jdk/src/share/classes/javax/rmi/ssl/SslRMIServerSocketFactory.java
author never
Mon, 12 Jul 2010 22:27:18 -0700
changeset 5926 a36f90d986b6
parent 5506 202f599c92aa
permissions -rw-r--r--
6968385: malformed xml in sweeper logging Reviewed-by: kvn
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     1
/*
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
     2
 * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
90ce3da70b43 Initial load
duke
parents:
diff changeset
     4
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
     5
 * This code is free software; you can redistribute it and/or modify it
90ce3da70b43 Initial load
duke
parents:
diff changeset
     6
 * under the terms of the GNU General Public License version 2 only, as
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
     7
 * published by the Free Software Foundation.  Oracle designates this
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
     8
 * particular file as subject to the "Classpath" exception as provided
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
     9
 * by Oracle in the LICENSE file that accompanied this code.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    10
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    11
 * This code is distributed in the hope that it will be useful, but WITHOUT
90ce3da70b43 Initial load
duke
parents:
diff changeset
    12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
90ce3da70b43 Initial load
duke
parents:
diff changeset
    13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
90ce3da70b43 Initial load
duke
parents:
diff changeset
    14
 * version 2 for more details (a copy is included in the LICENSE file that
90ce3da70b43 Initial load
duke
parents:
diff changeset
    15
 * accompanied this code).
90ce3da70b43 Initial load
duke
parents:
diff changeset
    16
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    17
 * You should have received a copy of the GNU General Public License version
90ce3da70b43 Initial load
duke
parents:
diff changeset
    18
 * 2 along with this work; if not, write to the Free Software Foundation,
90ce3da70b43 Initial load
duke
parents:
diff changeset
    19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    20
 *
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
    21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
    22
 * or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 715
diff changeset
    23
 * questions.
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
    24
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    25
90ce3da70b43 Initial load
duke
parents:
diff changeset
    26
package javax.rmi.ssl;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    27
90ce3da70b43 Initial load
duke
parents:
diff changeset
    28
import java.io.IOException;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    29
import java.net.ServerSocket;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    30
import java.net.Socket;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    31
import java.rmi.server.RMIServerSocketFactory;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    32
import java.util.Arrays;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    33
import java.util.List;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    34
import javax.net.ssl.SSLContext;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    35
import javax.net.ssl.SSLServerSocketFactory;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    36
import javax.net.ssl.SSLSocket;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    37
import javax.net.ssl.SSLSocketFactory;
90ce3da70b43 Initial load
duke
parents:
diff changeset
    38
90ce3da70b43 Initial load
duke
parents:
diff changeset
    39
/**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    40
 * <p>An <code>SslRMIServerSocketFactory</code> instance is used by the RMI
90ce3da70b43 Initial load
duke
parents:
diff changeset
    41
 * runtime in order to obtain server sockets for RMI calls via SSL.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    42
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    43
 * <p>This class implements <code>RMIServerSocketFactory</code> over
90ce3da70b43 Initial load
duke
parents:
diff changeset
    44
 * the Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
90ce3da70b43 Initial load
duke
parents:
diff changeset
    45
 * protocols.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    46
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    47
 * <p>This class creates SSL sockets using the default
90ce3da70b43 Initial load
duke
parents:
diff changeset
    48
 * <code>SSLSocketFactory</code> (see {@link
90ce3da70b43 Initial load
duke
parents:
diff changeset
    49
 * SSLSocketFactory#getDefault}) or the default
90ce3da70b43 Initial load
duke
parents:
diff changeset
    50
 * <code>SSLServerSocketFactory</code> (see {@link
90ce3da70b43 Initial load
duke
parents:
diff changeset
    51
 * SSLServerSocketFactory#getDefault}) unless the
90ce3da70b43 Initial load
duke
parents:
diff changeset
    52
 * constructor taking an <code>SSLContext</code> is
90ce3da70b43 Initial load
duke
parents:
diff changeset
    53
 * used in which case the SSL sockets are created using
90ce3da70b43 Initial load
duke
parents:
diff changeset
    54
 * the <code>SSLSocketFactory</code> returned by
90ce3da70b43 Initial load
duke
parents:
diff changeset
    55
 * {@link SSLContext#getSocketFactory} or the
90ce3da70b43 Initial load
duke
parents:
diff changeset
    56
 * <code>SSLServerSocketFactory</code> returned by
90ce3da70b43 Initial load
duke
parents:
diff changeset
    57
 * {@link SSLContext#getServerSocketFactory}.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    58
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    59
 * When an <code>SSLContext</code> is not supplied all the instances of this
90ce3da70b43 Initial load
duke
parents:
diff changeset
    60
 * class share the same keystore, and the same truststore (when client
90ce3da70b43 Initial load
duke
parents:
diff changeset
    61
 * authentication is required by the server). This behavior can be modified
90ce3da70b43 Initial load
duke
parents:
diff changeset
    62
 * by supplying an already initialized <code>SSLContext</code> instance.
