- java.lang.Object
-
- org.snmp4j.transport.AbstractTransportMapping<TcpAddress>
-
- org.snmp4j.transport.TcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
-
- org.snmp4j.transport.TLSTM
-
- All Implemented Interfaces:
java.io.Closeable
,java.lang.AutoCloseable
,ConnectionOrientedTransportMapping<TcpAddress>
,TlsTransportMappingConfig<java.security.cert.X509Certificate>
,X509TlsTransportMappingConfig
,TransportMapping<TcpAddress>
public class TLSTM extends TcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry> implements X509TlsTransportMappingConfig
TheTLSTM
implements the Transport Layer Security Transport Mapping (TLS-TM) as defined by RFC 5953 with the new IO API andSSLEngine
.It uses a single thread for processing incoming and outgoing messages. The thread is started when the
listen
method is called, or when an outgoing request is sent using thesendMessage
method.- Since:
- 2.0
- Version:
- 3.5.0
- Author:
- Frank Fock
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DEFAULT_TLSTM_PROTOCOLS
The default supported TLS protocol versions.static int
MAX_TLS_PAYLOAD_SIZE
static int
TLS_MAX_FRAGMENT_SIZE
-
Fields inherited from class org.snmp4j.transport.TcpTransportMapping
openSocketOnSending, serverEnabled, sockets, tcpAddress
-
Fields inherited from class org.snmp4j.transport.AbstractTransportMapping
asyncMsgProcessingSupported, listenWorkerTask, maxInboundMessageSize, suspendedAddresses, transportListener
-
-
Constructor Summary
Constructors Constructor Description TLSTM()
Creates a default TCP transport mapping with the server for incoming messages disabled.TLSTM(TlsAddress address)
Creates a TLS transport mapping with the server for incoming messages bind to the given address.TLSTM(TlsAddress address, boolean serverEnabled)
Creates a TLS transport mapping with the server for incoming messages bind to the given address.TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress)
Creates a TLS transport mapping that binds to the given address (interface) on the local host.TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport)
Creates a TLS transport mapping that binds to the given address (interface) on the local host.TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled)
Creates a TLS transport mapping that binds to the given address (interface) on the local host.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
close()
Closes all open sockets and stops the internal server thread that processes messages.protected TlsAddress
createIncomingAddress(java.net.Socket s)
protected SSLEngineConfigurator
ensureSslEngineConfigurator()
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator.long
getConnectionTimeout()
Gets the connection timeout.CounterSupport
getCounterSupport()
java.lang.String
getKeyStore()
java.lang.String
getKeyStorePassword()
TcpAddress
getListenAddress()
Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.protected WorkerTask
getListenerWorkerTask()
Gets theWorkerTask
that is responsible for receiving new messages.java.lang.String
getLocalCertificateAlias()
Gets the certificate alias used for client and server authentication.int
getMaxInboundMessageSize()
Gets the inbound buffer size for incoming requests.MessageLengthDecoder
getMessageLengthDecoder()
Returns theMessageLengthDecoder
used by this transport mapping.java.security.cert.PKIXRevocationChecker
getPKIXRevocationChecker()
Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.java.lang.String
getProtocolVersionPropertyName()
Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.java.lang.String[]
getProtocolVersions()
Return the (D)TLS protocol versions used by this transport mapping.TlsTmSecurityCallback<java.security.cert.X509Certificate>
getSecurityCallback()
Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.CommonTimer
getSocketCleaner()
Gets theCommonTimer
that controls socket cleanup operations.SSLEngineConfigurator
getSslEngineConfigurator()
java.lang.Class<? extends Address>
getSupportedAddressClass()
Gets the primaryAddress
class that is supported by this transport mapping.TransportType
getSupportedTransportType()
Gets theTransportType
thisTransportMapping
supports depending onTcpTransportMapping.isServerEnabled()
.int
getTlsMaxFragmentSize()
Gets the maximum fragment size of supported for this transport mapping when acting as TLS server.java.lang.String[]
getTlsProtocols()
Deprecated.UsegetProtocolVersions()
instead.TLSTMTrustManagerFactory
getTrustManagerFactory()
java.lang.String
getTrustStore()
java.lang.String
getTrustStorePassword()
java.lang.String
getX509CertificateRevocationListURI()
Gets the X509 certificate revocation list (CRL) URI, if defined.protected static boolean
isEngineClosed(javax.net.ssl.SSLEngine engine)
Check if aSSLEngine
is fully closed.boolean
isListening()
Returnstrue
if the transport mapping is listening for incoming messages.void
