Package io.netty5.handler.ssl
Class ReferenceCountedOpenSslEngine
- java.lang.Object
-
- javax.net.ssl.SSLEngine
-
- io.netty5.handler.ssl.ReferenceCountedOpenSslEngine
-
- All Implemented Interfaces:
io.netty5.util.ReferenceCounted
- Direct Known Subclasses:
OpenSslEngine
public class ReferenceCountedOpenSslEngine extends SSLEngine implements io.netty5.util.ReferenceCounted
Implements aSSLEngineusing OpenSSL BIO abstractions.Instances of this class must be
releasedor else native memory will leak!Instances of this class must be released before the
ReferenceCountedOpenSslContextthe instance depends upon are released. Otherwise if any method of this class is called which uses the theReferenceCountedOpenSslContextJNI resources the JVM may crash.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidbeginHandshake()voidcloseInbound()voidcloseOutbound()StringgetApplicationProtocol()RunnablegetDelegatedTask()String[]getEnabledCipherSuites()String[]getEnabledProtocols()booleangetEnableSessionCreation()StringgetHandshakeApplicationProtocol()SSLSessiongetHandshakeSession()SSLEngineResult.HandshakeStatusgetHandshakeStatus()booleangetNeedClientAuth()StringgetNegotiatedApplicationProtocol()byte[]getOcspResponse()Returns the OCSP response ornullif the server didn't provide a stapled OCSP response.SSLSessiongetSession()SSLParametersgetSSLParameters()String[]getSupportedCipherSuites()String[]getSupportedProtocols()booleangetUseClientMode()booleangetWantClientAuth()booleanisInboundDone()booleanisOutboundDone()intrefCnt()booleanrelease()booleanrelease(int decrement)io.netty5.util.ReferenceCountedretain()io.netty5.util.ReferenceCountedretain(int increment)voidsetEnabledCipherSuites(String[] cipherSuites)voidsetEnabledProtocols(String[] protocols)TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.voidsetEnableSessionCreation(boolean b)voidsetNeedClientAuth(boolean b)voidsetOcspResponse(byte[] response)Sets the OCSP response.voidsetSSLParameters(SSLParameters sslParameters)voidsetUseClientMode(boolean clientMode)voidsetVerify(int verifyMode, int depth)See SSL_set_verify andSSL.setVerify(long, int, int).voidsetWantClientAuth(boolean b)voidshutdown()Destroys this engine.longsslPointer()Returns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine.io.netty5.util.ReferenceCountedtouch()io.netty5.util.ReferenceCountedtouch(Object hint)SSLEngineResultunwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength)SSLEngineResultunwrap(ByteBuffer[] srcs, ByteBuffer[] dsts)SSLEngineResultunwrap(ByteBuffer src, ByteBuffer dst)SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts)SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length)SSLEngineResultwrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst)SSLEngineResultwrap(ByteBuffer src, ByteBuffer dst)-
Methods inherited from class javax.net.ssl.SSLEngine
getHandshakeApplicationProtocolSelector, getPeerHost, getPeerPort, setHandshakeApplicationProtocolSelector, wrap
-
-
-
-
Method Detail
-
setOcspResponse
@UnstableApi public void setOcspResponse(byte[] response)
Sets the OCSP response.
-
getOcspResponse
@UnstableApi public byte[] getOcspResponse()
Returns the OCSP response ornullif the server didn't provide a stapled OCSP response.
