default void setEnabledProtocols(SSLContext sslContext, SSLServerSocket sslServerSocket, String[] protocols) { sslServerSocket.setEnabledProtocols(protocols); }
public void setEnabledProtocols(final String[] names) throws IllegalArgumentException { delegate.setEnabledProtocols(names); }
@Override public ServerSocket create() throws IOException { SSLServerSocket ss = null; ss = (SSLServerSocket) this.sslServerSocketFactory.createServerSocket(); if (this.sslProtocols != null) { ss.setEnabledProtocols(this.sslProtocols); } else { ss.setEnabledProtocols(ss.getSupportedProtocols()); } ss.setUseClientMode(false); ss.setWantClientAuth(false); ss.setNeedClientAuth(false); return ss; }
sslServerSocket.setEnabledProtocols(enabledProtocols.toArray(new String[0])); LOG.info("SSL Server Socket Enabled Protocols: " + Arrays.toString(sslServerSocket.getEnabledProtocols()));
sslServerSocket.setEnabledProtocols(enabledProtocols.toArray(new String[0])); LOG.info("SSL Server Socket Enabled Protocols: " + Arrays.toString(sslServerSocket.getEnabledProtocols()));
/** * Configure the SSLServerSocket based on this SocketCreator's settings. */ private void finishServerSocket(SSLServerSocket serverSocket) throws IOException { serverSocket.setUseClientMode(false); if (this.sslConfig.isRequireAuth()) { // serverSocket.setWantClientAuth( true ); serverSocket.setNeedClientAuth(true); } serverSocket.setEnableSessionCreation(true); // restrict protocols String[] protocols = this.sslConfig.getProtocolsAsStringArray(); if (!"any".equalsIgnoreCase(protocols[0])) { serverSocket.setEnabledProtocols(protocols); } // restrict ciphers String[] ciphers = this.sslConfig.getCiphersAsStringArray(); if (!"any".equalsIgnoreCase(ciphers[0])) { serverSocket.setEnabledCipherSuites(ciphers); } }
public ServerSocket createSSLServerSocket(int port, int backlog, InetAddress inetAddress) throws IOException { this.initSSLContext(); SSLServerSocketFactory serverSocketFactory = this.sslContext.getServerSocketFactory(); SSLServerSocket serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port, backlog, inetAddress); if (this.jsseSecurityDomain.getProtocols() != null){ serverSocket.setEnabledProtocols(this.jsseSecurityDomain.getProtocols()); } if (this.jsseSecurityDomain.getCipherSuites() != null){ serverSocket.setEnabledCipherSuites(this.jsseSecurityDomain.getCipherSuites()); } if (this.jsseSecurityDomain.isClientAuth() || this.require_mutual_auth){ serverSocket.setNeedClientAuth(true); } else { serverSocket.setWantClientAuth(this.request_mutual_auth); } return serverSocket; }
secureSocket = (SSLServerSocket) f.createServerSocket(port, 0, bindAddress); secureSocket.setEnabledProtocols( disableSSL(secureSocket.getEnabledProtocols())); if (SysProperties.ENABLE_ANONYMOUS_TLS) {
private TServerTransport getSSLServerTransport() { try { TServerTransport transport; TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters(); params.setKeyStore(getKeystore(), getKeystorePassword(), KeyManagerFactory.getDefaultAlgorithm(), getKeystoreType()); transport = TSSLTransportFactory.getServerSocket( port, 120000, InetAddress.getByName(bindAddress), params); ServerSocket serverSock = ((TServerSocket) transport).getServerSocket(); if (serverSock instanceof SSLServerSocket) { SSLServerSocket sslServerSock = (SSLServerSocket) serverSock; SSLParameters sslParameters = sslServerSock.getSSLParameters(); sslServerSock.setEnabledCipherSuites(getFilteredCipherSuites(sslParameters)); sslServerSock.setEnabledProtocols(getFilteredProtocols(sslParameters)); } return transport; } catch (Throwable throwable) { throw new FlumeException("Cannot start Thrift source.", throwable); } }
protected void setEnabledProtocols(SSLServerSocket socket, String[] protocols) { if (protocols != null) { socket.setEnabledProtocols(protocols); } }
