Package io.netty.handler.ssl
Class ReferenceCountedOpenSslEngine
java.lang.Object
javax.net.ssl.SSLEngine
io.netty.handler.ssl.ReferenceCountedOpenSslEngine
- All Implemented Interfaces:
ApplicationProtocolAccessor,ReferenceCounted
- Direct Known Subclasses:
OpenSslEngine
public class ReferenceCountedOpenSslEngine
extends SSLEngine
implements ReferenceCounted, ApplicationProtocolAccessor
Implements a
SSLEngine using
OpenSSL BIO abstractions.
Instances of this class must be released or else native memory will leak!
Instances of this class must be released before the ReferenceCountedOpenSslContext
the instance depends upon are released. Otherwise if any method of this class is called which uses the
the ReferenceCountedOpenSslContext JNI resources the JVM may crash.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate final classprivate final classprivate static enumprivate static interfaceprivate static final classprivate static final classprivate class -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate Object(package private) final ByteBufAllocatorprivate final OpenSslApplicationProtocolNegotiatorprivate Stringprivate ClientAuthprivate final booleanprivate static final SSLEngineResultprivate booleanprivate final booleanprivate Stringprivate final OpenSslEngineMapprivate booleanprivate booleanprivate static final X509Certificate[](package private) final booleanprivate final ResourceLeakTracker<ReferenceCountedOpenSslEngine> private static final ResourceLeakDetector<ReferenceCountedOpenSslEngine> private static final InternalLoggerprivate Collection<?> (package private) static final intDepends upon tcnative ...(package private) static final intDepends upon tcnative ...private intprivate intprivate static final SSLEngineResultprivate static final SSLEngineResultprivate static final SSLEngineResultprivate static final SSLEngineResultprivate booleanprivate longprivate static final intprivate static final intprivate static final intprivate static final intprivate static final intprivate static final intprivate static final int[]private booleanprivate final ReferenceCountedOpenSslContextprivate Throwableprivate booleanprivate final AbstractReferenceCountedprivate final OpenSslInternalSessionprivate booleanprivate final ByteBuffer[]private final ByteBuffer[]private long -
Constructor Summary
ConstructorsConstructorDescriptionReferenceCountedOpenSslEngine(ReferenceCountedOpenSslContext context, ByteBufAllocator alloc, String peerHost, int peerPort, boolean jdkCompatibilityMode, boolean leakDetection, String endpointIdentificationAlgorithm) Create a new instance. -
Method Summary
Modifier and TypeMethodDescription(package private) final String[]final void(package private) voidbioSetFd(int fd) private static long(package private) final intcalculateMaxLengthForWrap(int plaintextLength, int numComponents) This method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapBufferSizeandmaxWrapOverheadis achieved via other synchronized blocks.private voidIt is assumed this method is called in a synchronized block (or the constructor)!(package private) final intcalculateOutNetBufSize(int plaintextLength, int numComponents) This method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapOverheadis achieved via other synchronized blocks.private void(package private) final booleancheckSniHostnameMatch(byte[] hostname) private voidcloseAll()final voidfinal voidprivate voidconfigureEndpointVerification(String endpointIdentificationAlgorithm) private booleanAttempt to callSSL.shutdownSSL(long).final Runnablefinal String[]final String[]final booleanfinal SSLSessionprivate SSLEngineResult.HandshakeStatusgetHandshakeStatus(int pending) final booleanReturns the name of the negotiated application-level protocol.byte[]Returns the OCSP response ornullif the server didn't provide a stapled OCSP response.final SSLSessionfinal SSLParametersfinal String[]final String[]final booleanfinal booleanprivate SSLEngineResulthandleUnwrapException(int bytesConsumed, int bytesProduced, SSLException e) private SSLEngineResult.HandshakeStatusprivate SSLEngineResult.HandshakeStatus(package private) final voidinitHandshakeException(Throwable cause) Should be called if the handshake will be failed due a callback that throws an exception.private booleanisBytesAvailableEnoughForWrap(int bytesAvailable, int plaintextLength, int numComponents) private booleanprivate static booleanisEmpty(byte[] cert) private static booleanprivate static booleanisEndPointVerificationEnabled(String endPointIdentificationAlgorithm) final booleanfinal booleanprivate static booleanisProtocolEnabled(int opts, int disableMask, String protocolString) (package private) boolean(package private) final SecretKeySpec(package private) final intVisible only for testing!(package private) final intThis method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapOverheadis achieved via other synchronized blocks.