Java Code Examples for javax.net.ssl.SSLParameters#getNeedClientAuth()
The following examples show how to use
javax.net.ssl.SSLParameters#getNeedClientAuth() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SSLConfiguration.java From openjsse with GNU General Public License v2.0 | 4 votes |
|
void setSSLParameters(SSLParameters params) {
AlgorithmConstraints ac = params.getAlgorithmConstraints();
if (ac != null) {
this.userSpecifiedAlgorithmConstraints = ac;
} // otherwise, use the default value
String[] sa = params.getCipherSuites();
if (sa != null) {
this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
} // otherwise, use the default values
sa = params.getProtocols();
if (sa != null) {
this.enabledProtocols = ProtocolVersion.namesOf(sa);
this.maximumProtocolVersion = ProtocolVersion.NONE;
for (ProtocolVersion pv : enabledProtocols) {
if (pv.compareTo(maximumProtocolVersion) > 0) {
this.maximumProtocolVersion = pv;
}
}
} // otherwise, use the default values
if (params.getNeedClientAuth()) {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUIRED;
} else if (params.getWantClientAuth()) {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUESTED;
} else {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
}
String s = params.getEndpointIdentificationAlgorithm();
if (s != null) {
this.identificationProtocol = s;
} // otherwise, use the default value
List<SNIServerName> sniNames = params.getServerNames();
if (sniNames != null) {
this.noSniExtension = sniNames.isEmpty();
this.serverNames = sniNames;
} // null if none has been set
Collection<SNIMatcher> matchers = params.getSNIMatchers();
if (matchers != null) {
this.noSniMatcher = matchers.isEmpty();
this.sniMatchers = matchers;
} // null if none has been set
if (params instanceof org.openjsse.javax.net.ssl.SSLParameters) {
sa = ((org.openjsse.javax.net.ssl.SSLParameters)params).getApplicationProtocols();
if (sa != null) {
this.applicationProtocols = sa;
} // otherwise, use the default values
this.enableRetransmissions = ((org.openjsse.javax.net.ssl.SSLParameters)params).getEnableRetransmissions();
this.maximumPacketSize = ((org.openjsse.javax.net.ssl.SSLParameters)params).getMaximumPacketSize();
}
this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
}
Example 2
| Source File: SSLConfiguration.java From Bytecoder with Apache License 2.0 | 4 votes |
|
void setSSLParameters(SSLParameters params) {
AlgorithmConstraints ac = params.getAlgorithmConstraints();
if (ac != null) {
this.algorithmConstraints = ac;
} // otherwise, use the default value
String[] sa = params.getCipherSuites();
if (sa != null) {
this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
} // otherwise, use the default values
sa = params.getProtocols();
if (sa != null) {
this.enabledProtocols = ProtocolVersion.namesOf(sa);
this.maximumProtocolVersion = ProtocolVersion.NONE;
for (ProtocolVersion pv : enabledProtocols) {
if (pv.compareTo(maximumProtocolVersion) > 0) {
this.maximumProtocolVersion = pv;
}
}
} // otherwise, use the default values
if (params.getNeedClientAuth()) {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUIRED;
} else if (params.getWantClientAuth()) {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_REQUESTED;
} else {
this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
}
String s = params.getEndpointIdentificationAlgorithm();
if (s != null) {
this.identificationProtocol = s;
} // otherwise, use the default value
List<SNIServerName> sniNames = params.getServerNames();
if (sniNames != null) {
this.noSniExtension = sniNames.isEmpty();
this.serverNames = sniNames;
} // null if none has been set
Collection<SNIMatcher> matchers = params.getSNIMatchers();
if (matchers != null) {
this.noSniMatcher = matchers.isEmpty();
this.sniMatchers = matchers;
} // null if none has been set
sa = params.getApplicationProtocols();
if (sa != null) {
this.applicationProtocols = sa;
} // otherwise, use the default values
this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
this.enableRetransmissions = params.getEnableRetransmissions();
this.maximumPacketSize = params.getMaximumPacketSize();
}
Example 3
| Source File: OpenSSLEngine.java From wildfly-openssl with Apache License 2.0 | 4 votes |
|
@Override
public void setSSLParameters(SSLParameters sslParameters) {
super.setSSLParameters(sslParameters);
Runnable config = () -> {
// Use server's preference order for ciphers (rather than
// client's)
boolean orderCiphersSupported = false;
try {
orderCiphersSupported = SSL.getInstance().hasOp(SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
if (orderCiphersSupported) {
if (sslParameters.getUseCipherSuitesOrder()) {
SSL.getInstance().setSSLOptions(ssl, SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
}
}
} catch (UnsatisfiedLinkError e) {
// Ignore
}
if (!orderCiphersSupported) {
// OpenSSL does not support ciphers ordering.
LOG.fine("The version of SSL in use does not support cipher ordering");
}
if(!clientMode) {
int value = 0;
if (sslParameters.getNeedClientAuth()) {
value = SSL.SSL_CVERIFY_REQUIRE;
} else if (sslParameters.getWantClientAuth()) {
value = SSL.SSL_CVERIFY_OPTIONAL;
} else {
value = SSL.SSL_CVERIFY_NONE;
}
SSL.getInstance().setSSLVerify(ssl, value, DEFAULT_CERTIFICATE_VALIDATION_DEPTH);
}
if(clientMode) {
List<SNIServerName> sniHostNames = sslParameters.getServerNames();
if(sniHostNames != null && !sniHostNames.isEmpty()) {
for(SNIServerName serverName : sniHostNames) {
// Ignore SNI if not SNIHostName instance.
if(serverName instanceof SNIHostName) {
SNIHostName hostName = (SNIHostName) serverName;
SSL.getInstance().setServerNameIndication(ssl,
hostName.getAsciiName());
}
}
}
}
};
if(ssl == 0) {
tasks.add(config);
} else {
config.run();
}
}
