- All Implemented Interfaces:
Closeable
,AutoCloseable
,ConnectionOrientedTransportMapping<UdpAddress>
,TlsTransportMappingConfig<X509Certificate>
,X509TlsTransportMappingConfig
,TransportMapping<UdpAddress>
public class DTLSTM
extends DefaultUdpTransportMapping
implements X509TlsTransportMappingConfig, ConnectionOrientedTransportMapping<UdpAddress>
The
DTLSTM
implements the Datagram Transport Layer Security Transport Mapping (TLS-TM) as defined by RFC
5953 with the new IO API and SSLEngine
.
It uses a single thread for processing incoming and outgoing messages. The thread is started when the
listen
method is called, or when an outgoing request is sent using the sendMessage
method.
- Since:
- 3.0
- Version:
- 3.6.0
- Author:
- Frank Fock
-
Nested Class Summary
Nested classes/interfaces inherited from class org.snmp4j.transport.DefaultUdpTransportMapping
DefaultUdpTransportMapping.ListenThread
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
static final String
static final int
static final int
static final int
static final int
Fields inherited from class org.snmp4j.transport.DefaultUdpTransportMapping
listenerThread, socket
Fields inherited from class org.snmp4j.transport.UdpTransportMapping
udpAddress
Fields inherited from class org.snmp4j.transport.AbstractTransportMapping
asyncMsgProcessingSupported, listenWorkerTask, maxInboundMessageSize, suspendedAddresses, transportListener, transportStateListeners
-
Constructor Summary
ConstructorDescriptionDTLSTM()
Creates a default UDP transport mapping with the server for incoming messages disabled.DTLSTM
(DtlsAddress address) Creates a TLS transport mapping with the server for incoming messages bind to the given DTLS address.DTLSTM
(DtlsAddress address, boolean serverEnabled) Creates a TLS transport mapping with the server for incoming messages bind to the given address.DTLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress) Creates a DTLS transport mapping that binds to the given address (interface) on the local host.DTLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport) Creates a TLS transport mapping that binds to the given address (interface) on the local host and runs as a server.DTLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled) Creates a TLS transport mapping that binds to the given address (interface) on the local host. -
Method Summary
Modifier and TypeMethodDescriptionvoid
close()
Closes the socket and stops the listener thread and socket cleaner timer (ifDefaultUdpTransportMapping.getSocketTimeout()
is greater than zero).boolean
close
(UdpAddress remoteAddress) Closes a connection to the supplied remote address, if it is open.protected DatagramPacket
createHandshakePacket
(byte[] buf, SocketAddress socketAddr) protected SSLEngineConfigurator
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator.protected void
fireProcessMessage
(DatagramPacket packet, ByteBuffer bis, TransportStateReference stateReference) long
Gets the connection timeout.int
int
Gets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.Gets the certificate alias used for client and server authentication.Returns theMessageLengthDecoder
used by this transport mapping.Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.String[]
Return the (D)TLS protocol versions used by this transport mapping.Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.Gets theCommonTimer
that controls socket cleanup operations.Gets the primaryAddress
class that is supported by this transport mapping.Returns a set ofDtlsAddress
andUdpAddress
.Gets the X509 certificate revocation list (CRL) URI, if defined.boolean
Returnstrue
if asynchronous (multi-threaded) message processing may be implemented.boolean
Checks whether a server for incoming requests is enabled.void
listen()
Starts the listener thread that accepts incoming messages.protected List
<DatagramPacket> onReceiveTimeout
(SSLEngine engine, SocketAddress socketAddr) protected ByteBuffer
prepareInPacket
(DatagramPacket packet, byte[] buf, TransportStateReference tmStateReference) Prepare a network packet for the application.protected List
<DatagramPacket> prepareOutPackets
(UdpAddress targetAddress, byte[] message, TransportStateReference tmStateReference, DatagramSocket socket, long timeoutMillis, int maxRetries) Prepare an application message for sending over the network to the specified target address.protected List
<DatagramPacket> produceHandshakePackets
(SSLEngine sslEngine, SocketAddress socketAddress) void
setAsyncMsgProcessingSupported
(boolean asyncMsgProcessingSupported) Specifies whether this transport mapping has to support asynchronous messages processing or not.void
setConnectionTimeout
(long connectionTimeout) Sets the connection timeout.void
