|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
org.mozilla.jss.ssl
Class SSLServerSocket
java.lang.Object java.net.ServerSocket org.mozilla.jss.ssl.SSLServerSocket
public class SSLServerSocket
- extends java.net.ServerSocket
SSL server socket.
Field Summary | |
---|---|
static int |
DEFAULT_BACKLOG
The default size of the listen queue. |
Constructor Summary | |
---|---|
SSLServerSocket(int port)
Creates a server socket listening on the given port. |
|
SSLServerSocket(int port,
int backlog)
Creates a server socket listening on the given port. |
|
SSLServerSocket(int port,
int backlog,
java.net.InetAddress bindAddr)
Creates a server socket listening on the given port. |
|
SSLServerSocket(int port,
int backlog,
java.net.InetAddress bindAddr,
SSLCertificateApprovalCallback certApprovalCallback)
Creates a server socket listening on the given port. |
|
SSLServerSocket(int port,
int backlog,
java.net.InetAddress bindAddr,
SSLCertificateApprovalCallback certApprovalCallback,
boolean reuseAddr)
Creates a server socket listening on the given port. |
Method Summary | |
---|---|
java.net.Socket |
accept()
Accepts a connection. |
void |
bypassPKCS11(boolean enable)
Enables the bypass of PKCS11 for performance on this socket. |
static void |
clearSessionCache()
Empties the SSL client session ID cache. |
void |
close()
Closes this socket. |
static void |
configServerSessionIDCache(int maxSidEntries,
int ssl2EntryTimeout,
int ssl3EntryTimeout,
java.lang.String cacheFileDirectory)
Configures the session ID cache. |
void |
enableFDX(boolean enable)
Enable simultaneous read/write by separate read and write threads (full duplex) for this socket. |
void |
enableRollbackDetection(boolean enable)
Enable rollback detection for this socket. |
void |
enableSSL2(boolean enable)
Enables SSL v2 on this socket. |
void |
enableSSL3(boolean enable)
Enables SSL v3 on this socket. |
void |
enableStepDown(boolean enable)
This option, enableStepDown, is concerned with the generation of step-down keys which are used with export suites. |
void |
enableTLS(boolean enable)
Enables TLS on this socket. |
void |
enableV2CompatibleHello(boolean enable)
Enable sending v3 client hello in v2 format for this socket. |
protected void |
finalize()
|
java.net.InetAddress |
getInetAddress()
|
int |
getLocalPort()
|
boolean |
getReuseAddress()
|
int |
getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option. |
java.lang.String |
getSSLOptions()
|
void |
requestClientAuth(boolean b)
Enables/disables the request of client authentication. |
void |
requireClientAuth(boolean require,
boolean onRedo)
Deprecated. use requireClientAuth(int) |
void |
requireClientAuth(int mode)
Sets whether the socket requires client authentication from the remote peer. |
void |
setClientCert(X509Certificate cert)
Sets the certificate to use for client authentication. |
void |
setClientCertNickname(java.lang.String nick)
Sets the nickname of the certificate to use for client authentication. |
void |
setNeedClientAuth(boolean b)
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuth instead. |
void |
setNeedClientAuthNoExpiryCheck(boolean b)
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuthNoExpiryCheck instead. |
void |
setReuseAddress(boolean reuse)
|
void |
setServerCert(X509Certificate certnickname)
Sets the certificate to use for server authentication. |
void |
setServerCertNickname(java.lang.String nick)
Sets the certificate to use for server authentication. |
void |
setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option. |
void |
setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server for purposes of the SSL protocol. |
java.lang.String |
toString()
Returns the addresses and ports of this socket or an error message if the socket is not in a valid state. |
void |
useCache(boolean b)
Enables/disables the session cache. |
Methods inherited from class java.net.ServerSocket |
---|
bind, bind, getChannel, getLocalSocketAddress, getReceiveBufferSize, implAccept, isBound, isClosed, setPerformancePreferences, setReceiveBufferSize, setSocketFactory |
Methods inherited from class java.lang.Object |
---|
clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
DEFAULT_BACKLOG
public static final int DEFAULT_BACKLOG
- The default size of the listen queue.
- See Also:
- Constant Field Values
Constructor Detail |
---|
SSLServerSocket
public SSLServerSocket(int port) throws java.io.IOException
- Creates a server socket listening on the given port.
The listen queue will be of size DEFAULT_BACKLOG.
- Throws:
java.io.IOException
SSLServerSocket
public SSLServerSocket(int port, int backlog) throws java.io.IOException
- Creates a server socket listening on the given port.
- Parameters:
backlog
- The size of the socket's listen queue.- Throws:
java.io.IOException
SSLServerSocket
public SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr) throws java.io.IOException
- Creates a server socket listening on the given port.
