io.netty.handler.ssl

Class ReferenceCountedOpenSslContext

java.lang.Object

io.netty.handler.ssl.SslContext

io.netty.handler.ssl.ReferenceCountedOpenSslContext

All Implemented Interfaces:

io.netty.util.ReferenceCounted

Direct Known Subclasses:

OpenSslContext, ReferenceCountedOpenSslClientContext, ReferenceCountedOpenSslServerContext

public abstract class ReferenceCountedOpenSslContext
extends SslContext
implements io.netty.util.ReferenceCounted

An implementation of SslContext which works with libraries that support the OpenSsl C library API.

Instances of this class must be released or else native memory will leak!

Instances of this class must not be released before any ReferenceCountedOpenSslEngine which depends upon the instance of this class is released. Otherwise if any method of ReferenceCountedOpenSslEngine is called which uses this class's JNI resources the JVM may crash.

Field Summary

Fields

Modifier and Type	Field and Description
protected long	ctx The OpenSSL SSL_CTX object.
protected static int	VERIFY_DEPTH

Method Summary

Modifier and Type	Method and Description
ApplicationProtocolNegotiator	applicationProtocolNegotiator() Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
protected static X509Certificate[]	certificates(byte[][] chain)
protected static X509TrustManager	chooseTrustManager(TrustManager[] managers)
protected static X509KeyManager	chooseX509KeyManager(KeyManager[] kms)
List<String>	cipherSuites() Returns the list of enabled cipher suites, in the order of preference.
long	context() Deprecated. this method is considered unsafe as the returned pointer may be released later. Dont use it!
int	getBioNonApplicationBufferSize() Returns the size of the buffer used by the BIO for non-application based writes
boolean	getRejectRemoteInitiatedRenegotiation() Deprecated.
boolean	isClient() Returns the true if and only if this context is for client-side.
SSLEngine	newEngine(io.netty.buffer.ByteBufAllocator alloc) Returns a new server-side SSLEngine with the current configuration.
SSLEngine	newEngine(io.netty.buffer.ByteBufAllocator alloc, String peerHost, int peerPort) Creates a new SSLEngine using advisory peer information.
protected SslHandler	newHandler(io.netty.buffer.ByteBufAllocator alloc, boolean startTls) Create a new SslHandler.
protected SslHandler	newHandler(io.netty.buffer.ByteBufAllocator alloc, String peerHost, int peerPort, boolean startTls) Create a new SslHandler.
int	refCnt()
boolean	release()
boolean	release(int decrement)
io.netty.util.ReferenceCounted	retain()
io.netty.util.ReferenceCounted	retain(int increment)
long	sessionCacheSize() Returns the size of the cache used for storing SSL session objects.
abstract OpenSslSessionContext	sessionContext() Returns the SSLSessionContext object held by this context.
long	sessionTimeout() Returns the timeout for the cached SSL session objects, in seconds.
void	setBioNonApplicationBufferSize(int bioNonApplicationBufferSize) Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).
void	setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation) Deprecated.
void	setTicketKeys(byte[] keys) Deprecated. use OpenSslSessionContext.setTicketKeys(byte[])
long	sslCtxPointer() Deprecated. this method is considered unsafe as the returned pointer may be released later. Dont use it!
OpenSslSessionStats	stats() Deprecated. use #sessionContext#stats()
io.netty.util.ReferenceCounted	touch()
io.netty.util.ReferenceCounted	touch(Object hint)

Methods inherited from class io.netty.handler.ssl.SslContext

buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VERIFY_DEPTH

protected static final int VERIFY_DEPTH

See Also:

Constant Field Values

ctx

protected long ctx

The OpenSSL SSL_CTX object. ctxLock must be hold while using ctx!

Method Detail

cipherSuites

public final List<String> cipherSuites()

Description copied from class: SslContext

Returns the list of enabled cipher suites, in the order of preference.

Specified by:

cipherSuites in class SslContext

sessionCacheSize

public final long sessionCacheSize()

Description copied from class: SslContext

Returns the size of the cache used for storing SSL session objects.

Specified by:

sessionCacheSize in class SslContext

sessionTimeout

public final long sessionTimeout()

Description copied from class: SslContext

Returns the timeout for the cached SSL session objects, in seconds.

Specified by:

sessionTimeout in class SslContext

applicationProtocolNegotiator

public ApplicationProtocolNegotiator applicationProtocolNegotiator()

Description copied from class: SslContext

Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.

