Module org.snmp4j

Package org.snmp4j.transport

Class DTLSTM

java.lang.Object

org.snmp4j.transport.AbstractTransportMapping<UdpAddress>

org.snmp4j.transport.UdpTransportMapping

org.snmp4j.transport.DefaultUdpTransportMapping

org.snmp4j.transport.DTLSTM

All Implemented Interfaces:

Closeable, AutoCloseable, ConnectionOrientedTransportMapping<UdpAddress>, TlsTransportMappingConfig<X509Certificate>, X509TlsTransportMappingConfig, TransportMapping<UdpAddress>

public class DTLSTM
extends DefaultUdpTransportMapping
implements X509TlsTransportMappingConfig, ConnectionOrientedTransportMapping<UdpAddress>

The DTLSTM implements the Datagram Transport Layer Security Transport Mapping (TLS-TM) as defined by RFC 5953 with the new IO API and SSLEngine.

It uses a single thread for processing incoming and outgoing messages. The thread is started when the listen method is called, or when an outgoing request is sent using the sendMessage method.

Since:

3.0

Version:

3.6.0

Author:

Frank Fock

Nested Class Summary

Nested classes/interfaces inherited from class org.snmp4j.transport.DefaultUdpTransportMapping

DefaultUdpTransportMapping.ListenThread

Field Summary

Fields

Modifier and Type	Field	Description
static final int	DEFAULT_CONNECTION_TIMEOUT
static final String	DEFAULT_DTLSTM_PROTOCOLS
static final int	DEFAULT_HANDSHAKE_TIMEOUT
static final int	DEFAULT_SOCKET_TIMEOUT
static final int	MAX_HANDSHAKE_LOOPS
static final int	MAX_TLS_PAYLOAD_SIZE

Fields inherited from class org.snmp4j.transport.DefaultUdpTransportMapping

listenerThread, socket

Fields inherited from class org.snmp4j.transport.UdpTransportMapping

udpAddress

Fields inherited from class org.snmp4j.transport.AbstractTransportMapping

asyncMsgProcessingSupported, listenWorkerTask, maxInboundMessageSize, suspendedAddresses, transportListener, transportStateListeners

Constructor Summary

Constructors

Constructor	Description
DTLSTM()	Creates a default UDP transport mapping with the server for incoming messages disabled.
DTLSTM(DtlsAddress address)	Creates a TLS transport mapping with the server for incoming messages bind to the given DTLS address.
DTLSTM(DtlsAddress address, boolean serverEnabled)	Creates a TLS transport mapping with the server for incoming messages bind to the given address.
DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress)	Creates a DTLS transport mapping that binds to the given address (interface) on the local host.
DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport)	Creates a TLS transport mapping that binds to the given address (interface) on the local host and runs as a server.
DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled)	Creates a TLS transport mapping that binds to the given address (interface) on the local host.

