001: /*
002: License $Id: SSLListener.java,v 1.5 2003/09/13 04:59:56 hendriks73 Exp $
003:
004: Copyright (c) 2001-2005 tagtraum industries.
005:
006: LGPL
007: ====
008:
009: jo! is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: jo! is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023: For LGPL see <http://www.fsf.org/copyleft/lesser.txt>
024:
025:
026: Sun license
027: ===========
028:
029: This release contains software by Sun Microsystems. Therefore
030: the following conditions have to be met, too. They apply to the
031: files
032:
033: - lib/mail.jar
034: - lib/activation.jar
035: - lib/jsse.jar
036: - lib/jcert.jar
037: - lib/jaxp.jar
038: - lib/crimson.jar
039: - lib/servlet.jar
040: - lib/jnet.jar
041: - lib/jaas.jar
042: - lib/jaasmod.jar
043:
044: contained in this release.
045:
046: a. Licensee may not modify the Java Platform
047: Interface (JPI, identified as classes contained within the javax
048: package or any subpackages of the javax package), by creating additional
049: classes within the JPI or otherwise causing the addition to or modification
050: of the classes in the JPI. In the event that Licensee creates any
051: Java-related API and distribute such API to others for applet or
052: application development, you must promptly publish broadly, an accurate
053: specification for such API for free use by all developers of Java-based
054: software.
055:
056: b. Software is confidential copyrighted information of Sun and
057: title to all copies is retained by Sun and/or its licensors. Licensee
058: shall not modify, decompile, disassemble, decrypt, extract, or otherwise
059: reverse engineer Software. Software may not be leased, assigned, or
060: sublicensed, in whole or in part. Software is not designed or intended
061: for use in on-line control of aircraft, air traffic, aircraft navigation
062: or aircraft communications; or in the design, construction, operation or
063: maintenance of any nuclear facility. Licensee warrants that it will not
064: use or redistribute the Software for such purposes.
065:
066: c. Software is provided "AS IS," without a warranty
067: of any kind. ALL EXPRESS OR IMPLIED REPRESENTATIONS AND WARRANTIES,
068: INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
069: PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
070:
071: d. This License is effective until terminated. Licensee may
072: terminate this License at any time by destroying all copies of Software.
073: This License will terminate immediately without notice from Sun if Licensee
074: fails to comply with any provision of this License. Upon such termination,
075: Licensee must destroy all copies of Software.
076:
077: e. Software, including technical data, is subject to U.S.
078: export control laws, including the U.S. Export Administration Act and its
079: associated regulations, and may be subject to export or import regulations
080: in other countries. Licensee agrees to comply strictly with all such
081: regulations and acknowledges that it has the responsibility to obtain
082: licenses to export, re-export, or import Software. Software may not be
083: downloaded, or otherwise exported or re-exported (i) into, or to a national
084: or resident of, Cuba, Iraq, Iran, North Korea, Libya, Sudan, Syria or any
085: country to which the U.S. has embargoed goods; or (ii) to anyone on the
086: U.S. Treasury Department's list of Specially Designated Nations or the U.S.
087: Commerce Department's Table of Denial Orders.
088:
089:
090: Feedback
091: ========
092:
093: We encourage your feedback and suggestions and want to use your feedback to
094: improve the Software. Send all such feedback to:
095: <feedback@tagtraum.com>
096:
097: For more information on tagtraum industries and jo!
098: please see <http://www.tagtraum.com/>.
099:
100:
101: */
102: package com.tagtraum.framework.server;
103:
104: import com.sun.net.ssl.KeyManagerFactory;
105: import com.sun.net.ssl.SSLContext;
106:
107: import javax.net.ServerSocketFactory;
108: import javax.net.ssl.SSLServerSocket;
109: import java.io.IOException;
110: import java.net.ServerSocket;
111: import java.net.URL;
112: import java.security.KeyStore;
113: import java.security.Security;
114:
115: /**
116: * Prototype of a {@link I_SSLListener}.
117: *
118: * @author <a href="mailto:hs@tagtraum.com">Hendrik Schreiber</a>
119: * @version 1.1beta1 $Id: SSLListener.java,v 1.5 2003/09/13 04:59:56 hendriks73 Exp $
120: */
121: public class SSLListener extends TCPListener implements I_SSLListener {
122:
123: // make sure the ssl provider is installed.
124: static {
125: Security
126: .addProvider(new com.sun.net.ssl.internal.ssl.Provider());
127: }
128:
129: /**
130: * Source-Version.
131: */
132: public static String vcid = "$Id: SSLListener.java,v 1.5 2003/09/13 04:59:56 hendriks73 Exp $";
133:
134: /**
135: * The passphrase for the keystore
136: */
137: private char[] myPassphrase;
138:
139: /**
140: * ServerSocketFactory
141: */
142: protected ServerSocketFactory myServerSocketFactory;
143:
144: /**
145: * Protocol (TLS, ...)
146: */
147: protected String myProtocol;
148:
149: /**
150: * Indicates whether Client authentification is needed.
