Module io.netty5.handler

Package io.netty5.handler.ssl

Class ReferenceCountedOpenSslEngine

java.lang.Object

javax.net.ssl.SSLEngine

io.netty5.handler.ssl.ReferenceCountedOpenSslEngine

All Implemented Interfaces:

io.netty.util.ReferenceCounted, io.netty5.util.ReferenceCounted

Direct Known Subclasses:

OpenSslEngine

public class ReferenceCountedOpenSslEngine
extends SSLEngine
implements io.netty5.util.ReferenceCounted

Implements a SSLEngine using OpenSSL BIO abstractions.

Instances of this class must be released or else native memory will leak!

Instances of this class must be released before the ReferenceCountedOpenSslContext the instance depends upon are released. Otherwise if any method of this class is called which uses the the ReferenceCountedOpenSslContext JNI resources the JVM may crash.

Method Summary

Modifier and Type	Method	Description
void	beginHandshake()
void	closeInbound()
void	closeOutbound()
String	getApplicationProtocol()
Runnable	getDelegatedTask()
String[]	getEnabledCipherSuites()
String[]	getEnabledProtocols()
boolean	getEnableSessionCreation()
String	getHandshakeApplicationProtocol()
SSLSession	getHandshakeSession()
SSLEngineResult.HandshakeStatus	getHandshakeStatus()
boolean	getNeedClientAuth()
String	getNegotiatedApplicationProtocol()
byte[]	getOcspResponse()	Returns the OCSP response or null if the server didn't provide a stapled OCSP response.
SSLSession	getSession()
SSLParameters	getSSLParameters()
String[]	getSupportedCipherSuites()
String[]	getSupportedProtocols()
boolean	getUseClientMode()
boolean	getWantClientAuth()
boolean	isInboundDone()
boolean	isOutboundDone()
int	refCnt()
boolean	release()
boolean	release(int decrement)
io.netty5.util.ReferenceCounted	retain()
io.netty5.util.ReferenceCounted	retain(int increment)
void	setEnabledCipherSuites(String[] cipherSuites)
void	setEnabledProtocols(String[] protocols)	TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.
void	setEnableSessionCreation(boolean b)
void	setNeedClientAuth(boolean b)
void	setOcspResponse(byte[] response)	Sets the OCSP response.
void	setSSLParameters(SSLParameters sslParameters)
void	setUseClientMode(boolean clientMode)
void	setVerify(int verifyMode, int depth)	See SSL_set_verify and SSL.setVerify(long, int, int).
void	setWantClientAuth(boolean b)
void	shutdown()	Destroys this engine.
long	sslPointer()	Returns the pointer to the SSL object for this ReferenceCountedOpenSslEngine.
io.netty5.util.ReferenceCounted	touch()
io.netty5.util.ReferenceCounted	touch(Object hint)
SSLEngineResult	unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength)
SSLEngineResult	unwrap(ByteBuffer[] srcs, ByteBuffer[] dsts)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer dst)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts)
SSLEngineResult	unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length)
SSLEngineResult	wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst)
SSLEngineResult	wrap(ByteBuffer src, ByteBuffer dst)

Methods inherited from class javax.net.ssl.SSLEngine

getHandshakeApplicationProtocolSelector, getPeerHost, getPeerPort, setHandshakeApplicationProtocolSelector, wrap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setOcspResponse

@UnstableApi
public void setOcspResponse(byte[] response)

Sets the OCSP response.

getOcspResponse

@UnstableApi
public byte[] getOcspResponse()

Returns the OCSP response or null if the server didn't provide a stapled OCSP response.

refCnt

public final int refCnt()

Specified by:

refCnt in interface io.netty.util.ReferenceCounted

Specified by:

refCnt in interface io.netty5.util.ReferenceCounted

retain

public final io.netty5.util.ReferenceCounted retain()

Specified by:

retain in interface io.netty.util.ReferenceCounted

Specified by:

retain in interface io.netty5.util.ReferenceCounted

retain

public final io.netty5.util.ReferenceCounted retain(int increment)

Specified by:

retain in interface io.netty.util.ReferenceCounted

Specified by:

retain in interface io.netty5.util.ReferenceCounted

touch

public final io.netty5.util.ReferenceCounted touch()

Specified by:

touch in interface io.netty.util.ReferenceCounted

Specified by:

touch in interface io.netty5.util.ReferenceCounted

touch

public final io.netty5.util.ReferenceCounted touch(Object hint)

Specified by:

touch in interface io.netty.util.ReferenceCounted

Specified by:

touch in interface io.netty5.util.ReferenceCounted

release

public final boolean release()

Specified by:

release in interface io.netty.util.ReferenceCounted

Specified by:

release in interface io.netty5.util.ReferenceCounted

release

public final boolean release(int decrement)

Specified by:

release in interface io.netty.util.ReferenceCounted

Specified by:

release in interface io.netty5.util.ReferenceCounted

getApplicationProtocol

public String getApplicationProtocol()

