de.tu_darmstadt.sp.ssl
Class SSLeayServerSocket

java.lang.Object
  |
  +--java.net.ServerSocket
        |
        +--javax.net.ssl.SSLServerSocket
              |
              +--de.tu_darmstadt.sp.ssl.SSLeayServerSocket
Direct Known Subclasses:
RMISSLServerSocket

public class SSLeayServerSocket
extends SSLServerSocket

Class SSLServerSocket is a implementation of the SSLSocket abstract class. A SSLeayServerSocket is used to create SSLSocket objects through its accept method. These sockets are the server side SSLSockets. The server side SSL Sockets are usual SSLSockets, except they have different SSL protocol policies (i.e. they may not require client authentication).

Several SSLServerSocket methods may be employed to control the type and behavior of the server side sockets created by accept. These are:

  1. setSocketPrototype -- specify a socket prototype; sockets of the same class will be created by accept.
  2. setNeedClientAuth
  3. setUseClientMode
  4. setEnabledCipherSuites
  5. setEnableSessionCreation
These settings will be forwarded to the created server side sockets, which have similar methods.

The method setEnableAcceptHandshake controls whether the created server side sockets delivered by accept are already in the handshaking sequence or not.

The server side sockets are SSLSockets and thus need a SSLeaySessionContext for their sessions. Every SSLeayServerSocket uses a SSLeaySessionContext for the server side sockets it creates. The SSLeaySessionContext can be specified only when constructing a SSLeayServerSocket.

Author:
Andrei Popovici

Field Summary
protected  SSLeaySessionContext context
           
protected  java.lang.Class socketPrototypeClass
           
 
Constructor Summary
SSLeayServerSocket(int port, int backlog, java.net.InetAddress bindAddr, SSLeaySessionContext ctx)
          Create a TCP server socket on a port, using the default authentication context and a specified backlog of connections as well as a particular specified network interface.
SSLeayServerSocket(int port, int backlog, SSLeaySessionContext ctx)
          Create a TCP server socket on a port, using the default authentication context and a specified backlog of connections.
SSLeayServerSocket(int port, SSLeaySessionContext ctx)
          Create a TCP server socket on a port, using the default authentication context.
 
Method Summary
 java.net.Socket accept()
          Listens for a connection to be made to this socket and accepts it.
 boolean getEnabelAcceptHandshake()
           
 java.lang.String[] getEnabledCipherSuites()
           
 boolean getEnableSessionCreation()
          Returns true if new SSL sessions may be established by the server side sockets created by this socket.
 boolean getNeedClientAuth()
          Returns true if client authentication is required on newly accepted connection
 java.lang.Class getSocketPrototypeClass()
          Return the class of the prototype this server socket uses to accept connections.
 java.lang.String[] getSupportedCipherSuites()
           
 boolean getUseClientMode()
          Returns true if accepted connections will be in SSL client mode.
 void setEnableAcceptHandshake(boolean flag)
          Controls whether the last action of the accept method is the handshake initiation of the newly created server side sockets.
 void setEnabledCipherSuites(java.lang.String[] ciphers)
           
 void setEnableSessionCreation(boolean flag)
          Controls whether new SSL sessions may be established by the server side sockets created by this socket.
 void setNeedClientAuth(boolean flag)
          Controls whether the connections which are accepted must include client authentication.By default, clients do not need to provide authentication information .
protected  void setSocketPrototype(SSLeaySocket proto)
          Set the prototype of sockets the accept methods produces.
 void setUseClientMode(boolean mode)
          Controls whether accepted connections are in the (default) SSL server mode, or the SSL client mode.
 
Methods inherited from class java.net.ServerSocket
close, getInetAddress, getLocalPort, getSoTimeout, implAccept, setSocketFactory, setSoTimeout, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

context

protected SSLeaySessionContext context

socketPrototypeClass

protected java.lang.Class socketPrototypeClass
Constructor Detail

SSLeayServerSocket

public SSLeayServerSocket(int port,
                          SSLeaySessionContext ctx)
                   throws java.io.IOException
Create a TCP server socket on a port, using the default authentication context. The connection backlog defaults to fifty connections queued up before the system starts to reject new connection requests.
Parameters:
port - the port number, or 0 to use any free port.
ctx - the SSLeaySessionContext for the server side sockets created by this server socket
Throws:
java.io.IOException - if an I/O error occurs when opening the socket.
java.lang.IllegalArgumentException - ctx is null.

SSLeayServerSocket

public SSLeayServerSocket(int port,
                          int backlog,
                          SSLeaySessionContext ctx)
                   throws java.io.IOException
Create a TCP server socket on a port, using the default authentication context and a specified backlog of connections.
Parameters:
port - the specified port, or 0 to use any free port.
backlog - the maximum length of the queue.
ctx - the SSLeaySessionContext for the server side sockets created by this server socket
Throws:
java.io.IOException - if an I/O error occurs when opening the socket.
java.lang.IllegalArgumentException - ctx is null.

