javax.net.ssl.SSLServerSocket Java Examples

The following examples show how to use javax.net.ssl.SSLServerSocket. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SSLUtilsTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example #2
Source File: JSSEServer.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
JSSEServer(CipherTestUtils cipherTest, int serverPort,
        String protocol, String cipherSuite) throws Exception {
    super(cipherTest);
    this.serverPort = serverPort;
    SSLContext serverContext = SSLContext.getInstance("TLS");
    serverContext.init(new KeyManager[]{cipherTest.getServerKeyManager()},
            new TrustManager[]{cipherTest.getServerTrustManager()},
            CipherTestUtils.secureRandom);
    SSLServerSocketFactory factory =
            (SSLServerSocketFactory)serverContext.getServerSocketFactory();
    serverSocket =
            (SSLServerSocket) factory.createServerSocket(serverPort);
    serverSocket.setEnabledProtocols(protocol.split(","));
    serverSocket.setEnabledCipherSuites(cipherSuite.split(","));

    CipherTestUtils.printInfo(serverSocket);
}
 
Example #3
Source File: SSLUtilsTest.java    From flink with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example #4
Source File: CipherTestUtils.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example #5
Source File: DefaultSSLServSocketFac.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #6
Source File: CipherTestUtils.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example #7
Source File: CipherTestUtils.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example #8
Source File: TestAmqpPeerRunner.java    From qpid-jms with Apache License 2.0 6 votes vote down vote up
public TestAmqpPeerRunner(TestAmqpPeer peer, SSLContext sslContext, boolean needClientCert) throws IOException
{
    int port = useFixedPort ? PORT : 0;
    this.needClientCert = needClientCert;

    if (sslContext == null)
    {
        _serverSocket = new ServerSocket(port);
    }
    else
    {
        SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
        _serverSocket = socketFactory.createServerSocket(port);

        SSLServerSocket sslServerSocket = (SSLServerSocket) _serverSocket;
        if (this.needClientCert)
        {
            sslServerSocket.setNeedClientAuth(true);
        }
    }

    _testFrameParser = new TestFrameParser(peer);
    _peer = peer;
}
 
Example #9
Source File: DefaultSSLServSocketFac.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #10
Source File: SocketFactory.java    From dacapobench with Apache License 2.0 6 votes vote down vote up
/**
 * Create a server socket for this connection.
 *
 * @param port    The target listener port.
 * @param backlog The requested backlog value for the connection.
 * @param address The host address information we're publishing under.
 *
 * @return An appropriately configured ServerSocket for this
 *         connection.
 * @exception IOException
 * @exception ConnectException
 */
public ServerSocket createServerSocket(int port, int backlog, InetAddress address) throws IOException {
    try {
        // if no protection is required, just create a plain socket.
        if ((NoProtection.value & requires) == NoProtection.value) {
            if (log.isDebugEnabled()) log.debug("Created plain server socket for port " + port);
            return new ServerSocket(port, backlog, address);
        }
        else {
            // SSL is required.  Create one from the SSLServerFactory retrieved from the config.  This will
            // require additional QOS configuration after creation.
            SSLServerSocket serverSocket = (SSLServerSocket)getServerSocketFactory().createServerSocket(port, backlog, address);
            configureServerSocket(serverSocket);
            return serverSocket;
        }
    } catch (IOException ex) {
        log.error("Exception creating a client socket to "  + address.getHostName() + ":" + port, ex);
        throw ex;
    }
}
 
Example #11
Source File: DefaultSSLServSocketFac.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #12
Source File: SSLServerChannelFactory.java    From yajsync with GNU General Public License v3.0 6 votes vote down vote up
@Override
public ServerChannel open(InetAddress address, int port, int timeout)
        throws IOException
{
    SSLServerSocket sock =
        (SSLServerSocket) _factory.createServerSocket(port,
                                                      _backlog, address);
    try {
        sock.setReuseAddress(_isReuseAddress);
        sock.setWantClientAuth(_isWantClientAuth);
        return new SSLServerChannel(sock, timeout);
    } catch (Throwable t) {
        if (!sock.isClosed()) {
            try {
                sock.close();
            } catch (Throwable tt) {
                t.addSuppressed(tt);
            }
        }
        throw t;
    }
}
 
