java.lang.Object
org.snmp4j.transport.AbstractTransportMapping<TcpAddress>
org.snmp4j.transport.AbstractConnectionOrientedTransportMapping<TcpAddress,org.snmp4j.transport.TLSTM.SocketEntry>
org.snmp4j.transport.TcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
org.snmp4j.transport.TLSTM
- All Implemented Interfaces:
Closeable
,AutoCloseable
,ConnectionOrientedTransportMapping<TcpAddress>
,TlsTransportMappingConfig<X509Certificate>
,X509TlsTransportMappingConfig
,TransportMapping<TcpAddress>
public class TLSTM
extends TcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
implements X509TlsTransportMappingConfig
The
TLSTM
implements the Transport Layer Security
Transport Mapping (TLS-TM) as defined by RFC 5953
with the new IO API and SSLEngine
.
It uses a single thread for processing incoming and outgoing messages.
The thread is started when the listen
method is called, or
when an outgoing request is sent using the sendMessage
method.
- Since:
- 2.0
- Version:
- 3.5.0
- Author:
- Frank Fock
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The default supported TLS protocol versions.static final int
static final int
Fields inherited from class org.snmp4j.transport.TcpTransportMapping
openSocketOnSending, tcpAddress
Fields inherited from class org.snmp4j.transport.AbstractConnectionOrientedTransportMapping
serverEnabled, sockets
Fields inherited from class org.snmp4j.transport.AbstractTransportMapping
asyncMsgProcessingSupported, connectionTimeout, listenWorkerTask, maxInboundMessageSize, socketCleaner, suspendedAddresses, transportListener, transportStateListeners
-
Constructor Summary
ConstructorDescriptionTLSTM()
Creates a default TCP transport mapping with the server for incoming messages disabled.TLSTM
(TlsAddress address) Creates a TLS transport mapping with the server for incoming messages bind to the given address.TLSTM
(TlsAddress address, boolean serverEnabled) Creates a TLS transport mapping with the server for incoming messages bind to the given address.TLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress) Creates a TLS transport mapping that binds to the given address (interface) on the local host.TLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport) Creates a TLS transport mapping that binds to the given address (interface) on the local host.TLSTM
(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled) Creates a TLS transport mapping that binds to the given address (interface) on the local host. -
Method Summary
Modifier and TypeMethodDescriptionprotected SSLEngineConfigurator
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator.long
Gets the connection timeout.Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.Gets theWorkerTask
that is responsible for receiving new messages.Gets the certificate alias used for client and server authentication.Returns theMessageLengthDecoder
used by this transport mapping.Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.String[]
Return the (D)TLS protocol versions used by this transport mapping.Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.Gets the primaryAddress
class that is supported by this transport mapping.Gets theTransportType
thisTransportMapping
supports depending onAbstractConnectionOrientedTransportMapping.isServerEnabled()
.int
Gets the maximum fragment size of supported for this transport mapping when acting as TLS server.String[]
Deprecated.Gets the X509 certificate revocation list (CRL) URI, if defined.protected static boolean
isEngineClosed
(SSLEngine engine) Check if aSSLEngine
is fully closed.boolean
Returnstrue
if the transport mapping is listening for incoming messages.void
listen()
Listen for incoming and outgoing requests.void
sendMessage
(TcpAddress address, byte[] message, TransportStateReference tmStateReference, long timeoutMillis, int maxRetries) Sends an SNMP message to the supplied address.void
setConnectionTimeout
(long connectionTimeout) Sets the connection timeout.void
setKeyStore
(String keyStore) void
setKeyStorePassword
(String keyStorePassword) void
setLocalCertificateAlias
(String localCertificateAlias) Sets the certificate alias used for client and server authentication by this TLSTM.void
setMaxInboundMessageSize
(int maxInboundMessageSize) Sets the maximum buffer size for incoming requests.void
setMessageLengthDecoder
(MessageLengthDecoder messageLengthDecoder) Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.void
setPKIXRevocationChecker
(PKIXRevocationChecker pkixRevocationChecker) Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.void
setProtocolVersions
(String[] protocolVersions) Sets the TLS protocols/versions that TLSTM should use during handshake.void
setSecurityCallback
(TlsTmSecurityCallback<X509Certificate> securityCallback) Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook.void
