.

getOcspResponse

@UnstableApi
public byte[] getOcspResponse()

Returns the OCSP response or null if the server didn't provide a stapled OCSP response.

refCnt

public final int refCnt()

Description copied from interface: ReferenceCounted

Returns the reference count of this object. If 0, it means this object has been deallocated.

Specified by:

refCnt in interface ReferenceCounted

retain

public final ReferenceCounted retain()

Description copied from interface: ReferenceCounted

Increases the reference count by 1.

Specified by:

retain in interface ReferenceCounted

retain

public final ReferenceCounted retain(int increment)

Description copied from interface: ReferenceCounted

Increases the reference count by the specified increment.

Specified by:

retain in interface ReferenceCounted

touch

public final ReferenceCounted touch()

Description copied from interface: ReferenceCounted

Records the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector. This method is a shortcut to touch(null).

Specified by:

touch in interface ReferenceCounted

touch

public final ReferenceCounted touch(Object hint)

Description copied from interface: ReferenceCounted

Records the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector.

Specified by:

touch in interface ReferenceCounted

release

public final boolean release()

Description copied from interface: ReferenceCounted

Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated

release

public final boolean release(int decrement)

Description copied from interface: ReferenceCounted

Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated

getApplicationProtocol

public String getApplicationProtocol()

Overrides:

getApplicationProtocol in class SSLEngine

getHandshakeApplicationProtocol

public String getHandshakeApplicationProtocol()

Overrides:

getHandshakeApplicationProtocol in class SSLEngine

getHandshakeSession

public final SSLSession getHandshakeSession()

Overrides:

getHandshakeSession in class SSLEngine

sslPointer

public final long sslPointer()

Returns the pointer to the SSL object for this ReferenceCountedOpenSslEngine. Be aware that it is freed as soon as the release() or shutdown() methods are called. At this point 0 will be returned.

shutdown

public final void shutdown()

Destroys this engine.

wrap

public final SSLEngineResult wrap(ByteBuffer[] srcs,
                                  int offset,
                                  int length,
                                  ByteBuffer dst)
                           throws SSLException

Specified by:

wrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer[] srcs,
                                    int srcsOffset,
                                    int srcsLength,
                                    ByteBuffer[] dsts,
                                    int dstsOffset,
                                    int dstsLength)
                             throws SSLException

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer[] srcs,
                                    ByteBuffer[] dsts)
                             throws SSLException

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer[] dsts,
                                    int offset,
                                    int length)
                             throws SSLException

Specified by:

unwrap in class SSLEngine

Throws:

SSLException

wrap

public final SSLEngineResult wrap(ByteBuffer src,
                                  ByteBuffer dst)
                           throws SSLException

Overrides:

wrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer dst)
                             throws SSLException

Overrides:

unwrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer[] dsts)
                             throws SSLException

Overrides:

unwrap in class SSLEngine

Throws:

SSLException

getDelegatedTask

public final Runnable getDelegatedTask()

Specified by:

getDelegatedTask in class SSLEngine

closeInbound

public final void closeInbound()
                        throws SSLException

Specified by:

closeInbound in class SSLEngine

Throws:

SSLException

isInboundDone

public final boolean isInboundDone()

Specified by:

isInboundDone in class SSLEngine

closeOutbound

public final void closeOutbound()

Specified by:

closeOutbound in class SSLEngine

isOutboundDone

public final boolean isOutboundDone()

Specified by:

isOutboundDone in class SSLEngine

getSupportedCipherSuites

public final String[] getSupportedCipherSuites()

Specified by:

getSupportedCipherSuites in class SSLEngine

getEnabledCipherSuites

public final String[] getEnabledCipherSuites()

Specified by:

getEnabledCipherSuites in class SSLEngine

setEnabledCipherSuites

public final void setEnabledCipherSuites(String[] cipherSuites)

Specified by:

setEnabledCipherSuites in class SSLEngine

getSupportedProtocols

public final String[] getSupportedProtocols()

Specified by:

getSupportedProtocols in class SSLEngine

getEnabledProtocols

public final String[] getEnabledProtocols()

Specified by:

getEnabledProtocols in class SSLEngine

setEnabledProtocols

public final void setEnabledProtocols(String[] protocols)

TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.

Specified by:

setEnabledProtocols in class SSLEngine

getSession

public final SSLSession getSession()

Specified by:

getSession in class SSLEngine

beginHandshake

public final void beginHandshake()
                          throws SSLException

Specified by:

beginHandshake in class SSLEngine

Throws:

SSLException

getHandshakeStatus

public final SSLEngineResult.HandshakeStatus getHandshakeStatus()

Specified by:

getHandshakeStatus in class SSLEngine

setUseClientMode

public final void setUseClientMode(boolean clientMode)

Specified by:

setUseClientMode in class SSLEngine

getUseClientMode

public final boolean getUseClientMode()

Specified by:

getUseClientMode in class SSLEngine

setNeedClientAuth

public final void setNeedClientAuth(boolean b)

Specified by:

setNeedClientAuth in class SSLEngine

getNeedClientAuth

public final boolean getNeedClientAuth()

Specified by:

getNeedClientAuth in class SSLEngine

setWantClientAuth

public final void setWantClientAuth(boolean b)

Specified by:

setWantClientAuth in class SSLEngine

getWantClientAuth

public final boolean getWantClientAuth()

Specified by:

getWantClientAuth in class SSLEngine

setVerify

@UnstableApi
public final void setVerify(int verifyMode,
                            int depth)

See SSL_set_verify and SSL.setVerify(long, int, int).

setEnableSessionCreation

public final void setEnableSessionCreation(boolean b)

Specified by:

setEnableSessionCreation in class SSLEngine

getEnableSessionCreation

public final boolean getEnableSessionCreation()

Specified by:

getEnableSessionCreation in class SSLEngine

getSSLParameters

public final SSLParameters getSSLParameters()

Overrides:

getSSLParameters in class SSLEngine

setSSLParameters

public final void setSSLParameters(SSLParameters sslParameters)

Overrides:

setSSLParameters in class SSLEngine

getNegotiatedApplicationProtocol

public String getNegotiatedApplicationProtocol()