Package org.conscrypt
Class AbstractConscryptSocket
java.lang.Object
java.net.Socket
javax.net.ssl.SSLSocket
org.conscrypt.AbstractConscryptSocket
- All Implemented Interfaces:
Closeable,AutoCloseable
- Direct Known Subclasses:
OpenSSLSocketImpl
Abstract base class for all Conscrypt
SSLSocket classes.-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final booleanprivate final List<HandshakeCompletedListener> private StringThe peer's DNS hostname if it was supplied during creation.private final PeerInfoProviderprivate final intThe peer's port if it was supplied during creation.private intLocal cache of timeout to avoid getsockopt on every read and write for non-wrapped sockets.(package private) final Socket -
Constructor Summary
ConstructorsConstructorDescriptionAbstractConscryptSocket(String hostname, int port) AbstractConscryptSocket(String hostname, int port, InetAddress clientAddress, int clientPort) AbstractConscryptSocket(InetAddress address, int port) AbstractConscryptSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) AbstractConscryptSocket(Socket socket, String hostname, int port, boolean autoClose) -
Method Summary
Modifier and TypeMethodDescriptionvoidvoidbind(SocketAddress bindpoint) (package private) final voidvoidclose()final voidconnect(SocketAddress endpoint) final voidconnect(SocketAddress endpoint, int timeout) Try to extract the peer's hostname if it's available from the endpoint address.(package private) abstract byte[]exportKeyingMaterial(String label, byte[] context, int length) Exports a value derived from the TLS master secret as described in RFC 5705.(package private) abstract SSLSessionCalled bynotifyHandshakeCompletedListeners()to get the currently active session.(package private) abstract byte[]Deprecated.abstract String(package private) abstract String[]Returns the list of supported ALPN protocols.(package private) abstract byte[]Gets the TLS Channel ID for this server socket.abstract Stringabstract SSLSession(package private) StringReturns the hostname that was supplied during socket creation.(package private) StringFor the purposes of an SSLSession, we want a way to represent the supplied hostname or the IP address in a textual representation.booleanint(package private) byte[]Deprecated.NPN is not supportedbooleanfinal intgetPort()intbooleanintintfinal int(package private) intNote write timeouts are not part of the javax.net.ssl.SSLSocket APIboolean(package private) abstract byte[]Returns the tls-unique channel binding value for this connection, per RFC 5929.intbooleanisBound()booleanisClosed()booleanprivate booleanbooleanboolean(package private) final void(package private) final PeerInfoProvidervoidfinal voidsendUrgentData(int data) (package private) abstract voidsetAlpnProtocols(byte[] alpnProtocols) Deprecated.UsesetApplicationProtocols(String[])instead.(package private) abstract voidsetAlpnProtocols(String[] alpnProtocols) Deprecated.usesetApplicationProtocols(String[])instead.(package private) abstract voidsetApplicationProtocols(String[] protocols) Sets the list of ALPN protocols.(package private) abstract voidSets an application-provided ALPN protocol selector.(package private) abstract void(package private) abstract voidsetChannelIdEnabled(boolean enabled) Enables/disables TLS Channel ID for this server socket.(package private) abstract voidsetChannelIdPrivateKey(PrivateKey privateKey) Sets thePrivateKeyto be used for TLS Channel ID by this client socket.(package private) voidsetHandshakeTimeout(int handshakeTimeoutMilliseconds) Set the handshake timeout on this socket.(package private) voidsetHostname(String hostname) This method enables Server Name IndicationvoidsetKeepAlive(boolean on) (package private) voidsetNpnProtocols(byte[] npnProtocols) Deprecated.NPN is not supportedfinal voidsetOOBInline(boolean on) voidsetPerformancePreferences(int connectionTime, int latency, int bandwidth) voidsetReceiveBufferSize(int size) voidsetReuseAddress(boolean on) voidsetSendBufferSize(int size) voidsetSoLinger(boolean on, int linger) final voidsetSoTimeout(int readTimeoutMilliseconds) (package private) voidsetSoWriteTimeout(int writeTimeoutMilliseconds) Note write timeouts are not part of the javax.net.ssl.SSLSocket APIvoidsetTcpNoDelay(boolean on) voidsetTrafficClass(int tc) (package private) abstract voidsetUseSessionTickets(boolean useSessionTickets) This method enables session ticket support.voidvoidtoString()Methods inherited from class javax.net.ssl.SSLSocket
getEnabledCipherSuites, getEnabledProtocols, getEnableSessionCreation, getHandshakeApplicationProtocolSelector, getNeedClientAuth, getSession, getSSLParameters, getSupportedCipherSuites, getSupportedProtocols, getUseClientMode, getWantClientAuth, setEnabledCipherSuites, setEnabledProtocols, setEnableSessionCreation, setHandshakeApplicationProtocolSelector, setNeedClientAuth, setSSLParameters, setUseClientMode, setWantClientAuth, startHandshakeMethods inherited from class java.net.Socket
getOption, setOption, setSocketImplFactory, supportedOptions
-
Field Details
-
socket
-
autoClose
private final boolean autoClose -
peerHostname
The peer's DNS hostname if it was supplied during creation. Note that this may be a raw IP address, so it should be checked before use with extensions that don't use it like Server Name Indication (SNI). -
peerPort
private final int peerPortThe peer's port if it was supplied during creation. Should only be set ifpeerHostnameis also set. -
peerInfoProvider
-
listeners
-
readTimeoutMilliseconds
private int readTimeoutMillisecondsLocal cache of timeout to avoid getsockopt on every read and write for non-wrapped sockets. Note that this is not used when delegating to another socket.