90ce3da70b43 Initial load
duke
parents:
diff changeset
    63
 *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    64
 * @see javax.net.ssl.SSLSocketFactory
90ce3da70b43 Initial load
duke
parents:
diff changeset
    65
 * @see javax.net.ssl.SSLServerSocketFactory
90ce3da70b43 Initial load
duke
parents:
diff changeset
    66
 * @see javax.rmi.ssl.SslRMIClientSocketFactory
90ce3da70b43 Initial load
duke
parents:
diff changeset
    67
 * @since 1.5
90ce3da70b43 Initial load
duke
parents:
diff changeset
    68
 */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    69
public class SslRMIServerSocketFactory implements RMIServerSocketFactory {
90ce3da70b43 Initial load
duke
parents:
diff changeset
    70
90ce3da70b43 Initial load
duke
parents:
diff changeset
    71
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    72
     * <p>Creates a new <code>SslRMIServerSocketFactory</code> with
90ce3da70b43 Initial load
duke
parents:
diff changeset
    73
     * the default SSL socket configuration.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    74
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    75
     * <p>SSL connections accepted by server sockets created by this
90ce3da70b43 Initial load
duke
parents:
diff changeset
    76
     * factory have the default cipher suites and protocol versions
90ce3da70b43 Initial load
duke
parents:
diff changeset
    77
     * enabled and do not require client authentication.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    78
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
    79
    public SslRMIServerSocketFactory() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
    80
        this(null, null, false);
90ce3da70b43 Initial load
duke
parents:
diff changeset
    81
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
    82
90ce3da70b43 Initial load
duke
parents:
diff changeset
    83
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
    84
     * <p>Creates a new <code>SslRMIServerSocketFactory</code> with
90ce3da70b43 Initial load
duke
parents:
diff changeset
    85
     * the specified SSL socket configuration.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
    86
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    87
     * @param enabledCipherSuites names of all the cipher suites to
90ce3da70b43 Initial load
duke
parents:
diff changeset
    88
     * enable on SSL connections accepted by server sockets created by
90ce3da70b43 Initial load
duke
parents:
diff changeset
    89
     * this factory, or <code>null</code> to use the cipher suites
90ce3da70b43 Initial load
duke
parents:
diff changeset
    90
     * that are enabled by default
90ce3da70b43 Initial load
duke
parents:
diff changeset
    91
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    92
     * @param enabledProtocols names of all the protocol versions to
90ce3da70b43 Initial load
duke
parents:
diff changeset
    93
     * enable on SSL connections accepted by server sockets created by
90ce3da70b43 Initial load
duke
parents:
diff changeset
    94
     * this factory, or <code>null</code> to use the protocol versions
90ce3da70b43 Initial load
duke
parents:
diff changeset
    95
     * that are enabled by default
90ce3da70b43 Initial load
duke
parents:
diff changeset
    96
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
    97
     * @param needClientAuth <code>true</code> to require client
90ce3da70b43 Initial load
duke
parents:
diff changeset
    98
     * authentication on SSL connections accepted by server sockets
90ce3da70b43 Initial load
duke
parents:
diff changeset
    99
     * created by this factory; <code>false</code> to not require
90ce3da70b43 Initial load
duke
parents:
diff changeset
   100
     * client authentication
90ce3da70b43 Initial load
duke
parents:
diff changeset
   101
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   102
     * @exception IllegalArgumentException when one or more of the cipher
90ce3da70b43 Initial load
duke
parents:
diff changeset
   103
     * suites named by the <code>enabledCipherSuites</code> parameter is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   104
     * not supported, when one or more of the protocols named by the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   105
     * <code>enabledProtocols</code> parameter is not supported or when
90ce3da70b43 Initial load
duke
parents:
diff changeset
   106
     * a problem is encountered while trying to check if the supplied
90ce3da70b43 Initial load
duke
parents:
diff changeset
   107
     * cipher suites and protocols to be enabled are supported.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   108
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   109
     * @see SSLSocket#setEnabledCipherSuites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   110
     * @see SSLSocket#setEnabledProtocols
90ce3da70b43 Initial load
duke
parents:
diff changeset
   111
     * @see SSLSocket#setNeedClientAuth
90ce3da70b43 Initial load
duke
parents:
diff changeset
   112
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   113
    public SslRMIServerSocketFactory(
90ce3da70b43 Initial load
duke
parents:
diff changeset
   114
            String[] enabledCipherSuites,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   115
