Java Code Examples for javax.net.ssl.SSLSocket#setUseClientMode()
The following examples show how to use
javax.net.ssl.SSLSocket#setUseClientMode() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SslRMIServerSocketFactory.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 2
| Source File: SslRMIServerSocketFactory.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 3
| Source File: ConnectorBootstrap.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
Example 4
| Source File: ConnectorBootstrap.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
Example 5
| Source File: SslRMIServerSocketFactory.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 6
| Source File: SslRMIServerSocketFactory.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 7
| Source File: SslRMIServerSocketFactory.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 8
| Source File: ConnectorBootstrap.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
Example 9
| Source File: SslRMIServerSocketFactorySecure.java From hbase with Apache License 2.0 | 6 votes |
|
@Override
public ServerSocket createServerSocket(int port) throws IOException {
return new ServerSocket(port) {
@Override
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket =
(SSLSocket) sslSocketFactory.createSocket(socket,
socket.getInetAddress().getHostName(), socket.getPort(), true);
sslSocket.setUseClientMode(false);
sslSocket.setNeedClientAuth(false);
ArrayList<String> secureProtocols = new ArrayList<>();
for (String p : sslSocket.getEnabledProtocols()) {
if (!p.contains("SSLv3")) {
secureProtocols.add(p);
}
}
sslSocket.setEnabledProtocols(secureProtocols.toArray(new String[secureProtocols.size()]));
return sslSocket;
}
};
}
Example 10
| Source File: SslRMIServerSocketFactory.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 11
| Source File: ConnectorBootstrap.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
Example 12
| Source File: SslRMIServerSocketFactory.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* <p>Creates a server socket that accepts SSL connections
* configured according to this factory's SSL socket configuration
* parameters.</p>
*/
public ServerSocket createServerSocket(int port) throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
return new ServerSocket(port) {
public Socket accept() throws IOException {
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
};
}
Example 13
| Source File: PostgresServerConnection.java From sql-layer with GNU Affero General Public License v3.0 | 6 votes |
|
protected void processSSLMessage() throws IOException {
OutputStream raw = messenger.getOutputStream();
if (System.getProperty("javax.net.ssl.keyStore") == null) {
// JSSE doesn't have a keystore; TLSv1 handshake is gonna fail. Deny support.
raw.write('N');
raw.flush();
}
else {
// Someone seems to have configured for SSL. Wrap the
// socket and start server mode negotiation. Client should
// then use SSL socket to start regular server protocol.
raw.write('S');
raw.flush();
SSLSocketFactory sslFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)sslFactory.createSocket(socket, socket.getLocalAddress().toString(), socket.getLocalPort(), true);
socket = sslSocket;
createMessenger();
sslSocket.setUseClientMode(false);
sslSocket.startHandshake();
}
}
Example 14
| Source File: ConnectorBootstrap.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
@Override
public Socket accept() throws IOException {
final SSLSocketFactory sslSocketFactory =
context == null ?
getDefaultSSLSocketFactory() : context.getSocketFactory();
Socket socket = super.accept();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(
socket, socket.getInetAddress().getHostName(),
socket.getPort(), true);
sslSocket.setUseClientMode(false);
if (enabledCipherSuites != null) {
sslSocket.setEnabledCipherSuites(enabledCipherSuites);
}
if (enabledProtocols != null) {
sslSocket.setEnabledProtocols(enabledProtocols);
}
sslSocket.setNeedClientAuth(needClientAuth);
return sslSocket;
}
Example 15
| Source File: PrivateTlsConfiguration.java From mireka with Apache License 2.0 | 5 votes |
|
@Override
public SSLSocket createSSLSocket(Socket socket) throws IOException {
if (!enabled)
throw new IllegalStateException();
InetSocketAddress remoteAddress =
(InetSocketAddress) socket.getRemoteSocketAddress();
SSLSocket sslSocket =
(SSLSocket) socketFactory.createSocket(socket,
remoteAddress.getHostName(), socket.getPort(), true);
sslSocket.setUseClientMode(false);
return sslSocket;
}
Example 16
| Source File: SMTPServer.java From subethasmtp with Apache License 2.0 | 5 votes |
|
/**
* Create a SSL socket that wraps the existing socket. This method
* is called after the client issued the STARTTLS command.
* <p>
* Subclasses may override this method to configure the key stores, enabled protocols/
* cipher suites, enforce client authentication, etc.