Method Summary

Modifier and Type	Method	Description
void	close()	Closes the socket and stops the listener thread and socket cleaner timer (if DefaultUdpTransportMapping.getSocketTimeout() is greater than zero).
boolean	close(UdpAddress remoteAddress)	Closes a connection to the supplied remote address, if it is open.
protected DatagramPacket	createHandshakePacket(byte[] buf, SocketAddress socketAddr)
protected SSLEngineConfigurator	ensureSslEngineConfigurator()	Returns the configured setSslEngineConfigurator(SSLEngineConfigurator) or the DefaultSSLEngineConfiguration which will then become the configured SSL engine configurator.
protected void	fireProcessMessage(DatagramPacket packet, ByteBuffer bis, TransportStateReference stateReference)
long	getConnectionTimeout()	Gets the connection timeout.
CounterSupport	getCounterSupport()
int	getDtlsHandshakeThreadPoolSize()
int	getHandshakeTimeout()	Gets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.
String	getKeyStore()
String	getKeyStorePassword()
UdpAddress	getListenAddress()	Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.
String	getLocalCertificateAlias()	Gets the certificate alias used for client and server authentication.
MessageLengthDecoder	getMessageLengthDecoder()	Returns the MessageLengthDecoder used by this transport mapping.
PKIXRevocationChecker	getPKIXRevocationChecker()	Gets the (optional and possibly null) revocation checker for the cert path validation of X509 certificates.
String	getProtocolVersionPropertyName()	Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.
String[]	getProtocolVersions()	Return the (D)TLS protocol versions used by this transport mapping.
TlsTmSecurityCallback<X509Certificate>	getSecurityCallback()	Gets the TlsTmSecurityCallback associated with this TransportMapping hook which is called by the transport mapping to lookup TLS security parameters from external configuration.
CommonTimer	getSocketCleaner()	Gets the CommonTimer that controls socket cleanup operations.
SSLEngineConfigurator	getSslEngineConfigurator()
Class<? extends Address>	getSupportedAddressClass()	Gets the primary Address class that is supported by this transport mapping.
Set<Class<? extends Address>>	getSupportedAddressClasses()	Returns a set of DtlsAddress and UdpAddress.
TransportType	getSupportedTransportType()	Gets the TransportType this TransportMapping supports depending on isServerEnabled().
TLSTMTrustManagerFactory	getTrustManagerFactory()
String	getTrustStore()
String	getTrustStorePassword()
String	getX509CertificateRevocationListURI()	Gets the X509 certificate revocation list (CRL) URI, if defined.
boolean	isAsyncMsgProcessingSupported()	Returns true if asynchronous (multi-threaded) message processing may be implemented.
boolean	isServerEnabled()	Checks whether a server for incoming requests is enabled.
void	listen()	Starts the listener thread that accepts incoming messages.
protected List<DatagramPacket>	onReceiveTimeout(SSLEngine engine, SocketAddress socketAddr)
protected ByteBuffer	prepareInPacket(DatagramPacket packet, byte[] buf, TransportStateReference tmStateReference)	Prepare a network packet for the application.
protected List<DatagramPacket>	prepareOutPackets(UdpAddress targetAddress, byte[] message, TransportStateReference tmStateReference, DatagramSocket socket, long timeoutMillis, int maxRetries)	Prepare an application message for sending over the network to the specified target address.
protected List<DatagramPacket>	produceHandshakePackets(SSLEngine sslEngine, SocketAddress socketAddress)
void	setAsyncMsgProcessingSupported(boolean asyncMsgProcessingSupported)	Specifies whether this transport mapping has to support asynchronous messages processing or not.
void	setConnectionTimeout(long connectionTimeout)	Sets the connection timeout.
void	setDtlsHandshakeThreadPoolSize(int dtlsHandshakeThreadPoolSize)	Sets the maximum number of threads reserved for DTLS inbound connection handshake processing.
void	setHandshakeTimeout(int handshakeTimeout)	Sets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.
void	setKeyStore(String keyStore)
void	setKeyStorePassword(String keyStorePassword)
void	setLocalCertificateAlias(String localCertificateAlias)	Sets the certificate alias used for client and server authentication by this TLSTM.
void	setMaxInboundMessageSize(int maxInboundMessageSize)	Sets the maximum buffer size for incoming requests.
void	setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder)	Sets the MessageLengthDecoder that decodes the total message length from the header of a message.
void	setPKIXRevocationChecker(PKIXRevocationChecker pkixRevocationChecker)	Sets the (optional and possibly null) revocation checker for the cert path validation of X509 certificates.
void	setProtocolVersions(String[] dtlsProtocols)	Sets the DTLS protocols/versions that DTLSTM should use during handshake.
void	setSecurityCallback(TlsTmSecurityCallback<X509Certificate> securityCallback)	Sets the TlsTmSecurityCallback associated with this TransportMapping hook.
void	setServerEnabled(boolean serverEnabled)	Sets whether a server for incoming requests should be created when the transport is set into listen state.
void	setSslEngineConfigurator(SSLEngineConfigurator sslEngineConfigurator)
void	setTrustManagerFactory(TLSTMTrustManagerFactory trustManagerFactory)	Set the TLSTM trust manager factory.
void	setTrustStore(String trustStore)
void	setTrustStorePassword(String trustStorePassword)
void	setX09CertificateRevocationListURI(String crlURI)	Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.