- Parameters:
backlog
- The size of the socket's listen queue.bindAddr
- The local address to which to bind. If null, an unspecified local address will be bound to.- Throws:
java.io.IOException
SSLServerSocket
public SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback) throws java.io.IOException
- Creates a server socket listening on the given port.
- Parameters:
backlog
- The size of the socket's listen queue.bindAddr
- The local address to which to bind. If null, an unspecified local address will be bound to.certApprovalCallback
- Will get called to approve any certificate presented by the client.- Throws:
java.io.IOException
SSLServerSocket
public SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback, boolean reuseAddr) throws java.io.IOException
- Creates a server socket listening on the given port.
- Parameters:
backlog
- The size of the socket's listen queue.bindAddr
- The local address to which to bind. If null, an unspecified local address will be bound to.certApprovalCallback
- Will get called to approve any certificate presented by the client.reuseAddr
- Reuse the local bind port; this parameter sets the SO_REUSEADDR option on the socket before calling bind(). The default is false for backward compatibility.- Throws:
java.io.IOException
Method Detail |
---|
accept
public java.net.Socket accept() throws java.io.IOException
- Accepts a connection. This call will block until a connection is made
or the timeout is reached.
- Overrides:
accept
in classjava.net.ServerSocket
- Returns:
- java.net.Socket Local socket for client communication
- Throws:
java.io.IOException
- If an input or output exception occurredjava.net.SocketTimeoutException
- If the socket timesout trying to connectInterruptedIOException
- If an input or output is interruptedSSLSocketException
- JSS subclass of java.net.SocketException
setSoTimeout
public void setSoTimeout(int timeout)
- Sets the SO_TIMEOUT socket option.
- Overrides:
setSoTimeout
in classjava.net.ServerSocket
- Parameters:
timeout
- The timeout time in milliseconds.
getSoTimeout
public int getSoTimeout()
- Returns the current value of the SO_TIMEOUT socket option.
- Overrides:
getSoTimeout
in classjava.net.ServerSocket
- Returns:
- The timeout time in milliseconds.
setReuseAddress
public void setReuseAddress(boolean reuse) throws java.net.SocketException
- Overrides:
setReuseAddress
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
getReuseAddress
public boolean getReuseAddress() throws java.net.SocketException
- Overrides:
getReuseAddress
in classjava.net.ServerSocket
- Throws:
java.net.SocketException
clearSessionCache
public static void clearSessionCache()
- Empties the SSL client session ID cache.
finalize
protected void finalize() throws java.lang.Throwable
- Overrides:
finalize
in classjava.lang.Object
- Throws:
java.lang.Throwable
getLocalPort
public int getLocalPort()
- Overrides:
getLocalPort
in classjava.net.ServerSocket
- Returns:
- The local port.
close
public void close() throws java.io.IOException
- Closes this socket.
- Overrides:
close
in classjava.net.ServerSocket
- Throws:
java.io.IOException
configServerSessionIDCache
public static void configServerSessionIDCache(int maxSidEntries, int ssl2EntryTimeout, int ssl3EntryTimeout, java.lang.String cacheFileDirectory) throws java.net.SocketException
- Configures the session ID cache.
- Parameters:
maxSidEntries
- The maximum number of entries in the cache. If 0 is passed, the default of 10,000 is used.ssl2EntryTimeout
- The lifetime in seconds of an SSL2 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.ssl3EntryTimeout
- The lifetime in seconds of an SSL3 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.cacheFileDirectory
- The pathname of the directory that will contain the session cache. If null is passed, the server default is used:/tmp
on Unix and\\temp
on Windows.- Throws:
java.net.SocketException
setServerCertNickname
public void setServerCertNickname(java.lang.String nick) throws java.net.SocketException
- Sets the certificate to use for server authentication.
- Throws:
java.net.SocketException
setServerCert
public void setServerCert(X509Certificate certnickname) throws java.net.SocketException
- Sets the certificate to use for server authentication.
- Throws:
java.net.SocketException
requestClientAuth
public void requestClientAuth(boolean b) throws java.net.SocketException
- Enables/disables the request of client authentication. This is only
meaningful for the server end of the SSL connection. During the next
handshake, the remote peer will be asked to authenticate itself.
- Throws:
java.net.SocketException
- See Also:
requireClientAuth(boolean, boolean)
setNeedClientAuth
public void setNeedClientAuth(boolean b) throws java.net.SocketException
- Deprecated. As of JSS 3.0. This method is misnamed. Use
requestClientAuth
instead.- Throws:
java.net.SocketException
setNeedClientAuthNoExpiryCheck
public void setNeedClientAuthNoExpiryCheck(boolean b) throws java.net.SocketException
- Deprecated. As of JSS 3.0. This method is misnamed. Use
requestClientAuthNoExpiryCheck
instead.- Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.