Specified by:

applicationProtocolNegotiator in class SslContext

isClient

public final boolean isClient()

Description copied from class: SslContext

Returns the true if and only if this context is for client-side.

Specified by:

isClient in class SslContext

newEngine

public final SSLEngine newEngine(io.netty.buffer.ByteBufAllocator alloc,
                                 String peerHost,
                                 int peerPort)

Description copied from class: SslContext

Creates a new SSLEngine using advisory peer information.

If SslProvider.OPENSSL_REFCNT is used then the object must be released. One way to do this is to wrap in a SslHandler and insert it into a pipeline. See SslContext.newHandler(ByteBufAllocator, String, int).

Specified by:

newEngine in class SslContext

peerHost - the non-authoritative name of the host

peerPort - the non-authoritative port

Returns:

a new SSLEngine

newHandler

protected final SslHandler newHandler(io.netty.buffer.ByteBufAllocator alloc,
                                      boolean startTls)

Description copied from class: SslContext

Create a new SslHandler.

Overrides:

newHandler in class SslContext

See Also:

SslContext.newHandler(ByteBufAllocator)

newHandler

protected final SslHandler newHandler(io.netty.buffer.ByteBufAllocator alloc,
                                      String peerHost,
                                      int peerPort,
                                      boolean startTls)

Description copied from class: SslContext

Create a new SslHandler.

Overrides:

newHandler in class SslContext

See Also:

SslContext.newHandler(ByteBufAllocator, String, int, boolean)

newEngine

public final SSLEngine newEngine(io.netty.buffer.ByteBufAllocator alloc)

Returns a new server-side SSLEngine with the current configuration.

Specified by:

newEngine in class SslContext

Returns:

a new SSLEngine

context

@Deprecated
public final long context()

Deprecated. this method is considered unsafe as the returned pointer may be released later. Dont use it!

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the Object.finalize() method is called. At this point 0 will be returned.

stats

@Deprecated
public final OpenSslSessionStats stats()

Deprecated. use #sessionContext#stats()

Returns the stats of this context.

setRejectRemoteInitiatedRenegotiation

@Deprecated
public void setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)

Deprecated.

Specify if remote initiated renegotiation is supported or not. If not supported and the remote side tries to initiate a renegotiation a SSLHandshakeException will be thrown during decoding.

getRejectRemoteInitiatedRenegotiation

@Deprecated
public boolean getRejectRemoteInitiatedRenegotiation()

Deprecated.

Returns:

true because renegotiation is not supported.

setBioNonApplicationBufferSize

public void setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)

Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).

getBioNonApplicationBufferSize

public int getBioNonApplicationBufferSize()

Returns the size of the buffer used by the BIO for non-application based writes

setTicketKeys

@Deprecated
public final void setTicketKeys(byte[] keys)

Deprecated. use OpenSslSessionContext.setTicketKeys(byte[])

Sets the SSL session ticket keys of this context.

sessionContext

public abstract OpenSslSessionContext sessionContext()

Description copied from class: SslContext

Returns the SSLSessionContext object held by this context.

Specified by:

sessionContext in class SslContext

sslCtxPointer

@Deprecated
public final long sslCtxPointer()

Deprecated. this method is considered unsafe as the returned pointer may be released later. Dont use it!

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the release() method is called. At this point 0 will be returned.

certificates

protected static X509Certificate[] certificates(byte[][] chain)

chooseTrustManager

protected static X509TrustManager chooseTrustManager(TrustManager[] managers)

chooseX509KeyManager

protected static X509KeyManager chooseX509KeyManager(KeyManager[] kms)

refCnt

public final int refCnt()

Specified by:

refCnt in interface io.netty.util.ReferenceCounted

retain

public final io.netty.util.ReferenceCounted retain()

Specified by:

retain in interface io.netty.util.ReferenceCounted

retain

public final io.netty.util.ReferenceCounted retain(int increment)

Specified by:

retain in interface io.netty.util.ReferenceCounted

touch

public final io.netty.util.ReferenceCounted touch()

Specified by:

touch in interface io.netty.util.ReferenceCounted

touch

public final io.netty.util.ReferenceCounted touch(Object hint)

Specified by:

touch in interface io.netty.util.ReferenceCounted

release

public final boolean release()

Specified by:

release in interface io.netty.util.ReferenceCounted

release

public final boolean release(int decrement)

Specified by:

release in interface io.netty.util.ReferenceCounted