            String[] enabledProtocols,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   116
            boolean needClientAuth)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   117
            throws IllegalArgumentException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   118
        this(null, enabledCipherSuites, enabledProtocols, needClientAuth);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   119
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   120
90ce3da70b43 Initial load
duke
parents:
diff changeset
   121
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   122
     * <p>Creates a new <code>SslRMIServerSocketFactory</code> with the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   123
     * specified <code>SSLContext</code> and SSL socket configuration.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   124
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   125
     * @param context the SSL context to be used for creating SSL sockets.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   126
     * If <code>context</code> is null the default <code>SSLSocketFactory</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   127
     * or the default <code>SSLServerSocketFactory</code> will be used to
90ce3da70b43 Initial load
duke
parents:
diff changeset
   128
     * create SSL sockets. Otherwise, the socket factory returned by
90ce3da70b43 Initial load
duke
parents:
diff changeset
   129
     * <code>SSLContext.getSocketFactory()</code> or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   130
     * <code>SSLContext.getServerSocketFactory()</code> will be used instead.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   131
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   132
     * @param enabledCipherSuites names of all the cipher suites to
90ce3da70b43 Initial load
duke
parents:
diff changeset
   133
     * enable on SSL connections accepted by server sockets created by
90ce3da70b43 Initial load
duke
parents:
diff changeset
   134
     * this factory, or <code>null</code> to use the cipher suites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   135
     * that are enabled by default
90ce3da70b43 Initial load
duke
parents:
diff changeset
   136
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   137
     * @param enabledProtocols names of all the protocol versions to
90ce3da70b43 Initial load
duke
parents:
diff changeset
   138
     * enable on SSL connections accepted by server sockets created by
90ce3da70b43 Initial load
duke
parents:
diff changeset
   139
     * this factory, or <code>null</code> to use the protocol versions
90ce3da70b43 Initial load
duke
parents:
diff changeset
   140
     * that are enabled by default
90ce3da70b43 Initial load
duke
parents:
diff changeset
   141
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   142
     * @param needClientAuth <code>true</code> to require client
90ce3da70b43 Initial load
duke
parents:
diff changeset
   143
     * authentication on SSL connections accepted by server sockets
90ce3da70b43 Initial load
duke
parents:
diff changeset
   144
     * created by this factory; <code>false</code> to not require
90ce3da70b43 Initial load
duke
parents:
diff changeset
   145
     * client authentication
90ce3da70b43 Initial load
duke
parents:
diff changeset
   146
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   147
     * @exception IllegalArgumentException when one or more of the cipher
90ce3da70b43 Initial load
duke
parents:
diff changeset
   148
     * suites named by the <code>enabledCipherSuites</code> parameter is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   149
     * not supported, when one or more of the protocols named by the
90ce3da70b43 Initial load
duke
parents:
diff changeset
   150
     * <code>enabledProtocols</code> parameter is not supported or when
90ce3da70b43 Initial load
duke
parents:
diff changeset
   151
     * a problem is encountered while trying to check if the supplied
90ce3da70b43 Initial load
duke
parents:
diff changeset
   152
     * cipher suites and protocols to be enabled are supported.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   153
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   154
     * @see SSLSocket#setEnabledCipherSuites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   155
     * @see SSLSocket#setEnabledProtocols
90ce3da70b43 Initial load
duke
parents:
diff changeset
   156
     * @see SSLSocket#setNeedClientAuth
90ce3da70b43 Initial load
duke
parents:
diff changeset
   157
     * @since 1.7
90ce3da70b43 Initial load
duke
parents:
diff changeset
   158
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   159
    public SslRMIServerSocketFactory(
90ce3da70b43 Initial load
duke
parents:
diff changeset
   160
            SSLContext context,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   161
            String[] enabledCipherSuites,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   162
            String[] enabledProtocols,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   163
            boolean needClientAuth)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   164
            throws IllegalArgumentException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   165