Example #13
Source File: DefaultSSLServSocketFac.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #14
Source File: EchoServer.java    From ambry with Apache License 2.0 6 votes vote down vote up
/**
 * Create an EchoServer that supports SSL connections
 */
public EchoServer(SSLFactory sslFactory, int port) throws Exception {
  this.port = port;
  if (sslFactory == null) {
    this.serverSocket = new ServerSocket(port);
  } else {
    SSLContext sslContext = sslFactory.getSSLContext();
    this.serverSocket = sslContext.getServerSocketFactory().createServerSocket(port);

    // enable mutual authentication
    ((SSLServerSocket) this.serverSocket).setNeedClientAuth(true);
  }
  this.threads = Collections.synchronizedList(new ArrayList<Thread>());
  this.sockets = Collections.synchronizedList(new ArrayList<Socket>());
  this.exceptions = Collections.synchronizedList(new ArrayList<Exception>());
}
 
Example #15
Source File: JSSEServer.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
JSSEServer(CipherTestUtils cipherTest, int serverPort,
        String protocol, String cipherSuite) throws Exception {
    super(cipherTest);
    this.serverPort = serverPort;
    SSLContext serverContext = SSLContext.getInstance("TLS");
    serverContext.init(new KeyManager[]{cipherTest.getServerKeyManager()},
            new TrustManager[]{cipherTest.getServerTrustManager()},
            CipherTestUtils.secureRandom);
    SSLServerSocketFactory factory =
            (SSLServerSocketFactory)serverContext.getServerSocketFactory();
    serverSocket =
            (SSLServerSocket) factory.createServerSocket(serverPort);
    serverSocket.setEnabledProtocols(protocol.split(","));
    serverSocket.setEnabledCipherSuites(cipherSuite.split(","));

    CipherTestUtils.printInfo(serverSocket);
}
 
Example #16
Source File: DefaultSSLServSocketFac.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #17
Source File: SslContextFactory.java    From IoTgo_Android_App with MIT License 6 votes vote down vote up
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException
{
    SSLServerSocketFactory factory = _context.getServerSocketFactory();

    SSLServerSocket socket =
        (SSLServerSocket) (host==null ?
                    factory.createServerSocket(port,backlog):
                    factory.createServerSocket(port,backlog,InetAddress.getByName(host)));

    if (getWantClientAuth())
        socket.setWantClientAuth(getWantClientAuth());
    if (getNeedClientAuth())
        socket.setNeedClientAuth(getNeedClientAuth());

    socket.setEnabledCipherSuites(selectCipherSuites(
                                        socket.getEnabledCipherSuites(),
                                        socket.getSupportedCipherSuites()));
    socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols()));

    return socket;
}
 
Example #18
Source File: CipherTestUtils.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example #19
Source File: SSLUtilsTest.java    From Flink-CEPplus with Apache License 2.0 6 votes vote down vote up
/**
 * Tests if SSLUtils set the right ssl version and cipher suites for SSLServerSocket.
 */
@Test
public void testSetSSLVersionAndCipherSuitesForSSLServerSocket() throws Exception {
	Configuration serverConfig = createInternalSslConfigWithKeyAndTrustStores();

	// set custom protocol and cipher suites
	serverConfig.setString(SecurityOptions.SSL_PROTOCOL, "TLSv1.1");
	serverConfig.setString(SecurityOptions.SSL_ALGORITHMS, "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256");

	try (ServerSocket socket = SSLUtils.createSSLServerSocketFactory(serverConfig).createServerSocket(0)) {
		assertTrue(socket instanceof SSLServerSocket);
		final SSLServerSocket sslSocket = (SSLServerSocket) socket;

		String[] protocols = sslSocket.getEnabledProtocols();
		String[] algorithms = sslSocket.getEnabledCipherSuites();

		assertEquals(1, protocols.length);
		assertEquals("TLSv1.1", protocols[0]);
		assertEquals(2, algorithms.length);
		assertThat(algorithms, arrayContainingInAnyOrder(
				"TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256"));
	}
}
 