setDtlsHandshakeThreadPoolSize
(int dtlsHandshakeThreadPoolSize) Sets the maximum number of threads reserved for DTLS inbound connection handshake processing.void
setHandshakeTimeout
(int handshakeTimeout) Sets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.void
setKeyStore
(String keyStore) void
setKeyStorePassword
(String keyStorePassword) void
setLocalCertificateAlias
(String localCertificateAlias) Sets the certificate alias used for client and server authentication by this TLSTM.void
setMaxInboundMessageSize
(int maxInboundMessageSize) Sets the maximum buffer size for incoming requests.void
setMessageLengthDecoder
(MessageLengthDecoder messageLengthDecoder) Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.void
setPKIXRevocationChecker
(PKIXRevocationChecker pkixRevocationChecker) Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.void
setProtocolVersions
(String[] dtlsProtocols) Sets the DTLS protocols/versions that DTLSTM should use during handshake.void
setSecurityCallback
(TlsTmSecurityCallback<X509Certificate> securityCallback) Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook.void
setServerEnabled
(boolean serverEnabled) Sets whether a server for incoming requests should be created when the transport is set into listen state.void
setSslEngineConfigurator
(SSLEngineConfigurator sslEngineConfigurator) void
setTrustManagerFactory
(TLSTMTrustManagerFactory trustManagerFactory) Set the TLSTM trust manager factory.void
setTrustStore
(String trustStore) void
setTrustStorePassword
(String trustStorePassword) void
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.Methods inherited from class org.snmp4j.transport.DefaultUdpTransportMapping
ensureSocket, getReceiveBufferSize, getSocketTimeout, renewSocketAfterException, sendMessage, setReceiveBufferSize, setSocketTimeout
Methods inherited from class org.snmp4j.transport.UdpTransportMapping
getAddress
Methods inherited from class org.snmp4j.transport.AbstractTransportMapping
addTransportListener, addTransportStateListener, fireConnectionStateChanged, fireProcessMessage, getListenWorkerTask, getMaxInboundMessageSize, getPriority, getSuspendedAddresses, getThreadName, handleDroppedMessageToSend, isListening, removeAllTransportListeners, removeTransportListener, removeTransportStateListener, resumeAddress, setPriority, setThreadName, suspendAddress
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.snmp4j.transport.ConnectionOrientedTransportMapping
addTransportStateListener, removeTransportStateListener, resumeAddress, suspendAddress
Methods inherited from interface org.snmp4j.TransportMapping
addTransportListener, getMaxInboundMessageSize, getMaxOutboundMessageSize, isAddressSupported, isAddressSupported, isListening, removeTransportListener, sendMessage
-
Field Details
-
MAX_HANDSHAKE_LOOPS
public static final int MAX_HANDSHAKE_LOOPS- See Also:
-
DEFAULT_SOCKET_TIMEOUT
public static final int DEFAULT_SOCKET_TIMEOUT- See Also:
-
DEFAULT_HANDSHAKE_TIMEOUT
public static final int DEFAULT_HANDSHAKE_TIMEOUT- See Also:
-
DEFAULT_CONNECTION_TIMEOUT
public static final int DEFAULT_CONNECTION_TIMEOUT- See Also:
-
DEFAULT_DTLSTM_PROTOCOLS
- See Also:
-
MAX_TLS_PAYLOAD_SIZE
public static final int MAX_TLS_PAYLOAD_SIZE- See Also:
-
-
Constructor Details
-
DTLSTM
Creates a default UDP transport mapping with the server for incoming messages disabled.- Throws:
UnknownHostException
- if the local host cannot be determined.IOException
-
DTLSTM
Creates a TLS transport mapping with the server for incoming messages bind to the given DTLS address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- server address to bind.- Throws:
IOException
- on failure of binding a local port.- Since:
- 3.3.2
-
DTLSTM
Creates a TLS transport mapping with the server for incoming messages bind to the given address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- server address to bind.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
IOException
- on failure of binding a local port.- Since:
- 3.2.0
-
DTLSTM
public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress) throws IOException Creates a DTLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the UdpAddress instance that describes the server address to listen on incoming connection requests.- Throws:
IOException
- if the given address cannot be bound.
-
DTLSTM
public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport) throws IOException Creates a TLS transport mapping that binds to the given address (interface) on the local host and runs as a server.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the UdpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.- Throws:
IOException
- if the given address cannot be bound.