Methods inherited from class org.snmp4j.transport.DefaultUdpTransportMapping

ensureSocket, getReceiveBufferSize, getSocketTimeout, renewSocketAfterException, sendMessage, setReceiveBufferSize, setSocketTimeout

Methods inherited from class org.snmp4j.transport.UdpTransportMapping

getAddress

Methods inherited from class org.snmp4j.transport.AbstractTransportMapping

addTransportListener, addTransportStateListener, fireConnectionStateChanged, fireProcessMessage, getListenWorkerTask, getMaxInboundMessageSize, getPriority, getSuspendedAddresses, getThreadName, handleDroppedMessageToSend, isListening, removeAllTransportListeners, removeTransportListener, removeTransportStateListener, resumeAddress, setPriority, setThreadName, suspendAddress

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.snmp4j.transport.ConnectionOrientedTransportMapping

addTransportStateListener, removeTransportStateListener, resumeAddress, suspendAddress

Methods inherited from interface org.snmp4j.TransportMapping

addTransportListener, getMaxInboundMessageSize, getMaxOutboundMessageSize, isAddressSupported, isAddressSupported, isListening, removeTransportListener, sendMessage

Field Details

MAX_HANDSHAKE_LOOPS

public static final int MAX_HANDSHAKE_LOOPS

See Also:

• Constant Field Values

DEFAULT_SOCKET_TIMEOUT

public static final int DEFAULT_SOCKET_TIMEOUT

See Also:

• Constant Field Values

DEFAULT_HANDSHAKE_TIMEOUT

public static final int DEFAULT_HANDSHAKE_TIMEOUT

See Also:

• Constant Field Values

DEFAULT_CONNECTION_TIMEOUT

public static final int DEFAULT_CONNECTION_TIMEOUT

See Also:

• Constant Field Values

DEFAULT_DTLSTM_PROTOCOLS

public static final String DEFAULT_DTLSTM_PROTOCOLS

See Also:

• Constant Field Values

MAX_TLS_PAYLOAD_SIZE

public static final int MAX_TLS_PAYLOAD_SIZE

See Also:

• Constant Field Values

Constructor Details

DTLSTM

public DTLSTM()
       throws IOException

Creates a default UDP transport mapping with the server for incoming messages disabled.

Throws:

UnknownHostException - if the local host cannot be determined.

IOException

DTLSTM

public DTLSTM(DtlsAddress address)
       throws IOException

Creates a TLS transport mapping with the server for incoming messages bind to the given DTLS address. The securityCallback needs to be specified before listen() is called.

Parameters:

address - server address to bind.

Throws:

IOException - on failure of binding a local port.

Since:

3.3.2

DTLSTM

public DTLSTM(DtlsAddress address,
 boolean serverEnabled)
       throws IOException

Creates a TLS transport mapping with the server for incoming messages bind to the given address. The securityCallback needs to be specified before listen() is called.

Parameters:

address - server address to bind.

serverEnabled - defines the role of the underlying SSLEngine. Setting this to false enables the SSLEngine.setUseClientMode(boolean).

Throws:

IOException - on failure of binding a local port.

Since:

3.2.0

DTLSTM

public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback,
 DtlsAddress serverAddress)
       throws IOException

Creates a DTLS transport mapping that binds to the given address (interface) on the local host.

Parameters:

securityCallback - a security name callback to resolve X509 certificates to tmSecurityNames.

serverAddress - the UdpAddress instance that describes the server address to listen on incoming connection requests.

Throws:

IOException - if the given address cannot be bound.

DTLSTM

public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback,
 DtlsAddress serverAddress,
 CounterSupport counterSupport)
       throws IOException

Creates a TLS transport mapping that binds to the given address (interface) on the local host and runs as a server.

Parameters:

securityCallback - a security name callback to resolve X509 certificates to tmSecurityNames.

serverAddress - the UdpAddress instance that describes the server address to listen on incoming connection requests.

counterSupport - The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, use CounterSupport.getInstance().

Throws:

IOException - if the given address cannot be bound.

DTLSTM

public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback,
 DtlsAddress serverAddress,
 CounterSupport counterSupport,
 boolean serverEnabled)
       throws IOException

Creates a TLS transport mapping that binds to the given address (interface) on the local host.

Parameters:

securityCallback - a security name callback to resolve X509 certificates to tmSecurityNames.

serverAddress - the UdpAddress instance that describes the server address to listen on incoming connection requests.

counterSupport - The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, use CounterSupport.getInstance().

serverEnabled - defines the role of the underlying SSLEngine. Setting this to false enables the SSLEngine.setUseClientMode(boolean).

Throws:

IOException - if the given address cannot be bound.

