From a9a3e2cef1e2ed35b88dce5f5c363158ccb956c7 Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Mon, 1 Feb 2021 11:50:26 +0100 Subject: [PATCH] =?UTF-8?q?Clarify=20who=20is=20responsible=20closing=20th?= =?UTF-8?q?e=20InputStream=20once=20SslContext=20w=E2=80=A6=20(#10983)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Motivation: It was not 100% clear who is responsible calling close() on the InputStream. Modifications: Clarify javadocs. Result: Related to https://github.com/netty/netty/issues/10974 Co-authored-by: Chris Vest --- .../netty/handler/ssl/SslContextBuilder.java | 35 ++++++++++++++----- 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java b/handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java index 42265943ce..9bef8bd4fd 100644 --- a/handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java +++ b/handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java @@ -65,8 +65,13 @@ public final class SslContextBuilder { /** * Creates a builder for new server-side {@link SslContext}. * - * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format - * @param keyInputStream an input stream for a PKCS#8 private key in PEM format + * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. + * @param keyInputStream an input stream for a PKCS#8 private key in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. + * * @see #keyManager(InputStream, InputStream) */ public static SslContextBuilder forServer(InputStream keyCertChainInputStream, InputStream keyInputStream) { @@ -112,8 +117,12 @@ public final class SslContextBuilder { /** * Creates a builder for new server-side {@link SslContext}. * - * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format - * @param keyInputStream an input stream for a PKCS#8 private key in PEM format + * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. + * @param keyInputStream an input stream for a PKCS#8 private key in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. * @param keyPassword the password of the {@code keyFile}, or {@code null} if it's not * password-protected * @see #keyManager(InputStream, InputStream, String) @@ -238,6 +247,8 @@ public final class SslContextBuilder { /** * Trusted certificates for verifying the remote endpoint's certificate. The input stream should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. + * + * The caller is responsible for calling {@link InputStream#close()} after {@link #build()} has been called. */ public SslContextBuilder trustManager(InputStream trustCertCollectionInputStream) { try { @@ -300,8 +311,12 @@ public final class SslContextBuilder { * Identifying certificate for this host. {@code keyCertChainInputStream} and {@code keyInputStream} may * be {@code null} for client contexts, which disables mutual authentication. * - * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format - * @param keyInputStream an input stream for a PKCS#8 private key in PEM format + * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. + * @param keyInputStream an input stream for a PKCS#8 private key in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. */ public SslContextBuilder keyManager(InputStream keyCertChainInputStream, InputStream keyInputStream) { return keyManager(keyCertChainInputStream, keyInputStream, null); @@ -358,8 +373,12 @@ public final class SslContextBuilder { * Identifying certificate for this host. {@code keyCertChainInputStream} and {@code keyInputStream} may * be {@code null} for client contexts, which disables mutual authentication. * - * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format - * @param keyInputStream an input stream for a PKCS#8 private key in PEM format + * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. + * @param keyInputStream an input stream for a PKCS#8 private key in PEM format. The caller is + * responsible for calling {@link InputStream#close()} after {@link #build()} + * has been called. * @param keyPassword the password of the {@code keyInputStream}, or {@code null} if it's not * password-protected */