*
* @param socket the existing socket as created by {@link #createServerSocket()} (not null)
* @return a SSLSocket
* @throws IOException when creating the socket failed
*/
public SSLSocket createSSLSocket(Socket socket) throws IOException
{
SSLSocketFactory sf = ((SSLSocketFactory) SSLSocketFactory.getDefault());
InetSocketAddress remoteAddress = (InetSocketAddress) socket.getRemoteSocketAddress();
SSLSocket s = (SSLSocket) (sf.createSocket(socket, remoteAddress.getHostName(), socket.getPort(), true));
// we are a server
s.setUseClientMode(false);
// allow all supported cipher suites
s.setEnabledCipherSuites(s.getSupportedCipherSuites());
return s;
}
Example 17
| Source File: PassiveConnection.java From drftpd with GNU General Public License v2.0 | 4 votes |
|
public Socket connect(String[] cipherSuites, String[] sslProtocols, int bufferSize) throws IOException {
// bufferSize has already been set on the ServerSocket
// just need to accept this param to comply with the Connection class
if (_serverSocket == null) {
// can happen if abort() is called before connect()
throw new SocketException(
"abort() was called before connect()");
}
Socket sock = null;
try {
sock = _serverSocket.accept();
} finally {
if (_serverSocket != null) {
_serverSocket.close();
}
_serverSocket = null;
}
if (sock == null) {
// can happen if abort() is called while serverSocket.accept() is
// waiting
throw new SocketException(
"abort() was called while waiting for accept()");
}
setSockOpts(sock);
if (sock instanceof SSLSocket) {
SSLSocket sslsock = (SSLSocket) sock;
if (cipherSuites != null && cipherSuites.length != 0) {
sslsock.setEnabledCipherSuites(cipherSuites);
}
if (sslProtocols != null && sslProtocols.length != 0) {
sslsock.setEnabledProtocols(sslProtocols);
}
sslsock.setUseClientMode(_useSSLClientMode);
sslsock.startHandshake();
}
return sock;
}
Example 18
| Source File: AbstractConnectProtocol.java From mariadb-connector-j with GNU Lesser General Public License v2.1 | 4 votes |
|
private void sslWrapper(
final String host,
final Socket socket,
final Options options,
final long serverCapabilities,
long clientCapabilities,
final byte exchangeCharset,
long serverThreadId)
throws SQLException, IOException {
if (Boolean.TRUE.equals(options.useSsl)) {
if ((serverCapabilities & MariaDbServerCapabilities.SSL) == 0) {
exceptionFactory.create(
"Trying to connect with ssl, but ssl not enabled in the server", "08000");
}
clientCapabilities |= MariaDbServerCapabilities.SSL;
SendSslConnectionRequestPacket.send(writer, clientCapabilities, exchangeCharset);
TlsSocketPlugin socketPlugin = TlsSocketPluginLoader.get(options.tlsSocketType);
SSLSocketFactory sslSocketFactory = socketPlugin.getSocketFactory(options);
SSLSocket sslSocket = socketPlugin.createSocket(socket, sslSocketFactory);
enabledSslProtocolSuites(sslSocket, options);
enabledSslCipherSuites(sslSocket, options);
sslSocket.setUseClientMode(true);
sslSocket.startHandshake();
// perform hostname verification
// (rfc2818 indicate that if "client has external information as to the expected identity of
// the server, the hostname check MAY be omitted")
if (!options.disableSslHostnameVerification && !options.trustServerCertificate) {
SSLSession session = sslSocket.getSession();
try {
socketPlugin.verify(host, session, options, serverThreadId);
} catch (SSLException ex) {
throw exceptionFactory.create(
"SSL hostname verification failed : "
+ ex.getMessage()
+ "\nThis verification can be disabled using the option \"disableSslHostnameVerification\" "
+ "but won't prevent man-in-the-middle attacks anymore",
"08006");
}
}
assignStream(sslSocket, options);
}
}
Example 19
| Source File: FTPSClient.java From Aria with Apache License 2.0 | 4 votes |
|
/**
* SSL/TLS negotiation. Acquires an SSL socket of a control
* connection and carries out handshake processing.
*
* @throws IOException If server negotiation fails
*/
protected void sslNegotiation() throws IOException {
plainSocket = _socket_;
initSslContext();
SSLSocketFactory ssf = context.getSocketFactory();
String host = (_hostname_ != null) ? _hostname_ : getRemoteAddress().getHostAddress();
int port = _socket_.getPort();
SSLSocket socket = (SSLSocket) ssf.createSocket(_socket_, host, port, false);
socket.setEnableSessionCreation(isCreation);
socket.setUseClientMode(isClientMode);
// client mode
if (isClientMode) {
if (tlsEndpointChecking) {
SSLSocketUtils.enableEndpointNameVerification(socket);
}
} else { // server mode
socket.setNeedClientAuth(isNeedClientAuth);
socket.setWantClientAuth(isWantClientAuth);
}
if (protocols != null) {
socket.setEnabledProtocols(protocols);
}
if (suites != null) {
socket.setEnabledCipherSuites(suites);
}
socket.startHandshake();
// TODO the following setup appears to duplicate that in the super class methods
_socket_ = socket;
_controlInput_ =
new BufferedReader(new InputStreamReader(socket.getInputStream(), getControlEncoding()));
_controlOutput_ =
new BufferedWriter(new OutputStreamWriter(socket.getOutputStream(), getControlEncoding()));
if (isClientMode) {
if (hostnameVerifier != null && !hostnameVerifier.verify(host, socket.getSession())) {
throw new SSLHandshakeException("Hostname doesn't match certificate");
}
}
}
Example 20
| Source File: TcpClientChannel.java From ignite with Apache License 2.0 | 3 votes |
|
/** Create SSL socket. */
SSLSocket create() throws IOException {
InetSocketAddress addr = cfg.getAddress();
SSLSocket sock = (SSLSocket)getSslSocketFactory(cfg).createSocket(addr.getHostName(), addr.getPort());
sock.setUseClientMode(true);
sock.startHandshake();
return sock;
}