151: */
152: protected boolean myNeedClientAuth = false;
153:
154: /**
155: * FileLocation of the keystore.
156: */
157: protected URL myKeyStoreURL;
158:
159: /**
160: * Format of the keystore (JKS, PKCS12, ...).
161: */
162: protected String myKeyStoreFormat;
163:
164: /**
165: * Sets the keystore format.
166: */
167: public void setKeyStoreFormat(String aKeyStoreFormat) {
168: myKeyStoreFormat = aKeyStoreFormat;
169: }
170:
171: /**
172: * Returns the keystore format.
173: */
174: public String getKeyStoreFormat() {
175: return myKeyStoreFormat;
176: }
177:
178: /**
179: * Sets the keystore location.
180: */
181: public void setKeyStoreURL(URL aKeyStoreURL) {
182: myKeyStoreURL = aKeyStoreURL;
183: }
184:
185: /**
186: * Returns the keystore location.
187: */
188: public URL getKeyStoreURL() {
189: return myKeyStoreURL;
190: }
191:
192: /**
193: * Sets the protocol (TLS, ...).
194: */
195: public void setProtocol(String aProtocol) {
196: myProtocol = aProtocol;
197: }
198:
199: /**
200: * Returns the protocol (TLS, ...).
201: */
202: public String getProtocol() {
203: return myProtocol;
204: }
205:
206: /**
207: * Sets whether Client authentification is needed.
208: */
209: public void setNeedClientAuth(boolean aNeedClientAuth) {
210: myNeedClientAuth = aNeedClientAuth;
211: }
212:
213: /**
214: * Indicates whether Client authentification is needed.
215: */
216: public boolean getNeedClientAuth() {
217: return myNeedClientAuth;
218: }
219:
220: /**
221: * Sets the passphrase for the keystore.
222: */
223: public void setPassphrase(String aPhrase) {
224: myPassphrase = aPhrase.toCharArray();
225: }
226:
227: /**
228: * Returns a new ServerSocket.
229: */
230: public ServerSocket newServerSocket() throws IOException,
231: ServerException {
232: ServerSocket ss = getServerSocketFactory().createServerSocket(
233: getPort(), getBacklog(), getBindAddress());
234:
235: if (ss instanceof SSLServerSocket) {
236: ((SSLServerSocket) ss).setNeedClientAuth(myNeedClientAuth);
237: // debug
238:
239: /*
240: * System.out.println("getEnabledCipherSuites");
241: * String[] list = ((SSLServerSocket)ss).getEnabledCipherSuites();
242: * for (int i=0; i<list.length; i++) System.out.println(list[i]);
243: * System.out.println("getSupportedCipherSuites");
244: * list = ((SSLServerSocket)ss).getSupportedCipherSuites();
245: * for (int i=0; i<list.length; i++) System.out.println(list[i]);
246: * ((SSLServerSocket)ss).setEnabledCipherSuites(((SSLServerSocket)ss).getSupportedCipherSuites());
247: * System.out.println("getEnabledCipherSuites");
248: * list = ((SSLServerSocket)ss).getEnabledCipherSuites();
249: * for (int i=0; i<list.length; i++) System.out.println(list[i]);
250: */
251: }
252:
253: return ss;
254: }
255:
256: /**
257: * Sets the ServerSocketFactory.
258: */
259: public void setServerSocketFactory(
260: ServerSocketFactory aServerSocketFactory) {
261: myServerSocketFactory = aServerSocketFactory;
262: }
263:
264: /**
265: * Returns a ServerSocketFactory. If no factory was set a factory is created.
266: */
267: public ServerSocketFactory getServerSocketFactory()
268: throws ServerException, IOException {
269: if (myServerSocketFactory != null) {
270: return myServerSocketFactory;
271: }
272:
273: if (myProtocol != null) {
274: try {
275: // set up key manager to do server authentication
276: SSLContext context;
277: KeyManagerFactory kmf;
278: KeyStore keyStore;
279:
280: context = SSLContext.getInstance(myProtocol);
281: kmf = KeyManagerFactory.getInstance("SunX509");
282: keyStore = KeyStore.getInstance(myKeyStoreFormat);
283:
284: keyStore.load(myKeyStoreURL.openStream(), myPassphrase);
285: kmf.init(keyStore, myPassphrase);
286: context.init(kmf.getKeyManagers(), null, null);
287:
288: myServerSocketFactory = context
289: .getServerSocketFactory();
290:
291: return myServerSocketFactory;
292: } catch (IOException ioe) {
293: throw ioe;
294: } catch (Exception e) {
295: throw new ServerException(e);
296: }
297: } else {
298: myServerSocketFactory = ServerSocketFactory.getDefault();
299:
300: return myServerSocketFactory;
301: }
302: }
303:
304: /**
305: * Returns a string representation.
306: */
307: public String toString() {
308: return super .toString() + ", KeyStore: " + myKeyStoreURL
309: + ", Protocol: " + myProtocol;
310: }
311:
312: }
|