netty Architecture Docs
Home / Function/ validateResumeIfNeeded() — netty Function Reference

validateResumeIfNeeded() — netty Function Reference

Architecture documentation for the validateResumeIfNeeded() function in ResumptionController.java from the netty codebase.

Function java Buffer Allocators calls 2

Entity Profile

Dependency Diagram

graph TD
  3faf428b_0589_02f1_21e7_4c3539989627["validateResumeIfNeeded()"]
  49bf5aad_8689_2271_b5e4_1894e1632471["ResumptionController"]
  3faf428b_0589_02f1_21e7_4c3539989627 -->|defined in| 49bf5aad_8689_2271_b5e4_1894e1632471
  38219bc2_8214_b6d3_3263_9bb76cf45502["remove()"]
  3faf428b_0589_02f1_21e7_4c3539989627 -->|calls| 38219bc2_8214_b6d3_3263_9bb76cf45502
  2b92ff86_9233_1f1d_3951_75debf87f0b2["chainOf()"]
  3faf428b_0589_02f1_21e7_4c3539989627 -->|calls| 2b92ff86_9233_1f1d_3951_75debf87f0b2
  style 3faf428b_0589_02f1_21e7_4c3539989627 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

handler/src/main/java/io/netty/handler/ssl/ResumptionController.java lines 63–106

    public boolean validateResumeIfNeeded(SSLEngine engine)
            throws CertificateException, SSLPeerUnverifiedException {
        ResumableX509ExtendedTrustManager tm;
        SSLSession session = engine.getSession();
        boolean valid = session.isValid();

        // Look for resumption if the session is valid, and we expect to authenticate our peer:
        //   1.   Clients always authenticate the server.
        //   2.a. Servers only authenticate the client if they need auth,
        //   2.b. or if they requested auth and the client provided.
        //
        // If a server only "want" but don't "need" auth (ClientAuth.OPTIONAL) and the client didn't provide
        // any certificates, then `session.getPeerCertificates()` will throw `SSLPeerUnverifiedException`.
        if (valid && (engine.getUseClientMode() || engine.getNeedClientAuth() || engine.getWantClientAuth()) &&
                (tm = resumableTm.get()) != null) {
            // Unwrap JdkSslEngines because they add their inner JDK SSLEngine objects to the set.
            engine = unwrapEngine(engine);

            if (!confirmedValidations.remove(engine)) {
                Certificate[] peerCertificates;
                try {
                    peerCertificates = session.getPeerCertificates();
                } catch (SSLPeerUnverifiedException e) {
                    if (engine.getUseClientMode() || engine.getNeedClientAuth()) {
                        // Auth is required, and we got none.
                        throw e;
                    }
                    // Auth is optional, and none were provided. Skip out; session resumed but nothing to authenticate.
                    return false;
                }

                // This is a resumed session.
                if (engine.getUseClientMode()) {
                    // We are the client, resuming a session trusting the server
                    tm.resumeServerTrusted(chainOf(peerCertificates), engine);
                } else {
                    // We are the server, resuming a session trusting the client
                    tm.resumeClientTrusted(chainOf(peerCertificates), engine);
                }
                return true;
            }
        }
        return false;
    }

Domain

Subdomains

Defined In

Calls

Source

Frequently Asked Questions

What does validateResumeIfNeeded() do?
validateResumeIfNeeded() is a function in the netty codebase, defined in handler/src/main/java/io/netty/handler/ssl/ResumptionController.java.
Where is validateResumeIfNeeded() defined?
validateResumeIfNeeded() is defined in handler/src/main/java/io/netty/handler/ssl/ResumptionController.java at line 63.
What does validateResumeIfNeeded() call?
validateResumeIfNeeded() calls 2 function(s): chainOf, remove.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free