List of usage examples for javax.net.ssl SSLServerSocket setEnabledCipherSuites
public abstract void setEnabledCipherSuites(String suites[]);
From source file:org.apache.ftpserver.ssl.Ssl.java
/** * Create secure server socket./*from ww w . j ava2 s . com*/ */ public ServerSocket createServerSocket(String protocol, InetAddress addr, int port) throws Exception { // get server socket factory SSLContext ctx = getSSLContext(protocol); SSLServerSocketFactory ssocketFactory = ctx.getServerSocketFactory(); // create server socket SSLServerSocket serverSocket = null; if (addr == null) { serverSocket = (SSLServerSocket) ssocketFactory.createServerSocket(port, 100); } else { serverSocket = (SSLServerSocket) ssocketFactory.createServerSocket(port, 100, addr); } // initialize server socket String cipherSuites[] = serverSocket.getSupportedCipherSuites(); serverSocket.setEnabledCipherSuites(cipherSuites); serverSocket.setNeedClientAuth(m_clientAuthReqd); return serverSocket; }
From source file:org.apache.geode.internal.net.SocketCreator.java
/** * Configure the SSLServerSocket based on this SocketCreator's settings. *//*from www . jav a 2s. c o m*/ private void finishServerSocket(SSLServerSocket serverSocket) throws IOException { serverSocket.setUseClientMode(false); if (this.sslConfig.isRequireAuth()) { // serverSocket.setWantClientAuth( true ); serverSocket.setNeedClientAuth(true); } serverSocket.setEnableSessionCreation(true); // restrict protocols String[] protocols = this.sslConfig.getProtocolsAsStringArray(); if (!"any".equalsIgnoreCase(protocols[0])) { serverSocket.setEnabledProtocols(protocols); } // restrict ciphers String[] ciphers = this.sslConfig.getCiphersAsStringArray(); if (!"any".equalsIgnoreCase(ciphers[0])) { serverSocket.setEnabledCipherSuites(ciphers); } }
From source file:org.apache.hadoop.security.Krb5AndCertsSslSocketConnector.java
@Override protected ServerSocket newServerSocket(String host, int port, int backlog) throws IOException { logIfDebug("Creating new KrbServerSocket for: " + host); SSLServerSocket ss = null; if (useCerts) // Get the server socket from the SSL super impl ss = (SSLServerSocket) super.newServerSocket(host, port, backlog); else { // Create a default server socket try {// w ww .j a v a 2 s .c om ss = (SSLServerSocket) (host == null ? createFactory().createServerSocket(port, backlog) : createFactory().createServerSocket(port, backlog, InetAddress.getByName(host))); } catch (Exception e) { LOG.warn("Could not create KRB5 Listener", e); throw new IOException("Could not create KRB5 Listener: " + e.toString()); } } // Add Kerberos ciphers to this socket server if needed. if (useKrb) { ss.setNeedClientAuth(true); String[] combined; if (useCerts) { // combine the cipher suites String[] certs = ss.getEnabledCipherSuites(); combined = new String[certs.length + KRB5_CIPHER_SUITES.size()]; System.arraycopy(certs, 0, combined, 0, certs.length); System.arraycopy(KRB5_CIPHER_SUITES.toArray(new String[0]), 0, combined, certs.length, KRB5_CIPHER_SUITES.size()); } else { // Just enable Kerberos auth combined = KRB5_CIPHER_SUITES.toArray(new String[0]); } ss.setEnabledCipherSuites(combined); } return ss; }
From source file:org.apache.tomcat.util.net.jsse.JSSESocketFactory.java
/** * Configures the given SSL server socket with the requested cipher suites, * protocol versions, and need for client authentication *///from ww w . ja v a 2 s .c o m private void initServerSocket(ServerSocket ssocket) { SSLServerSocket socket = (SSLServerSocket) ssocket; if (attributes.get("ciphers") != null) { socket.setEnabledCipherSuites(enabledCiphers); } String requestedProtocols = (String) attributes.get("protocols"); setEnabledProtocols(socket, getEnabledProtocols(socket, requestedProtocols)); // we don't know if client auth is needed - // after parsing the request we may re-handshake socket.setNeedClientAuth(clientAuth); }
From source file:org.glite.security.trustmanager.tomcat.TMSSLServerSocketFactory.java