        // Initialize the configuration parameters.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   166
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   167
        this.enabledCipherSuites = enabledCipherSuites == null ?
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   168
            null : enabledCipherSuites.clone();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   169
        this.enabledProtocols = enabledProtocols == null ?
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   170
            null : enabledProtocols.clone();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   171
        this.needClientAuth = needClientAuth;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   172
90ce3da70b43 Initial load
duke
parents:
diff changeset
   173
        // Force the initialization of the default at construction time,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   174
        // rather than delaying it to the first time createServerSocket()
90ce3da70b43 Initial load
duke
parents:
diff changeset
   175
        // is called.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   176
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   177
        this.context = context;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   178
        final SSLSocketFactory sslSocketFactory =
90ce3da70b43 Initial load
duke
parents:
diff changeset
   179
                context == null ?
90ce3da70b43 Initial load
duke
parents:
diff changeset
   180
                    getDefaultSSLSocketFactory() : context.getSocketFactory();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   181
        SSLSocket sslSocket = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   182
        if (this.enabledCipherSuites != null || this.enabledProtocols != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   183
            try {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   184
                sslSocket = (SSLSocket) sslSocketFactory.createSocket();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   185
            } catch (Exception e) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   186
                final String msg = "Unable to check if the cipher suites " +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   187
                        "and protocols to enable are supported";
90ce3da70b43 Initial load
duke
parents:
diff changeset
   188
                throw (IllegalArgumentException)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   189
                new IllegalArgumentException(msg).initCause(e);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   190
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   191
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   192
90ce3da70b43 Initial load
duke
parents:
diff changeset
   193
        // Check if all the cipher suites and protocol versions to enable
90ce3da70b43 Initial load
duke
parents:
diff changeset
   194
        // are supported by the underlying SSL/TLS implementation and if
90ce3da70b43 Initial load
duke
parents:
diff changeset
   195
        // true create lists from arrays.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   196
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   197
        if (this.enabledCipherSuites != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   198
            sslSocket.setEnabledCipherSuites(this.enabledCipherSuites);
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   199
            enabledCipherSuitesList = Arrays.asList(this.enabledCipherSuites);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   200
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   201
        if (this.enabledProtocols != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   202
            sslSocket.setEnabledProtocols(this.enabledProtocols);
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   203
            enabledProtocolsList = Arrays.asList(this.enabledProtocols);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   204
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   205
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   206
90ce3da70b43 Initial load
duke
parents:
diff changeset
   207
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   208
     * <p>Returns the names of the cipher suites enabled on SSL
90ce3da70b43 Initial load
duke
parents:
diff changeset
   209
     * connections accepted by server sockets created by this factory,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   210
     * or <code>null</code> if this factory uses the cipher suites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   211
     * that are enabled by default.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   212
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   213
     * @return an array of cipher suites enabled, or <code>null</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   214
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   215
     * @see SSLSocket#setEnabledCipherSuites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   216
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   217
    public final String[] getEnabledCipherSuites() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   218
        return enabledCipherSuites == null ?