listen()
Listen for incoming and outgoing requests.void
sendMessage(TcpAddress address, byte[] message, TransportStateReference tmStateReference, long timeoutMillis, int maxRetries)
Sends an SNMP message to the supplied address.void
setConnectionTimeout(long connectionTimeout)
Sets the connection timeout.void
setKeyStore(java.lang.String keyStore)
void
setKeyStorePassword(java.lang.String keyStorePassword)
void
setLocalCertificateAlias(java.lang.String localCertificateAlias)
Sets the certificate alias used for client and server authentication by this TLSTM.void
setMaxInboundMessageSize(int maxInboundMessageSize)
Sets the maximum buffer size for incoming requests.void
setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder)
Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.void
setPKIXRevocationChecker(java.security.cert.PKIXRevocationChecker pkixRevocationChecker)
Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.void
setProtocolVersions(java.lang.String[] protocolVersions)
Sets the TLS protocols/versions that TLSTM should use during handshake.void
setSecurityCallback(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback)
Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook.void
setSslEngineConfigurator(SSLEngineConfigurator sslEngineConfigurator)
Sets the configurator for theSSLEngine
internally used to run the TLS communication.void
setTlsMaxFragmentSize(int tlsMaxFragmentSize)
Sets the maximum TLS fragment size that this transport mapping should support as server.void
setTlsProtocols(java.lang.String[] tlsProtocols)
Deprecated.UsesetProtocolVersions(String[])
instead.void
setTrustManagerFactory(TLSTMTrustManagerFactory trustManagerFactory)
Set the TLSTM trust manager factory.void
setTrustStore(java.lang.String trustStore)
void
setTrustStorePassword(java.lang.String trustStorePassword)
void
setX09CertificateRevocationListURI(java.lang.String crlURI)
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.-
Methods inherited from class org.snmp4j.transport.TcpTransportMapping
addTransportStateListener, cancelNonServerSelectionKey, close, closeSockets, fireConnectionStateChanged, getAddress, getListenWorkerTask, isOpenSocketOnSending, isServerEnabled, removeTransportStateListener, setOpenSocketOnSending, setServerEnabled, setSocketOptions, timeoutSocket
-
Methods inherited from class org.snmp4j.transport.AbstractTransportMapping
addTransportListener, fireProcessMessage, getPriority, getThreadName, handleDroppedMessageToSend, isAsyncMsgProcessingSupported, removeAllTransportListeners, removeTransportListener, resumeAddress, setAsyncMsgProcessingSupported, setPriority, setThreadName, suspendAddress
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.snmp4j.transport.ConnectionOrientedTransportMapping
resumeAddress, suspendAddress
-
Methods inherited from interface org.snmp4j.TransportMapping
addTransportListener, getSupportedAddressClasses, isAddressSupported, isAddressSupported, removeTransportListener
-
-
-
-
Field Detail
-
TLS_MAX_FRAGMENT_SIZE
public static final int TLS_MAX_FRAGMENT_SIZE
- See Also:
- Constant Field Values
-
DEFAULT_TLSTM_PROTOCOLS
public static final java.lang.String DEFAULT_TLSTM_PROTOCOLS
The default supported TLS protocol versions.- See Also:
- Constant Field Values
-
MAX_TLS_PAYLOAD_SIZE
public static final int MAX_TLS_PAYLOAD_SIZE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
TLSTM
public TLSTM() throws java.net.UnknownHostException
Creates a default TCP transport mapping with the server for incoming messages disabled.- Throws:
java.net.UnknownHostException
- if the local host cannot be determined.
-
TLSTM
public TLSTM(TlsAddress address) throws java.io.IOException
Creates a TLS transport mapping with the server for incoming messages bind to the given address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- the address to bind for incoming requests.- Throws:
java.io.IOException
- on failure of binding a local port.
-
TLSTM
public TLSTM(TlsAddress address, boolean serverEnabled) throws java.io.IOException
Creates a TLS transport mapping with the server for incoming messages bind to the given address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- the address to bind for incoming requests.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
java.io.IOException
- on failure of binding a local port.- Since:
- 3.2.0
-
TLSTM
public TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress) throws java.io.IOException
Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.- Throws:
java.io.IOException
- if the given address cannot be bound.
-
TLSTM
public TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport) throws java.io.IOException
Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.- Throws:
java.io.IOException
- if the given address cannot be bound.