Example #20
Source File: DefaultSSLServSocketFac.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reserve the security properties
    String reservedSSFacProvider =
        Security.getProperty("ssl.ServerSocketFactory.provider");

    try {
        Security.setProperty("ssl.ServerSocketFactory.provider", "oops");
        ServerSocketFactory ssocketFactory =
                    SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket =
                    (SSLServerSocket)ssocketFactory.createServerSocket();
    } catch (Exception e) {
        if (!(e.getCause() instanceof ClassNotFoundException)) {
            throw e;
        }
        // get the expected exception
    } finally {
        // restore the security properties
        if (reservedSSFacProvider == null) {
            reservedSSFacProvider = "";
        }
        Security.setProperty("ssl.ServerSocketFactory.provider",
                                                reservedSSFacProvider);
    }
}
 
Example #21
Source File: GfxdTSSLServerSocketFactory.java    From gemfirexd-oss with Apache License 2.0 6 votes vote down vote up
private static GfxdTSSLServerSocket createServer(
    SSLServerSocketFactory factory, InetSocketAddress bindAddress,
    SocketParameters params) throws TTransportException {
  try {
    SSLServerSocket serverSocket = (SSLServerSocket)factory
        .createServerSocket(bindAddress.getPort(), 100,
            bindAddress.getAddress());
    if (params != null) {
      if (params.getSSLEnabledProtocols() != null) {
        serverSocket.setEnabledProtocols(params.getSSLEnabledProtocols());
      }
      if (params.getSSLCipherSuites() != null) {
        serverSocket.setEnabledCipherSuites(params.getSSLCipherSuites());
      }
      serverSocket.setNeedClientAuth(params.getSSLClientAuth());
    }
    return new GfxdTSSLServerSocket(serverSocket, bindAddress, params);
  } catch (Exception e) {
    throw new TTransportException(TTransportException.NOT_OPEN,
        "Could not bind to host:port " + bindAddress.toString(), e);
  }
}
 
Example #22
Source File: CipherTestUtils.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void printInfo(SSLServerSocket socket) {
    System.out.println();
    System.out.println("--- SSL ServerSocket Info ---");
    System.out.print("SupportedProtocols    : ");
    printStringArray(socket.getSupportedProtocols());
    System.out.print("SupportedCipherSuites : ");
    printStringArray(socket.getSupportedCipherSuites());
    System.out.print("EnabledProtocols      : ");
    printStringArray(socket.getEnabledProtocols());
    System.out.print("EnabledCipherSuites   : ");
    String[] supportedCipherSuites = socket.getEnabledCipherSuites();
    Arrays.sort(supportedCipherSuites);
    printStringArray(supportedCipherSuites);
    System.out.println("NeedClientAuth        : "
            + socket.getNeedClientAuth());
    System.out.println("WantClientAuth        : "
            + socket.getWantClientAuth());
    System.out.println("-----------------------");
}
 
Example #23
Source File: NanoHTTPD.java    From AndroidHttpServer with MIT License 5 votes vote down vote up
/**
 * Start the server.
 *
 * @param timeout
 *            timeout to use for socket connections.
 * @throws IOException
 *             if the socket is in use.
 */
public void start(final int timeout) throws IOException {
    if (this.sslServerSocketFactory != null) {
        SSLServerSocket ss = (SSLServerSocket) this.sslServerSocketFactory.createServerSocket();
        ss.setNeedClientAuth(false);
        this.myServerSocket = ss;
    } else {
        this.myServerSocket = new ServerSocket();
    }
    this.myServerSocket.setReuseAddress(true);

    ServerRunnable serverRunnable = createServerRunnable(timeout);
    this.myThread = new Thread(serverRunnable);
    this.myThread.setDaemon(true);
    this.myThread.setName("NanoHttpd Main Listener");
    this.myThread.start();
    while (!serverRunnable.hasBinded && serverRunnable.bindException == null) {
        try {
            Thread.sleep(10L);
        } catch (Throwable e) {
            // on android this may not be allowed, that's why we
            // catch throwable the wait should be very short because we are
            // just waiting for the bind of the socket
        }
    }
    if (serverRunnable.bindException != null) {
        throw serverRunnable.bindException;
    }
}
 