-
refCnt
public final int refCnt()
- Specified by:
refCntin interfaceio.netty5.util.ReferenceCounted
-
retain
public final io.netty5.util.ReferenceCounted retain()
- Specified by:
retainin interfaceio.netty5.util.ReferenceCounted
-
retain
public final io.netty5.util.ReferenceCounted retain(int increment)
- Specified by:
retainin interfaceio.netty5.util.ReferenceCounted
-
touch
public final io.netty5.util.ReferenceCounted touch()
- Specified by:
touchin interfaceio.netty5.util.ReferenceCounted
-
touch
public final io.netty5.util.ReferenceCounted touch(Object hint)
- Specified by:
touchin interfaceio.netty5.util.ReferenceCounted
-
release
public final boolean release()
- Specified by:
releasein interfaceio.netty5.util.ReferenceCounted
-
release
public final boolean release(int decrement)
- Specified by:
releasein interfaceio.netty5.util.ReferenceCounted
-
getApplicationProtocol
public String getApplicationProtocol()
- Overrides:
getApplicationProtocolin classSSLEngine
-
getHandshakeApplicationProtocol
public String getHandshakeApplicationProtocol()
- Overrides:
getHandshakeApplicationProtocolin classSSLEngine
-
getHandshakeSession
public final SSLSession getHandshakeSession()
- Overrides:
getHandshakeSessionin classSSLEngine
-
sslPointer
public final long sslPointer()
Returns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine. Be aware that it is freed as soon as therelease()orshutdown()methods are called. At this point0will be returned.
-
shutdown
public final void shutdown()
Destroys this engine.
-
wrap
public final SSLEngineResult wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) throws SSLException
- Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException
- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) throws SSLException
- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException
- Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
wrap
public final SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
getDelegatedTask
public final Runnable getDelegatedTask()
- Specified by:
getDelegatedTaskin classSSLEngine
-
closeInbound
public final void closeInbound() throws SSLException- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
isInboundDone
public final boolean isInboundDone()
- Specified by:
isInboundDonein classSSLEngine
-
closeOutbound
public final void closeOutbound()
- Specified by:
closeOutboundin classSSLEngine
-
isOutboundDone
public final boolean isOutboundDone()
- Specified by:
isOutboundDonein classSSLEngine
-
getSupportedCipherSuites
public final String[] getSupportedCipherSuites()
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getEnabledCipherSuites
public final String[] getEnabledCipherSuites()
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
setEnabledCipherSuites
public final void setEnabledCipherSuites(String[] cipherSuites)
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
getSupportedProtocols
public final String[] getSupportedProtocols()
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getEnabledProtocols
public final String[] getEnabledProtocols()
- Specified by:
getEnabledProtocolsin classSSLEngine
-
setEnabledProtocols
public final void setEnabledProtocols(String[] protocols)
TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.- Specified by:
setEnabledProtocolsin classSSLEngine
-
getSession
public final SSLSession getSession()
- Specified by:
getSessionin classSSLEngine
-
beginHandshake
public final void beginHandshake() throws SSLException- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
getHandshakeStatus
public final SSLEngineResult.HandshakeStatus getHandshakeStatus()
- Specified by:
getHandshakeStatusin classSSLEngine
-
setUseClientMode
public final void setUseClientMode(boolean clientMode)
- Specified by:
setUseClientModein classSSLEngine
-
getUseClientMode
public final boolean getUseClientMode()
- Specified by:
getUseClientModein classSSLEngine
-
setNeedClientAuth
public final void setNeedClientAuth(boolean b)
- Specified by:
setNeedClientAuthin classSSLEngine
-
getNeedClientAuth
public final boolean getNeedClientAuth()
- Specified by:
getNeedClientAuthin classSSLEngine
-
setWantClientAuth
public final void setWantClientAuth(boolean b)
- Specified by:
setWantClientAuthin classSSLEngine
-
getWantClientAuth
public final boolean getWantClientAuth()
- Specified by:
getWantClientAuthin classSSLEngine
-
setVerify
@UnstableApi public final void setVerify(int verifyMode, int depth)See SSL_set_verify andSSL.setVerify(long, int, int).
-
setEnableSessionCreation
public final void setEnableSessionCreation(boolean b)
- Specified by:
setEnableSessionCreationin classSSLEngine
-
getEnableSessionCreation
public final boolean getEnableSessionCreation()
- Specified by:
getEnableSessionCreationin classSSLEngine
-
getSSLParameters
public final SSLParameters getSSLParameters()
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
public final void setSSLParameters(SSLParameters sslParameters)
- Overrides:
setSSLParametersin classSSLEngine
-
getNegotiatedApplicationProtocol
public String getNegotiatedApplicationProtocol()
-
-