public SSLServerSocket createSSLServerSocket(int port) throws IOException { SSLServerSocket sslServerSocket = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(port); return configureSSLServerSocket(sslServerSocket); }
public SSLSocket createSSLSocket() throws IOException { return configureSSLSocket((SSLSocket) sslContext.getSocketFactory().createSocket(), true); }
public SSLServerSocket createSSLServerSocket() throws X509Exception, IOException { return getDefaultSSLContextAndOptions().createSSLServerSocket(); }
/** * Note: constructor is intentionally package-private, only the X509Util class should be creating instances of this * class. * @param x509Util the X509Util that created this object. * @param config a ZKConfig that holds config properties. * @param sslContext the SSLContext. */ SSLContextAndOptions(final X509Util x509Util, final ZKConfig config, final SSLContext sslContext) { this.x509Util = requireNonNull(x509Util); this.sslContext = requireNonNull(sslContext); this.enabledProtocols = getEnabledProtocols(requireNonNull(config), sslContext); this.cipherSuites = getCipherSuites(config); this.clientAuth = getClientAuth(config); this.handshakeDetectionTimeoutMillis = getHandshakeDetectionTimeoutMillis(config); }
private SSLServerSocket configureSSLServerSocket(SSLServerSocket socket) { SSLParameters sslParameters = socket.getSSLParameters(); configureSslParameters(sslParameters, false); socket.setSSLParameters(sslParameters); socket.setUseClientMode(false); return socket; }
public SSLSocket createSSLSocket() throws X509Exception, IOException { return getDefaultSSLContextAndOptions().createSSLSocket(); }
@SuppressWarnings("unchecked") public SSLContextAndOptions createSSLContextAndOptions(ZKConfig config) throws SSLContextException { final String supplierContextClassName = config.getProperty(sslContextSupplierClassProperty); if (supplierContextClassName != null) { if (LOG.isDebugEnabled()) { LOG.debug("Loading SSLContext supplier from property '{}'", sslContextSupplierClassProperty); } try { Class<?> sslContextClass = Class.forName(supplierContextClassName); Supplier<SSLContext> sslContextSupplier = (Supplier<SSLContext>) sslContextClass.getConstructor().newInstance(); return new SSLContextAndOptions(this, config, sslContextSupplier.get()); } catch (ClassNotFoundException | ClassCastException | NoSuchMethodException | InvocationTargetException | InstantiationException | IllegalAccessException e) { throw new SSLContextException("Could not retrieve the SSLContext from supplier source '" + supplierContextClassName + "' provided in the property '" + sslContextSupplierClassProperty + "'", e); } } else { return createSSLContextAndOptionsFromConfig(config); } }
/** * Returns the max amount of time, in milliseconds, that the first UnifiedServerSocket read() operation should * block for when trying to detect the client mode (TLS or PLAINTEXT). * Defaults to {@link X509Util#DEFAULT_HANDSHAKE_DETECTION_TIMEOUT_MILLIS}. * * @return the handshake detection timeout, in milliseconds. */ public int getSslHandshakeTimeoutMillis() { try { SSLContextAndOptions ctx = getDefaultSSLContextAndOptions(); return ctx.getHandshakeDetectionTimeoutMillis(); } catch (SSLContextException e) { LOG.error("Error creating SSL context and options", e); return DEFAULT_HANDSHAKE_DETECTION_TIMEOUT_MILLIS; } catch (Exception e) { LOG.error("Error parsing config property " + getSslHandshakeDetectionTimeoutMillisProperty(), e); return DEFAULT_HANDSHAKE_DETECTION_TIMEOUT_MILLIS; } }
private SSLSocket configureSSLSocket(SSLSocket socket, boolean isClientSocket) { SSLParameters sslParameters = socket.getSSLParameters(); configureSslParameters(sslParameters, isClientSocket); socket.setSSLParameters(sslParameters); socket.setUseClientMode(isClientSocket); return socket; }
public SSLSocket createSSLSocket(Socket socket, byte[] pushbackBytes) throws X509Exception, IOException { return getDefaultSSLContextAndOptions().createSSLSocket(socket, pushbackBytes); }
SSLContext sslContext = SSLContext.getInstance(protocol); sslContext.init(keyManagers, trustManagers, null); return new SSLContextAndOptions(this, config, sslContext); } catch (NoSuchAlgorithmException | KeyManagementException sslContextInitException) { throw new SSLContextException(sslContextInitException);
public SSLServerSocket createSSLServerSocket() throws IOException { SSLServerSocket sslServerSocket = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(); return configureSSLServerSocket(sslServerSocket); }
public SSLSocket createSSLSocket(Socket socket, byte[] pushbackBytes) throws IOException { SSLSocket sslSocket; if (pushbackBytes != null && pushbackBytes.length > 0) { sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket( socket, new ByteArrayInputStream(pushbackBytes), true); } else { sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket( socket, null, socket.getPort(), true); } return configureSSLSocket(sslSocket, false); }
public SSLServerSocket createSSLServerSocket(int port) throws X509Exception, IOException { return getDefaultSSLContextAndOptions().createSSLServerSocket(port); }