(package private) final intVisible only for testing!private SSLEngineResult.HandshakeStatusprivate SSLEngineResult.HandshakeStatusmayFinishHandshake(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) private booleanprivate booleanneedWrapAgain(int stackError) private SSLEngineResultnewResult(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) private SSLEngineResultnewResult(SSLEngineResult.Status status, SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) private SSLEngineResultnewResultMayFinishHandshake(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) private SSLEngineResultnewResultMayFinishHandshake(SSLEngineResult.Status status, SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) private SSLExceptionnewSSLExceptionForError(int stackError) private static SSLEngineResult.HandshakeStatuspendingStatus(int pendingStatus) private intRead plaintext data from the OpenSSL internal BIOfinal intrefCnt()Returns the reference count of this object.private voidfinal booleanrelease()Decreases the reference count by1and deallocates this object if the reference count reaches at0.final booleanrelease(int decrement) Decreases the reference count by the specifieddecrementand deallocates this object if the reference count reaches at0.private voidprivate voidfinal ReferenceCountedretain()Increases the reference count by1.final ReferenceCountedretain(int increment) Increases the reference count by the specifiedincrement.private voidrunAndResetNeedTask(Runnable task) private voidSelect the application protocol used.private StringselectApplicationProtocol(List<String> protocols, ApplicationProtocolConfig.SelectedListenerFailureBehavior behavior, String applicationProtocol) private voidsetClientAuth(ClientAuth mode) final voidsetEnabledCipherSuites(String[] cipherSuites) final voidsetEnabledProtocols(String[] protocols) TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version.private voidsetEnabledProtocols0(String[] protocols, boolean explicitDisableTLSv13) final voidsetEnableSessionCreation(boolean b) (package private) final booleansetKeyMaterial(OpenSslKeyMaterial keyMaterial) final voidsetNeedClientAuth(boolean b) voidsetOcspResponse(byte[] response) Sets the OCSP response.final voidsetSSLParameters(SSLParameters sslParameters) final voidsetUseClientMode(boolean clientMode) final voidsetVerify(int verifyMode, int depth) See SSL_set_verify andSSL.setVerify(long, int, int).final voidsetWantClientAuth(boolean b) private static booleanshouldAddSuppressed(Throwable target, int errorCode) final voidshutdown()Destroys this engine.private SSLExceptionshutdownWithError(String operation, int sslError, int error) Log the error, shutdown the engine and throw an exception.private ByteBuffer[]private ByteBuffer[](package private) final intprivate intfinal longReturns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine.private SSLEngineResultsslReadErrorResult(int error, int stackError, int bytesConsumed, int bytesProduced) private StringtoJavaCipherSuite(String openSslCipherSuite) Converts the specified OpenSSL cipher suite to the Java cipher suite.private static StringtoJavaCipherSuitePrefix(String protocolVersion) Converts the protocol version string returned bySSL.getVersion(long)to protocol family string.final ReferenceCountedtouch()Records the current access location of this object for debugging purposes.final ReferenceCountedRecords the current access location of this object with an additional arbitrary information for debugging purposes.final SSLEngineResultunwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) final SSLEngineResultunwrap(ByteBuffer[] srcs, ByteBuffer[] dsts) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer dst) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts) final SSLEngineResultunwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) final SSLEngineResultwrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) final SSLEngineResultwrap(ByteBuffer src, ByteBuffer dst) private ByteBufwriteEncryptedData(ByteBuffer src, int len) Write encrypted data to the OpenSSL network BIO.private intwritePlaintextData(ByteBuffer src, int len) Write plaintext data to the OpenSSL internal BIO Calling this function with src.remaining == 0 is undefined.Methods inherited from class javax.net.ssl.SSLEngine
getHandshakeApplicationProtocolSelector, getPeerHost, getPeerPort, setHandshakeApplicationProtocolSelector, wrap
-
Field Details
-
logger
-
leakDetector
-
OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2- See Also:
-
OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3- See Also:
-
OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1- See Also:
-
OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1- See Also:
-
OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2- See Also:
-
OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_3
private static final int OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_3- See Also:
-
OPENSSL_OP_NO_PROTOCOLS
private static final int[] OPENSSL_OP_NO_PROTOCOLS -
MAX_PLAINTEXT_LENGTH
static final int MAX_PLAINTEXT_LENGTHDepends upon tcnative ... only use if tcnative is available! -
MAX_RECORD_SIZE
static final int MAX_RECORD_SIZEDepends upon tcnative ... only use if tcnative is available! -
NEED_UNWRAP_OK
-
NEED_UNWRAP_CLOSED
-
NEED_WRAP_OK
-
NEED_WRAP_CLOSED
-
CLOSED_NOT_HANDSHAKING
-
ssl
private long ssl -
networkBIO
private long networkBIO -
handshakeState
-
receivedShutdown