public void setEnabledProtocols(String[] protocols) { delegate.setEnabledProtocols(protocols); }
@Override public SSLServerSocket createSSLServerSocket(int port) throws IOException { try { SSLServerSocket srvSock = null; SSLServerSocketFactory ssf = sslContext.getServerSocketFactory(); srvSock = (SSLServerSocket)ssf.createServerSocket(port); srvSock.setEnabledProtocols(SSLUtils.getRecommendedProtocols()); srvSock.setEnabledCipherSuites(SSLUtils.getRecommendedCiphers()); s_logger.info("create SSL server socket on port: " + port); return srvSock; } catch (Exception ioe) { s_logger.error(ioe.toString(), ioe); } return null; } }
public static SSLServerSocket createSSLServerSocket(SSLOption option, SSLCustom custom) { try { SSLContext context = createSSLContext(option, custom); SSLServerSocketFactory factory = context.getServerSocketFactory(); SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(); socket.setEnabledProtocols(option.getProtocols().split(",")); String[] supported = socket.getSupportedCipherSuites(); String[] eanbled = option.getCiphers().split(","); socket.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled)); socket.setNeedClientAuth(option.isAuthPeer()); return socket; } catch (UnknownHostException e) { throw new IllegalArgumentException("unkown host"); } catch (IOException e) { throw new IllegalArgumentException("unable create socket"); } }
sslServerSock.setEnabledProtocols(socketEnabledProtocols.toArray(new String[0]));
/** * Select protocols and cipher suites to be used * based on configured inclusion and exclusion lists * as well as enabled and supported protocols and cipher suites. * * Adapted from Jetty SslContextFactory.java * * @since 0.9.16 */ public static void setProtocolsAndCiphers(SSLServerSocket socket) { String[] p = selectProtocols(socket.getEnabledProtocols(), socket.getSupportedProtocols()); for (int i = 0; i < p.length; i++) { // if we left SSLv3 in there, we don't support TLS, // so we should't remove the SSL ciphers if (p[i].equals("SSLv3")) return; } socket.setEnabledProtocols(p); socket.setEnabledCipherSuites(selectCipherSuites(socket.getEnabledCipherSuites(), socket.getSupportedCipherSuites())); }
/** * Set the SSL protocol variants to be enabled. * @param socket the SSLServerSocket. * @param protocols the protocols to use. */ protected void setEnabledProtocols(SSLServerSocket socket, String []protocols){ if (protocols != null) { socket.setEnabledProtocols(protocols); } }
private SSLServerSocket restrictCipherSuites(SSLServerSocket sslServerSocket) { sslServerSocket.setEnabledCipherSuites(enabledCipherSuites); sslServerSocket.setEnabledProtocols(enabledProtocols); return sslServerSocket; } }
private SSLServerSocket restrictCipherSuites(SSLServerSocket sslServerSocket) { sslServerSocket.setEnabledCipherSuites(enabledCipherSuites); sslServerSocket.setEnabledProtocols(enabledProtocols); return sslServerSocket; } }
public class TlsServerSocketFactory implements RMIServerSocketFactory { public ServerSocket createServerSocket(int port) throws IOException { SSLServerSocketFactory sf = ((SSLServerSocketFactory) SSLServerSocketFactory.getDefault()); SSLServerSocket s = (SSLServerSocket) (sf.createServerSocket(port)); s.setUseClientMode(false); s.setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"}); // NO POODLES HERE! s.setEnabledCipherSuites(s.getSupportedCipherSuites()); return s; } }
private ServerSocket createTLSServerSocket(Connection conn) throws IOException, GeneralSecurityException { SSLContext sslContext = conn.getDevice().sslContext(); SSLServerSocketFactory ssf = sslContext.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket) ssf.createServerSocket(); ss.setEnabledProtocols(conn.getTlsProtocols()); ss.setEnabledCipherSuites(conn.getTlsCipherSuites()); ss.setNeedClientAuth(conn.isTlsNeedClientAuth()); return ss; }