001 /* SslRMIServerSocketFactory.java --
002 Copyright (C) 2006 Free Software Foundation
003
004 This file is part of GNU Classpath.
005
006 GNU Classpath is free software; you can redistribute it and/or modify
007 it under the terms of the GNU General Public License as published by
008 the Free Software Foundation; either version 2, or (at your option)
009 any later version.
010
011 GNU Classpath is distributed in the hope that it will be useful, but
012 WITHOUT ANY WARRANTY; without even the implied warranty of
013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014 General Public License for more details.
015
016 You should have received a copy of the GNU General Public License
017 along with GNU Classpath; see the file COPYING. If not, write to the
018 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019 02110-1301 USA.
020
021 Linking this library statically or dynamically with other modules is
022 making a combined work based on this library. Thus, the terms and
023 conditions of the GNU General Public License cover the whole
024 combination.
025
026 As a special exception, the copyright holders of this library give you
027 permission to link this library with independent modules to produce an
028 executable, regardless of the license terms of these independent
029 modules, and to copy and distribute the resulting executable under
030 terms of your choice, provided that you also meet, for each linked
031 independent module, the terms and conditions of the license of that
032 module. An independent module is a module which is not derived from
033 or based on this library. If you modify this library, you may extend
034 this exception to your version of the library, but you are not
035 obligated to do so. If you do not wish to do so, delete this
036 exception statement from your version. */
037
038 package javax.rmi.ssl;
039
040 import java.io.IOException;
041 import javax.net.ssl.SSLServerSocketFactory;
042 import javax.net.ssl.SSLServerSocket;
043 import java.net.ServerSocket;
044 import java.rmi.server.RMIServerSocketFactory;
045
046 /**
047 * SslRMIServerSocketFactory
048 *
049 * This class implements an RMIServerSocketFactory for SSL sockets.
050 * it uses the defeult SSLServerSocketFactory.
051 *
052 * @author Sven de Marothy
053 * @since 1.5
054 */
055 public class SslRMIServerSocketFactory implements RMIServerSocketFactory
056 {
057 private String[] enabledCipherSuites, enabledProtocols;
058 private boolean needClientAuth;
059
060 /**
061 * The SSL ServerSocket factory.
062 */
063 private static SSLServerSocketFactory socketFactory =
064 (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
065
066 /**
067 * Creates a new SslRMIServerSocketFactory with the default socket
068 * cipher suites and protocols, and without requiring client authorisation.
069 */
070 public SslRMIServerSocketFactory()
071 {
072 enabledCipherSuites = enabledProtocols = null;
073 needClientAuth = false;
074 }
075
076 /**
077 * Creates a new SslRMIServerSocketFactory with a given set of socket
078 * cipher suites and protocols. needClientAuth specifies if client
079 * authorization is required.
080 *
081 * @param enabledCipherSuites - the cypher suites to enable
082 * or <code>null</code> for the defauls.
083 * @param enabledCipherSuites - the protocols to enable,
084 * or <code>null</code> for the defauls.
085 * @param needClientAuth - specify client authorization requirement.
086 * @throws IllegalArgumentException if any of the ciphers or protocols
087 * specified are not available.
088 */
089 public SslRMIServerSocketFactory(String[] enabledCipherSuites,
090 String[] enabledProtocols,
091 boolean needClientAuth)
092 {
093 this.enabledCipherSuites = enabledCipherSuites;
094 this.enabledProtocols = enabledProtocols;
095 this.needClientAuth = needClientAuth;
096 try
097 {
098 if( enabledProtocols != null || enabledCipherSuites != null )
099 createServerSocket( 0 ); // stupid way to test the parameters
100 }
101 catch(IOException e)
102 {
103 // Can this happen? FIXME.
104 throw new IllegalArgumentException();
105 }
106 }
107
108 /**
109 * Creates an SSLServerSocket on a given port
110 *
111 * @throws IOException if an error occurs on socket creation.
112 */
113 public ServerSocket createServerSocket(int port) throws IOException
114 {
115 SSLServerSocket socket = (SSLServerSocket)socketFactory.
116 createServerSocket( port );
117 if( enabledCipherSuites != null )
118 socket.setEnabledCipherSuites( enabledCipherSuites );
119 if( enabledProtocols != null )
120 socket.setEnabledProtocols( enabledProtocols );
121 socket.setNeedClientAuth( needClientAuth );
122 return socket;
123 }
124
125 /**
126 * Compare two SslRMIServerSocketFactor instances
127 */
128 public boolean equals(Object obj)
129 {
130 if( !(obj instanceof SslRMIServerSocketFactory) )
131 return false;
132 SslRMIServerSocketFactory s = (SslRMIServerSocketFactory)obj;
133 if( needClientAuth != s.needClientAuth )
134 return false;
135
136 if(!cmpStrArray(enabledCipherSuites, s.enabledCipherSuites))
137 return false;
138
139 if(!cmpStrArray(enabledProtocols, s.enabledProtocols))
140 return false;
141
142 return true;
143 }
144
145 /**
146 * Compare two string arrays.
147 */
148 static boolean cmpStrArray(String[] a, String[] b)
149 {
150 if( ( a == null || b == null ) && a != b )
151 return false;
152
153 if( a != null )
154 {
155 if( a.length != b.length )
156 return false;
157 for( int i = 0; i < a.length; i++ )
158 if(!a[i].equals(b[i]))
159 return false;
160 }
161
162 return true;
163 }
164
165 /**
166 * Returns the enabled cipher suites, or <code>null</code>
167 * if the defaults are to be used.
168 * @returns a string array of cipher suite names
169 */
170 public String[] getEnabledCipherSuites()
171 {
172 if( enabledCipherSuites == null )
173 return null;
174 return (String[])enabledCipherSuites.clone();
175 }
176
177 /**
178 * Returns the enabled protocols, or <code>null</code> if the defaults are
179 * to be used.
180 *
181 * @returns a string array of protocol names
182 */
183 public String[] getEnabledProtocols()
184 {
185 if( enabledProtocols == null )
186 return null;
187 return (String[])enabledProtocols.clone();
188 }
189
190 /**
191 * Returns whether client authorization is needed.
192 */
193 public boolean getNeedClientAuth()
194 {
195 return needClientAuth;
196 }
197
198 /**
199 * Returns the hash code of this object.
200 */
201 public int hashCode()
202 {
203 int hash = 0;
204 if( enabledCipherSuites != null )
205 for(int i = 0; i < enabledCipherSuites.length; i++ )
206 hash = hash ^ enabledCipherSuites[i].hashCode();
207 if( enabledProtocols != null )
208 for(int i = 0; i < enabledProtocols.length; i++ )
209 hash = hash ^ enabledProtocols[i].hashCode();
210 hash = ( needClientAuth ) ? (hash^0xFFFF) : hash;
211 return hash;
212 }
213 }