| 1 | /* SslRMIServerSocketFactory.java -- |
| 2 | Copyright (C) 2006 Free Software Foundation |
| 3 | |
| 4 | This file is part of GNU Classpath. |
| 5 | |
| 6 | GNU Classpath is free software; you can redistribute it and/or modify |
| 7 | it under the terms of the GNU General Public License as published by |
| 8 | the Free Software Foundation; either version 2, or (at your option) |
| 9 | any later version. |
| 10 | |
| 11 | GNU Classpath is distributed in the hope that it will be useful, but |
| 12 | WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 14 | General Public License for more details. |
| 15 | |
| 16 | You should have received a copy of the GNU General Public License |
| 17 | along with GNU Classpath; see the file COPYING. If not, write to the |
| 18 | Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA |
| 19 | 02110-1301 USA. |
| 20 | |
| 21 | Linking this library statically or dynamically with other modules is |
| 22 | making a combined work based on this library. Thus, the terms and |
| 23 | conditions of the GNU General Public License cover the whole |
| 24 | combination. |
| 25 | |
| 26 | As a special exception, the copyright holders of this library give you |
| 27 | permission to link this library with independent modules to produce an |
| 28 | executable, regardless of the license terms of these independent |
| 29 | modules, and to copy and distribute the resulting executable under |
| 30 | terms of your choice, provided that you also meet, for each linked |
| 31 | independent module, the terms and conditions of the license of that |
| 32 | module. An independent module is a module which is not derived from |
| 33 | or based on this library. If you modify this library, you may extend |
| 34 | this exception to your version of the library, but you are not |
| 35 | obligated to do so. If you do not wish to do so, delete this |
| 36 | exception statement from your version. */ |
| 37 | |
| 38 | package javax.rmi.ssl; |
| 39 | |
| 40 | import java.io.IOException; |
| 41 | import javax.net.ssl.SSLServerSocketFactory; |
| 42 | import javax.net.ssl.SSLServerSocket; |
| 43 | import java.net.ServerSocket; |
| 44 | import java.rmi.server.RMIServerSocketFactory; |
| 45 | |
| 46 | /** |
| 47 | * SslRMIServerSocketFactory |
| 48 | * |
| 49 | * This class implements an RMIServerSocketFactory for SSL sockets. |
| 50 | * it uses the defeult SSLServerSocketFactory. |
| 51 | * |
| 52 | * @author Sven de Marothy |
| 53 | * @since 1.5 |
| 54 | */ |
| 55 | public class SslRMIServerSocketFactory implements RMIServerSocketFactory |
| 56 | { |
| 57 | private String[] enabledCipherSuites, enabledProtocols; |
| 58 | private boolean needClientAuth; |
| 59 | |
| 60 | /** |
| 61 | * The SSL ServerSocket factory. |
| 62 | */ |
| 63 | private static SSLServerSocketFactory socketFactory = |
| 64 | (SSLServerSocketFactory)SSLServerSocketFactory.getDefault(); |
| 65 | |
| 66 | /** |
| 67 | * Creates a new SslRMIServerSocketFactory with the default socket |
| 68 | * cipher suites and protocols, and without requiring client authorisation. |
| 69 | */ |
| 70 | public SslRMIServerSocketFactory() |
| 71 | { |
| 72 | enabledCipherSuites = enabledProtocols = null; |
| 73 | needClientAuth = false; |
| 74 | } |
| 75 | |
| 76 | /** |
| 77 | * Creates a new SslRMIServerSocketFactory with a given set of socket |
| 78 | * cipher suites and protocols. needClientAuth specifies if client |
| 79 | * authorization is required. |
| 80 | * |
| 81 | * @param enabledCipherSuites - the cypher suites to enable |
| 82 | * or <code>null</code> for the defauls. |
| 83 | * @param enabledCipherSuites - the protocols to enable, |
| 84 | * or <code>null</code> for the defauls. |
| 85 | * @param needClientAuth - specify client authorization requirement. |
| 86 | * @throws IllegalArgumentException if any of the ciphers or protocols |
| 87 | * specified are not available. |
| 88 | */ |
| 89 | public SslRMIServerSocketFactory(String[] enabledCipherSuites, |