/** * Configures the given SSL server socket with the requested cipher suites, protocol versions, and need for client * authentication.// w w w .j a va 2s . c om * * @param ssocket the server socket to initialize. */ private void initServerSocket(ServerSocket ssocket) { LOGGER.debug("TMSSLServerSocketFactory.initServerSocket:"); SSLServerSocket socket = (SSLServerSocket) ssocket; if (attributes.get("ciphers") != null) { socket.setEnabledCipherSuites(enabledCiphers); } else { String[] ciphers; ArrayList<String> newCiphers; int i; // disable RC4 ciphers (Java x Globus problems) ciphers = socket.getEnabledCipherSuites(); newCiphers = new ArrayList<String>(ciphers.length); for (i = 0; i < ciphers.length; i++) { if (ciphers[i].indexOf("RC4") == -1 && ciphers[i].indexOf("ECDH") == -1) { LOGGER.debug("Enabling cipher: " + ciphers[i]); newCiphers.add(ciphers[i]); } else { LOGGER.debug("Disabling cipher: " + ciphers[i]); } } socket.setEnabledCipherSuites(newCiphers.toArray(new String[] {})); } String requestedProtocols = (String) attributes.get("protocols"); setEnabledProtocols(socket, getEnabledProtocols(socket, requestedProtocols)); // we don't know if client auth is needed - // after parsing the request we may re-handshake configureClientAuth(socket); }
From source file:org.jgentleframework.integration.remoting.rmi.customsocket.SSLSocket_RMIServerSocketFactory.java
public ServerSocket createServerSocket(int port) { try {/* ww w . j a va 2 s .c om*/ java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket returnValue = (SSLServerSocket) socketFactory.createServerSocket(port); returnValue.setEnabledCipherSuites(Ciphers); returnValue.setNeedClientAuth(false); return returnValue; } catch (Exception ignored) { if (log.isFatalEnabled()) { log.fatal("Could not create SSL Socket !! ", ignored); } } return null; }
From source file:org.jgentleframework.utils.network.sockets.SSLSocketTools.java
/** * Creates the server socket.//w w w . j a v a 2s . co m * * @param port * the port * @param cipherSuites * the cipher suites * @return the sSL server socket */ public SSLServerSocket createServerSocket(int port, SSLCipherSuites[] cipherSuites) { SSLServerSocket returnValue = null; try { java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); returnValue = (SSLServerSocket) socketFactory.createServerSocket(port); String[] CIPHERS = new String[cipherSuites.length]; for (int i = 0; i < cipherSuites.length; i++) { CIPHERS[i] = cipherSuites[i].name(); } returnValue.setEnabledCipherSuites(CIPHERS); returnValue.setEnableSessionCreation(true); return returnValue; } catch (IOException e) { if (log.isFatalEnabled()) { log.fatal("Could not create SSL server socket !!", e); } } return returnValue; }
From source file:org.jsslutils.extra.apachetomcat5.JSSLutilsJSSESocketFactory.java
/** * Configures the given SSL server socket with the requested cipher suites, * protocol versions, and need for client authentication *///from w w w. j av a 2 s.c o m private void initServerSocket(ServerSocket ssocket) { SSLServerSocket socket = (SSLServerSocket) ssocket; if (enabledCiphers != null) { socket.setEnabledCipherSuites(enabledCiphers); } String requestedProtocols = (String) attributes.get("protocols"); setEnabledProtocols(socket, getEnabledProtocols(socket, requestedProtocols)); // we don't know if client auth is needed - // after parsing the request we may re-handshake configureClientAuth(socket); }
From source file:org.openhealthtools.openatna.net.SecureSocketFactory.java
/** * Extra socket creation for servers only. */// w w w. j a v a2 s . c om public ServerSocket createServerSocket(int port) { javax.net.ssl.SSLServerSocket ss = null; try { ss = (javax.net.ssl.SSLServerSocket) getSSLContext().getServerSocketFactory().createServerSocket(port); ss.setNeedClientAuth(true); String[] strings = { "SSL_RSA_WITH_NULL_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA" }; ss.setEnabledCipherSuites(strings); } catch (IOException e) { log.error("I/O problem creating server socket.", e); } return ss; }
From source file:org.openhealthtools.openexchange.actorconfig.net.SecureSocketFactory.java
/** * Extra socket creation for servers only. *///w w w . ja va2 s .c o m public ServerSocket createServerSocket(int port) { javax.net.ssl.SSLServerSocket ss = null; try { ss = (javax.net.ssl.SSLServerSocket) getSSLContext().getServerSocketFactory().createServerSocket(port); ss.setNeedClientAuth(true); String[] strings = { //retired per CP 478 "SSL_RSA_WITH_NULL_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA" }; ss.setEnabledCipherSuites(strings); } catch (IOException e) { LOG.error("I/O problem creating server socket.", e); } return ss; }