userEventTriggered() — netty Function Reference
Architecture documentation for the userEventTriggered() function in OcspServerCertificateValidator.java from the netty codebase.
Entity Profile
Dependency Diagram
graph TD 78a8e421_58dc_582f_0ed1_dd0455df80ed["userEventTriggered()"] 9363e93c_cd10_a153_073c_7d3699279505["OcspServerCertificateValidator"] 78a8e421_58dc_582f_0ed1_dd0455df80ed -->|defined in| 9363e93c_cd10_a153_073c_7d3699279505 style 78a8e421_58dc_582f_0ed1_dd0455df80ed fill:#6366f1,stroke:#818cf8,color:#fff
Relationship Graph
Source Code
handler-ssl-ocsp/src/main/java/io/netty/handler/ssl/ocsp/OcspServerCertificateValidator.java lines 130–191
@Override
public void userEventTriggered(final ChannelHandlerContext ctx, final Object evt) throws Exception {
ctx.fireUserEventTriggered(evt);
if (evt instanceof SslHandshakeCompletionEvent) {
SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) evt;
// If TLS handshake was successful then only we will perform OCSP certificate validation.
// If not, then just forward the event to next handler in pipeline and remove ourselves from pipeline.
if (sslHandshakeCompletionEvent.isSuccess()) {
Certificate[] certificates = ctx.pipeline().get(SslHandler.class)
.engine()
.getSession()
.getPeerCertificates();
assert certificates.length >= 2 : "There must an end-entity certificate and issuer certificate";
Promise<BasicOCSPResp> ocspRespPromise = OcspClient.query((X509Certificate) certificates[0],
(X509Certificate) certificates[1], validateNonce, ioTransport, dnsNameResolver);
ocspRespPromise.addListener((GenericFutureListener<Future<BasicOCSPResp>>) future -> {
// If Future is success then we have successfully received OCSP response
// from OCSP responder. We will validate it now and process.
if (future.isSuccess()) {
SingleResp response = future.getNow().getResponses()[0];
Date current = new Date();
if (!(current.after(response.getThisUpdate()) &&
current.before(response.getNextUpdate()))) {
ctx.fireExceptionCaught(new IllegalStateException("OCSP Response is out-of-date"));
}
OcspResponse.Status status;
if (response.getCertStatus() == null) {
// 'null' means certificate is valid
status = OcspResponse.Status.VALID;
} else if (response.getCertStatus() instanceof RevokedStatus) {
status = OcspResponse.Status.REVOKED;
} else {
status = OcspResponse.Status.UNKNOWN;
}
ctx.fireUserEventTriggered(new OcspValidationEvent(
new OcspResponse(status, response.getThisUpdate(), response.getNextUpdate())));
// If Certificate is not VALID and 'closeAndThrowIfNotValid' is set
// to 'true' then close the channel and throw an exception.
if (status != OcspResponse.Status.VALID && closeAndThrowIfNotValid) {
ctx.channel().close();
// Certificate is not valid. Throw
ctx.fireExceptionCaught(new OCSPException(
"Certificate not valid. Status: " + status));
}
} else {
ctx.fireExceptionCaught(future.cause());
}
});
}
// Lets remove ourselves from the pipeline because we are done processing validation.
ctx.pipeline().remove(this);
}
}Domain
Subdomains
Defined In
Source
Frequently Asked Questions
What does userEventTriggered() do?
userEventTriggered() is a function in the netty codebase, defined in handler-ssl-ocsp/src/main/java/io/netty/handler/ssl/ocsp/OcspServerCertificateValidator.java.
Where is userEventTriggered() defined?
userEventTriggered() is defined in handler-ssl-ocsp/src/main/java/io/netty/handler/ssl/ocsp/OcspServerCertificateValidator.java at line 130.
Analyze Your Own Codebase
Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.
Try Supermodel Free