--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java Sun Aug 17 15:54:13 2014 +0100
@@ -0,0 +1,305 @@
+/*
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+
+package javax.net.ssl;
+
+import java.net.*;
+import javax.net.SocketFactory;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.*;
+import java.util.Locale;
+
+import sun.security.action.GetPropertyAction;
+
+/**
+ * <code>SSLSocketFactory</code>s create <code>SSLSocket</code>s.
+ *
+ * @since 1.4
+ * @see SSLSocket
+ * @author David Brownell
+ */
+public abstract class SSLSocketFactory extends SocketFactory
+{
+ private static SSLSocketFactory theFactory;
+
+ private static boolean propertyChecked;
+
+ static final boolean DEBUG;
+
+ static {
+ String s = java.security.AccessController.doPrivileged(
+ new GetPropertyAction("javax.net.debug", "")).toLowerCase(
+ Locale.ENGLISH);
+ DEBUG = s.contains("all") || s.contains("ssl");
+ }
+
+ private static void log(String msg) {
+ if (DEBUG) {
+ System.out.println(msg);
+ }
+ }
+
+ /**
+ * Constructor is used only by subclasses.
+ */
+ public SSLSocketFactory() {
+ }
+
+ /**
+ * Returns the default SSL socket factory.
+ *
+ * <p>The first time this method is called, the security property
+ * "ssl.SocketFactory.provider" is examined. If it is non-null, a class by
+ * that name is loaded and instantiated. If that is successful and the
+ * object is an instance of SSLSocketFactory, it is made the default SSL
+ * socket factory.
+ *
+ * <p>Otherwise, this method returns
+ * <code>SSLContext.getDefault().getSocketFactory()</code>. If that
+ * call fails, an inoperative factory is returned.
+ *
+ * @return the default <code>SocketFactory</code>
+ * @see SSLContext#getDefault
+ */
+ public static synchronized SocketFactory getDefault() {
+ if (theFactory != null) {
+ return theFactory;
+ }
+
+ if (propertyChecked == false) {
+ propertyChecked = true;
+ String clsName = getSecurityProperty("ssl.SocketFactory.provider");
+ if (clsName != null) {
+ log("setting up default SSLSocketFactory");
+ try {
+ Class<?> cls = null;
+ try {
+ cls = Class.forName(clsName);
+ } catch (ClassNotFoundException e) {
+ ClassLoader cl = ClassLoader.getSystemClassLoader();
+ if (cl != null) {
+ cls = cl.loadClass(clsName);
+ }
+ }
+ log("class " + clsName + " is loaded");
+ SSLSocketFactory fac = (SSLSocketFactory)cls.newInstance();
+ log("instantiated an instance of class " + clsName);
+ theFactory = fac;
+ return fac;
+ } catch (Exception e) {
+ log("SSLSocketFactory instantiation failed: " + e.toString());
+ theFactory = new DefaultSSLSocketFactory(e);
+ return theFactory;
+ }
+ }
+ }
+
+ try {
+ return SSLContext.getDefault().getSocketFactory();
+ } catch (NoSuchAlgorithmException e) {
+ return new DefaultSSLSocketFactory(e);
+ }
+ }
+
+ static String getSecurityProperty(final String name) {
+ return AccessController.doPrivileged(new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ String s = java.security.Security.getProperty(name);
+ if (s != null) {
+ s = s.trim();
+ if (s.length() == 0) {
+ s = null;
+ }
+ }
+ return s;
+ }
+ });
+ }
+
+ /**
+ * Returns the list of cipher suites which are enabled by default.
+ * Unless a different list is enabled, handshaking on an SSL connection
+ * will use one of these cipher suites. The minimum quality of service
+ * for these defaults requires confidentiality protection and server
+ * authentication (that is, no anonymous cipher suites).
+ *
+ * @see #getSupportedCipherSuites()
+ * @return array of the cipher suites enabled by default
+ */
+ public abstract String [] getDefaultCipherSuites();
+
+ /**
+ * Returns the names of the cipher suites which could be enabled for use
+ * on an SSL connection. Normally, only a subset of these will actually
+ * be enabled by default, since this list may include cipher suites which
+ * do not meet quality of service requirements for those defaults. Such
+ * cipher suites are useful in specialized applications.
