default void setNeedClientAuth(SSLContext sslContext, SSLServerSocket sslServerSocket, boolean value) { sslServerSocket.setNeedClientAuth(value); }
default void setWantClientAuth(SSLContext sslContext, SSLServerSocket sslServerSocket, boolean value) { sslServerSocket.setNeedClientAuth(value); }
public void setNeedClientAuth(final SSLContext sslContext, final SSLServerSocket sslServerSocket, final boolean value) { if (value) sslServerSocket.setNeedClientAuth(value); }
public void setNeedClientAuth(final boolean need) { delegate.setNeedClientAuth(need); }
private ServerSocket createServerSocket() throws IOException { final InetAddress inetAddress = hostname == null ? null : InetAddress.getByName(hostname); if (sslContext == null) { return new ServerSocket(port, 50, InetAddress.getByName(hostname)); } else { final ServerSocket serverSocket = sslContext.getServerSocketFactory().createServerSocket(port, 50, inetAddress); ((SSLServerSocket) serverSocket).setNeedClientAuth(true); return serverSocket; } }
protected SSLServerSocket createServerSocket() throws Exception { SSLContext ctx=getContext(); SSLServerSocketFactory sslServerSocketFactory=ctx.getServerSocketFactory(); SSLServerSocket sslServerSocket=null; for(int i=0; i < port_range; i++) { try { sslServerSocket=(SSLServerSocket)sslServerSocketFactory.createServerSocket(port + i, 50, bind_addr); sslServerSocket.setNeedClientAuth(require_client_authentication); return sslServerSocket; } catch(Throwable t) { } } throw new IllegalStateException(String.format("found no valid port to bind to in range [%d-%d]", port, port+port_range)); }
/** * Binds this socket to the previously specified URI. * * Overridden to allow for proper handling of needClientAuth. * * @throws IOException passed up from TcpTransportServer. */ @Override public void bind() throws IOException { super.bind(); if (needClientAuth) { ((SSLServerSocket)this.serverSocket).setNeedClientAuth(true); } else if (wantClientAuth) { ((SSLServerSocket)this.serverSocket).setWantClientAuth(true); } }
/** * Binds this socket to the previously specified URI. * * Overridden to allow for proper handling of needClientAuth. * * @throws IOException passed up from TcpTransportServer. */ @Override public void bind() throws IOException { super.bind(); if (needClientAuth) { ((SSLServerSocket)this.serverSocket).setNeedClientAuth(true); } else if (wantClientAuth) { ((SSLServerSocket)this.serverSocket).setWantClientAuth(true); } }
@Override public ServerSocket create() throws IOException { SSLServerSocket ss = null; ss = (SSLServerSocket) this.sslServerSocketFactory.createServerSocket(); if (this.sslProtocols != null) { ss.setEnabledProtocols(this.sslProtocols); } else { ss.setEnabledProtocols(ss.getSupportedProtocols()); } ss.setUseClientMode(false); ss.setWantClientAuth(false); ss.setNeedClientAuth(false); return ss; }
public static ServerSocket createServerSocket(final int port, final ServerSocketConfiguration config) throws IOException, KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, CertificateException { if (config == null) { throw new NullPointerException("Configuration may not be null."); } final SSLContext sslContext = config.createSSLContext(); final ServerSocket serverSocket; if (sslContext == null) { serverSocket = new ServerSocket(port); } else { serverSocket = sslContext.getServerSocketFactory().createServerSocket(port); ((SSLServerSocket) serverSocket).setNeedClientAuth(config.getNeedClientAuth()); } if (config.getSocketTimeout() != null) { serverSocket.setSoTimeout(config.getSocketTimeout()); } if (config.getReuseAddress() != null) { serverSocket.setReuseAddress(config.getReuseAddress()); } if (config.getReceiveBufferSize() != null) { serverSocket.setReceiveBufferSize(config.getReceiveBufferSize()); } return serverSocket; }
/** * Configure the SSLServerSocket based on this SocketCreator's settings. */ private void finishServerSocket(SSLServerSocket serverSocket) throws IOException { serverSocket.setUseClientMode(false); if (this.sslConfig.isRequireAuth()) { // serverSocket.setWantClientAuth( true ); serverSocket.setNeedClientAuth(true); } serverSocket.setEnableSessionCreation(true); // restrict protocols String[] protocols = this.sslConfig.getProtocolsAsStringArray(); if (!"any".equalsIgnoreCase(protocols[0])) { serverSocket.setEnabledProtocols(protocols); } // restrict ciphers String[] ciphers = this.sslConfig.getCiphersAsStringArray(); if (!"any".equalsIgnoreCase(ciphers[0])) { serverSocket.setEnabledCipherSuites(ciphers); } }