Overrides:

getApplicationProtocol in class SSLEngine

getHandshakeApplicationProtocol

public String getHandshakeApplicationProtocol()

Overrides:

getHandshakeApplicationProtocol in class SSLEngine

getHandshakeSession

public final SSLSession getHandshakeSession()

Overrides:

getHandshakeSession in class SSLEngine

sslPointer

public final long sslPointer()

Returns the pointer to the SSL object for this ReferenceCountedOpenSslEngine. Be aware that it is freed as soon as the release() or shutdown() methods are called. At this point 0 will be returned.

shutdown

public final void shutdown()

Destroys this engine.

wrap

public final SSLEngineResult wrap(ByteBuffer[] srcs,
                                  int offset,
                                  int length,
                                  ByteBuffer dst)
                           throws SSLException

Specified by:

wrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer[] srcs,
                                    int srcsOffset,
                                    int srcsLength,
                                    ByteBuffer[] dsts,
                                    int dstsOffset,
                                    int dstsLength)
                             throws SSLException

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer[] srcs,
                                    ByteBuffer[] dsts)
                             throws SSLException

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer[] dsts,
                                    int offset,
                                    int length)
                             throws SSLException

Specified by:

unwrap in class SSLEngine

Throws:

SSLException

wrap

public final SSLEngineResult wrap(ByteBuffer src,
                                  ByteBuffer dst)
                           throws SSLException

Overrides:

wrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer dst)
                             throws SSLException

Overrides:

unwrap in class SSLEngine

Throws:

SSLException

unwrap

public final SSLEngineResult unwrap(ByteBuffer src,
                                    ByteBuffer[] dsts)
                             throws SSLException

Overrides:

unwrap in class SSLEngine

Throws:

SSLException

getDelegatedTask

public final Runnable getDelegatedTask()

Specified by:

getDelegatedTask in class SSLEngine

closeInbound

public final void closeInbound()
                        throws SSLException

Specified by:

closeInbound in class SSLEngine

Throws:

SSLException

isInboundDone

public final boolean isInboundDone()

Specified by:

isInboundDone in class SSLEngine

closeOutbound

public final void closeOutbound()

Specified by:

closeOutbound in class SSLEngine

isOutboundDone

public final boolean isOutboundDone()

Specified by:

isOutboundDone in class SSLEngine

getSupportedCipherSuites

public final String[] getSupportedCipherSuites()

Specified by:

getSupportedCipherSuites in class SSLEngine

getEnabledCipherSuites

public final String[] getEnabledCipherSuites()

Specified by:

getEnabledCipherSuites in class SSLEngine

setEnabledCipherSuites

public final void setEnabledCipherSuites(String[] cipherSuites)

Specified by:

setEnabledCipherSuites in class SSLEngine

getSupportedProtocols

public final String[] getSupportedProtocols()

Specified by:

getSupportedProtocols in class SSLEngine

getEnabledProtocols

public final String[] getEnabledProtocols()

Specified by:

getEnabledProtocols in class SSLEngine

setEnabledProtocols

public final void setEnabledProtocols(String[] protocols)

TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.

Specified by:

setEnabledProtocols in class SSLEngine

getSession

public final SSLSession getSession()

Specified by:

getSession in class SSLEngine

beginHandshake

public final void beginHandshake()
                          throws SSLException

Specified by:

beginHandshake in class SSLEngine

Throws:

SSLException

getHandshakeStatus

public final SSLEngineResult.HandshakeStatus getHandshakeStatus()

Specified by:

getHandshakeStatus in class SSLEngine

setUseClientMode

public final void setUseClientMode(boolean clientMode)

Specified by:

setUseClientMode in class SSLEngine

getUseClientMode

public final boolean getUseClientMode()

Specified by:

getUseClientMode in class SSLEngine

setNeedClientAuth

public final void setNeedClientAuth(boolean b)

Specified by:

setNeedClientAuth in class SSLEngine

getNeedClientAuth

public final boolean getNeedClientAuth()

Specified by:

getNeedClientAuth in class SSLEngine

setWantClientAuth

public final void setWantClientAuth(boolean b)

Specified by:

setWantClientAuth in class SSLEngine

getWantClientAuth

public final boolean getWantClientAuth()

Specified by:

getWantClientAuth in class SSLEngine

setVerify

@UnstableApi
public final void setVerify(int verifyMode,
                            int depth)

See SSL_set_verify and SSL.setVerify(long, int, int).

setEnableSessionCreation

public final void setEnableSessionCreation(boolean b)

Specified by:

setEnableSessionCreation in class SSLEngine

getEnableSessionCreation

public final boolean getEnableSessionCreation()

Specified by:

getEnableSessionCreation in class SSLEngine

getSSLParameters

public final SSLParameters getSSLParameters()

Overrides:

getSSLParameters in class SSLEngine

setSSLParameters

public final void setSSLParameters(SSLParameters sslParameters)

Overrides:

setSSLParameters in class SSLEngine

getNegotiatedApplicationProtocol

public String getNegotiatedApplicationProtocol()