+ *
+ * @see #getDefaultCipherSuites()
+ * @return an array of cipher suite names
+ */
+ public abstract String [] getSupportedCipherSuites();
+
+ /**
+ * Returns a socket layered over an existing socket connected to the named
+ * host, at the given port. This constructor can be used when tunneling SSL
+ * through a proxy or when negotiating the use of SSL over an existing
+ * socket. The host and port refer to the logical peer destination.
+ * This socket is configured using the socket options established for
+ * this factory.
+ *
+ * @param s the existing socket
+ * @param host the server host
+ * @param port the server port
+ * @param autoClose close the underlying socket when this socket is closed
+ * @return a socket connected to the specified host and port
+ * @throws IOException if an I/O error occurs when creating the socket
+ * @throws NullPointerException if the parameter s is null
+ */
+ public abstract Socket createSocket(Socket s, String host,
+ int port, boolean autoClose) throws IOException;
+
+ /**
+ * Creates a server mode {@link Socket} layered over an
+ * existing connected socket, and is able to read data which has
+ * already been consumed/removed from the {@link Socket}'s
+ * underlying {@link InputStream}.
+ * <p>
+ * This method can be used by a server application that needs to
+ * observe the inbound data but still create valid SSL/TLS
+ * connections: for example, inspection of Server Name Indication
+ * (SNI) extensions (See section 3 of <A
+ * HREF="http://www.ietf.org/rfc/rfc6066.txt">TLS Extensions
+ * (RFC6066)</A>). Data that has been already removed from the
+ * underlying {@link InputStream} should be loaded into the
+ * {@code consumed} stream before this method is called, perhaps
+ * using a {@link java.io.ByteArrayInputStream}. When this
+ * {@link Socket} begins handshaking, it will read all of the data in
+ * {@code consumed} until it reaches {@code EOF}, then all further
+ * data is read from the underlying {@link InputStream} as
+ * usual.
+ * <p>
+ * The returned socket is configured using the socket options
+ * established for this factory, and is set to use server mode when
+ * handshaking (see {@link SSLSocket#setUseClientMode(boolean)}).
+ *
+ * @param s
+ * the existing socket
+ * @param consumed
+ * the consumed inbound network data that has already been
+ * removed from the existing {@link Socket}
+ * {@link InputStream}. This parameter may be
+ * {@code null} if no data has been removed.
+ * @param autoClose close the underlying socket when this socket is closed.
+ *
+ * @return the {@link Socket} compliant with the socket options
+ * established for this factory
+ *
+ * @throws IOException if an I/O error occurs when creating the socket
+ * @throws UnsupportedOperationException if the underlying provider
+ * does not implement the operation
+ * @throws NullPointerException if {@code s} is {@code null}
+ *
+ * @since 1.8
+ */
+ public Socket createSocket(Socket s, InputStream consumed,
+ boolean autoClose) throws IOException {
+ throw new UnsupportedOperationException();
+ }
+}
+
+
+// file private
+class DefaultSSLSocketFactory extends SSLSocketFactory
+{
+ private Exception reason;
+
+ DefaultSSLSocketFactory(Exception reason) {
+ this.reason = reason;
+ }
+
+ private Socket throwException() throws SocketException {
+ throw (SocketException)
+ new SocketException(reason.toString()).initCause(reason);
+ }
+
+ @Override
+ public Socket createSocket()
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public Socket createSocket(String host, int port)
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public Socket createSocket(Socket s, String host,
+ int port, boolean autoClose)
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public Socket createSocket(InetAddress address, int port)
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public Socket createSocket(String host, int port,
+ InetAddress clientAddress, int clientPort)
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public Socket createSocket(InetAddress address, int port,
+ InetAddress clientAddress, int clientPort)
+ throws IOException
+ {
+ return throwException();
+ }
+
+ @Override
+ public String [] getDefaultCipherSuites() {
+ return new String[0];
+ }
+
+ @Override
+ public String [] getSupportedCipherSuites() {
+ return new String[0];
+ }
+}