-
-
Constructor Details
-
AbstractConscryptSocket
AbstractConscryptSocket() throws IOException- Throws:
IOException
-
AbstractConscryptSocket
AbstractConscryptSocket(String hostname, int port) throws IOException - Throws:
IOException
-
AbstractConscryptSocket
AbstractConscryptSocket(InetAddress address, int port) throws IOException - Throws:
IOException
-
AbstractConscryptSocket
AbstractConscryptSocket(String hostname, int port, InetAddress clientAddress, int clientPort) throws IOException - Throws:
IOException
-
AbstractConscryptSocket
AbstractConscryptSocket(InetAddress address, int port, InetAddress clientAddress, int clientPort) throws IOException - Throws:
IOException
-
AbstractConscryptSocket
AbstractConscryptSocket(Socket socket, String hostname, int port, boolean autoClose) throws IOException - Throws:
IOException
-
-
Method Details
-
connect
- Overrides:
connectin classSocket- Throws:
IOException
-
connect
Try to extract the peer's hostname if it's available from the endpoint address.- Overrides:
connectin classSocket- Throws:
IOException
-
bind
- Overrides:
bindin classSocket- Throws:
IOException
-
close
- Specified by:
closein interfaceAutoCloseable- Specified by:
closein interfaceCloseable- Overrides:
closein classSocket- Throws:
IOException
-
getInetAddress
- Overrides:
getInetAddressin classSocket
-
getLocalAddress
- Overrides:
getLocalAddressin classSocket
-
getLocalPort
public int getLocalPort()- Overrides:
getLocalPortin classSocket
-
getRemoteSocketAddress
- Overrides:
getRemoteSocketAddressin classSocket
-
getLocalSocketAddress
- Overrides:
getLocalSocketAddressin classSocket
-
getPort
public final int getPort() -
addHandshakeCompletedListener
- Specified by:
addHandshakeCompletedListenerin classSSLSocket
-
removeHandshakeCompletedListener
- Specified by:
removeHandshakeCompletedListenerin classSSLSocket
-
getFileDescriptor$
-
setSoTimeout
- Overrides:
setSoTimeoutin classSocket- Throws:
SocketException
-
getSoTimeout
- Overrides:
getSoTimeoutin classSocket- Throws:
SocketException
-
sendUrgentData
- Overrides:
sendUrgentDatain classSocket- Throws:
IOException
-
setOOBInline
- Overrides:
setOOBInlinein classSocket- Throws:
SocketException
-
getOOBInline
- Overrides:
getOOBInlinein classSocket- Throws:
SocketException
-
getChannel
- Overrides:
getChannelin classSocket
-
getInputStream
- Overrides:
getInputStreamin classSocket- Throws:
IOException
-
getOutputStream
- Overrides:
getOutputStreamin classSocket- Throws:
IOException
-
setTcpNoDelay
- Overrides:
setTcpNoDelayin classSocket- Throws:
SocketException
-
getTcpNoDelay
- Overrides:
getTcpNoDelayin classSocket- Throws:
SocketException
-
setSoLinger
- Overrides:
setSoLingerin classSocket- Throws:
SocketException
-
getSoLinger
- Overrides:
getSoLingerin classSocket- Throws:
SocketException
-
setSendBufferSize
- Overrides:
setSendBufferSizein classSocket- Throws:
SocketException
-
getSendBufferSize
- Overrides:
getSendBufferSizein classSocket- Throws:
SocketException
-
setReceiveBufferSize
- Overrides:
setReceiveBufferSizein classSocket- Throws:
SocketException
-
getReceiveBufferSize
- Overrides:
getReceiveBufferSizein classSocket- Throws:
SocketException
-
setKeepAlive
- Overrides:
setKeepAlivein classSocket- Throws:
SocketException
-
getKeepAlive
- Overrides:
getKeepAlivein classSocket- Throws:
SocketException
-
setTrafficClass
- Overrides:
setTrafficClassin classSocket- Throws:
SocketException
-
getTrafficClass
- Overrides:
getTrafficClassin classSocket- Throws:
SocketException
-
setReuseAddress
- Overrides:
setReuseAddressin classSocket- Throws:
SocketException
-
getReuseAddress
- Overrides:
getReuseAddressin classSocket- Throws:
SocketException
-
shutdownInput
- Overrides:
shutdownInputin classSocket- Throws:
IOException
-
shutdownOutput
- Overrides:
shutdownOutputin classSocket- Throws:
IOException
-
isConnected
public boolean isConnected()- Overrides:
isConnectedin classSocket
-
isBound
public boolean isBound() -
isClosed
public boolean isClosed() -
isInputShutdown
public boolean isInputShutdown()- Overrides:
isInputShutdownin classSocket
-
isOutputShutdown
public boolean isOutputShutdown()- Overrides:
isOutputShutdownin classSocket
-
setPerformancePreferences
public void setPerformancePreferences(int connectionTime, int latency, int bandwidth) - Overrides:
setPerformancePreferencesin classSocket
-
toString
-
getHostname
String getHostname()Returns the hostname that was supplied during socket creation. No DNS resolution is attempted before returning the hostname. -
setHostname
This method enables Server Name Indication- Parameters:
hostname- the desired SNI hostname, or null to disable
-
getHostnameOrIP