-
TLSTM
public TLSTM(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled) throws java.io.IOException
Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
java.io.IOException
- if the given address cannot be bound.- Since:
- 3.2.0
-
-
Method Detail
-
getLocalCertificateAlias
public java.lang.String getLocalCertificateAlias()
Description copied from interface:TlsTransportMappingConfig
Gets the certificate alias used for client and server authentication. See alsoTlsTransportMappingConfig.setLocalCertificateAlias(java.lang.String)
- Specified by:
getLocalCertificateAlias
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Returns:
- the certificate alias selecting the local certificate.
-
getSupportedTransportType
public TransportType getSupportedTransportType()
Gets theTransportType
thisTransportMapping
supports depending onTcpTransportMapping.isServerEnabled()
.- Specified by:
getSupportedTransportType
in interfaceTransportMapping<TcpAddress>
- Returns:
TransportType.any
ifTcpTransportMapping.isServerEnabled()
istrue
andTransportType.sender
otherwise.- Since:
- 3.2.0
-
getTlsMaxFragmentSize
public int getTlsMaxFragmentSize()
Gets the maximum fragment size of supported for this transport mapping when acting as TLS server.- Returns:
- the maximum TLS fragment size as defined by RFC 6066 section 4.
-
setTlsMaxFragmentSize
public void setTlsMaxFragmentSize(int tlsMaxFragmentSize)
Sets the maximum TLS fragment size that this transport mapping should support as server. There is no need to change that from the defaultTLS_MAX_FRAGMENT_SIZE
unless, a new Java version allows to set the maximum fragment size to a lower value.- Parameters:
tlsMaxFragmentSize
- a value as defined by RFC 6066 section 4.- Since:
- 3.0.5
-
getTlsProtocols
@Deprecated public java.lang.String[] getTlsProtocols()
Deprecated.UsegetProtocolVersions()
instead.Gets the TLS protocols supported by this transport mapping.- Returns:
- an array of TLS protocol (version) names supported by the SunJSSE provider.
-
setTlsProtocols
@Deprecated public void setTlsProtocols(java.lang.String[] tlsProtocols)
Deprecated.UsesetProtocolVersions(String[])
instead.Sets the TLS protocols/versions that TLSTM should use during handshake. The default is defined byDEFAULT_TLSTM_PROTOCOLS
.- Parameters:
tlsProtocols
- an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.- Since:
- 2.0.3
-
setProtocolVersions
public void setProtocolVersions(java.lang.String[] protocolVersions)
Sets the TLS protocols/versions that TLSTM should use during handshake. The default is defined byDEFAULT_TLSTM_PROTOCOLS
.- Specified by:
setProtocolVersions
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Parameters:
protocolVersions
- an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.- Since:
- 3.0
-
getProtocolVersions
public java.lang.String[] getProtocolVersions()
Description copied from interface:TlsTransportMappingConfig
Return the (D)TLS protocol versions used by this transport mapping.- Specified by:
getProtocolVersions
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Returns:
- an array of SunJSSE TLS/DTLS provider (depending on the transport mapping type).
-
getProtocolVersionPropertyName
public java.lang.String getProtocolVersionPropertyName()
Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.- Specified by:
getProtocolVersionPropertyName
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Returns:
- a property name like
SnmpConfigurator.P_TLS_VERSION
orSnmpConfigurator.P_DTLS_VERSION
. - Since:
- 3.0
-
getKeyStore
public java.lang.String getKeyStore()
- Specified by:
getKeyStore
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
setKeyStore
public void setKeyStore(java.lang.String keyStore)
- Specified by:
setKeyStore
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
getKeyStorePassword
public java.lang.String getKeyStorePassword()
- Specified by:
getKeyStorePassword
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
setKeyStorePassword
public void setKeyStorePassword(java.lang.String keyStorePassword)
- Specified by:
setKeyStorePassword
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
getTrustStore
public java.lang.String getTrustStore()
- Specified by:
getTrustStore
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
setTrustStore
public void setTrustStore(java.lang.String trustStore)
- Specified by:
setTrustStore
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
getTrustStorePassword
public java.lang.String getTrustStorePassword()
- Specified by:
getTrustStorePassword
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
setTrustStorePassword
public void setTrustStorePassword(java.lang.String trustStorePassword)
- Specified by:
setTrustStorePassword
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
-
setLocalCertificateAlias
public void setLocalCertificateAlias(java.lang.String localCertificateAlias)
Sets the certificate alias used for client and server authentication by this TLSTM. Setting this property to a value other thannull
filters out any certificates which are not in the chain of the given alias.- Specified by:
setLocalCertificateAlias
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Parameters:
localCertificateAlias
- a certificate alias which filters a single certification chain from thejavax.net.ssl.keyStore
key store to be used to authenticate this TLS transport mapping. Ifnull
no filtering appears, which could lead to more than a single chain available for authentication by the peer, which would violate the TLSTM standard requirements.