-
DTLSTM
public DTLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, DtlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled) throws IOException Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the UdpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
IOException
- if the given address cannot be bound.- Since:
- 3.2.0
-
-
Method Details
-
listen
Starts the listener thread that accepts incoming messages. The thread is started in daemon mode and thus it will not block application terminated. Nevertheless, theclose()
method should be called to stop the listen thread gracefully and free associated ressources.- Specified by:
listen
in interfaceTransportMapping<UdpAddress>
- Overrides:
listen
in classDefaultUdpTransportMapping
- Throws:
IOException
- if the listen port could not be bound to the server thread.
-
close
Closes the socket and stops the listener thread and socket cleaner timer (ifDefaultUdpTransportMapping.getSocketTimeout()
is greater than zero).- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceCloseable
- Specified by:
close
in interfaceTransportMapping<UdpAddress>
- Overrides:
close
in classDefaultUdpTransportMapping
- Throws:
IOException
- if the socket cannot be closed.
-
getSupportedTransportType
- Specified by:
getSupportedTransportType
in interfaceTransportMapping<UdpAddress>
- Returns:
TransportType.receiver
ifisServerEnabled()
istrue
andTransportType.sender
otherwise.- Since:
- 3.2.0
-
getDtlsHandshakeThreadPoolSize
public int getDtlsHandshakeThreadPoolSize() -
setDtlsHandshakeThreadPoolSize
public void setDtlsHandshakeThreadPoolSize(int dtlsHandshakeThreadPoolSize) Sets the maximum number of threads reserved for DTLS inbound connection handshake processing.- Parameters:
dtlsHandshakeThreadPoolSize
- the thread pool size that gets effective whenlisten()
is called. Default isDEFAULT_DTLS_HANDSHAKE_THREADPOOL_SIZE
.
-
getLocalCertificateAlias
Description copied from interface:TlsTransportMappingConfig
Gets the certificate alias used for client and server authentication. See alsoTlsTransportMappingConfig.setLocalCertificateAlias(java.lang.String)
- Specified by:
getLocalCertificateAlias
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- the certificate alias selecting the local certificate.
-
getProtocolVersions
Description copied from interface:TlsTransportMappingConfig
Return the (D)TLS protocol versions used by this transport mapping.- Specified by:
getProtocolVersions
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- an array of SunJSSE TLS/DTLS provider (depending on the transport mapping type).
-
getProtocolVersionPropertyName
Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.- Specified by:
getProtocolVersionPropertyName
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- a property name like
SnmpConfigurator.P_TLS_VERSION
orSnmpConfigurator.P_DTLS_VERSION
.
-
setProtocolVersions
Sets the DTLS protocols/versions that DTLSTM should use during handshake. The default is defined byDEFAULT_DTLSTM_PROTOCOLS
.- Specified by:
setProtocolVersions
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
dtlsProtocols
- an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.- Since:
- 3.0
-
getKeyStore
- Specified by:
getKeyStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setKeyStore
- Specified by:
setKeyStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getKeyStorePassword
- Specified by:
getKeyStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setKeyStorePassword
- Specified by:
setKeyStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getTrustStore
- Specified by:
getTrustStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setTrustStore
- Specified by:
setTrustStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getTrustStorePassword
- Specified by:
getTrustStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setTrustStorePassword
- Specified by:
setTrustStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setLocalCertificateAlias
Sets the certificate alias used for client and server authentication by this TLSTM. Setting this property to a value other thannull
filters out any certificates which are not in the chain of the given alias.- Specified by:
setLocalCertificateAlias
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
localCertificateAlias
- a certificate alias which filters a single certification chain from thejavax.net.ssl.keyStore
key store to be used to authenticate this TLS transport mapping. Ifnull
no filtering appears, which could lead to more than a single chain available for authentication by the peer, which would violate the TLSTM standard requirements.
-
getCounterSupport
-
getSupportedAddressClass
Description copied from interface:TransportMapping
Gets the primaryAddress
class that is supported by this transport mapping.- Specified by:
getSupportedAddressClass
in interfaceTransportMapping<UdpAddress>
- Overrides:
getSupportedAddressClass
in classUdpTransportMapping
- Returns:
- a subclass of
Address
.
-
getSupportedAddressClasses
Returns a set ofDtlsAddress
andUdpAddress
.- Specified by:
getSupportedAddressClasses
in interfaceTransportMapping<UdpAddress>
- Returns:
- a set of address classes with at least one element (see
getSupportedAddressClass()
.