private boolean receivedShutdown -
destroyed
private volatile boolean destroyed -
applicationProtocol
-
needTask
private volatile boolean needTask -
hasTLSv13Cipher
private boolean hasTLSv13Cipher -
sessionSet
private boolean sessionSet -
leak
-
refCnt
-
enabledProtocols
-
clientAuth
-
endpointIdentificationAlgorithm
-
algorithmConstraints
-
sniHostNames
-
matchers
-
isInboundDone
private boolean isInboundDone -
outboundClosed
private boolean outboundClosed -
jdkCompatibilityMode
final boolean jdkCompatibilityMode -
clientMode
private final boolean clientMode -
alloc
-
engineMap
-
apn
-
parentContext
-
session
-
singleSrcBuffer
-
singleDstBuffer
-
enableOcsp
private final boolean enableOcsp -
maxWrapOverhead
private int maxWrapOverhead -
maxWrapBufferSize
private int maxWrapBufferSize -
pendingException
-
JAVAX_CERTS_NOT_SUPPORTED
-
-
Constructor Details
-
ReferenceCountedOpenSslEngine
ReferenceCountedOpenSslEngine(ReferenceCountedOpenSslContext context, ByteBufAllocator alloc, String peerHost, int peerPort, boolean jdkCompatibilityMode, boolean leakDetection, String endpointIdentificationAlgorithm) Create a new instance.- Parameters:
context- Reference count release responsibility is not transferred! The callee still owns this object.alloc- The allocator to use.peerHost- The peer host name.peerPort- The peer port.jdkCompatibilityMode-trueto behave like described in https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html.falseallows for partial and/or multiple packets to be process in a single wrap or unwrap call.leakDetection-trueto enable leak detection of this object.
-
-
Method Details
-
authMethods
-
setKeyMaterial
- Throws:
Exception
-
masterKey
-
isSessionReused
boolean isSessionReused() -
setOcspResponse
Sets the OCSP response. -
getOcspResponse
Returns the OCSP response ornullif the server didn't provide a stapled OCSP response. -
refCnt
public final int refCnt()Description copied from interface:ReferenceCountedReturns the reference count of this object. If0, it means this object has been deallocated.- Specified by:
refCntin interfaceReferenceCounted
-
retain
Description copied from interface:ReferenceCountedIncreases the reference count by1.- Specified by:
retainin interfaceReferenceCounted
-
retain
Description copied from interface:ReferenceCountedIncreases the reference count by the specifiedincrement.- Specified by:
retainin interfaceReferenceCounted
-
touch
Description copied from interface:ReferenceCountedRecords the current access location of this object for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector. This method is a shortcut totouch(null).- Specified by:
touchin interfaceReferenceCounted
-
touch
Description copied from interface:ReferenceCountedRecords the current access location of this object with an additional arbitrary information for debugging purposes. If this object is determined to be leaked, the information recorded by this operation will be provided to you viaResourceLeakDetector.- Specified by:
touchin interfaceReferenceCounted
-
release
public final boolean release()Description copied from interface:ReferenceCountedDecreases the reference count by1and deallocates this object if the reference count reaches at0.- Specified by:
releasein interfaceReferenceCounted- Returns:
trueif and only if the reference count became0and this object has been deallocated
-
release
public final boolean release(int decrement) Description copied from interface:ReferenceCountedDecreases the reference count by the specifieddecrementand deallocates this object if the reference count reaches at0.- Specified by:
releasein interfaceReferenceCounted- Returns:
trueif and only if the reference count became0and this object has been deallocated
-
getApplicationProtocol
- Overrides:
getApplicationProtocolin classSSLEngine
-
getHandshakeApplicationProtocol
- Overrides:
getHandshakeApplicationProtocolin classSSLEngine
-
getHandshakeSession
- Overrides:
getHandshakeSessionin classSSLEngine
-
sslPointer
public final long sslPointer()Returns the pointer to theSSLobject for thisReferenceCountedOpenSslEngine. Be aware that it is freed as soon as therelease()orshutdown()methods are called. At this point0will be returned. -
shutdown
public final void shutdown()Destroys this engine. -
writePlaintextData
Write plaintext data to the OpenSSL internal BIO Calling this function with src.remaining == 0 is undefined. -
bioSetFd
void bioSetFd(int fd) -
writeEncryptedData
Write encrypted data to the OpenSSL network BIO.- Throws:
SSLException
-
readPlaintextData
Read plaintext data from the OpenSSL internal BIO- Throws:
SSLException
-
maxWrapOverhead
final int maxWrapOverhead()Visible only for testing! -
maxEncryptedPacketLength
final int maxEncryptedPacketLength()Visible only for testing! -
maxEncryptedPacketLength0
final int maxEncryptedPacketLength0()This method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapOverheadis achieved via other synchronized blocks. -
calculateMaxLengthForWrap
final int calculateMaxLengthForWrap(int plaintextLength, int numComponents) This method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapBufferSizeandmaxWrapOverheadis achieved via other synchronized blocks.
