| /* |
| * Copyright (C) 2007 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.conscrypt; |
| |
| import java.io.IOException; |
| import java.net.InetAddress; |
| import java.net.Socket; |
| |
| /** |
| * BoringSSL-based implementation of server sockets. |
| * |
| * @hide |
| */ |
| @Internal |
| public class OpenSSLServerSocketImpl extends javax.net.ssl.SSLServerSocket { |
| private final SSLParametersImpl sslParameters; |
| private boolean channelIdEnabled; |
| private boolean useEngineSocket; |
| |
| protected OpenSSLServerSocketImpl(SSLParametersImpl sslParameters) throws IOException { |
| this.sslParameters = sslParameters; |
| } |
| |
| protected OpenSSLServerSocketImpl(int port, SSLParametersImpl sslParameters) |
| throws IOException { |
| super(port); |
| this.sslParameters = sslParameters; |
| } |
| |
| protected OpenSSLServerSocketImpl(int port, int backlog, SSLParametersImpl sslParameters) |
| throws IOException { |
| super(port, backlog); |
| this.sslParameters = sslParameters; |
| } |
| |
| protected OpenSSLServerSocketImpl(int port, |
| int backlog, |
| InetAddress iAddress, |
| SSLParametersImpl sslParameters) |
| throws IOException { |
| super(port, backlog, iAddress); |
| this.sslParameters = sslParameters; |
| } |
| |
| /** |
| * Configures the socket to be created for this instance. |
| */ |
| public OpenSSLServerSocketImpl setUseEngineSocket(boolean useEngineSocket) { |
| this.useEngineSocket = useEngineSocket; |
| return this; |
| } |
| |
| @Override |
| public boolean getEnableSessionCreation() { |
| return sslParameters.getEnableSessionCreation(); |
| } |
| |
| @Override |
| public void setEnableSessionCreation(boolean flag) { |
| sslParameters.setEnableSessionCreation(flag); |
| } |
| |
| /** |
| * The names of the protocols' versions that may be used on this SSL |
| * connection. |
| * @return an array of protocols names |
| */ |
| @Override |
| public String[] getSupportedProtocols() { |
| return NativeCrypto.getSupportedProtocols(); |
| } |
| |
| /** |
| * The names of the protocols' versions that in use on this SSL connection. |
| * |
| * @return an array of protocols names |
| */ |
| @Override |
| public String[] getEnabledProtocols() { |
| return sslParameters.getEnabledProtocols(); |
| } |
| |
| /** |
| * This method enables the protocols' versions listed by |
| * getSupportedProtocols(). |
| * |
| * @param protocols names of all the protocols to enable. |
| * |
| * @throws IllegalArgumentException when one or more of the names in the |
| * array are not supported, or when the array is null. |
| */ |
| @Override |
| public void setEnabledProtocols(String[] protocols) { |
| sslParameters.setEnabledProtocols(protocols); |
| } |
| |
| @Override |
| public String[] getSupportedCipherSuites() { |
| return NativeCrypto.getSupportedCipherSuites(); |
| } |
| |
| @Override |
| public String[] getEnabledCipherSuites() { |
| return sslParameters.getEnabledCipherSuites(); |
| } |
| |
| /** |
| * Enables/disables the TLS Channel ID extension for this server socket. |
| */ |
| public void setChannelIdEnabled(boolean enabled) { |
| channelIdEnabled = enabled; |
| } |
| |
| /** |
| * Checks whether the TLS Channel ID extension is enabled for this server socket. |
| */ |
| public boolean isChannelIdEnabled() { |
| return channelIdEnabled; |
| } |
| |
| /** |
| * This method enables the cipher suites listed by |
| * getSupportedCipherSuites(). |
| * |
| * @param suites the names of all the cipher suites to enable |
| * @throws IllegalArgumentException when one or more of the ciphers in array |
| * suites are not supported, or when the array is null. |
| */ |
| @Override |
| public void setEnabledCipherSuites(String[] suites) { |
| sslParameters.setEnabledCipherSuites(suites); |
| } |
| |
| @Override |
| public boolean getWantClientAuth() { |
| return sslParameters.getWantClientAuth(); |
| } |
| |
| @Override |
| public void setWantClientAuth(boolean want) { |
| sslParameters.setWantClientAuth(want); |
| } |
| |
| @Override |
| public boolean getNeedClientAuth() { |
| return sslParameters.getNeedClientAuth(); |
| } |
| |
| @Override |
| public void setNeedClientAuth(boolean need) { |
| sslParameters.setNeedClientAuth(need); |
| } |
| |
| @Override |
| public void setUseClientMode(boolean mode) { |
| sslParameters.setUseClientMode(mode); |
| } |
| |
| @Override |
| public boolean getUseClientMode() { |
| return sslParameters.getUseClientMode(); |
| } |
| |
| @Override |
| public Socket accept() throws IOException { |
| if (useEngineSocket) { |
| Socket rawSocket = new Socket(); |
| implAccept(rawSocket); |
| |
| // Enable channel ID. |
| OpenSSLEngineSocketImpl socket = |
| new OpenSSLEngineSocketImpl(rawSocket, null, -1, true, sslParameters); |
| socket.setChannelIdEnabled(channelIdEnabled); |
| socket.startHandshake(); |
| return socket; |
| } else { |
| OpenSSLSocketImpl socket = new OpenSSLSocketImpl(sslParameters); |
| socket.setChannelIdEnabled(channelIdEnabled); |
| implAccept(socket); |
| return socket; |
| } |
| } |
| } |