-
getSecurityCallback
Description copied from interface:TlsTransportMappingConfig
Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.- Specified by:
getSecurityCallback
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- a
TlsTmSecurityCallback
instance.
-
setSecurityCallback
Description copied from interface:TlsTransportMappingConfig
Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook. This hook will be called to lookup the security name based on the TLS peer certificate, for example. SeeTlsTmSecurityCallback
for details.- Specified by:
setSecurityCallback
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
securityCallback
- aTlsTmSecurityCallback
instance. Setting this hook tonull
will disable incoming request processing because these request will be rejected due to an authorization error (no mathing SNMPv3 view).
-
getTrustManagerFactory
-
setTrustManagerFactory
Set the TLSTM trust manager factory. Using a trust manager factory other than the default allows to add support for Java 1.7 X509ExtendedTrustManager.- Parameters:
trustManagerFactory
- a X.509 trust manager factory implementing the interfaceTLSTMTrustManagerFactory
.- Since:
- 3.0.0
-
getListenAddress
Description copied from interface:TransportMapping
Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.- Specified by:
getListenAddress
in interfaceTransportMapping<UdpAddress>
- Overrides:
getListenAddress
in classDefaultUdpTransportMapping
- Returns:
- the address for incoming packets or
null
this transport mapping is not configured to listen for incoming packets.
-
close
Closes a connection to the supplied remote address, if it is open. This method is particularly useful when not using a timeout for remote connections.- Specified by:
close
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Parameters:
remoteAddress
- the address of the peer socket.- Returns:
true
if the connection has been closed andfalse
if there was nothing to close.- Throws:
IOException
- if the remote address cannot be closed due to an IO exception.
-
getConnectionTimeout
public long getConnectionTimeout()Gets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
getConnectionTimeout
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Returns:
- long the idle timeout in milliseconds.
-
getMessageLengthDecoder
Returns theMessageLengthDecoder
used by this transport mapping.- Specified by:
getMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Returns:
- a MessageLengthDecoder instance.
-
setMessageLengthDecoder
Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.- Specified by:
setMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Parameters:
messageLengthDecoder
- a MessageLengthDecoder instance.
-
setConnectionTimeout
public void setConnectionTimeout(long connectionTimeout) Sets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
setConnectionTimeout
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Parameters:
connectionTimeout
- the idle timeout in milliseconds. A zero or negative value will disable any timeout and connections opened by this transport mapping will stay opened until they are explicitly closed.
-
getSocketCleaner
Gets theCommonTimer
that controls socket cleanup operations.- Specified by:
getSocketCleaner
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Overrides:
getSocketCleaner
in classAbstractTransportMapping<UdpAddress>
- Returns:
- a socket cleaner timer.
- Since:
- 3.0
-
isServerEnabled
public boolean isServerEnabled()Checks whether a server for incoming requests is enabled.- Specified by:
isServerEnabled
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Returns:
- boolean
-
setServerEnabled
public void setServerEnabled(boolean serverEnabled) Sets whether a server for incoming requests should be created when the transport is set into listen state. Setting this value has no effect until thelisten()
method is called (if the transport is already listening,close()
has to be called before).- Specified by:
setServerEnabled
in interfaceConnectionOrientedTransportMapping<UdpAddress>
- Parameters:
serverEnabled
- iftrue
if the transport will listens for incoming requests afterlisten()
has been called.
-
setMaxInboundMessageSize
public void setMaxInboundMessageSize(int maxInboundMessageSize) Sets the maximum buffer size for incoming requests. When SNMP packets are received that are longer than this maximum size, the messages will be silently dropped and the connection will be closed.- Overrides:
setMaxInboundMessageSize
in classDefaultUdpTransportMapping
- Parameters:
maxInboundMessageSize
- the length of the inbound buffer in bytes.
-
getHandshakeTimeout
public int getHandshakeTimeout()Gets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.- Returns:
- the handshake timeout millis.
-
setHandshakeTimeout
public void setHandshakeTimeout(int handshakeTimeout) Sets the maximum number of milliseconds to wait for the DTLS handshake operation to succeed.- Parameters:
handshakeTimeout
- the new handshake timeout millis.