Since:

3.2.0

Method Details

listen

public void listen()
            throws IOException

Starts the listener thread that accepts incoming messages. The thread is started in daemon mode and thus it will not block application terminated. Nevertheless, the close() method should be called to stop the listen thread gracefully and free associated ressources.

Specified by:

listen in interface TransportMapping<UdpAddress>

Overrides:

listen in class DefaultUdpTransportMapping

Throws:

IOException - if the listen port could not be bound to the server thread.

close

public void close()
           throws IOException

Closes the socket and stops the listener thread and socket cleaner timer (if DefaultUdpTransportMapping.getSocketTimeout() is greater than zero).

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

Specified by:

close in interface TransportMapping<UdpAddress>

Overrides:

close in class DefaultUdpTransportMapping

Throws:

IOException - if the socket cannot be closed.

getSupportedTransportType

public TransportType getSupportedTransportType()

Gets the TransportType this TransportMapping supports depending on isServerEnabled().

Specified by:

getSupportedTransportType in interface TransportMapping<UdpAddress>

Returns:

TransportType.receiver if isServerEnabled() is true and TransportType.sender otherwise.

Since:

3.2.0

getDtlsHandshakeThreadPoolSize

public int getDtlsHandshakeThreadPoolSize()

setDtlsHandshakeThreadPoolSize

public void setDtlsHandshakeThreadPoolSize(int dtlsHandshakeThreadPoolSize)

Sets the maximum number of threads reserved for DTLS inbound connection handshake processing.

Parameters:

dtlsHandshakeThreadPoolSize - the thread pool size that gets effective when listen() is called. Default is DEFAULT_DTLS_HANDSHAKE_THREADPOOL_SIZE.

getLocalCertificateAlias

public String getLocalCertificateAlias()

Description copied from interface: TlsTransportMappingConfig

Gets the certificate alias used for client and server authentication. See also TlsTransportMappingConfig.setLocalCertificateAlias(java.lang.String)

Specified by:

getLocalCertificateAlias in interface TlsTransportMappingConfig<X509Certificate>

Returns:

the certificate alias selecting the local certificate.

getProtocolVersions

public String[] getProtocolVersions()

Description copied from interface: TlsTransportMappingConfig

Return the (D)TLS protocol versions used by this transport mapping.

Specified by:

getProtocolVersions in interface TlsTransportMappingConfig<X509Certificate>

Returns:

an array of SunJSSE TLS/DTLS provider (depending on the transport mapping type).

getProtocolVersionPropertyName

public String getProtocolVersionPropertyName()

Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.

Specified by:

getProtocolVersionPropertyName in interface TlsTransportMappingConfig<X509Certificate>

Returns:

a property name like SnmpConfigurator.P_TLS_VERSION or SnmpConfigurator.P_DTLS_VERSION.

setProtocolVersions

public void setProtocolVersions(String[] dtlsProtocols)

Sets the DTLS protocols/versions that DTLSTM should use during handshake. The default is defined by DEFAULT_DTLSTM_PROTOCOLS.

Specified by:

setProtocolVersions in interface TlsTransportMappingConfig<X509Certificate>

Parameters:

dtlsProtocols - an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.

Since:

3.0

getKeyStore

public String getKeyStore()

Specified by:

getKeyStore in interface TlsTransportMappingConfig<X509Certificate>

setKeyStore

public void setKeyStore(String keyStore)

Specified by:

setKeyStore in interface TlsTransportMappingConfig<X509Certificate>

getKeyStorePassword

public String getKeyStorePassword()

Specified by:

getKeyStorePassword in interface TlsTransportMappingConfig<X509Certificate>

setKeyStorePassword

public void setKeyStorePassword(String keyStorePassword)

Specified by:

setKeyStorePassword in interface TlsTransportMappingConfig<X509Certificate>

getTrustStore

public String getTrustStore()

Specified by:

getTrustStore in interface TlsTransportMappingConfig<X509Certificate>

setTrustStore

public void setTrustStore(String trustStore)

Specified by:

setTrustStore in interface TlsTransportMappingConfig<X509Certificate>

getTrustStorePassword

public String getTrustStorePassword()

Specified by:

getTrustStorePassword in interface TlsTransportMappingConfig<X509Certificate>

setTrustStorePassword

public void setTrustStorePassword(String trustStorePassword)

Specified by:

setTrustStorePassword in interface TlsTransportMappingConfig<X509Certificate>

setLocalCertificateAlias

public void setLocalCertificateAlias(String localCertificateAlias)

Sets the certificate alias used for client and server authentication by this TLSTM. Setting this property to a value other than null filters out any certificates which are not in the chain of the given alias.