| 90 | String[] enabledProtocols, |
| 91 | boolean needClientAuth) |
| 92 | { |
| 93 | this.enabledCipherSuites = enabledCipherSuites; |
| 94 | this.enabledProtocols = enabledProtocols; |
| 95 | this.needClientAuth = needClientAuth; |
| 96 | try |
| 97 | { |
| 98 | if( enabledProtocols != null || enabledCipherSuites != null ) |
| 99 | createServerSocket( 0 ); // stupid way to test the parameters |
| 100 | } |
| 101 | catch(IOException e) |
| 102 | { |
| 103 | // Can this happen? FIXME. |
| 104 | throw new IllegalArgumentException(); |
| 105 | } |
| 106 | } |
| 107 | |
| 108 | /** |
| 109 | * Creates an SSLServerSocket on a given port |
| 110 | * |
| 111 | * @throws IOException if an error occurs on socket creation. |
| 112 | */ |
| 113 | public ServerSocket createServerSocket(int port) throws IOException |
| 114 | { |
| 115 | SSLServerSocket socket = (SSLServerSocket)socketFactory. |
| 116 | createServerSocket( port ); |
| 117 | if( enabledCipherSuites != null ) |
| 118 | socket.setEnabledCipherSuites( enabledCipherSuites ); |
| 119 | if( enabledProtocols != null ) |
| 120 | socket.setEnabledProtocols( enabledProtocols ); |
| 121 | socket.setNeedClientAuth( needClientAuth ); |
| 122 | return socket; |
| 123 | } |
| 124 | |
| 125 | /** |
| 126 | * Compare two SslRMIServerSocketFactor instances |
| 127 | */ |
| 128 | public boolean equals(Object obj) |
| 129 | { |
| 130 | if( !(obj instanceof SslRMIServerSocketFactory) ) |
| 131 | return false; |
| 132 | SslRMIServerSocketFactory s = (SslRMIServerSocketFactory)obj; |
| 133 | if( needClientAuth != s.needClientAuth ) |
| 134 | return false; |
| 135 | |
| 136 | if(!cmpStrArray(enabledCipherSuites, s.enabledCipherSuites)) |
| 137 | return false; |
| 138 | |
| 139 | if(!cmpStrArray(enabledProtocols, s.enabledProtocols)) |
| 140 | return false; |
| 141 | |
| 142 | return true; |
| 143 | } |
| 144 | |
| 145 | /** |
| 146 | * Compare two string arrays. |
| 147 | */ |
| 148 | static boolean cmpStrArray(String[] a, String[] b) |
| 149 | { |
| 150 | if( ( a == null || b == null ) && a != b ) |
| 151 | return false; |
| 152 | |
| 153 | if( a != null ) |
| 154 | { |
| 155 | if( a.length != b.length ) |
| 156 | return false; |
| 157 | for( int i = 0; i < a.length; i++ ) |
| 158 | if(!a[i].equals(b[i])) |
| 159 | return false; |
| 160 | } |
| 161 | |
| 162 | return true; |
| 163 | } |
| 164 | |
| 165 | /** |
| 166 | * Returns the enabled cipher suites, or <code>null</code> |
| 167 | * if the defaults are to be used. |
| 168 | * @returns a string array of cipher suite names |
| 169 | */ |
| 170 | public String[] getEnabledCipherSuites() |
| 171 | { |
| 172 | if( enabledCipherSuites == null ) |
| 173 | return null; |
| 174 | return (String[])enabledCipherSuites.clone(); |
| 175 | } |
| 176 | |
| 177 | /** |
| 178 | * Returns the enabled protocols, or <code>null</code> if the defaults are |
| 179 | * to be used. |
| 180 | * |
| 181 | * @returns a string array of protocol names |
| 182 | */ |
| 183 | public String[] getEnabledProtocols() |
| 184 | { |
| 185 | if( enabledProtocols == null ) |
| 186 | return null; |
| 187 | return (String[])enabledProtocols.clone(); |
| 188 | } |
| 189 | |
| 190 | /** |
| 191 | * Returns whether client authorization is needed. |
| 192 | */ |
| 193 | public boolean getNeedClientAuth() |
| 194 | { |
| 195 | return needClientAuth; |
| 196 | } |
| 197 | |
| 198 | /** |
| 199 | * Returns the hash code of this object. |
| 200 | */ |
| 201 | public int hashCode() |
| 202 | { |
| 203 | int hash = 0; |
| 204 | if( enabledCipherSuites != null ) |
| 205 | for(int i = 0; i < enabledCipherSuites.length; i++ ) |
| 206 | hash = hash ^ enabledCipherSuites[i].hashCode(); |
| 207 | if( enabledProtocols != null ) |
| 208 | for(int i = 0; i < enabledProtocols.length; i++ ) |
| 209 | hash = hash ^ enabledProtocols[i].hashCode(); |
| 210 | hash = ( needClientAuth ) ? (hash^0xFFFF) : hash; |
| 211 | return hash; |
| 212 | } |
| 213 | } |