-
getX509CertificateRevocationListURI
Description copied from interface:X509TlsTransportMappingConfig
Gets the X509 certificate revocation list (CRL) URI, if defined.- Specified by:
getX509CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Returns:
null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
setX09CertificateRevocationListURI
Description copied from interface:X509TlsTransportMappingConfig
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.- Specified by:
setX09CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Parameters:
crlURI
-null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
prepareOutPackets
protected List<DatagramPacket> prepareOutPackets(UdpAddress targetAddress, byte[] message, TransportStateReference tmStateReference, DatagramSocket socket, long timeoutMillis, int maxRetries) throws IOException Description copied from class:DefaultUdpTransportMapping
Prepare an application message for sending over the network to the specified target address.- Overrides:
prepareOutPackets
in classDefaultUdpTransportMapping
- Parameters:
targetAddress
- the UDP address the message will be sent to.message
- the application message to send.tmStateReference
- the transport state reference associated with this message.socket
- the socket that will send the message over the network. @return an ByteBuffer that contains the network representation of the message (i.e. encrypted).timeoutMillis
- maximum number of milli seconds the connection creation might take (if connection based). Use 0 for responses or transport mappings that do not require connection establishment.maxRetries
- maximum retries during connection creation. Use 0 for responses.- Returns:
- a list of prepared
DatagramPacket
instances. By default this is a singleton list. - Throws:
IOException
- if the preparation of the network message fails (e.g. because the encryption handshake fails).
-
onReceiveTimeout
protected List<DatagramPacket> onReceiveTimeout(SSLEngine engine, SocketAddress socketAddr) throws IOException - Throws:
IOException
-
getPKIXRevocationChecker
Description copied from interface:X509TlsTransportMappingConfig
Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
getPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Returns:
null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
setPKIXRevocationChecker
Description copied from interface:X509TlsTransportMappingConfig
Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
setPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Parameters:
pkixRevocationChecker
-null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
isAsyncMsgProcessingSupported
public boolean isAsyncMsgProcessingSupported()Description copied from class:AbstractTransportMapping
Returnstrue
if asynchronous (multi-threaded) message processing may be implemented. The default istrue
.- Overrides:
isAsyncMsgProcessingSupported
in classAbstractTransportMapping<UdpAddress>
- Returns:
- if
false
is returned theMessageDispatcher.processMessage(org.snmp4j.TransportMapping, org.snmp4j.smi.Address, java.nio.ByteBuffer, org.snmp4j.TransportStateReference)
method must not return before the message has been entirely processed.
-
setAsyncMsgProcessingSupported
public void setAsyncMsgProcessingSupported(boolean asyncMsgProcessingSupported) Description copied from class:AbstractTransportMapping
Specifies whether this transport mapping has to support asynchronous messages processing or not.- Overrides:
setAsyncMsgProcessingSupported
in classAbstractTransportMapping<UdpAddress>
- Parameters:
asyncMsgProcessingSupported
- iffalse
theMessageDispatcher.processMessage(org.snmp4j.TransportMapping, org.snmp4j.smi.Address, java.nio.ByteBuffer, org.snmp4j.TransportStateReference)
method must not return before the message has been entirely processed, because the incoming message buffer is not copied before the message is being processed. Iftrue
the message buffer is copied for each call, so that the message processing can be implemented asynchronously.
-
fireProcessMessage
protected void fireProcessMessage(DatagramPacket packet, ByteBuffer bis, TransportStateReference stateReference) - Overrides:
fireProcessMessage
in classDefaultUdpTransportMapping
-
prepareInPacket
protected ByteBuffer prepareInPacket(DatagramPacket packet, byte[] buf, TransportStateReference tmStateReference) throws IOException Description copied from class:DefaultUdpTransportMapping
Prepare a network packet for the application.- Overrides:
prepareInPacket
in classDefaultUdpTransportMapping
- Parameters:
packet
- the incoming network datagram packet.buf
- the buffer of the packet.tmStateReference
- the transport state reference.- Returns:
- a byte buffer with the application data of the packet.
- Throws:
IOException
- if there occurs an IO exception during preparation.
-
produceHandshakePackets
protected List<DatagramPacket> produceHandshakePackets(SSLEngine sslEngine, SocketAddress socketAddress) throws IOException - Throws:
IOException
-
createHandshakePacket
-
getSslEngineConfigurator
-
setSslEngineConfigurator
-
ensureSslEngineConfigurator
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator. This method is not synchronized against concurrent execution ofsetSslEngineConfigurator(SSLEngineConfigurator)
.- Returns:
- a non-null
SSLEngineConfigurator
. - Since:
- 3.0.5
-