Specified by:

setLocalCertificateAlias in interface TlsTransportMappingConfig<X509Certificate>

Parameters:

localCertificateAlias - a certificate alias which filters a single certification chain from the javax.net.ssl.keyStore key store to be used to authenticate this TLS transport mapping. If null no filtering appears, which could lead to more than a single chain available for authentication by the peer, which would violate the TLSTM standard requirements.

getCounterSupport

public CounterSupport getCounterSupport()

getSupportedAddressClass

public Class<? extends Address> getSupportedAddressClass()

Description copied from interface: TransportMapping

Gets the primary Address class that is supported by this transport mapping.

Specified by:

getSupportedAddressClass in interface TransportMapping<UdpAddress>

Overrides:

getSupportedAddressClass in class UdpTransportMapping

Returns:

a subclass of Address.

getSupportedAddressClasses

public Set<Class<? extends Address>> getSupportedAddressClasses()

Returns a set of DtlsAddress and UdpAddress.

Specified by:

getSupportedAddressClasses in interface TransportMapping<UdpAddress>

Returns:

a set of address classes with at least one element (see getSupportedAddressClass().

getSecurityCallback

public TlsTmSecurityCallback<X509Certificate> getSecurityCallback()

Description copied from interface: TlsTransportMappingConfig

Gets the TlsTmSecurityCallback associated with this TransportMapping hook which is called by the transport mapping to lookup TLS security parameters from external configuration.

Specified by:

getSecurityCallback in interface TlsTransportMappingConfig<X509Certificate>

Returns:

a TlsTmSecurityCallback instance.

setSecurityCallback

public void setSecurityCallback(TlsTmSecurityCallback<X509Certificate> securityCallback)

Description copied from interface: TlsTransportMappingConfig

Sets the TlsTmSecurityCallback associated with this TransportMapping hook. This hook will be called to lookup the security name based on the TLS peer certificate, for example. See TlsTmSecurityCallback for details.

Specified by:

setSecurityCallback in interface TlsTransportMappingConfig<X509Certificate>

Parameters:

securityCallback - a TlsTmSecurityCallback instance. Setting this hook to null will disable incoming request processing because these request will be rejected due to an authorization error (no mathing SNMPv3 view).

getTrustManagerFactory

public TLSTMTrustManagerFactory getTrustManagerFactory()

setTrustManagerFactory

public void setTrustManagerFactory(TLSTMTrustManagerFactory trustManagerFactory)

Set the TLSTM trust manager factory. Using a trust manager factory other than the default allows to add support for Java 1.7 X509ExtendedTrustManager.

Parameters:

trustManagerFactory - a X.509 trust manager factory implementing the interface TLSTMTrustManagerFactory.

Since:

3.0.0

getListenAddress

public UdpAddress getListenAddress()

Description copied from interface: TransportMapping

Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.

Specified by:

getListenAddress in interface TransportMapping<UdpAddress>

Overrides:

getListenAddress in class DefaultUdpTransportMapping

Returns:

the address for incoming packets or null this transport mapping is not configured to listen for incoming packets.

close

public boolean close(UdpAddress remoteAddress)
              throws IOException

Closes a connection to the supplied remote address, if it is open. This method is particularly useful when not using a timeout for remote connections.

Specified by:

close in interface ConnectionOrientedTransportMapping<UdpAddress>

Parameters:

remoteAddress - the address of the peer socket.

Returns:

true if the connection has been closed and false if there was nothing to close.

Throws:

IOException - if the remote address cannot be closed due to an IO exception.

getConnectionTimeout

public long getConnectionTimeout()

Gets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.

Specified by:

getConnectionTimeout in interface ConnectionOrientedTransportMapping<UdpAddress>

Returns:

long the idle timeout in milliseconds.

getMessageLengthDecoder

public MessageLengthDecoder getMessageLengthDecoder()

Returns the MessageLengthDecoder used by this transport mapping.

