OpenSslX509TrustManagerWrapper Class — netty Architecture

Architecture documentation for the OpenSslX509TrustManagerWrapper class in OpenSslX509TrustManagerWrapper.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  4e9e77a6_f247_b295_34ed_4548d7383eb2["OpenSslX509TrustManagerWrapper"]
  aab5e489_b7bf_dd84_3402_45ce1263057d["OpenSslX509TrustManagerWrapper.java"]
  4e9e77a6_f247_b295_34ed_4548d7383eb2 -->|defined in| aab5e489_b7bf_dd84_3402_45ce1263057d
  e0cd4a2b_d1be_e606_2c5c_8b5ac704affb["isWrappingSupported()"]
  4e9e77a6_f247_b295_34ed_4548d7383eb2 -->|method| e0cd4a2b_d1be_e606_2c5c_8b5ac704affb
  5a5c031d_a2c3_5a59_c894_f2d4dc0ae04a["OpenSslX509TrustManagerWrapper()"]
  4e9e77a6_f247_b295_34ed_4548d7383eb2 -->|method| 5a5c031d_a2c3_5a59_c894_f2d4dc0ae04a
  baa95259_033a_4857_e6b6_50248d929af7["X509TrustManager()"]
  4e9e77a6_f247_b295_34ed_4548d7383eb2 -->|method| baa95259_033a_4857_e6b6_50248d929af7
  b9cde7e1_9905_fe84_2724_39032475005c["SSLContext()"]
  4e9e77a6_f247_b295_34ed_4548d7383eb2 -->|method| b9cde7e1_9905_fe84_2724_39032475005c

Relationship Graph

Source Code

handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java lines 43–195

final class OpenSslX509TrustManagerWrapper {
    private static final InternalLogger LOGGER = InternalLoggerFactory
            .getInstance(OpenSslX509TrustManagerWrapper.class);
    private static final TrustManagerWrapper WRAPPER;

    private static final TrustManagerWrapper DEFAULT = new TrustManagerWrapper() {
        @Override
        public X509TrustManager wrapIfNeeded(X509TrustManager manager) {
            return manager;
        }
    };

    static {
        // By default we will not do any wrapping but just return the passed in manager.
        TrustManagerWrapper wrapper = DEFAULT;

        Throwable cause = null;
        Throwable unsafeCause = PlatformDependent.getUnsafeUnavailabilityCause();
        if (unsafeCause == null) {
            SSLContext context;
            try {
                context = newSSLContext();
                // Now init with an array that only holds a X509TrustManager. This should be wrapped into an
                // AbstractTrustManagerWrapper which will delegate the TrustManager itself but also do extra
                // validations.
                //
                // See:
                // - https://hg.openjdk.java.net/jdk8u/jdk8u/jdk/file/
                //          cadea780bc76/src/share/classes/sun/security/ssl/SSLContextImpl.java#l127
                context.init(null, new TrustManager[] {
                        new X509TrustManager() {
                            @Override
                            public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
                                    throws CertificateException {
                                throw new CertificateException();
                            }

                            @Override
                            public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
                                    throws CertificateException {
                                throw new CertificateException();
                            }

                            @Override
                            public X509Certificate[] getAcceptedIssuers() {
                                return EmptyArrays.EMPTY_X509_CERTIFICATES;
                            }
                        }
                }, null);
            } catch (Throwable error) {
                context = null;
                cause = error;
            }
            if (cause != null) {
                LOGGER.debug("Unable to access wrapped TrustManager", cause);
            } else {
                final SSLContext finalContext = context;
                Object maybeWrapper = AccessController.doPrivileged(new PrivilegedAction<Object>() {
                    @Override
                    public Object run() {
                        try {
                            Field contextSpiField = SSLContext.class.getDeclaredField("contextSpi");
                            final long spiOffset = PlatformDependent.objectFieldOffset(contextSpiField);
                            Object spi = PlatformDependent.getObject(finalContext, spiOffset);
                            if (spi != null) {
                                Class<?> clazz = spi.getClass();

                                // Let's cycle through the whole hierarchy until we find what we are looking for or
                                // there is nothing left in which case we will not wrap at all.
                                do {
                                    try {
                                        Field trustManagerField = clazz.getDeclaredField("trustManager");
                                        final long tmOffset = PlatformDependent.objectFieldOffset(trustManagerField);
                                        Object trustManager = PlatformDependent.getObject(spi, tmOffset);
                                        if (trustManager instanceof X509ExtendedTrustManager) {
                                            return new UnsafeTrustManagerWrapper(spiOffset, tmOffset);
                                        }
                                    } catch (NoSuchFieldException ignore) {
                                        // try next
                                    }
                                    clazz = clazz.getSuperclass();

Defined In

handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java

Source

View on GitHub

Frequently Asked Questions

What is the OpenSslX509TrustManagerWrapper class?

OpenSslX509TrustManagerWrapper is a class in the netty codebase, defined in handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java.

Where is OpenSslX509TrustManagerWrapper defined?

OpenSslX509TrustManagerWrapper is defined in handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java at line 43.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free