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   219
            null : enabledCipherSuites.clone();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   220
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   221
90ce3da70b43 Initial load
duke
parents:
diff changeset
   222
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   223
     * <p>Returns the names of the protocol versions enabled on SSL
90ce3da70b43 Initial load
duke
parents:
diff changeset
   224
     * connections accepted by server sockets created by this factory,
90ce3da70b43 Initial load
duke
parents:
diff changeset
   225
     * or <code>null</code> if this factory uses the protocol versions
90ce3da70b43 Initial load
duke
parents:
diff changeset
   226
     * that are enabled by default.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   227
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   228
     * @return an array of protocol versions enabled, or
90ce3da70b43 Initial load
duke
parents:
diff changeset
   229
     * <code>null</code>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   230
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   231
     * @see SSLSocket#setEnabledProtocols
90ce3da70b43 Initial load
duke
parents:
diff changeset
   232
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   233
    public final String[] getEnabledProtocols() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   234
        return enabledProtocols == null ?
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   235
            null : enabledProtocols.clone();
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   236
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   237
90ce3da70b43 Initial load
duke
parents:
diff changeset
   238
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   239
     * <p>Returns <code>true</code> if client authentication is
90ce3da70b43 Initial load
duke
parents:
diff changeset
   240
     * required on SSL connections accepted by server sockets created
90ce3da70b43 Initial load
duke
parents:
diff changeset
   241
     * by this factory.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   242
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   243
     * @return <code>true</code> if client authentication is required
90ce3da70b43 Initial load
duke
parents:
diff changeset
   244
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   245
     * @see SSLSocket#setNeedClientAuth
90ce3da70b43 Initial load
duke
parents:
diff changeset
   246
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   247
    public final boolean getNeedClientAuth() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   248
        return needClientAuth;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   249
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   250
90ce3da70b43 Initial load
duke
parents:
diff changeset
   251
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   252
     * <p>Creates a server socket that accepts SSL connections
90ce3da70b43 Initial load
duke
parents:
diff changeset
   253
     * configured according to this factory's SSL socket configuration
90ce3da70b43 Initial load
duke
parents:
diff changeset
   254
     * parameters.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   255
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   256
    public ServerSocket createServerSocket(int port) throws IOException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   257
        final SSLSocketFactory sslSocketFactory =
90ce3da70b43 Initial load
duke
parents:
diff changeset
   258
                context == null ?