Example #24
Source File: JSSEServer.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
public JSSEServer(SSLContext context,
        boolean needClientAuth) throws Exception {
    SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
    server = (SSLServerSocket) serverFactory.createServerSocket(0);
    server.setSoTimeout(TLSRestrictions.TIMEOUT);
    server.setNeedClientAuth(needClientAuth); // for dual authentication
    System.out.println("Server: port=" + getPort());
}
 
Example #25
Source File: ConnectionLoadBalanceServer.java    From nifi with Apache License 2.0 5 votes vote down vote up
private ServerSocket createServerSocket() throws IOException {
    final InetAddress inetAddress = hostname == null ? null : InetAddress.getByName(hostname);

    if (sslContext == null) {
        return new ServerSocket(port, 50, InetAddress.getByName(hostname));
    } else {
        final SSLServerSocket serverSocket = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(port, 50, inetAddress);
        serverSocket.setNeedClientAuth(true);
        // Enforce custom protocols on socket
        serverSocket.setEnabledProtocols(CertificateUtils.getCurrentSupportedTlsProtocolVersions());
        return serverSocket;
    }
}
 
Example #26
Source File: JSSESocketFactory.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
/**
 * Configure Client authentication for this version of JSSE.  The
 * JSSE included in Java 1.4 supports the 'want' value.  Prior
 * versions of JSSE will treat 'want' as 'false'.
 * @param socket the SSLServerSocket
 */
protected void configureClientAuth(SSLServerSocket socket){
    if (wantClientAuth){
        socket.setWantClientAuth(wantClientAuth);
    } else {
        socket.setNeedClientAuth(requireClientAuth);
    }
}
 
Example #27
Source File: Proxy.java    From gemfirexd-oss with Apache License 2.0 5 votes vote down vote up
ServerSocket createSSLServerSocket(InetSocketAddress addr) throws Exception {
    SSLServerSocketFactory sslserversocketfactory =
        (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
    SSLServerSocket sslserversocket =
        (SSLServerSocket)sslserversocketfactory.createServerSocket(addr.getPort(), 10, addr.getAddress());
    return sslserversocket;
}
 
Example #28
Source File: JSSEServer.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
public JSSEServer(SSLContext context,
        boolean needClientAuth) throws Exception {
    SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
    server = (SSLServerSocket) serverFactory.createServerSocket(0);
    server.setSoTimeout(TLSRestrictions.TIMEOUT);
    server.setNeedClientAuth(needClientAuth); // for dual authentication
    System.out.println("Server: port=" + getPort());
}
 
Example #29
Source File: DefautlCacheSize.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    SSLServerSocketFactory sssf =
            (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

    try (SSLServerSocket serverSocket =
                (SSLServerSocket)sssf.createServerSocket()) {

        String[] protocols = serverSocket.getSupportedProtocols();
        for (int i = 0; i < protocols.length; i++) {
            if (protocols[i].equals("SSLv2Hello")) {
                continue;
            }
            SSLContext sslContext = SSLContext.getInstance(protocols[i]);
            SSLSessionContext sessionContext =
                    sslContext.getServerSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default server session cache size is infinite");
            }

            sessionContext = sslContext.getClientSessionContext();
            if (sessionContext.getSessionCacheSize() == 0) {
                throw new Exception(
                    "the default client session cache size is infinite");
            }
        }
    }
}
 
Example #30
Source File: JmxRemoteLifecycleListener.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Override
public ServerSocket createServerSocket(int port) throws IOException  {
    SSLServerSocket sslServerSocket =
            (SSLServerSocket) sslServerSocketFactory.createServerSocket(port, 0, bindAddress);
    if (getEnabledCipherSuites() != null) {
        sslServerSocket.setEnabledCipherSuites(getEnabledCipherSuites());
    }
    if (getEnabledProtocols() == null) {
        sslServerSocket.setEnabledProtocols(defaultProtocols);
    } else {
        sslServerSocket.setEnabledProtocols(getEnabledProtocols());
    }
    sslServerSocket.setNeedClientAuth(getNeedClientAuth());
    return sslServerSocket;
}