okhttp3

Class ConnectionSpec

java.lang.Object

okhttp3.ConnectionSpec

public final class ConnectionSpec
extends Object

Specifies configuration for the socket connection that HTTP traffic travels through. For https: URLs, this includes the TLS version and cipher suites to use when negotiating a secure connection.

The TLS versions configured in a connection spec are only be used if they are also enabled in the SSL socket. For example, if an SSL socket does not have TLS 1.3 enabled, it will not be used even if it is present on the connection spec. The same policy also applies to cipher suites.

Use ConnectionSpec.Builder.allEnabledTlsVersions() and ConnectionSpec.Builder.allEnabledCipherSuites() to defer all feature selection to the underlying SSL socket.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ConnectionSpec.Builder

Field Summary

Fields

Modifier and Type	Field and Description
static ConnectionSpec	CLEARTEXT Unencrypted, unauthenticated connections for http: URLs.
static ConnectionSpec	COMPATIBLE_TLS A backwards-compatible fallback connection for interop with obsolete servers.
static ConnectionSpec	MODERN_TLS A modern TLS connection with extensions like SNI and ALPN available.
static ConnectionSpec	RESTRICTED_TLS A secure TLS connection assuming a modern client platform and server.

Method Summary

Modifier and Type	Method and Description
List<CipherSuite>	cipherSuites() Returns the cipher suites to use for a connection.
boolean	equals(Object other)
int	hashCode()
boolean	isCompatible(SSLSocket socket) Returns true if the socket, as currently configured, supports this connection spec.
boolean	isTls()
boolean	supportsTlsExtensions()
List<TlsVersion>	tlsVersions() Returns the TLS versions to use when negotiating a connection.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

RESTRICTED_TLS

public static final ConnectionSpec RESTRICTED_TLS

A secure TLS connection assuming a modern client platform and server.

MODERN_TLS

public static final ConnectionSpec MODERN_TLS

A modern TLS connection with extensions like SNI and ALPN available.

COMPATIBLE_TLS

public static final ConnectionSpec COMPATIBLE_TLS

A backwards-compatible fallback connection for interop with obsolete servers.

CLEARTEXT

public static final ConnectionSpec CLEARTEXT

Unencrypted, unauthenticated connections for http: URLs.

Method Detail

isTls

public boolean isTls()

cipherSuites

@Nullable
public List<CipherSuite> cipherSuites()

Returns the cipher suites to use for a connection. Returns null if all of the SSL socket's enabled cipher suites should be used.

tlsVersions

@Nullable
public List<TlsVersion> tlsVersions()

Returns the TLS versions to use when negotiating a connection. Returns null if all of the SSL socket's enabled TLS versions should be used.

supportsTlsExtensions

public boolean supportsTlsExtensions()

isCompatible

public boolean isCompatible(SSLSocket socket)

Returns true if the socket, as currently configured, supports this connection spec. In order for a socket to be compatible the enabled cipher suites and protocols must intersect.

For cipher suites, at least one of the required cipher suites must match the socket's enabled cipher suites. If there are no required cipher suites the socket must have at least one cipher suite enabled.

For protocols, at least one of the required protocols must match the socket's enabled protocols.

equals

public boolean equals(@Nullable
                      Object other)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

toString

public String toString()

Overrides:

toString in class Object