String getHostnameOrIP()For the purposes of an SSLSession, we want a way to represent the supplied hostname or the IP address in a textual representation. We do not want to perform reverse DNS lookups on this address. -
setSoWriteTimeout
Note write timeouts are not part of the javax.net.ssl.SSLSocket API- Throws:
SocketException
-
getSoWriteTimeout
Note write timeouts are not part of the javax.net.ssl.SSLSocket API- Throws:
SocketException
-
setHandshakeTimeout
Set the handshake timeout on this socket. This timeout is specified in milliseconds and will be used only during the handshake process.- Throws:
SocketException
-
checkOpen
- Throws:
SocketException
-
peerInfoProvider
-
getActiveSession
Called bynotifyHandshakeCompletedListeners()to get the currently active session. UnlikeSSLSocket.getSession(), this method must not block. -
setApplicationProtocolSelector
-
notifyHandshakeCompletedListeners
final void notifyHandshakeCompletedListeners() -
isDelegating
private boolean isDelegating() -
getHandshakeSession
- Overrides:
getHandshakeSessionin classSSLSocket
-
setUseSessionTickets
abstract void setUseSessionTickets(boolean useSessionTickets) This method enables session ticket support.- Parameters:
useSessionTickets- True to enable session tickets
-
setChannelIdEnabled
abstract void setChannelIdEnabled(boolean enabled) Enables/disables TLS Channel ID for this server socket.This method needs to be invoked before the handshake starts.
- Throws:
IllegalStateException- if this is a client socket or if the handshake has already started.
-
getChannelId
Gets the TLS Channel ID for this server socket. Channel ID is only available once the handshake completes.- Returns:
- channel ID or
nullif not available. - Throws:
IllegalStateException- if this is a client socket or if the handshake has not yet completed.SSLException- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
Sets thePrivateKeyto be used for TLS Channel ID by this client socket.This method needs to be invoked before the handshake starts.
- Parameters:
privateKey- private key (enables TLS Channel ID) ornullfor no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).- Throws:
IllegalStateException- if this is a server socket or if the handshake has already started.
-
getNpnSelectedProtocol
Deprecated.NPN is not supportedReturns null always for backward compatibility. -
setNpnProtocols
Deprecated.NPN is not supportedThis method does nothing and is kept for backward compatibility. -
getAlpnSelectedProtocol
Deprecated.usegetApplicationProtocol()instead.Returns the protocol agreed upon by client and server, ornullif no protocol was agreed upon. -
setAlpnProtocols
Deprecated.usesetApplicationProtocols(String[])instead.Sets the list of ALPN protocols. This method internally converts the protocols to their wire-format form.- Parameters:
alpnProtocols- the list of ALPN protocols
-
setAlpnProtocols
Deprecated.UsesetApplicationProtocols(String[])instead.Alternate version ofsetAlpnProtocols(String[])that directly sets the list of ALPN in the wire-format form used by BoringSSL (length-prefixed 8-bit strings). Requires that all strings be encoded with US-ASCII.- Parameters:
alpnProtocols- the encoded form of the ALPN protocol list
-
setApplicationProtocols
Sets the list of ALPN protocols.- Parameters:
protocols- the list of ALPN protocols
-
getApplicationProtocols
Returns the list of supported ALPN protocols. -
getApplicationProtocol
- Overrides:
getApplicationProtocolin classSSLSocket
-
getHandshakeApplicationProtocol
- Overrides:
getHandshakeApplicationProtocolin classSSLSocket
-
setApplicationProtocolSelector
Sets an application-provided ALPN protocol selector. If provided, this will override the list of protocols set bysetApplicationProtocols(String[]). -
getTlsUnique
abstract byte[] getTlsUnique()Returns the tls-unique channel binding value for this connection, per RFC 5929. This will returnnullif there is no such value available, such as if the handshake has not yet completed or this connection is closed. -
exportKeyingMaterial
Exports a value derived from the TLS master secret as described in RFC 5705.- Parameters:
label- the label to use in calculating the exported value. This must be an ASCII-only string.context- the application-specific context value to use in calculating the exported value. This may benullto use no application context, which is treated differently than an empty byte array.length- the number of bytes of keying material to return.- Returns:
- a value of the specified length, or
nullif the handshake has not yet completed or the connection has been closed. - Throws:
SSLException- if the value could not be exported.
-
getApplicationProtocol()instead.