In addition, the client certificate's expiration will not prevent it from being accepted.
- Throws:
java.net.SocketException
- See Also:
public void requestClientAuthNoExpiryCheck(boolean b) throws SocketException { base.requestClientAuthNoExpiryCheck(b); } /**
- Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.
enableSSL2
public void enableSSL2(boolean enable) throws java.net.SocketException
- Enables SSL v2 on this socket. It is enabled by default, unless the
default has been changed with
SSLSocket.enableSSL2Default
.- Throws:
java.net.SocketException
enableSSL3
public void enableSSL3(boolean enable) throws java.net.SocketException
- Enables SSL v3 on this socket. It is enabled by default, unless the
default has been changed with
SSLSocket.enableSSL3Default
.- Throws:
java.net.SocketException
enableTLS
public void enableTLS(boolean enable) throws java.net.SocketException
- Enables TLS on this socket. It is enabled by default, unless the
default has been changed with
SSLSocket.enableTLSDefault
.- Throws:
java.net.SocketException
bypassPKCS11
public void bypassPKCS11(boolean enable) throws java.net.SocketException
- Enables the bypass of PKCS11 for performance on this socket.
It is disabled by default, unless the default has been changed
with
SSLSocket.bypassPKCS11Default
.- Throws:
java.net.SocketException
enableRollbackDetection
public void enableRollbackDetection(boolean enable) throws java.net.SocketException
- Enable rollback detection for this socket.
It is enabled by default, unless the default has been changed
with
SSLSocket.enableRollbackDetectionDefault
.- Throws:
java.net.SocketException
enableStepDown
public void enableStepDown(boolean enable) throws java.net.SocketException
- This option, enableStepDown, is concerned with the generation
of step-down keys which are used with export suites.
If the server cert's public key is 512 bits or less,
this option is ignored because step-down keys don't
need to be generated.
If the server cert's public key is more than 512 bits,
this option has the following effect:
enable=true: generate step-down keys
enable=false: don't generate step-down keys; disable
export cipher suites
This option is enabled by default; unless the default has
been changed with
SSLSocket.enableStepDownDefault
.- Throws:
java.net.SocketException
enableFDX
public void enableFDX(boolean enable) throws java.net.SocketException
- Enable simultaneous read/write by separate read and write threads
(full duplex) for this socket.
It is disabled by default, unless the default has been changed
with
SSLSocket.enableFDXDefault
.- Throws:
java.net.SocketException
enableV2CompatibleHello
public void enableV2CompatibleHello(boolean enable) throws java.net.SocketException
- Enable sending v3 client hello in v2 format for this socket.
It is enabled by default, unless the default has been changed
with
SSLSocket.enableV2CompatibleHelloDefault
.- Throws:
java.net.SocketException
getSSLOptions
public java.lang.String getSSLOptions()
- Returns:
- a String listing the current SSLOptions for this socket.
getInetAddress
public java.net.InetAddress getInetAddress()
- Overrides:
getInetAddress
in classjava.net.ServerSocket
- Returns:
- the local address of this server socket.
requireClientAuth
public void requireClientAuth(boolean require, boolean onRedo) throws java.net.SocketException
- Deprecated. use requireClientAuth(int)
- Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.
- Throws:
java.net.SocketException
- Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.
requireClientAuth
public void requireClientAuth(int mode) throws java.net.SocketException
- Sets whether the socket requires client authentication from the remote
peer. If requestClientAuth() has not already been called, this
method will tell the socket to request client auth as well as requiring
it.
- Parameters:
mode
- One of: SSLSocket.SSL_REQUIRE_NEVER, SSLSocket.SSL_REQUIRE_ALWAYS, SSLSocket.SSL_REQUIRE_FIRST_HANDSHAKE, SSLSocket.SSL_REQUIRE_NO_ERROR- Throws:
java.net.SocketException
setClientCertNickname
public void setClientCertNickname(java.lang.String nick) throws java.net.SocketException
- Sets the nickname of the certificate to use for client authentication.
- Throws:
java.net.SocketException
setClientCert
public void setClientCert(X509Certificate cert) throws java.net.SocketException
- Sets the certificate to use for client authentication.
- Throws:
java.net.SocketException
setUseClientMode
public void setUseClientMode(boolean b)
- Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol. By default, it is the server.
- Parameters:
b
- true if this end of the socket is the SSL slient, false if it is the SSL server.
useCache
public void useCache(boolean b) throws java.net.SocketException
- Enables/disables the session cache. By default, the session cache
is enabled.
- Throws:
java.net.SocketException
toString
public java.lang.String toString()
- Returns the addresses and ports of this socket
or an error message if the socket is not in a valid state.
- Overrides:
toString
in classjava.net.ServerSocket
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |