Class SSLSocket


  • @Deprecated
    public class SSLSocket
    extends Object
    Deprecated.
    The scope of the APR/Native Library will be reduced in Tomcat 10.1.x / Tomcat Native 2.x onwards to only include those components required to provide OpenSSL integration with the NIO and NIO2 connectors.
    SSL Socket
    Author:
    Mladen Turk
    • Constructor Summary

      Constructors 
      Constructor Description
      SSLSocket()
      Deprecated.
       
    • Method Summary

      All Methods Static Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      static int attach​(long ctx, long sock)
      Deprecated.
      Attach APR socket on an SSL connection.
      static int getALPN​(long sock, byte[] negotiatedProtocol)
      Deprecated.
      Obtain the name of the protocol negotiated via ALPN.
      static byte[] getInfoB​(long sock, int id)
      Deprecated.
      Return SSL Info parameter as byte array.
      static int getInfoI​(long sock, int id)
      Deprecated.
      Return SSL Info parameter as integer.
      static String getInfoS​(long sock, int id)
      Deprecated.
      Return SSL Info parameter as String.
      static int handshake​(long thesocket)
      Deprecated.
      Do an SSL handshake.
      static int renegotiate​(long thesocket)
      Deprecated.
      Do an SSL renegotiation.
      static void setVerify​(long sock, int level, int depth)
      Deprecated.
      Set Type of Client Certificate verification and Maximum depth of CA Certificates in Client Certificate verification.
    • Constructor Detail

      • SSLSocket

        public SSLSocket()
        Deprecated.
    • Method Detail

      • attach

        public static int attach​(long ctx,
                                 long sock)
                          throws Exception
        Deprecated.
        Attach APR socket on an SSL connection.
        Parameters:
        ctx - SSLContext to use.
        sock - APR Socket that already did physical connect or accept.
        Returns:
        APR_STATUS code.
        Throws:
        Exception - An error occurred
      • handshake

        public static int handshake​(long thesocket)
        Deprecated.
        Do an SSL handshake.
        Parameters:
        thesocket - The socket to use
        Returns:
        the handshake status
      • renegotiate

        public static int renegotiate​(long thesocket)
        Deprecated.
        Do an SSL renegotiation. SSL supports per-directory re-configuration of SSL parameters. This is implemented by performing an SSL renegotiation of the re-configured parameters after the request is read, but before the response is sent. In more detail: the renegotiation happens after the request line and MIME headers were read, but _before_ the attached request body is read. The reason simply is that in the HTTP protocol usually there is no acknowledgment step between the headers and the body (there is the 100-continue feature and the chunking facility only), so Apache has no API hook for this step.
        Parameters:
        thesocket - The socket to use
        Returns:
        the operation status
      • setVerify

        public static void setVerify​(long sock,
                                     int level,
                                     int depth)
        Deprecated.
        Set Type of Client Certificate verification and Maximum depth of CA Certificates in Client Certificate verification.
        This is used to change the verification level for a connection prior to starting a re-negotiation.
        The following levels are available for level:
         SSL_CVERIFY_NONE           - No client Certificate is required at all
         SSL_CVERIFY_OPTIONAL       - The client may present a valid Certificate
         SSL_CVERIFY_REQUIRE        - The client has to present a valid
                                      Certificate
         SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate
                                      but it need not to be (successfully)
                                      verifiable
         

        Parameters:
        sock - The socket to change.
        level - Type of Client Certificate verification.
        depth - Maximum number of certificates to permit in chain from client to trusted CA. Use a value of 0 or less to leave the current value unchanged
      • getInfoB

        public static byte[] getInfoB​(long sock,
                                      int id)
                               throws Exception
        Deprecated.
        Return SSL Info parameter as byte array.
        Parameters:
        sock - The socket to read the data from.
        id - Parameter id.
        Returns:
        Byte array containing info id value.
        Throws:
        Exception - An error occurred
      • getInfoS

        public static String getInfoS​(long sock,
                                      int id)
                               throws Exception
        Deprecated.
        Return SSL Info parameter as String.
        Parameters:
        sock - The socket to read the data from.
        id - Parameter id.
        Returns:
        String containing info id value.
        Throws:
        Exception - An error occurred
      • getInfoI

        public static int getInfoI​(long sock,
                                   int id)
                            throws Exception
        Deprecated.
        Return SSL Info parameter as integer.
        Parameters:
        sock - The socket to read the data from.
        id - Parameter id.
        Returns:
        Integer containing info id value or -1 on error.
        Throws:
        Exception - An error occurred
      • getALPN

        public static int getALPN​(long sock,
                                  byte[] negotiatedProtocol)
        Deprecated.
        Obtain the name of the protocol negotiated via ALPN. Only valid after the TLS handshake has completed.
        Parameters:
        sock - Socket
        negotiatedProtocol - Byte array in which to store agreed protocol
        Returns:
        Length of agreed protocol. Zero means no protocol agreed.