io.netty.handler.ssl

Class ReferenceCountedOpenSslContext

java.lang.Object

io.netty.handler.ssl.SslContext

io.netty.handler.ssl.ReferenceCountedOpenSslContext

All Implemented Interfaces:

ReferenceCounted

Direct Known Subclasses:

OpenSslContext, ReferenceCountedOpenSslClientContext, ReferenceCountedOpenSslServerContext

public abstract class ReferenceCountedOpenSslContext
extends SslContext
implements ReferenceCounted

An implementation of SslContext which works with libraries that support the OpenSsl C library API.

Instances of this class must be released or else native memory will leak!

Instances of this class must not be released before any ReferenceCountedOpenSslEngine which depends upon the instance of this class is released. Otherwise if any method of ReferenceCountedOpenSslEngine is called which uses this class's JNI resources the JVM may crash.

Field Summary

Fields

Modifier and Type	Field and Description
protected long	ctx The OpenSSL SSL_CTX object
protected static int	VERIFY_DEPTH

Method Summary

Modifier and Type	Method and Description
ApplicationProtocolNegotiator	applicationProtocolNegotiator() Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.
protected static X509Certificate[]	certificates(byte[][] chain)
protected static X509TrustManager	chooseTrustManager(TrustManager[] managers)
protected static X509KeyManager	chooseX509KeyManager(KeyManager[] kms)
List<String>	cipherSuites() Returns the list of enabled cipher suites, in the order of preference.
long	context() Deprecated. use sslCtxPointer()
int	getBioNonApplicationBufferSize() Returns the size of the buffer used by the BIO for non-application based writes
boolean	getRejectRemoteInitiatedRenegotiation() Returns if remote initiated renegotiation is supported or not.
boolean	isClient() Returns the true if and only if this context is for client-side.
SSLEngine	newEngine(ByteBufAllocator alloc) Returns a new server-side SSLEngine with the current configuration.
SSLEngine	newEngine(ByteBufAllocator alloc, String peerHost, int peerPort) Creates a new SSLEngine using advisory peer information.
int	refCnt() Returns the reference count of this object.
boolean	release() Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.
boolean	release(int decrement) Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.
ReferenceCounted	retain() Increases the reference count by 1.
ReferenceCounted	retain(int increment) Increases the reference count by the specified increment.
long	sessionCacheSize() Returns the size of the cache used for storing SSL session objects.
abstract OpenSslSessionContext	sessionContext() Returns the SSLSessionContext object held by this context.
long	sessionTimeout() Returns the timeout for the cached SSL session objects, in seconds.
void	setBioNonApplicationBufferSize(int bioNonApplicationBufferSize) Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).
void	setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation) Specify if remote initiated renegotiation is supported or not.
void	setTicketKeys(byte[] keys) Deprecated. use OpenSslSessionContext.setTicketKeys(byte[])
long	sslCtxPointer() Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext.
OpenSslSessionStats	stats() Deprecated. use #sessionContext#stats()
ReferenceCounted	touch() Records the current access location of this object for debugging purposes.
ReferenceCounted	touch(Object hint) Records the current access location of this object with an additional arbitrary information for debugging purposes.

Methods inherited from class io.netty.handler.ssl.SslContext

buildTrustManagerFactory, defaultClientProvider, defaultServerProvider, generateKeySpec, isServer, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newClientContext, newHandler, newHandler, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, newServerContext, nextProtocols

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VERIFY_DEPTH

protected static final int VERIFY_DEPTH

See Also:

Constant Field Values

ctx

protected volatile long ctx

The OpenSSL SSL_CTX object

Method Detail

cipherSuites

public final List<String> cipherSuites()

Description copied from class: SslContext

Returns the list of enabled cipher suites, in the order of preference.

Specified by:

cipherSuites in class SslContext

sessionCacheSize

public final long sessionCacheSize()

Description copied from class: SslContext

Returns the size of the cache used for storing SSL session objects.

Specified by:

sessionCacheSize in class SslContext

sessionTimeout

public final long sessionTimeout()

Description copied from class: SslContext

Returns the timeout for the cached SSL session objects, in seconds.

Specified by:

sessionTimeout in class SslContext

applicationProtocolNegotiator

public ApplicationProtocolNegotiator applicationProtocolNegotiator()

Description copied from class: SslContext

Returns the object responsible for negotiating application layer protocols for the TLS NPN/ALPN extensions.