setSslEngineConfigurator
(SSLEngineConfigurator sslEngineConfigurator) Sets the configurator for theSSLEngine
internally used to run the TLS communication.void
setTlsMaxFragmentSize
(int tlsMaxFragmentSize) Sets the maximum TLS fragment size that this transport mapping should support as server.void
setTlsProtocols
(String[] tlsProtocols) Deprecated.UsesetProtocolVersions(String[])
instead.void
setTrustManagerFactory
(TLSTMTrustManagerFactory trustManagerFactory) Set the TLSTM trust manager factory.void
setTrustStore
(String trustStore) void
setTrustStorePassword
(String trustStorePassword) void
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.void
Methods inherited from class org.snmp4j.transport.TcpTransportMapping
getAddress, isOpenSocketOnSending, setOpenSocketOnSending
Methods inherited from class org.snmp4j.transport.AbstractConnectionOrientedTransportMapping
cancelNonServerSelectionKey, close, close, closeSockets, getMaxBusyLoops, getSockets, isServerEnabled, setMaxBusyLoops, setServerEnabled, setSocketOptions, timeoutSocket
Methods inherited from class org.snmp4j.transport.AbstractTransportMapping
addTransportListener, addTransportStateListener, fireConnectionStateChanged, fireProcessMessage, getMaxInboundMessageSize, getPriority, getSocketCleaner, getSuspendedAddresses, getThreadName, handleDroppedMessageToSend, isAsyncMsgProcessingSupported, removeAllTransportListeners, removeTransportListener, removeTransportStateListener, resumeAddress, setAsyncMsgProcessingSupported, setPriority, setThreadName, suspendAddress
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.snmp4j.transport.ConnectionOrientedTransportMapping
addTransportStateListener, close, getSocketCleaner, isServerEnabled, removeTransportStateListener, resumeAddress, setServerEnabled, suspendAddress
Methods inherited from interface org.snmp4j.TransportMapping
addTransportListener, close, getMaxInboundMessageSize, getMaxOutboundMessageSize, getSupportedAddressClasses, isAddressSupported, isAddressSupported, removeTransportListener
-
Field Details
-
TLS_MAX_FRAGMENT_SIZE
public static final int TLS_MAX_FRAGMENT_SIZE- See Also:
-
DEFAULT_TLSTM_PROTOCOLS
The default supported TLS protocol versions.- See Also:
-
MAX_TLS_PAYLOAD_SIZE
public static final int MAX_TLS_PAYLOAD_SIZE- See Also:
-
-
Constructor Details
-
TLSTM
Creates a default TCP transport mapping with the server for incoming messages disabled.- Throws:
UnknownHostException
- if the local host cannot be determined.
-
TLSTM
Creates a TLS transport mapping with the server for incoming messages bind to the given address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- the address to bind for incoming requests.- Throws:
IOException
- on failure of binding a local port.
-
TLSTM
Creates a TLS transport mapping with the server for incoming messages bind to the given address. ThesecurityCallback
needs to be specified beforelisten()
is called.- Parameters:
address
- the address to bind for incoming requests.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
IOException
- on failure of binding a local port.- Since:
- 3.2.0
-
TLSTM
public TLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress) throws IOException Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.- Throws:
IOException
- if the given address cannot be bound.
-
TLSTM
public TLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport) throws IOException Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.- Throws:
IOException
- if the given address cannot be bound.
-
TLSTM
public TLSTM(TlsTmSecurityCallback<X509Certificate> securityCallback, TlsAddress serverAddress, CounterSupport counterSupport, boolean serverEnabled) throws IOException Creates a TLS transport mapping that binds to the given address (interface) on the local host.- Parameters:
securityCallback
- a security name callback to resolve X509 certificates to tmSecurityNames.serverAddress
- the TcpAddress instance that describes the server address to listen on incoming connection requests.counterSupport
- The CounterSupport instance to be used to count events created by this TLSTM instance. To get a default instance, useCounterSupport.getInstance()
.serverEnabled
- defines the role of the underlyingSSLEngine
. Setting this tofalse
enables theSSLEngine.setUseClientMode(boolean)
.- Throws:
IOException
- if the given address cannot be bound.- Since:
- 3.2.0
-
-
Method Details
-
getLocalCertificateAlias
Description copied from interface:TlsTransportMappingConfig
Gets the certificate alias used for client and server authentication. See alsoTlsTransportMappingConfig.setLocalCertificateAlias(java.lang.String)
- Specified by:
getLocalCertificateAlias
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- the certificate alias selecting the local certificate.
