Class ReferenceCountedOpenSslEngine

java.lang.Object
javax.net.ssl.SSLEngine
io.netty.handler.ssl.ReferenceCountedOpenSslEngine
All Implemented Interfaces:
ApplicationProtocolAccessor, ReferenceCounted
Direct Known Subclasses:
OpenSslEngine

public class ReferenceCountedOpenSslEngine extends SSLEngine implements ReferenceCounted, ApplicationProtocolAccessor
Implements a SSLEngine using OpenSSL BIO abstractions.

Instances of this class must be released or else native memory will leak!

Instances of this class must be released before the ReferenceCountedOpenSslContext the instance depends upon are released. Otherwise if any method of this class is called which uses the the ReferenceCountedOpenSslContext JNI resources the JVM may crash.

  • Field Details

    • logger

      private static final InternalLogger logger
    • leakDetector

      private static final ResourceLeakDetector<ReferenceCountedOpenSslEngine> leakDetector
    • OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2
      See Also:
    • OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3
      See Also:
    • OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1
      See Also:
    • OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1
      See Also:
    • OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2
      See Also:
    • OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_3

      private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_3
      See Also:
    • OPENSSL_OP_NO_PROTOCOLS

      private static final int[] OPENSSL_OP_NO_PROTOCOLS
    • MAX_PLAINTEXT_LENGTH

      static final int MAX_PLAINTEXT_LENGTH
      Depends upon tcnative ... only use if tcnative is available!
    • MAX_RECORD_SIZE

      static final int MAX_RECORD_SIZE
      Depends upon tcnative ... only use if tcnative is available!
    • NEED_UNWRAP_OK

      private static final SSLEngineResult NEED_UNWRAP_OK
    • NEED_UNWRAP_CLOSED

      private static final SSLEngineResult NEED_UNWRAP_CLOSED
    • NEED_WRAP_OK

      private static final SSLEngineResult NEED_WRAP_OK
    • NEED_WRAP_CLOSED

      private static final SSLEngineResult NEED_WRAP_CLOSED
    • CLOSED_NOT_HANDSHAKING

      private static final SSLEngineResult CLOSED_NOT_HANDSHAKING
    • ssl

      private long ssl
    • networkBIO

      private long networkBIO
    • handshakeState

    • receivedShutdown

      private boolean receivedShutdown
    • destroyed

      private volatile boolean destroyed
    • applicationProtocol

      private volatile String applicationProtocol
    • needTask

      private volatile boolean needTask
    • hasTLSv13Cipher

      private boolean hasTLSv13Cipher
    • sessionSet

      private boolean sessionSet
    • leak

    • refCnt

      private final AbstractReferenceCounted refCnt
    • enabledProtocols

      private final Set<String> enabledProtocols
    • clientAuth

      private volatile ClientAuth clientAuth
    • endpointIdentificationAlgorithm

      private String endpointIdentificationAlgorithm
    • algorithmConstraints

      private Object algorithmConstraints
    • sniHostNames

      private List<String> sniHostNames
    • matchers

      private volatile Collection<?> matchers
    • isInboundDone

      private boolean isInboundDone
    • outboundClosed

      private boolean outboundClosed
    • jdkCompatibilityMode

      final boolean jdkCompatibilityMode
    • clientMode

      private final boolean clientMode
    • alloc

      final ByteBufAllocator alloc
    • engineMap

      private final OpenSslEngineMap engineMap
    • apn

    • parentContext

      private final ReferenceCountedOpenSslContext parentContext
    • session

      private final OpenSslSession session
    • singleSrcBuffer

      private final ByteBuffer[] singleSrcBuffer
    • singleDstBuffer

      private final ByteBuffer[] singleDstBuffer
    • enableOcsp

      private final boolean enableOcsp
    • maxWrapOverhead

      private int maxWrapOverhead
    • maxWrapBufferSize

      private int maxWrapBufferSize
    • pendingException

      private Throwable pendingException
    • JAVAX_CERTS_NOT_SUPPORTED

      private static final X509Certificate[] JAVAX_CERTS_NOT_SUPPORTED
  • Constructor Details

    • ReferenceCountedOpenSslEngine

      ReferenceCountedOpenSslEngine(ReferenceCountedOpenSslContext context, ByteBufAllocator alloc, String peerHost, int peerPort, boolean jdkCompatibilityMode, boolean leakDetection, String endpointIdentificationAlgorithm)
      Create a new instance.
      Parameters:
      context - Reference count release responsibility is not transferred! The callee still owns this object.
      alloc - The allocator to use.
      peerHost - The peer host name.
      peerPort - The peer port.
      jdkCompatibilityMode - true to behave like described in https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html. false allows for partial and/or multiple packets to be process in a single wrap or unwrap call.
      leakDetection - true to enable leak detection of this object.
  • Method Details