Specified by:

getMessageLengthDecoder in interface ConnectionOrientedTransportMapping<UdpAddress>

Returns:

a MessageLengthDecoder instance.

setMessageLengthDecoder

public void setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder)

Sets the MessageLengthDecoder that decodes the total message length from the header of a message.

Specified by:

setMessageLengthDecoder in interface ConnectionOrientedTransportMapping<UdpAddress>

Parameters:

messageLengthDecoder - a MessageLengthDecoder instance.

setConnectionTimeout

public void setConnectionTimeout(long connectionTimeout)

Sets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.

Specified by:

setConnectionTimeout in interface ConnectionOrientedTransportMapping<UdpAddress>

Parameters:

connectionTimeout - the idle timeout in milliseconds. A zero or negative value will disable any timeout and connections opened by this transport mapping will stay opened until they are explicitly closed.

getSocketCleaner

public CommonTimer getSocketCleaner()

Gets the CommonTimer that controls socket cleanup operations.

Specified by:

getSocketCleaner in interface ConnectionOrientedTransportMapping<UdpAddress>

Overrides:

getSocketCleaner in class AbstractTransportMapping<UdpAddress>

Returns:

a socket cleaner timer.

Since:

3.0

isServerEnabled

public boolean isServerEnabled()

Checks whether a server for incoming requests is enabled.

Specified by:

isServerEnabled in interface ConnectionOrientedTransportMapping<UdpAddress>

Returns:

boolean

setServerEnabled

public void setServerEnabled(boolean serverEnabled)

Sets whether a server for incoming requests should be created when the transport is set into listen state. Setting this value has no effect until the listen() method is called (if the transport is already listening, close() has to be called before).

Specified by:

setServerEnabled in interface ConnectionOrientedTransportMapping<UdpAddress>

Parameters:

serverEnabled - if true if the transport will listens for incoming requests after listen() has been called.

setMaxInboundMessageSize

public void setMaxInboundMessageSize(int maxInboundMessageSize)

Sets the maximum buffer size for incoming requests. When SNMP packets are received that are longer than this maximum size, the messages will be silently dropped and the connection will be closed.

Overrides:

setMaxInboundMessageSize in class DefaultUdpTransportMapping

Parameters:

maxInboundMessageSize - the length of the inbound buffer in bytes.

getHandshakeTimeout

public int getHandshakeTimeout()

Gets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.

Returns:

the handshake timeout millis.

setHandshakeTimeout

public void setHandshakeTimeout(int handshakeTimeout)

Sets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.

Parameters:

handshakeTimeout - the new handshake timeout millis.

getX509CertificateRevocationListURI

public String getX509CertificateRevocationListURI()

Description copied from interface: X509TlsTransportMappingConfig

Gets the X509 certificate revocation list (CRL) URI, if defined.

Specified by:

getX509CertificateRevocationListURI in interface X509TlsTransportMappingConfig

Returns:

null if there is no CRL available/necessary or a URI string that points to a CRL file.

setX09CertificateRevocationListURI

public void setX09CertificateRevocationListURI(String crlURI)

Description copied from interface: X509TlsTransportMappingConfig

Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.

Specified by:

setX09CertificateRevocationListURI in interface X509TlsTransportMappingConfig

Parameters:

crlURI - null if there is no CRL available/necessary or a URI string that points to a CRL file.

prepareOutPackets

protected List<DatagramPacket> prepareOutPackets(UdpAddress targetAddress,
 byte[] message,
 TransportStateReference tmStateReference,
 DatagramSocket socket,
 long timeoutMillis,
 int maxRetries)
                                          throws IOException

Description copied from class: DefaultUdpTransportMapping

Prepare an application message for sending over the network to the specified target address.

Overrides:

prepareOutPackets in class DefaultUdpTransportMapping

Parameters:

targetAddress - the UDP address the message will be sent to.

message - the application message to send.

tmStateReference - the transport state reference associated with this message.

socket - the socket that will send the message over the network. @return an ByteBuffer that contains the network representation of the message (i.e. encrypted).

timeoutMillis - maximum number of milli seconds the connection creation might take (if connection based). Use 0 for responses or transport mappings that do not require connection establishment.

maxRetries - maximum retries during connection creation. Use 0 for responses.

Returns:

a list of prepared DatagramPacket instances. By default this is a singleton list.