-
getSupportedTransportType
Gets theTransportType
thisTransportMapping
supports depending onAbstractConnectionOrientedTransportMapping.isServerEnabled()
.- Specified by:
getSupportedTransportType
in interfaceTransportMapping<TcpAddress>
- Returns:
TransportType.any
ifAbstractConnectionOrientedTransportMapping.isServerEnabled()
istrue
andTransportType.sender
otherwise.- Since:
- 3.2.0
-
getTlsMaxFragmentSize
public int getTlsMaxFragmentSize()Gets the maximum fragment size of supported for this transport mapping when acting as TLS server.- Returns:
- the maximum TLS fragment size as defined by RFC 6066 section 4.
-
setTlsMaxFragmentSize
public void setTlsMaxFragmentSize(int tlsMaxFragmentSize) Sets the maximum TLS fragment size that this transport mapping should support as server. There is no need to change that from the defaultTLS_MAX_FRAGMENT_SIZE
unless, a new Java version allows to set the maximum fragment size to a lower value.- Parameters:
tlsMaxFragmentSize
- a value as defined by RFC 6066 section 4.- Since:
- 3.0.5
-
getTlsProtocols
Deprecated.UsegetProtocolVersions()
instead.Gets the TLS protocols supported by this transport mapping.- Returns:
- an array of TLS protocol (version) names supported by the SunJSSE provider.
-
setTlsProtocols
Deprecated.UsesetProtocolVersions(String[])
instead.Sets the TLS protocols/versions that TLSTM should use during handshake. The default is defined byDEFAULT_TLSTM_PROTOCOLS
.- Parameters:
tlsProtocols
- an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.- Since:
- 2.0.3
-
setProtocolVersions
Sets the TLS protocols/versions that TLSTM should use during handshake. The default is defined byDEFAULT_TLSTM_PROTOCOLS
.- Specified by:
setProtocolVersions
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
protocolVersions
- an array of TLS protocol (version) names supported by the SunJSSE provider. The order in the array defines which protocol is tried during handshake first.- Since:
- 3.0
-
getProtocolVersions
Description copied from interface:TlsTransportMappingConfig
Return the (D)TLS protocol versions used by this transport mapping.- Specified by:
getProtocolVersions
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- an array of SunJSSE TLS/DTLS provider (depending on the transport mapping type).
-
getProtocolVersionPropertyName
Returns the property name that is used by this transport mapping to determine the protocol versions from system properties.- Specified by:
getProtocolVersionPropertyName
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- a property name like
SnmpConfigurator.P_TLS_VERSION
orSnmpConfigurator.P_DTLS_VERSION
. - Since:
- 3.0
-
getKeyStore
- Specified by:
getKeyStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setKeyStore
- Specified by:
setKeyStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getKeyStorePassword
- Specified by:
getKeyStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setKeyStorePassword
- Specified by:
setKeyStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getTrustStore
- Specified by:
getTrustStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setTrustStore
- Specified by:
setTrustStore
in interfaceTlsTransportMappingConfig<X509Certificate>
-
getTrustStorePassword
- Specified by:
getTrustStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setTrustStorePassword
- Specified by:
setTrustStorePassword
in interfaceTlsTransportMappingConfig<X509Certificate>
-
setLocalCertificateAlias
Sets the certificate alias used for client and server authentication by this TLSTM. Setting this property to a value other thannull
filters out any certificates which are not in the chain of the given alias.- Specified by:
setLocalCertificateAlias
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
localCertificateAlias
- a certificate alias which filters a single certification chain from thejavax.net.ssl.keyStore
key store to be used to authenticate this TLS transport mapping. Ifnull
no filtering appears, which could lead to more than a single chain available for authentication by the peer, which would violate the TLSTM standard requirements.