-
getCounterSupport
public CounterSupport getCounterSupport()
-
getSupportedAddressClass
public java.lang.Class<? extends Address> getSupportedAddressClass()
Description copied from interface:TransportMapping
Gets the primaryAddress
class that is supported by this transport mapping.- Specified by:
getSupportedAddressClass
in interfaceTransportMapping<TcpAddress>
- Overrides:
getSupportedAddressClass
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- a subclass of
Address
.
-
getSecurityCallback
public TlsTmSecurityCallback<java.security.cert.X509Certificate> getSecurityCallback()
Description copied from interface:TlsTransportMappingConfig
Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.- Specified by:
getSecurityCallback
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Returns:
- a
TlsTmSecurityCallback
instance.
-
setSecurityCallback
public void setSecurityCallback(TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback)
Description copied from interface:TlsTransportMappingConfig
Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook. This hook will be called to lookup the security name based on the TLS peer certificate, for example. SeeTlsTmSecurityCallback
for details.- Specified by:
setSecurityCallback
in interfaceTlsTransportMappingConfig<java.security.cert.X509Certificate>
- Parameters:
securityCallback
- aTlsTmSecurityCallback
instance. Setting this hook tonull
will disable incoming request processing because these request will be rejected due to an authorization error (no mathing SNMPv3 view).
-
getSslEngineConfigurator
public SSLEngineConfigurator getSslEngineConfigurator()
-
setSslEngineConfigurator
public void setSslEngineConfigurator(SSLEngineConfigurator sslEngineConfigurator)
Sets the configurator for theSSLEngine
internally used to run the TLS communication. This method should be called before any new connection is established that should use this configurator/configuration.- Parameters:
sslEngineConfigurator
- aSSLEngineConfigurator
instance likeDefaultSSLEngineConfiguration
.- Since:
- 3.0.5
-
getTrustManagerFactory
public TLSTMTrustManagerFactory getTrustManagerFactory()
-
setTrustManagerFactory
public void setTrustManagerFactory(TLSTMTrustManagerFactory trustManagerFactory)
Set the TLSTM trust manager factory. Using a trust manager factory other than the default allows to add support for Java 1.7 X509ExtendedTrustManager.- Parameters:
trustManagerFactory
- a X.509 trust manager factory implementing the interfaceTLSTMTrustManagerFactory
.- Since:
- 2.0.3
-
listen
public void listen() throws java.io.IOException
Listen for incoming and outgoing requests. If theserverEnabled
member isfalse
the server for incoming requests is not started. This starts the internal server thread that processes messages.- Specified by:
listen
in interfaceTransportMapping<TcpAddress>
- Specified by:
listen
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Throws:
java.net.SocketException
- when the transport is already listening for incoming/outgoing messages.java.io.IOException
- if the listen port could not be bound to the server thread.
-
getListenerWorkerTask
protected WorkerTask getListenerWorkerTask()
Description copied from class:AbstractTransportMapping
Gets theWorkerTask
that is responsible for receiving new messages.- Specified by:
getListenerWorkerTask
in classAbstractTransportMapping<TcpAddress>
- Returns:
- a
WorkerTask
instance which is most likely aDefaultThreadFactory.WorkerThread
.
-
close
public void close()
Closes all open sockets and stops the internal server thread that processes messages.- Specified by:
close
in interfacejava.lang.AutoCloseable
- Specified by:
close
in interfacejava.io.Closeable
- Specified by:
close
in interfaceTransportMapping<TcpAddress>
- Specified by:
close
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
-
sendMessage
public void sendMessage(TcpAddress address, byte[] message, TransportStateReference tmStateReference, long timeoutMillis, int maxRetries) throws java.io.IOException
Sends an SNMP message to the supplied address.- Specified by:
sendMessage
in interfaceTransportMapping<TcpAddress>
- Specified by:
sendMessage
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Parameters:
address
- anTcpAddress
. AClassCastException
is thrown ifaddress
is not aTcpAddress
instance.message
- byte[] the message to sent.tmStateReference
- the (optional) transport model state reference as defined by RFC 5590 section 6.1.timeoutMillis
- maximum number of milli seconds the connection creation might take (if connection based).maxRetries
- maximum retries during connection creation.- Throws:
java.io.IOException
- if an IO exception occurs while trying to send the message.
-
getConnectionTimeout
public long getConnectionTimeout()
Gets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
getConnectionTimeout
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Overrides:
getConnectionTimeout
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- long the idle timeout in milliseconds.