Throws:

IOException - if the preparation of the network message fails (e.g. because the encryption handshake fails).

onReceiveTimeout

protected List<DatagramPacket> onReceiveTimeout(SSLEngine engine,
 SocketAddress socketAddr)
                                         throws IOException

Throws:

IOException

getPKIXRevocationChecker

public PKIXRevocationChecker getPKIXRevocationChecker()

Description copied from interface: X509TlsTransportMappingConfig

Gets the (optional and possibly null) revocation checker for the cert path validation of X509 certificates.

Specified by:

getPKIXRevocationChecker in interface X509TlsTransportMappingConfig

Returns:

null to disable cert path validation with CLR checking or a properly configured cert path checker instance.

setPKIXRevocationChecker

public void setPKIXRevocationChecker(PKIXRevocationChecker pkixRevocationChecker)

Description copied from interface: X509TlsTransportMappingConfig

Sets the (optional and possibly null) revocation checker for the cert path validation of X509 certificates.

Specified by:

setPKIXRevocationChecker in interface X509TlsTransportMappingConfig

Parameters:

pkixRevocationChecker - null to disable cert path validation with CLR checking or a properly configured cert path checker instance.

isAsyncMsgProcessingSupported

public boolean isAsyncMsgProcessingSupported()

Description copied from class: AbstractTransportMapping

Returns true if asynchronous (multi-threaded) message processing may be implemented. The default is true.

Overrides:

isAsyncMsgProcessingSupported in class AbstractTransportMapping<UdpAddress>

Returns:

if false is returned the MessageDispatcher.processMessage(org.snmp4j.TransportMapping, org.snmp4j.smi.Address, java.nio.ByteBuffer, org.snmp4j.TransportStateReference) method must not return before the message has been entirely processed.

setAsyncMsgProcessingSupported

public void setAsyncMsgProcessingSupported(boolean asyncMsgProcessingSupported)

Description copied from class: AbstractTransportMapping

Specifies whether this transport mapping has to support asynchronous messages processing or not.

Overrides:

setAsyncMsgProcessingSupported in class AbstractTransportMapping<UdpAddress>

Parameters:

asyncMsgProcessingSupported - if false the MessageDispatcher.processMessage(org.snmp4j.TransportMapping, org.snmp4j.smi.Address, java.nio.ByteBuffer, org.snmp4j.TransportStateReference) method must not return before the message has been entirely processed, because the incoming message buffer is not copied before the message is being processed. If true the message buffer is copied for each call, so that the message processing can be implemented asynchronously.

fireProcessMessage

protected void fireProcessMessage(DatagramPacket packet,
 ByteBuffer bis,
 TransportStateReference stateReference)

Overrides:

fireProcessMessage in class DefaultUdpTransportMapping

prepareInPacket

protected ByteBuffer prepareInPacket(DatagramPacket packet,
 byte[] buf,
 TransportStateReference tmStateReference)
                              throws IOException

Description copied from class: DefaultUdpTransportMapping

Prepare a network packet for the application.

Overrides:

prepareInPacket in class DefaultUdpTransportMapping

Parameters:

packet - the incoming network datagram packet.

buf - the buffer of the packet.

tmStateReference - the transport state reference.

Returns:

a byte buffer with the application data of the packet.

Throws:

IOException - if there occurs an IO exception during preparation.

produceHandshakePackets

protected List<DatagramPacket> produceHandshakePackets(SSLEngine sslEngine,
 SocketAddress socketAddress)
                                                throws IOException

Throws:

IOException

createHandshakePacket

protected DatagramPacket createHandshakePacket(byte[] buf,
 SocketAddress socketAddr)

getSslEngineConfigurator

public SSLEngineConfigurator getSslEngineConfigurator()

setSslEngineConfigurator

public void setSslEngineConfigurator(SSLEngineConfigurator sslEngineConfigurator)

ensureSslEngineConfigurator

protected SSLEngineConfigurator ensureSslEngineConfigurator()

Returns the configured setSslEngineConfigurator(SSLEngineConfigurator) or the DefaultSSLEngineConfiguration which will then become the configured SSL engine configurator. This method is not synchronized against concurrent execution of setSslEngineConfigurator(SSLEngineConfigurator).

Returns:

a non-null SSLEngineConfigurator.

Since:

3.0.5