-
getCounterSupport
-
getSupportedAddressClass
Description copied from interface:TransportMapping
Gets the primaryAddress
class that is supported by this transport mapping.- Specified by:
getSupportedAddressClass
in interfaceTransportMapping<TcpAddress>
- Overrides:
getSupportedAddressClass
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- a subclass of
Address
.
-
getSecurityCallback
Description copied from interface:TlsTransportMappingConfig
Gets theTlsTmSecurityCallback
associated with thisTransportMapping
hook which is called by the transport mapping to lookup TLS security parameters from external configuration.- Specified by:
getSecurityCallback
in interfaceTlsTransportMappingConfig<X509Certificate>
- Returns:
- a
TlsTmSecurityCallback
instance.
-
setSecurityCallback
Description copied from interface:TlsTransportMappingConfig
Sets theTlsTmSecurityCallback
associated with thisTransportMapping
hook. This hook will be called to lookup the security name based on the TLS peer certificate, for example. SeeTlsTmSecurityCallback
for details.- Specified by:
setSecurityCallback
in interfaceTlsTransportMappingConfig<X509Certificate>
- Parameters:
securityCallback
- aTlsTmSecurityCallback
instance. Setting this hook tonull
will disable incoming request processing because these request will be rejected due to an authorization error (no mathing SNMPv3 view).
-
getSslEngineConfigurator
-
setSslEngineConfigurator
Sets the configurator for theSSLEngine
internally used to run the TLS communication. This method should be called before any new connection is established that should use this configurator/configuration.- Parameters:
sslEngineConfigurator
- aSSLEngineConfigurator
instance likeDefaultSSLEngineConfiguration
.- Since:
- 3.0.5
-
getTrustManagerFactory
-
setTrustManagerFactory
Set the TLSTM trust manager factory. Using a trust manager factory other than the default allows to add support for Java 1.7 X509ExtendedTrustManager.- Parameters:
trustManagerFactory
- a X.509 trust manager factory implementing the interfaceTLSTMTrustManagerFactory
.- Since:
- 2.0.3
-
listen
Listen for incoming and outgoing requests. If theserverEnabled
member isfalse
the server for incoming requests is not started. This starts the internal server thread that processes messages.- Specified by:
listen
in interfaceTransportMapping<TcpAddress>
- Specified by:
listen
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Throws:
SocketException
- when the transport is already listening for incoming/outgoing messages.IOException
- if the listen port could not be bound to the server thread.
-
getListenWorkerTask
Description copied from class:AbstractTransportMapping
Gets theWorkerTask
that is responsible for receiving new messages.- Overrides:
getListenWorkerTask
in classAbstractTransportMapping<TcpAddress>
- Returns:
- a
WorkerTask
instance which is most likely aDefaultThreadFactory.WorkerThread
.
-
sendMessage
public void sendMessage(TcpAddress address, byte[] message, TransportStateReference tmStateReference, long timeoutMillis, int maxRetries) throws IOException Sends an SNMP message to the supplied address.- Specified by:
sendMessage
in interfaceTransportMapping<TcpAddress>
- Specified by:
sendMessage
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Parameters:
address
- anTcpAddress
. AClassCastException
is thrown ifaddress
is not aTcpAddress
instance.message
- byte[] the message to sent.tmStateReference
- the (optional) transport model state reference as defined by RFC 5590 section 6.1.timeoutMillis
- maximum number of milli seconds the connection creation might take (if connection based).maxRetries
- maximum retries during connection creation.- Throws:
IOException
- if an IO exception occurs while trying to send the message.
-
getConnectionTimeout
public long getConnectionTimeout()Gets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
getConnectionTimeout
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Overrides:
getConnectionTimeout
in classAbstractConnectionOrientedTransportMapping<TcpAddress,
org.snmp4j.transport.TLSTM.SocketEntry> - Returns:
- long the idle timeout in milliseconds.
-
setConnectionTimeout
public void setConnectionTimeout(long connectionTimeout) Sets the connection timeout. This timeout specifies the time a connection may be idle before it is closed.- Specified by:
setConnectionTimeout
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Overrides:
setConnectionTimeout
in classAbstractConnectionOrientedTransportMapping<TcpAddress,
org.snmp4j.transport.TLSTM.SocketEntry> - Parameters:
connectionTimeout
- the idle timeout in milliseconds. A zero or negative value will disable any timeout and connections opened by this transport mapping will stay opened until they are explicitly closed.