90ce3da70b43 Initial load
duke
parents:
diff changeset
   259
                    getDefaultSSLSocketFactory() : context.getSocketFactory();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   260
        return new ServerSocket(port) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   261
            public Socket accept() throws IOException {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   262
                Socket socket = super.accept();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   263
                SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
90ce3da70b43 Initial load
duke
parents:
diff changeset
   264
                        socket, socket.getInetAddress().getHostName(),
90ce3da70b43 Initial load
duke
parents:
diff changeset
   265
                        socket.getPort(), true);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   266
                sslSocket.setUseClientMode(false);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   267
                if (enabledCipherSuites != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   268
                    sslSocket.setEnabledCipherSuites(enabledCipherSuites);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   269
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   270
                if (enabledProtocols != null) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   271
                    sslSocket.setEnabledProtocols(enabledProtocols);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   272
                }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   273
                sslSocket.setNeedClientAuth(needClientAuth);
90ce3da70b43 Initial load
duke
parents:
diff changeset
   274
                return sslSocket;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   275
            }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   276
        };
90ce3da70b43 Initial load
duke
parents:
diff changeset
   277
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   278
90ce3da70b43 Initial load
duke
parents:
diff changeset
   279
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   280
     * <p>Indicates whether some other object is "equal to" this one.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   281
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   282
     * <p>Two <code>SslRMIServerSocketFactory</code> objects are equal
90ce3da70b43 Initial load
duke
parents:
diff changeset
   283
     * if they have been constructed with the same SSL context and
90ce3da70b43 Initial load
duke
parents:
diff changeset
   284
     * SSL socket configuration parameters.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   285
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   286
     * <p>A subclass should override this method (as well as
90ce3da70b43 Initial load
duke
parents:
diff changeset
   287
     * {@link #hashCode()}) if it adds instance state that affects
90ce3da70b43 Initial load
duke
parents:
diff changeset
   288
     * equality.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   289
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   290
    public boolean equals(Object obj) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   291
        if (obj == null) return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   292
        if (obj == this) return true;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   293
        if (!(obj instanceof SslRMIServerSocketFactory))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   294
            return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   295
        SslRMIServerSocketFactory that = (SslRMIServerSocketFactory) obj;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   296
        return (getClass().equals(that.getClass()) && checkParameters(that));
90ce3da70b43 Initial load
duke
parents:
diff changeset
   297
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   298
90ce3da70b43 Initial load
duke
parents:
diff changeset
   299
    private boolean checkParameters(SslRMIServerSocketFactory that) {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   300
        // SSL context
90ce3da70b43 Initial load
duke
parents:
diff changeset
   301
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   302
        if (context == null ? that.context != null : !context.equals(that.context))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   303
            return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   304
90ce3da70b43 Initial load
duke
parents:
diff changeset
   305
        // needClientAuth flag
90ce3da70b43 Initial load
duke
parents:
diff changeset
   306
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   307
        if (needClientAuth != that.needClientAuth)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   308
            return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   309
90ce3da70b43 Initial load
duke
parents:
diff changeset
   310
        // enabledCipherSuites
90ce3da70b43 Initial load
duke
parents:
diff changeset
   311
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   312
        if ((enabledCipherSuites == null && that.enabledCipherSuites != null) ||
90ce3da70b43 Initial load
duke
parents:
diff changeset
   313
                (enabledCipherSuites != null && that.enabledCipherSuites == null))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   314
            return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   315
        if (enabledCipherSuites != null && that.enabledCipherSuites != null) {
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   316
            List<String> thatEnabledCipherSuitesList =
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   317
                    Arrays.asList(that.enabledCipherSuites);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   318
            if (!enabledCipherSuitesList.equals(thatEnabledCipherSuitesList))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   319
