66 class SSLServerSocketImpl extends SSLServerSocket |
66 class SSLServerSocketImpl extends SSLServerSocket |
67 { |
67 { |
68 private SSLContextImpl sslContext; |
68 private SSLContextImpl sslContext; |
69 |
69 |
70 /* Do newly accepted connections require clients to authenticate? */ |
70 /* Do newly accepted connections require clients to authenticate? */ |
71 private byte doClientAuth = SSLEngineImpl.clauth_none; |
71 private ClientAuthType clientAuthType = ClientAuthType.CLIENT_AUTH_NONE; |
72 |
72 |
73 /* Do new connections created here use the "server" mode of SSL? */ |
73 /* Do new connections created here use the "server" mode of SSL? */ |
74 private boolean useServerMode = true; |
74 private boolean useServerMode = true; |
75 |
75 |
76 /* Can new connections created establish new sessions? */ |
76 /* Can new connections created establish new sessions? */ |
228 * Controls whether the connections which are accepted must include |
228 * Controls whether the connections which are accepted must include |
229 * client authentication. |
229 * client authentication. |
230 */ |
230 */ |
231 @Override |
231 @Override |
232 public void setNeedClientAuth(boolean flag) { |
232 public void setNeedClientAuth(boolean flag) { |
233 doClientAuth = (flag ? |
233 clientAuthType = (flag ? ClientAuthType.CLIENT_AUTH_REQUIRED : |
234 SSLEngineImpl.clauth_required : SSLEngineImpl.clauth_none); |
234 ClientAuthType.CLIENT_AUTH_NONE); |
235 } |
235 } |
236 |
236 |
237 @Override |
237 @Override |
238 public boolean getNeedClientAuth() { |
238 public boolean getNeedClientAuth() { |
239 return (doClientAuth == SSLEngineImpl.clauth_required); |
239 return (clientAuthType == ClientAuthType.CLIENT_AUTH_REQUIRED); |
240 } |
240 } |
241 |
241 |
242 /** |
242 /** |
243 * Controls whether the connections which are accepted should request |
243 * Controls whether the connections which are accepted should request |
244 * client authentication. |
244 * client authentication. |
245 */ |
245 */ |
246 @Override |
246 @Override |
247 public void setWantClientAuth(boolean flag) { |
247 public void setWantClientAuth(boolean flag) { |
248 doClientAuth = (flag ? |
248 clientAuthType = (flag ? ClientAuthType.CLIENT_AUTH_REQUESTED : |
249 SSLEngineImpl.clauth_requested : SSLEngineImpl.clauth_none); |
249 ClientAuthType.CLIENT_AUTH_NONE); |
250 } |
250 } |
251 |
251 |
252 @Override |
252 @Override |
253 public boolean getWantClientAuth() { |
253 public boolean getWantClientAuth() { |
254 return (doClientAuth == SSLEngineImpl.clauth_requested); |
254 return (clientAuthType == ClientAuthType.CLIENT_AUTH_REQUESTED); |
255 } |
255 } |
256 |
256 |
257 /** |
257 /** |
258 * Makes the returned sockets act in SSL "client" mode, not the usual |
258 * Makes the returned sockets act in SSL "client" mode, not the usual |
259 * server mode. The canonical example of why this is needed is for |
259 * server mode. The canonical example of why this is needed is for |
339 * presented during construction. |
339 * presented during construction. |
340 */ |
340 */ |
341 @Override |
341 @Override |
342 public Socket accept() throws IOException { |
342 public Socket accept() throws IOException { |
343 SSLSocketImpl s = new SSLSocketImpl(sslContext, useServerMode, |
343 SSLSocketImpl s = new SSLSocketImpl(sslContext, useServerMode, |
344 enabledCipherSuites, doClientAuth, enableSessionCreation, |
344 enabledCipherSuites, clientAuthType, enableSessionCreation, |
345 enabledProtocols, identificationProtocol, algorithmConstraints, |
345 enabledProtocols, identificationProtocol, algorithmConstraints, |
346 sniMatchers, preferLocalCipherSuites); |
346 sniMatchers, preferLocalCipherSuites); |
347 |
347 |
348 implAccept(s); |
348 implAccept(s); |
349 s.doneConnect(); |
349 s.doneConnect(); |