/** * Get a configured SSL socket connected to the specified host and port. * <p> * If SSLSocketParameters are not null, then they are used to set the values * for the algorithms, keystore, truststore and other settings. * <p> * Else if SSLSocketParameters are null then the default settings are used. * Default settings are retrieved from System properties that are set. * <p> * Example system properties: -Djavax.net.ssl.trustStore=<truststore location> * -Djavax.net.ssl.trustStorePassword=password * -Djavax.net.ssl.keyStore=<keystore location> * -Djavax.net.ssl.keyStorePassword=password * <p> * All the client methods return a bound connection, so there is no need to * call open() on the TTransport. */ public static SSLSocket getClientSocket(InetAddress hostAddress, int port, int timeout, SocketParameters params) throws TTransportException { SSLContext ctx = createSSLContext(params); return createClient(ctx.getSocketFactory(), hostAddress, port, timeout, params); }
/** * Initializes and connects the SSL socket object */ private static Socket initSSLSocket(InetAddress hostAddress, int port, SocketParameters sockParams, int timeout) throws TTransportException { return SSLFactory.getClientSocket(hostAddress, port, timeout, sockParams); }
/** * Get a configured SSL wrapped TServerSocket bound to the specified port and * interface. * <p> * If SocketParameters have SSL properties set, then they are used to set the * values for the algorithms, keystore, truststore and other settings. * <p> * Else if SocketParameters don't have SSL settings, then the default settings * are used. Default settings are retrieved from server System properties. * * Example system properties: -Djavax.net.ssl.trustStore=<truststore location> * -Djavax.net.ssl.trustStorePassword=password * -Djavax.net.ssl.keyStore=<keystore location> * -Djavax.net.ssl.keyStorePassword=password * * * @return An SSL wrapped {@link SnappyTSSLServerSocket} */ public static SnappyTSSLServerSocket getServerSocket( InetSocketAddress bindAddress, SocketParameters params) throws TTransportException { SSLContext ctx = SSLFactory.createSSLContext(params); return createServer(ctx.getServerSocketFactory(), bindAddress, params); }
private ByteChannel initChannel(String id, SelectionKey key, boolean ssl, SocketParameters params, boolean forClient) throws TTransportException, IOException { if (ssl) { // setup the SSL engine SSLEngine engine = SSLFactory.createEngine(this.socketAddress.getHostName(), this.socketAddress.getPort(), params, forClient); return SSLSocketChannel.create(id, socketChannel, key, engine, true); } else { return this.socketChannel; } }
public static SSLEngine createEngine(String peerHostName, int peerPort, SocketParameters params, boolean forClient) throws TTransportException { SSLContext ctx = createSSLContext(params); SSLEngine engine = ctx.createSSLEngine(peerHostName, peerPort); if (params != null) { if (params.getSSLEnabledProtocols() != null) { engine.setEnabledProtocols(params.getSSLEnabledProtocols()); } if (params.getSSLCipherSuites() != null) { engine.setEnabledCipherSuites(params.getSSLCipherSuites()); } if (forClient) { engine.setUseClientMode(true); } else { engine.setUseClientMode(false); engine.setNeedClientAuth(params.getSSLClientAuth()); } } return engine; }