Calculates the max size of a single wrap operation for the given plaintextLength and numComponents. -
calculateOutNetBufSize
final int calculateOutNetBufSize(int plaintextLength, int numComponents) This method is intentionally not synchronized, only use if you know you are in the EventLoop thread and visibility onmaxWrapOverheadis achieved via other synchronized blocks.
Calculates the size of the out net buf to create for the given plaintextLength and numComponents. This is not related to the max size per wrap, as we can wrap chunks at a time into one out net buf. -
sslPending
final int sslPending() -
calculateMaxWrapOverhead
private void calculateMaxWrapOverhead()It is assumed this method is called in a synchronized block (or the constructor)! -
sslPending0
private int sslPending0() -
isBytesAvailableEnoughForWrap
private boolean isBytesAvailableEnoughForWrap(int bytesAvailable, int plaintextLength, int numComponents) -
wrap
public final SSLEngineResult wrap(ByteBuffer[] srcs, int offset, int length, ByteBuffer dst) throws SSLException - Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
newResult
private SSLEngineResult newResult(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) -
newResult
private SSLEngineResult newResult(SSLEngineResult.Status status, SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) -
newResultMayFinishHandshake
private SSLEngineResult newResultMayFinishHandshake(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) throws SSLException - Throws:
SSLException
-
newResultMayFinishHandshake
private SSLEngineResult newResultMayFinishHandshake(SSLEngineResult.Status status, SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) throws SSLException - Throws:
SSLException
-
shutdownWithError
Log the error, shutdown the engine and throw an exception. -
handleUnwrapException
private SSLEngineResult handleUnwrapException(int bytesConsumed, int bytesProduced, SSLException e) throws SSLException - Throws:
SSLException
-
unwrap
public final SSLEngineResult unwrap(ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws SSLException - Throws:
SSLException
-
needWrapAgain
private boolean needWrapAgain(int stackError) -
newSSLExceptionForError
-
shouldAddSuppressed
-
sslReadErrorResult
private SSLEngineResult sslReadErrorResult(int error, int stackError, int bytesConsumed, int bytesProduced) throws SSLException - Throws:
SSLException
-
closeAll
- Throws:
SSLException
-
rejectRemoteInitiatedRenegotiation
- Throws:
SSLHandshakeException
-
unwrap
- Throws:
SSLException
-
singleSrcBuffer
-
resetSingleSrcBuffer
private void resetSingleSrcBuffer() -
singleDstBuffer
-
resetSingleDstBuffer
private void resetSingleDstBuffer() -
unwrap
public final SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts, int offset, int length) throws SSLException - Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
wrap
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
runAndResetNeedTask
-
getDelegatedTask
- Specified by:
getDelegatedTaskin classSSLEngine
-
closeInbound
- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
isInboundDone
public final boolean isInboundDone()- Specified by:
isInboundDonein classSSLEngine
-
closeOutbound
public final void closeOutbound()- Specified by:
closeOutboundin classSSLEngine
-
doSSLShutdown
private boolean doSSLShutdown()Attempt to callSSL.shutdownSSL(long).- Returns:
falseif the call toSSL.shutdownSSL(long)was not attempted or returned an error.
