Package org.conscrypt
Class OpenSSLSocketImpl
java.lang.Object
java.net.Socket
javax.net.ssl.SSLSocket
org.conscrypt.AbstractConscryptSocket
org.conscrypt.OpenSSLSocketImpl
- All Implemented Interfaces:
Closeable
,AutoCloseable
- Direct Known Subclasses:
ConscryptEngineSocket
,ConscryptFileDescriptorSocket
Public shim allowing us to stay backward-compatible with legacy applications which were using
Conscrypt's extended socket API before the introduction of the
Conscrypt
class.-
Field Summary
Fields inherited from class org.conscrypt.AbstractConscryptSocket
socket
-
Constructor Summary
ConstructorsConstructorDescriptionOpenSSLSocketImpl
(String hostname, int port) OpenSSLSocketImpl
(String hostname, int port, InetAddress clientAddress, int clientPort) OpenSSLSocketImpl
(InetAddress address, int port) OpenSSLSocketImpl
(InetAddress address, int port, InetAddress clientAddress, int clientPort) OpenSSLSocketImpl
(Socket socket, String hostname, int port, boolean autoClose) -
Method Summary
Modifier and TypeMethodDescriptionfinal byte[]
Deprecated.abstract byte[]
Gets the TLS Channel ID for this server socket.abstract SSLSession
Returns the hostname that was supplied during socket creation.For the purposes of an SSLSession, we want a way to represent the supplied hostname or the IP address in a textual representation.final byte[]
Deprecated.NPN is not supportedint
Note write timeouts are not part of the javax.net.ssl.SSLSocket APIfinal void
setAlpnProtocols
(byte[] protocols) Deprecated.UsesetAlpnProtocols(String[])
instead.final void
setAlpnProtocols
(String[] alpnProtocols) Deprecated.abstract void
setChannelIdEnabled
(boolean enabled) Enables/disables TLS Channel ID for this server socket.abstract void
setChannelIdPrivateKey
(PrivateKey privateKey) Sets thePrivateKey
to be used for TLS Channel ID by this client socket.void
setHandshakeTimeout
(int handshakeTimeoutMilliseconds) Set the handshake timeout on this socket.void
setHostname
(String hostname) This method enables Server Name Indicationfinal void
setNpnProtocols
(byte[] npnProtocols) Deprecated.NPN is not supportedvoid
setSoWriteTimeout
(int writeTimeoutMilliseconds) Note write timeouts are not part of the javax.net.ssl.SSLSocket APIabstract void
setUseSessionTickets
(boolean useSessionTickets) This method enables session ticket support.Methods inherited from class org.conscrypt.AbstractConscryptSocket
addHandshakeCompletedListener, bind, checkOpen, close, connect, connect, exportKeyingMaterial, getActiveSession, getApplicationProtocol, getApplicationProtocols, getChannel, getHandshakeApplicationProtocol, getInetAddress, getInputStream, getKeepAlive, getLocalAddress, getLocalPort, getLocalSocketAddress, getOOBInline, getOutputStream, getPort, getReceiveBufferSize, getRemoteSocketAddress, getReuseAddress, getSendBufferSize, getSoLinger, getSoTimeout, getTcpNoDelay, getTlsUnique, getTrafficClass, isBound, isClosed, isConnected, isInputShutdown, isOutputShutdown, notifyHandshakeCompletedListeners, peerInfoProvider, removeHandshakeCompletedListener, sendUrgentData, setApplicationProtocols, setApplicationProtocolSelector, setApplicationProtocolSelector, setKeepAlive, setOOBInline, setPerformancePreferences, setReceiveBufferSize, setReuseAddress, setSendBufferSize, setSoLinger, setSoTimeout, setTcpNoDelay, setTrafficClass, shutdownInput, shutdownOutput, toString
Methods inherited from class javax.net.ssl.SSLSocket
getEnabledCipherSuites, getEnabledProtocols, getEnableSessionCreation, getHandshakeApplicationProtocolSelector, getNeedClientAuth, getSession, getSSLParameters, getSupportedCipherSuites, getSupportedProtocols, getUseClientMode, getWantClientAuth, setEnabledCipherSuites, setEnabledProtocols, setEnableSessionCreation, setHandshakeApplicationProtocolSelector, setNeedClientAuth, setSSLParameters, setUseClientMode, setWantClientAuth, startHandshake
Methods inherited from class java.net.Socket
getOption, setOption, setSocketImplFactory, supportedOptions
-
Constructor Details
-
OpenSSLSocketImpl
OpenSSLSocketImpl() throws IOException- Throws:
IOException
-
OpenSSLSocketImpl
OpenSSLSocketImpl(String hostname, int port) throws IOException - Throws:
IOException
-
OpenSSLSocketImpl
OpenSSLSocketImpl(InetAddress address, int port) throws IOException - Throws:
IOException
-
OpenSSLSocketImpl
OpenSSLSocketImpl(String hostname, int port, InetAddress clientAddress, int clientPort) throws IOException - Throws:
IOException
-
OpenSSLSocketImpl
OpenSSLSocketImpl(InetAddress address, int port, InetAddress clientAddress, int clientPort) throws IOException - Throws:
IOException
-
OpenSSLSocketImpl
OpenSSLSocketImpl(Socket socket, String hostname, int port, boolean autoClose) throws IOException - Throws:
IOException
-
-
Method Details
-
getHostname