SSLeayServerSocket

public SSLeayServerSocket(int port,
                          int backlog,
                          java.net.InetAddress bindAddr,
                          SSLeaySessionContext ctx)
                   throws java.io.IOException
Create a TCP server socket on a port, using the default authentication context and a specified backlog of connections as well as a particular specified network interface. This constructor is used on multihomed hosts, such as those used for firewalls or as routers, to control through which interface a network service is provided.

The handshake of the accepted connections will be performed by default in server mode. Use the setUseClientMode method to change this behavior.

Parameters:
port - the local TCP port
backlog - the listen backlog
bindAddr - the local InetAddress the server will bind to
ctx - the SSLeaySessionContext for the server side sockets created by this server socket
Throws:
java.io.IOException - if an I/O error occurs when opening the socket.
java.lang.IllegalArgumentException - ctx is null.
Method Detail

accept

public java.net.Socket accept()
                       throws java.io.IOException
Listens for a connection to be made to this socket and accepts it. The method blocks until a connection is made. If accept handshake is enabled (method enableAcceptHandshake) the created socket will negotiate a SSL connection. Depending the value of useClientMode the connection will be negotiated in server mode (useClientMode=false or in client mode useClientMode=true.

The type of returned socket depends on the prototype specified in the setSocketPrototype method.

Returns:
a ssl-connected socket using a SSL connection
Throws:
java.io.IOException - if server side socket could not be created, or if the handshake (if enabled) failed
Overrides:
accept in class java.net.ServerSocket

setUseClientMode

public void setUseClientMode(boolean mode)
Controls whether accepted connections are in the (default) SSL server mode, or the SSL client mode.
Parameters:
mode - - true if newly accepted connections should use SSL client mode.
Overrides:
setUseClientMode in class SSLServerSocket

getUseClientMode

public boolean getUseClientMode()
Returns true if accepted connections will be in SSL client mode.
Returns:
true if the connection should use SSL client mode.
Overrides:
getUseClientMode in class SSLServerSocket

setNeedClientAuth

public void setNeedClientAuth(boolean flag)
Controls whether the connections which are accepted must include client authentication.By default, clients do not need to provide authentication information . This control requires the connection to be in the (default) SSL server mode.
Parameters:
flag - - true if the clients must authenticate themselves.
Overrides:
setNeedClientAuth in class SSLServerSocket

getNeedClientAuth

public boolean getNeedClientAuth()
Returns true if client authentication is required on newly accepted connection
Overrides:
getNeedClientAuth in class SSLServerSocket

getSupportedCipherSuites

public java.lang.String[] getSupportedCipherSuites()
Overrides:
getSupportedCipherSuites in class SSLServerSocket

setEnabledCipherSuites

public void setEnabledCipherSuites(java.lang.String[] ciphers)
Overrides:
setEnabledCipherSuites in class SSLServerSocket

getEnabledCipherSuites

public java.lang.String[] getEnabledCipherSuites()
Overrides:
getEnabledCipherSuites in class SSLServerSocket

setEnableSessionCreation

public void setEnableSessionCreation(boolean flag)
Controls whether new SSL sessions may be established by the server side sockets created by this socket.
Parameters:
flag - true the server side sockets are to establish new connections.

getEnableSessionCreation

public boolean getEnableSessionCreation()
Returns true if new SSL sessions may be established by the server side sockets created by this socket.
Returns:
true if the server side sockets are to establish new connections.
Overrides:
getEnableSessionCreation in class SSLServerSocket

setEnableAcceptHandshake

public void setEnableAcceptHandshake(boolean flag)
Controls whether the last action of the accept method is the handshake initiation of the newly created server side sockets.
Parameters:
flag - if true, the last action in accept is startHandshake for the new server side socket

getEnabelAcceptHandshake

public boolean getEnabelAcceptHandshake()

setSocketPrototype

protected void setSocketPrototype(SSLeaySocket proto)
Set the prototype of sockets the accept methods produces. This is actually a template method, which enables further extensions of SSLeayServerSocket to accept connections using other type of sockets than the default.

This method should be used in constructors.

Parameters:
proto - an unconnected SSLeaySocket
Throws:
java.lang.IllegalArgumentException - proto is null

getSocketPrototypeClass

public java.lang.Class getSocketPrototypeClass()
Return the class of the prototype this server socket uses to accept connections. Coresponds to the class of the prototype specified through the setSocketPrototype method.
Returns:
the class of the sockets produced by accept.