-
isOutboundDone
public final boolean isOutboundDone()- Specified by:
isOutboundDonein classSSLEngine
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getEnabledCipherSuites
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
setEnabledCipherSuites
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
getSupportedProtocols
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getEnabledProtocols
- Specified by:
getEnabledProtocolsin classSSLEngine
-
isProtocolEnabled
-
setEnabledProtocols
TLS doesn't support a way to advertise non-contiguous versions from the client's perspective, and the client just advertises the max supported version. The TLS protocol also doesn't support all different combinations of discrete protocols, and instead assumes contiguous ranges. OpenSSL has some unexpected behavior (e.g. handshake failures) if non-contiguous protocols are used even where there is a compatible set of protocols and ciphers. For these reasons this method will determine the minimum protocol and the maximum protocol and enabled a contiguous range from [min protocol, max protocol] in OpenSSL.- Specified by:
setEnabledProtocolsin classSSLEngine
-
setEnabledProtocols0
-
getSession
- Specified by:
getSessionin classSSLEngine
-
beginHandshake
- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
checkEngineClosed
- Throws:
SSLException
-
pendingStatus
-
isEmpty
-
isEmpty
private static boolean isEmpty(byte[] cert) -
handshakeException
- Throws:
SSLException
-
initHandshakeException
Should be called if the handshake will be failed due a callback that throws an exception. This cause will then be used to give more details as part of theSSLHandshakeException. -
handshake
- Throws:
SSLException
-
mayFinishHandshake
private SSLEngineResult.HandshakeStatus mayFinishHandshake(SSLEngineResult.HandshakeStatus hs, int bytesConsumed, int bytesProduced) throws SSLException - Throws:
SSLException
-
mayFinishHandshake
private SSLEngineResult.HandshakeStatus mayFinishHandshake(SSLEngineResult.HandshakeStatus status) throws SSLException - Throws:
SSLException
-
getHandshakeStatus
- Specified by:
getHandshakeStatusin classSSLEngine
-
getHandshakeStatus
-
needPendingStatus
private boolean needPendingStatus() -
toJavaCipherSuite
Converts the specified OpenSSL cipher suite to the Java cipher suite. -
toJavaCipherSuitePrefix
Converts the protocol version string returned bySSL.getVersion(long)to protocol family string. -
setUseClientMode
public final void setUseClientMode(boolean clientMode) - Specified by:
setUseClientModein classSSLEngine
-
getUseClientMode
public final boolean getUseClientMode()- Specified by:
getUseClientModein classSSLEngine
-
setNeedClientAuth
public final void setNeedClientAuth(boolean b) - Specified by:
setNeedClientAuthin classSSLEngine
-
getNeedClientAuth
public final boolean getNeedClientAuth()- Specified by:
getNeedClientAuthin classSSLEngine
-
setWantClientAuth
public final void setWantClientAuth(boolean b) - Specified by:
setWantClientAuthin classSSLEngine
-
getWantClientAuth
public final boolean getWantClientAuth()- Specified by:
getWantClientAuthin classSSLEngine
-
setVerify
See SSL_set_verify andSSL.setVerify(long, int, int). -
setClientAuth
-
setEnableSessionCreation
public final void setEnableSessionCreation(boolean b) - Specified by:
setEnableSessionCreationin classSSLEngine
-
getEnableSessionCreation
public final boolean getEnableSessionCreation()- Specified by:
getEnableSessionCreationin classSSLEngine
-
getSSLParameters
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
- Overrides:
setSSLParametersin classSSLEngine
-
configureEndpointVerification
-
isEndPointVerificationEnabled
-
isDestroyed
private boolean isDestroyed() -
checkSniHostnameMatch
final boolean checkSniHostnameMatch(byte[] hostname) -
getNegotiatedApplicationProtocol
Description copied from interface:ApplicationProtocolAccessorReturns the name of the negotiated application-level protocol.- Specified by:
getNegotiatedApplicationProtocolin interfaceApplicationProtocolAccessor- Returns:
- the application-level protocol name or
nullif the negotiation failed or the client does not have ALPN/NPN extension
-
bufferAddress
-
selectApplicationProtocol
Select the application protocol used.- Throws:
SSLException
-
selectApplicationProtocol
private String selectApplicationProtocol(List<String> protocols, ApplicationProtocolConfig.SelectedListenerFailureBehavior behavior, String applicationProtocol) throws SSLException - Throws:
SSLException
-