1 /* SslRMIServerSocketFactory.java -- 2 Copyright (C) 2006 Free Software Foundation 3 4 This file is part of GNU Classpath. 5 6 GNU Classpath is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2, or (at your option) 9 any later version. 10 11 GNU Classpath is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GNU Classpath; see the file COPYING. If not, write to the 18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 02110-1301 USA. 20 21 Linking this library statically or dynamically with other modules is 22 making a combined work based on this library. Thus, the terms and 23 conditions of the GNU General Public License cover the whole 24 combination. 25 26 As a special exception, the copyright holders of this library give you 27 permission to link this library with independent modules to produce an 28 executable, regardless of the license terms of these independent 29 modules, and to copy and distribute the resulting executable under 30 terms of your choice, provided that you also meet, for each linked 31 independent module, the terms and conditions of the license of that 32 module. An independent module is a module which is not derived from 33 or based on this library. If you modify this library, you may extend 34 this exception to your version of the library, but you are not 35 obligated to do so. If you do not wish to do so, delete this 36 exception statement from your version. */ 37 38 package javax.rmi.ssl; 39 40 import java.io.IOException; 41 import javax.net.ssl.SSLServerSocketFactory; 42 import javax.net.ssl.SSLServerSocket; 43 import java.net.ServerSocket; 44 import java.rmi.server.RMIServerSocketFactory; 45 46 /** 47 * SslRMIServerSocketFactory 48 * 49 * This class implements an RMIServerSocketFactory for SSL sockets. 50 * it uses the defeult SSLServerSocketFactory. 51 * 52 * @author Sven de Marothy 53 * @since 1.5 54 */ 55 public class SslRMIServerSocketFactory implements RMIServerSocketFactory 56 { 57 private String[] enabledCipherSuites, enabledProtocols; 58 private boolean needClientAuth; 59 60 /** 61 * The SSL ServerSocket factory. 62 */ 63 private static SSLServerSocketFactory socketFactory = 64 (SSLServerSocketFactory)SSLServerSocketFactory.getDefault(); 65 66 /** 67 * Creates a new SslRMIServerSocketFactory with the default socket 68 * cipher suites and protocols, and without requiring client authorisation. 69 */ SslRMIServerSocketFactory()70 public SslRMIServerSocketFactory() 71 { 72 enabledCipherSuites = enabledProtocols = null; 73 needClientAuth = false; 74 } 75 76 /** 77 * Creates a new SslRMIServerSocketFactory with a given set of socket 78 * cipher suites and protocols. needClientAuth specifies if client 79 * authorization is required. 80 * 81 * @param enabledCipherSuites - the cypher suites to enable 82 * or <code>null</code> for the defauls. 83 * @param enabledCipherSuites - the protocols to enable, 84 * or <code>null</code> for the defauls. 85 * @param needClientAuth - specify client authorization requirement. 86 * @throws IllegalArgumentException if any of the ciphers or protocols 87 * specified are not available. 88 */ SslRMIServerSocketFactory(String[] enabledCipherSuites, String[] enabledProtocols, boolean needClientAuth)89 public SslRMIServerSocketFactory(String[] enabledCipherSuites, 90 String[] enabledProtocols, 91 boolean needClientAuth) 92 { 93 this.enabledCipherSuites = enabledCipherSuites; 94 this.enabledProtocols = enabledProtocols; 95 this.needClientAuth = needClientAuth; 96 try 97 { 98 if( enabledProtocols != null || enabledCipherSuites != null ) 99 createServerSocket( 0 ); // stupid way to test the parameters 100 } 101 catch(IOException e) 102 { 103 // Can this happen? FIXME. 104 throw new IllegalArgumentException(); 105 } 106 } 107 108 /** 109 * Creates an SSLServerSocket on a given port 110 * 111 * @throws IOException if an error occurs on socket creation. 112 */ createServerSocket(int port)113 public ServerSocket createServerSocket(int port) throws IOException 114 { 115 SSLServerSocket socket = (SSLServerSocket)socketFactory. 116 createServerSocket( port ); 117 if( enabledCipherSuites != null ) 118 socket.setEnabledCipherSuites( enabledCipherSuites ); 119 if( enabledProtocols != null ) 120 socket.setEnabledProtocols( enabledProtocols ); 121 socket.setNeedClientAuth( needClientAuth ); 122 return socket; 123 } 124 125 /** 126 * Compare two SslRMIServerSocketFactor instances 127 */ equals(Object obj)128 public boolean equals(Object obj) 129 { 130 if( !(obj instanceof SslRMIServerSocketFactory) ) 131 return false; 132 SslRMIServerSocketFactory s = (SslRMIServerSocketFactory)obj; 133 if( needClientAuth != s.needClientAuth ) 134 return false; 135 136 if(!cmpStrArray(enabledCipherSuites, s.enabledCipherSuites)) 137 return false; 138 139 if(!cmpStrArray(enabledProtocols, s.enabledProtocols)) 140 return false; 141 142 return true; 143 } 144 145 /** 146 * Compare two string arrays. 147 */ cmpStrArray(String[] a, String[] b)148 static boolean cmpStrArray(String[] a, String[] b) 149 { 150 if( ( a == null || b == null ) && a != b ) 151 return false; 152 153 if( a != null ) 154 { 155 if( a.length != b.length ) 156 return false; 157 for( int i = 0; i < a.length; i++ ) 158 if(!a[i].equals(b[i])) 159 return false; 160 } 161 162 return true; 163 } 164 165 /** 166 * Returns the enabled cipher suites, or <code>null</code> 167 * if the defaults are to be used. 168 * @returns a string array of cipher suite names 169 */ getEnabledCipherSuites()170 public String[] getEnabledCipherSuites() 171 { 172 if( enabledCipherSuites == null ) 173 return null; 174 return (String[])enabledCipherSuites.clone(); 175 } 176 177 /** 178 * Returns the enabled protocols, or <code>null</code> if the defaults are 179 * to be used. 180 * 181 * @returns a string array of protocol names 182 */ getEnabledProtocols()183 public String[] getEnabledProtocols() 184 { 185 if( enabledProtocols == null ) 186 return null; 187 return (String[])enabledProtocols.clone(); 188 } 189 190 /** 191 * Returns whether client authorization is needed. 192 */ getNeedClientAuth()193 public boolean getNeedClientAuth() 194 { 195 return needClientAuth; 196 } 197 198 /** 199 * Returns the hash code of this object. 200 */ hashCode()201 public int hashCode() 202 { 203 int hash = 0; 204 if( enabledCipherSuites != null ) 205 for(int i = 0; i < enabledCipherSuites.length; i++ ) 206 hash = hash ^ enabledCipherSuites[i].hashCode(); 207 if( enabledProtocols != null ) 208 for(int i = 0; i < enabledProtocols.length; i++ ) 209 hash = hash ^ enabledProtocols[i].hashCode(); 210 hash = ( needClientAuth ) ? (hash^0xFFFF) : hash; 211 return hash; 212 } 213 } 214