Example usage for javax.net.ssl SSLSocket getSoTimeout

List of usage examples for javax.net.ssl SSLSocket getSoTimeout

  1. HOME
  2. Java
  3. javax
  4. javax.net.ssl.*
  5. SSLSocket
  6. getSoTimeout

Introduction

In this page you can find the example usage for javax.net.ssl SSLSocket getSoTimeout.

Prototype

public synchronized int getSoTimeout() throws SocketException

Source Link

Document

Returns setting for SocketOptions#SO_TIMEOUT SO_TIMEOUT .

Usage

From source file:org.apache.tomcat.util.net.jsse.JSSE14Support.java

/**
 * JSSE in JDK 1.4 has an issue/feature that requires us to do a
 * read() to get the client-cert.  As suggested by Andreas
 * Sterbenz/*  ww  w.  j  a  v a2  s.com*/
 */
private void synchronousHandshake(SSLSocket socket) throws IOException {
    InputStream in = socket.getInputStream();
    int oldTimeout = socket.getSoTimeout();
    socket.setSoTimeout(1000);
    byte[] b = new byte[0];
    listener.reset();
    socket.startHandshake();
    int maxTries = 60; // 60 * 1000 = example 1 minute time out
    for (int i = 0; i < maxTries; i++) {
        if (logger.isTraceEnabled())
            logger.trace("Reading for try #" + i);
        try {
            int x = in.read(b);
        } catch (SSLException sslex) {
            logger.info("SSL Error getting client Certs", sslex);
            throw sslex;
        } catch (IOException e) {
            // ignore - presumably the timeout
        }
        if (listener.completed) {
            break;
        }
    }
    socket.setSoTimeout(oldTimeout);
    if (listener.completed == false) {
        throw new SocketException("SSL Cert handshake timeout");
    }
}

From source file:org.kuali.mobility.push.dao.PushDaoImpl.java

private SSLSocket openConnectionToAPNS(String host, int port, String key, String passphrase) {
    SSLSocket socket;
    try {//from   www . j  av  a2 s  .c om
        KeyStore keyStore = KeyStore.getInstance("PKCS12");

        //          keyStore.load(Thread.currentThread().getContextClassLoader().getResourceAsStream("newcert.p12"), "strange word to use".toCharArray());
        //          keyStore.load(getClass().getResourceAsStream("/newcert.p12"), "strange word to use".toCharArray());
        //          keyStore.load(this.getClass().getClassLoader().getResourceAsStream("newcert.p12"), "strange word to use".toCharArray());

        // This works when built with Eclipse, but not when built from command line. 
        // Has to do with where the build system puts /resources/*.p12 file
        //          keyStore.load(this.getClass().getClassLoader().getResourceAsStream(key), "strange word to use".toCharArray());

        // Currently only works when read from the server's FS. Won't currently read from within eclipse project. 
        // Putting it in /opt/kme/push prevents naming conflicts. 
        keyStore.load(new FileInputStream("/opt/kme/push/newcert.p12"), "strange word to use".toCharArray());

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunx509");
        keyManagerFactory.init(keyStore, "strange word to use".toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunx509");
        trustManagerFactory.init(keyStore);
        SSLContext sslCtx = SSLContext.getInstance("TLS");
        sslCtx.init(keyManagerFactory.getKeyManagers(), null, null);
        SSLSocketFactory sslSocketFactory = sslCtx.getSocketFactory();
        socket = (SSLSocket) sslSocketFactory.createSocket(host, port);
        socket.startHandshake();

        //Diagnostic output
        Enumeration e = keyStore.aliases();
        LOG.info(e.toString());
        while (e.hasMoreElements()) {
            LOG.info("Alias: " + e.nextElement().toString());
        }

        String not = (socket.isConnected()) ? "" : "NOT ";
        LOG.info("SSLSocket is " + not + "Connected");

        LOG.info("Connected to: " + socket.getInetAddress().getCanonicalHostName());
        LOG.info("Connected to: " + socket.getInetAddress().getHostAddress());

        String cs[] = socket.getEnabledCipherSuites();
        LOG.info("CipherSuites: " + Arrays.toString(cs));

        String ep[] = socket.getEnabledProtocols();
        LOG.info("Enabled Protocols: " + Arrays.toString(ep));

        LOG.info("Timeout: " + socket.getSoTimeout());
        LOG.info("Send Buffer Size: " + socket.getSendBufferSize());

        return socket;
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}

From source file:org.lockss.protocol.BlockingStreamComm.java

protected void handshake(SSLSocket s) throws SSLPeerUnverifiedException {
    long oldTimeout = -2;
    try {/*from www. ja  va  2  s.c o  m*/
        oldTimeout = s.getSoTimeout();
        if (absTimeout(paramSslHandshakeTimeout) < absTimeout(oldTimeout)) {
            s.setSoTimeout((int) paramSslHandshakeTimeout);
        }
    } catch (SocketException e) {
        log.warning("Couldn't save/set socket timeout before handshake", e);
    }
    try {
        SSLSession session = s.getSession();
        java.security.cert.Certificate[] certs = session.getPeerCertificates();
        log.debug(session.getPeerHost() + " via " + session.getProtocol() + " verified");
    } catch (SSLPeerUnverifiedException ex) {
        log.error(s.getInetAddress() + ":" + s.getPort() + " not verified");
        try {
            s.close();
        } catch (IOException ex2) {
            log.error("Socket close threw " + ex2);
        }
        throw ex;
    } finally {
        if (!s.isClosed() && absTimeout(paramSslHandshakeTimeout) < absTimeout(oldTimeout)) {
            try {
                s.setSoTimeout((int) oldTimeout);
            } catch (SocketException e) {
                log.warning("Couldn't restore socket timeout after handshake", e);
            }
        }
    }
}