Specified by:

applicationProtocolNegotiator in class SslContext

isClient

public final boolean isClient()

Description copied from class: SslContext

Returns the true if and only if this context is for client-side.

Specified by:

isClient in class SslContext

newEngine

public final SSLEngine newEngine(ByteBufAllocator alloc,
                                 String peerHost,
                                 int peerPort)

Description copied from class: SslContext

Creates a new SSLEngine using advisory peer information.

If SslProvider.OPENSSL_REFCNT is used then the object must be released. One way to do this is to wrap in a SslHandler and insert it into a pipeline. See SslContext.newHandler(ByteBufAllocator, String, int).

Specified by:

newEngine in class SslContext

peerHost - the non-authoritative name of the host

peerPort - the non-authoritative port

Returns:

a new SSLEngine

newEngine

public final SSLEngine newEngine(ByteBufAllocator alloc)

Returns a new server-side SSLEngine with the current configuration.

Specified by:

newEngine in class SslContext

Returns:

a new SSLEngine

context

@Deprecated
public final long context()

Deprecated. use sslCtxPointer()

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the Object.finalize() method is called. At this point 0 will be returned.

stats

@Deprecated
public final OpenSslSessionStats stats()

Deprecated. use #sessionContext#stats()

Returns the stats of this context.

setRejectRemoteInitiatedRenegotiation

public void setRejectRemoteInitiatedRenegotiation(boolean rejectRemoteInitiatedRenegotiation)

Specify if remote initiated renegotiation is supported or not. If not supported and the remote side tries to initiate a renegotiation a SSLHandshakeException will be thrown during decoding.

getRejectRemoteInitiatedRenegotiation

public boolean getRejectRemoteInitiatedRenegotiation()

Returns if remote initiated renegotiation is supported or not.

setBioNonApplicationBufferSize

public void setBioNonApplicationBufferSize(int bioNonApplicationBufferSize)

Set the size of the buffer used by the BIO for non-application based writes (e.g. handshake, renegotiation, etc...).

getBioNonApplicationBufferSize

public int getBioNonApplicationBufferSize()

Returns the size of the buffer used by the BIO for non-application based writes

setTicketKeys

@Deprecated
public final void setTicketKeys(byte[] keys)

Deprecated. use OpenSslSessionContext.setTicketKeys(byte[])

Sets the SSL session ticket keys of this context.

sessionContext

public abstract OpenSslSessionContext sessionContext()

Description copied from class: SslContext

Returns the SSLSessionContext object held by this context.

Specified by:

sessionContext in class SslContext

sslCtxPointer

public final long sslCtxPointer()

Returns the pointer to the SSL_CTX object for this ReferenceCountedOpenSslContext. Be aware that it is freed as soon as the release() method is called. At this point 0 will be returned.

certificates

protected static X509Certificate[] certificates(byte[][] chain)

chooseTrustManager

protected static X509TrustManager chooseTrustManager(TrustManager[] managers)

chooseX509KeyManager

protected static X509KeyManager chooseX509KeyManager(KeyManager[] kms)

refCnt

public final int refCnt()

Description copied from interface: ReferenceCounted

Returns the reference count of this object. If 0, it means this object has been deallocated.

Specified by:

refCnt in interface ReferenceCounted

retain

public final ReferenceCounted retain()

Description copied from interface: ReferenceCounted

Increases the reference count by 1.

Specified by:

retain in interface ReferenceCounted

retain

public final ReferenceCounted retain(int increment)

Description copied from interface: ReferenceCounted

Increases the reference count by the specified increment.

Specified by:

retain in interface ReferenceCounted

touch

public final ReferenceCounted touch()

Description copied from interface: ReferenceCounted

Records the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector. This method is a shortcut to touch(null).

Specified by:

touch in interface ReferenceCounted

touch

public final ReferenceCounted touch(Object hint)

Description copied from interface: ReferenceCounted

Records the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you via ResourceLeakDetector.

Specified by:

touch in interface ReferenceCounted

release

public final boolean release()

Description copied from interface: ReferenceCounted

Decreases the reference count by 1 and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated

release

public final boolean release(int decrement)

Description copied from interface: ReferenceCounted

Decreases the reference count by the specified decrement and deallocates this object if the reference count reaches at 0.

Specified by:

release in interface ReferenceCounted

Returns:

true if and only if the reference count became 0 and this object has been deallocated