-
wakeupServerSelector
public void wakeupServerSelector()- Specified by:
wakeupServerSelector
in classAbstractConnectionOrientedTransportMapping<TcpAddress,
org.snmp4j.transport.TLSTM.SocketEntry>
-
getMessageLengthDecoder
Description copied from class:TcpTransportMapping
Returns theMessageLengthDecoder
used by this transport mapping.- Specified by:
getMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Specified by:
getMessageLengthDecoder
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- a MessageLengthDecoder instance.
-
setMessageLengthDecoder
Description copied from class:TcpTransportMapping
Sets theMessageLengthDecoder
that decodes the total message length from the header of a message.- Specified by:
setMessageLengthDecoder
in interfaceConnectionOrientedTransportMapping<TcpAddress>
- Specified by:
setMessageLengthDecoder
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Parameters:
messageLengthDecoder
- a MessageLengthDecoder instance.
-
setMaxInboundMessageSize
public void setMaxInboundMessageSize(int maxInboundMessageSize) Sets the maximum buffer size for incoming requests. When SNMP packets are received that are longer than this maximum size, the messages will be silently dropped and the connection will be closed.- Parameters:
maxInboundMessageSize
- the length of the inbound buffer in bytes.
-
getPKIXRevocationChecker
Description copied from interface:X509TlsTransportMappingConfig
Gets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
getPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Returns:
null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
setPKIXRevocationChecker
Description copied from interface:X509TlsTransportMappingConfig
Sets the (optional and possiblynull
) revocation checker for the cert path validation of X509 certificates.- Specified by:
setPKIXRevocationChecker
in interfaceX509TlsTransportMappingConfig
- Parameters:
pkixRevocationChecker
-null
to disable cert path validation with CLR checking or a properly configured cert path checker instance.
-
getX509CertificateRevocationListURI
Description copied from interface:X509TlsTransportMappingConfig
Gets the X509 certificate revocation list (CRL) URI, if defined.- Specified by:
getX509CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Returns:
null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
setX09CertificateRevocationListURI
Description copied from interface:X509TlsTransportMappingConfig
Sets the X509 certificate revocation list (CRL) URI, to enable CRL checking.- Specified by:
setX09CertificateRevocationListURI
in interfaceX509TlsTransportMappingConfig
- Parameters:
crlURI
-null
if there is no CRL available/necessary or a URI string that points to a CRL file.
-
isListening
public boolean isListening()Description copied from interface:TransportMapping
Returnstrue
if the transport mapping is listening for incoming messages. For connection oriented transport mappings this is a prerequisite to be able to send SNMP messages. For connectionless transport mappings it is a prerequisite to be able to receive responses.- Specified by:
isListening
in interfaceTransportMapping<TcpAddress>
- Overrides:
isListening
in classAbstractTransportMapping<TcpAddress>
- Returns:
true
if this transport mapping is listening for messages.
-
getListenAddress
Description copied from interface:TransportMapping
Returns the address that represents the actual incoming address this transport mapping uses to listen for incoming packets.- Specified by:
getListenAddress
in interfaceTransportMapping<TcpAddress>
- Overrides:
getListenAddress
in classTcpTransportMapping<org.snmp4j.transport.TLSTM.SocketEntry>
- Returns:
- the address for incoming packets or
null
this transport mapping is not configured to listen for incoming packets.
-
isEngineClosed
Check if aSSLEngine
is fully closed.- Parameters:
engine
- an SSL engine.- Returns:
true
if inbound and outbound is done and .
-
ensureSslEngineConfigurator
Returns the configuredsetSslEngineConfigurator(SSLEngineConfigurator)
or theDefaultSSLEngineConfiguration
which will then become the configured SSL engine configurator. This method is not synchronized against concurrent execution ofsetSslEngineConfigurator(SSLEngineConfigurator)
.- Returns:
- a non-null
SSLEngineConfigurator
. - Since:
- 3.0.5
-
getProtocolVersions()
instead.