public ServerSocket createSSLServerSocket(int port, int backlog, InetAddress inetAddress) throws IOException { this.initSSLContext(); SSLServerSocketFactory serverSocketFactory = this.sslContext.getServerSocketFactory(); SSLServerSocket serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(port, backlog, inetAddress); if (this.jsseSecurityDomain.getProtocols() != null){ serverSocket.setEnabledProtocols(this.jsseSecurityDomain.getProtocols()); } if (this.jsseSecurityDomain.getCipherSuites() != null){ serverSocket.setEnabledCipherSuites(this.jsseSecurityDomain.getCipherSuites()); } if (this.jsseSecurityDomain.isClientAuth() || this.require_mutual_auth){ serverSocket.setNeedClientAuth(true); } else { serverSocket.setWantClientAuth(this.request_mutual_auth); } return serverSocket; }
.createServerSocket(port, 0, spi.locHost); sslSock.setNeedClientAuth(true);
public void setNeedClientAuth(boolean state) { delegate.setNeedClientAuth(state); }
@Override public void postProcessServerSocket(ServerSocket serverSocket) { ((SSLServerSocket) serverSocket).setNeedClientAuth(true); }
KeyStore trustStore = KeyStore.getInstance("JKS"); InputStream tsis = new FileInputStream("trustedcerts.jks"); trustStore.load(tsis, "clientpublicpw".toCharArray()); tsis.close(); KeyStore serverKeyStore = KeyStore.getInstance("JKS"); InputStream ksis = new FileInputStream("server.jks"); clientKeyStore.load(ksis.close(), "serverprivatepw".toCharArray()); ksis.close(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(serverKeyStore, "serverprivatepw".toCharArray()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); SSLServerSocketFactory sf = sslContext.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket)sf.createServerSocket(SslServer.PORT); ss.setNeedClientAuth(true);
/** * Configures the given SSL server socket with the requested cipher suites, protocol versions, and need for client * authentication */ protected void initServerSocket(ServerSocket ssocket) { if (!(ssocket instanceof SSLServerSocket)) { throw new IllegalArgumentException("The ServerSocket has to be SSLServerSocket"); } SSLServerSocket socket = (SSLServerSocket) ssocket; if (attributes.get("ciphers") != null) { socket.setEnabledCipherSuites(enabledCiphers); } String requestedProtocols = (String) attributes.get("protocols"); setEnabledProtocols(socket, getEnabledProtocols(socket, requestedProtocols)); // we don't know if client auth is needed - // after parsing the request we may re-handshake if(clientAuthNeed) { socket.setNeedClientAuth(clientAuthNeed); } else { socket.setWantClientAuth(clientAuthWant); } } }
public static SSLServerSocket createSSLServerSocket(SSLOption option, SSLCustom custom) { try { SSLContext context = createSSLContext(option, custom); SSLServerSocketFactory factory = context.getServerSocketFactory(); SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(); socket.setEnabledProtocols(option.getProtocols().split(",")); String[] supported = socket.getSupportedCipherSuites(); String[] eanbled = option.getCiphers().split(","); socket.setEnabledCipherSuites(getEnabledCiphers(supported, eanbled)); socket.setNeedClientAuth(option.isAuthPeer()); return socket; } catch (UnknownHostException e) { throw new IllegalArgumentException("unkown host"); } catch (IOException e) { throw new IllegalArgumentException("unable create socket"); } }
private static TServerSocket createServer(SSLServerSocketFactory factory, int port, int timeout, boolean clientAuth, InetAddress ifAddress, TSSLTransportParameters params) throws TTransportException { try { SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(port, 100, ifAddress); serverSocket.setSoTimeout(timeout); serverSocket.setNeedClientAuth(clientAuth); if (params != null && params.cipherSuites != null) { serverSocket.setEnabledCipherSuites(params.cipherSuites); } return new TServerSocket(new TServerSocket.ServerSocketTransportArgs(). serverSocket(serverSocket).clientTimeout(timeout)); } catch (Exception e) { throw new TTransportException("Could not bind to port " + port, e); } }
private ServerSocket createTLSServerSocket(Connection conn) throws IOException, GeneralSecurityException { SSLContext sslContext = conn.getDevice().sslContext(); SSLServerSocketFactory ssf = sslContext.getServerSocketFactory(); SSLServerSocket ss = (SSLServerSocket) ssf.createServerSocket(); ss.setEnabledProtocols(conn.getTlsProtocols()); ss.setEnabledCipherSuites(conn.getTlsCipherSuites()); ss.setNeedClientAuth(conn.isTlsNeedClientAuth()); return ss; }