Description copied from class:AbstractConscryptSocket
Returns the hostname that was supplied during socket creation. No DNS resolution is attempted before returning the hostname.- Overrides:
getHostname
in classAbstractConscryptSocket
-
setHostname
Description copied from class:AbstractConscryptSocket
This method enables Server Name Indication- Overrides:
setHostname
in classAbstractConscryptSocket
- Parameters:
hostname
- the desired SNI hostname, or null to disable
-
getHostnameOrIP
Description copied from class:AbstractConscryptSocket
For the purposes of an SSLSession, we want a way to represent the supplied hostname or the IP address in a textual representation. We do not want to perform reverse DNS lookups on this address.- Overrides:
getHostnameOrIP
in classAbstractConscryptSocket
-
getFileDescriptor$
- Overrides:
getFileDescriptor$
in classAbstractConscryptSocket
-
setSoWriteTimeout
Description copied from class:AbstractConscryptSocket
Note write timeouts are not part of the javax.net.ssl.SSLSocket API- Overrides:
setSoWriteTimeout
in classAbstractConscryptSocket
- Throws:
SocketException
-
getSoWriteTimeout
Description copied from class:AbstractConscryptSocket
Note write timeouts are not part of the javax.net.ssl.SSLSocket API- Overrides:
getSoWriteTimeout
in classAbstractConscryptSocket
- Throws:
SocketException
-
setHandshakeTimeout
Description copied from class:AbstractConscryptSocket
Set the handshake timeout on this socket. This timeout is specified in milliseconds and will be used only during the handshake process.- Overrides:
setHandshakeTimeout
in classAbstractConscryptSocket
- Throws:
SocketException
-
getHandshakeSession
- Specified by:
getHandshakeSession
in classAbstractConscryptSocket
-
setUseSessionTickets
public abstract void setUseSessionTickets(boolean useSessionTickets) Description copied from class:AbstractConscryptSocket
This method enables session ticket support.- Specified by:
setUseSessionTickets
in classAbstractConscryptSocket
- Parameters:
useSessionTickets
- True to enable session tickets
-
setChannelIdEnabled
public abstract void setChannelIdEnabled(boolean enabled) Description copied from class:AbstractConscryptSocket
Enables/disables TLS Channel ID for this server socket.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdEnabled
in classAbstractConscryptSocket
-
getChannelId
Description copied from class:AbstractConscryptSocket
Gets the TLS Channel ID for this server socket. Channel ID is only available once the handshake completes.- Specified by:
getChannelId
in classAbstractConscryptSocket
- Returns:
- channel ID or
null
if not available. - Throws:
SSLException
- if channel ID is available but could not be obtained.
-
setChannelIdPrivateKey
Description copied from class:AbstractConscryptSocket
Sets thePrivateKey
to be used for TLS Channel ID by this client socket.This method needs to be invoked before the handshake starts.
- Specified by:
setChannelIdPrivateKey
in classAbstractConscryptSocket
- Parameters:
privateKey
- private key (enables TLS Channel ID) ornull
for no key (disables TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
-
getNpnSelectedProtocol
Deprecated.NPN is not supportedDescription copied from class:AbstractConscryptSocket
Returns null always for backward compatibility.- Overrides:
getNpnSelectedProtocol
in classAbstractConscryptSocket
-
setNpnProtocols
Deprecated.NPN is not supportedDescription copied from class:AbstractConscryptSocket
This method does nothing and is kept for backward compatibility.- Overrides:
setNpnProtocols
in classAbstractConscryptSocket
-
setAlpnProtocols
Deprecated.Description copied from class:AbstractConscryptSocket
Sets the list of ALPN protocols. This method internally converts the protocols to their wire-format form.- Specified by:
setAlpnProtocols
in classAbstractConscryptSocket
- Parameters:
alpnProtocols
- the list of ALPN protocols
-
getAlpnSelectedProtocol
Deprecated.useAbstractConscryptSocket.getApplicationProtocol()
instead.Description copied from class:AbstractConscryptSocket
Returns the protocol agreed upon by client and server, ornull
if no protocol was agreed upon.- Specified by:
getAlpnSelectedProtocol
in classAbstractConscryptSocket
-
setAlpnProtocols
Deprecated.UsesetAlpnProtocols(String[])
instead.Description copied from class:AbstractConscryptSocket
Alternate version ofAbstractConscryptSocket.setAlpnProtocols(String[])
that directly sets the list of ALPN in the wire-format form used by BoringSSL (length-prefixed 8-bit strings). Requires that all strings be encoded with US-ASCII.- Specified by:
setAlpnProtocols
in classAbstractConscryptSocket
- Parameters:
protocols
- the encoded form of the ALPN protocol list
-
AbstractConscryptSocket.getApplicationProtocol()
instead.