-
setConnectionTimeout
public void setConnectionTimeout(long connectionTimeout)
Sets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
setConnectionTimeout
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Overrides:
setConnectionTimeout
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Parameters:
connectionTimeout
- the idle timeout in milliseconds. A zero or negative value will disable any timeout and connections opened by this transport mapping will stay opened until they are explicitly closed.
-
getSocketCleaner
public CommonTimer getSocketCleaner()
Gets theCommonTimer
that controls socket cleanup operations.- Specified by:
getSocketCleaner
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Returns:
- a socket cleaner timer.
- Since:
- 3.0
-
getMessageLengthDecoder
public MessageLengthDecoder getMessageLengthDecoder()
Description copied from class:TcpTransportMapping
Returns theMessageLengthDecoder
used by this transport mapping.- Specified by:
getMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Specified by:
getMessageLengthDecoder
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- a MessageLengthDecoder instance.
-
setMessageLengthDecoder
public void setMessageLengthDecoder(MessageLengthDecoder messageLengthDecoder)
Description copied from class:TcpTransportMapping
Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.- Specified by:
setMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Specified by:
setMessageLengthDecoder
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Parameters:
messageLengthDecoder
- a MessageLengthDecoder instance.
-
getMaxInboundMessageSize
public int getMaxInboundMessageSize()
Gets the inbound buffer size for incoming requests. When SNMP packets are received that are longer than this maximum size, the messages will be silently dropped and the connection will be closed.- Specified by:
getMaxInboundMessageSize
in interfaceTransportMapping<TcpAddress>
- Overrides:
getMaxInboundMessageSize
in classAbstractTransportMapping<TcpAddress>
- Returns:
- the maximum inbound buffer size in bytes.
-
setMaxInboundMessageSize
public void setMaxInboundMessageSize(int maxInboundMessageSize)
Sets the maximum buffer size for incoming requests. When SNMP packets are received that are longer than this maximum size, the messages will be silently dropped and the connection will be closed.- Parameters:
maxInboundMessageSize
- the length of the inbound buffer in bytes.
-
getPKIXRevocationChecker
public java.security.cert.PKIXRevocationChecker getPKIXRevocationChecker()
Description copied from interface:X509TlsTransportMappingConfig
Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
getPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Returns:
null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
setPKIXRevocationChecker
public void setPKIXRevocationChecker(java.security.cert.PKIXRevocationChecker pkixRevocationChecker)
Description copied from interface:X509TlsTransportMappingConfig
Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
setPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Parameters:
pkixRevocationChecker
-null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
getX509CertificateRevocationListURI
public java.lang.String getX509CertificateRevocationListURI()
Description copied from interface:X509TlsTransportMappingConfig
Gets the X509 certificate revocation list (CRL) URI, if defined.- Specified by:
getX509CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Returns:
null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
setX09CertificateRevocationListURI
public void setX09CertificateRevocationListURI(java.lang.String crlURI)
Description copied from interface:X509TlsTransportMappingConfig
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.- Specified by:
setX09CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Parameters:
crlURI
-null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
isListening
public boolean isListening()
Description copied from interface:TransportMapping
Returnstrue
if the transport mapping is listening for incoming messages. For connection oriented transport mappings this is a prerequisite to be able to send SNMP messages. For connectionless transport mappings it is a prerequisite to be able to receive responses.- Specified by:
isListening
in interfaceTransportMapping<TcpAddress>
- Overrides:
isListening
in classAbstractTransportMapping<TcpAddress>
- Returns:
true
if this transport mapping is listening for messages.
-
createIncomingAddress
protected TlsAddress createIncomingAddress(java.net.Socket s)
-
getListenAddress
public TcpAddress getListenAddress()
Description copied from interface:TransportMapping
Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.- Specified by:
getListenAddress
in interfaceTransportMapping<TcpAddress>
- Overrides:
getListenAddress
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- the address for incoming packets or
null
this transport mapping is not configured to listen for incoming packets.
-
isEngineClosed
protected static boolean isEngineClosed(javax.net.ssl.SSLEngine engine)
Check if aSSLEngine
is fully closed.- Parameters:
engine
- an SSL engine.- Returns:
true
if inbound and outbound is done and .
-
ensureSslEngineConfigurator
protected SSLEngineConfigurator ensureSslEngineConfigurator()
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator. This method is not synchronized against concurrent execution ofsetSslEngineConfigurator(SSLEngineConfigurator)
.- Returns:
- a non-null
SSLEngineConfigurator
. - Since:
- 3.0.5
-
-