                return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   320
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   321
90ce3da70b43 Initial load
duke
parents:
diff changeset
   322
        // enabledProtocols
90ce3da70b43 Initial load
duke
parents:
diff changeset
   323
        //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   324
        if ((enabledProtocols == null && that.enabledProtocols != null) ||
90ce3da70b43 Initial load
duke
parents:
diff changeset
   325
                (enabledProtocols != null && that.enabledProtocols == null))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   326
            return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   327
        if (enabledProtocols != null && that.enabledProtocols != null) {
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   328
            List<String> thatEnabledProtocolsList =
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   329
                    Arrays.asList(that.enabledProtocols);
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   330
            if (!enabledProtocolsList.equals(thatEnabledProtocolsList))
90ce3da70b43 Initial load
duke
parents:
diff changeset
   331
                return false;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   332
        }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   333
90ce3da70b43 Initial load
duke
parents:
diff changeset
   334
        return true;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   335
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   336
90ce3da70b43 Initial load
duke
parents:
diff changeset
   337
    /**
90ce3da70b43 Initial load
duke
parents:
diff changeset
   338
     * <p>Returns a hash code value for this
90ce3da70b43 Initial load
duke
parents:
diff changeset
   339
     * <code>SslRMIServerSocketFactory</code>.</p>
90ce3da70b43 Initial load
duke
parents:
diff changeset
   340
     *
90ce3da70b43 Initial load
duke
parents:
diff changeset
   341
     * @return a hash code value for this
90ce3da70b43 Initial load
duke
parents:
diff changeset
   342
     * <code>SslRMIServerSocketFactory</code>.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   343
     */
90ce3da70b43 Initial load
duke
parents:
diff changeset
   344
    public int hashCode() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   345
        return getClass().hashCode() +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   346
                (context == null ? 0 : context.hashCode()) +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   347
                (needClientAuth ? Boolean.TRUE.hashCode() : Boolean.FALSE.hashCode()) +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   348
                (enabledCipherSuites == null ? 0 : enabledCipherSuitesList.hashCode()) +
90ce3da70b43 Initial load
duke
parents:
diff changeset
   349
                (enabledProtocols == null ? 0 : enabledProtocolsList.hashCode());
90ce3da70b43 Initial load
duke
parents:
diff changeset
   350
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   351
90ce3da70b43 Initial load
duke
parents:
diff changeset
   352
    // We use a static field because:
90ce3da70b43 Initial load
duke
parents:
diff changeset
   353
    //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   354
    //    SSLSocketFactory.getDefault() always returns the same object
90ce3da70b43 Initial load
duke
parents:
diff changeset
   355
    //    (at least on Sun's implementation), and we want to make sure
90ce3da70b43 Initial load
duke
parents:
diff changeset
   356
    //    that the Javadoc & the implementation stay in sync.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   357
    //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   358
    // If someone needs to have different SslRMIServerSocketFactory
90ce3da70b43 Initial load
duke
parents:
diff changeset
   359
    // factories with different underlying SSLSocketFactory objects
90ce3da70b43 Initial load
duke
parents:
diff changeset
   360
    // using different keystores and truststores, he/she can always
90ce3da70b43 Initial load
duke
parents:
diff changeset
   361
    // use the constructor that takes an SSLContext as input.
90ce3da70b43 Initial load
duke
parents:
diff changeset
   362
    //
90ce3da70b43 Initial load
duke
parents:
diff changeset
   363
    private static SSLSocketFactory defaultSSLSocketFactory = null;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   364
90ce3da70b43 Initial load
duke
parents:
diff changeset
   365
    private static synchronized SSLSocketFactory getDefaultSSLSocketFactory() {
90ce3da70b43 Initial load
duke
parents:
diff changeset
   366
        if (defaultSSLSocketFactory == null)
90ce3da70b43 Initial load
duke
parents:
diff changeset
   367
            defaultSSLSocketFactory =
90ce3da70b43 Initial load
duke
parents:
diff changeset
   368
                    (SSLSocketFactory) SSLSocketFactory.getDefault();
90ce3da70b43 Initial load
duke
parents:
diff changeset
   369
        return defaultSSLSocketFactory;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   370
    }
90ce3da70b43 Initial load
duke
parents:
diff changeset
   371
90ce3da70b43 Initial load
duke
parents:
diff changeset
   372
    private final String[] enabledCipherSuites;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   373
    private final String[] enabledProtocols;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   374
    private final boolean needClientAuth;
51
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   375
    private List<String> enabledCipherSuitesList;
6fe31bc95bbc 6600143: Remove another 450 unnecessary casts
martin
parents: 2
diff changeset
   376
    private List<String> enabledProtocolsList;
2
90ce3da70b43 Initial load
duke
parents:
diff changeset
   377
    private SSLContext context;
90ce3da70b43 Initial load
duke
parents:
diff changeset
   378
}