keyManagerFactory = buildKeyManagerFactory(keyCertChain, key, keyPassword, keyManagerFactory); SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL) : SSLContext.getInstance(PROTOCOL, sslContextProvider); ctx.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null); SSLSessionContext sessCtx = ctx.getClientSessionContext(); if (sessionCacheSize > 0) { sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE)); sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE)); throw (SSLException) e; throw new SSLException("failed to initialize the client-side SSL context", e);
public int getSessionTimeout() { return delegate.getSessionTimeout(); }
public int getSessionCacheSize() { return delegate.getSessionCacheSize(); } }
SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL) : SSLContext.getInstance(PROTOCOL, sslContextProvider); ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null); SSLSessionContext sessCtx = ctx.getServerSessionContext(); if (sessionCacheSize > 0) { sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE)); sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE)); throw (SSLException) e; throw new SSLException("failed to initialize the server-side SSL context", e);
/** * Invalidates all SSL/TLS sessions in {@code sessionContext} associated with {@code remoteAddress}. * * @param sessionContext collection of SSL/TLS sessions to be (potentially) invalidated * @param remoteAddress associated with sessions to invalidate */ private void clearSessionCache(final SSLSessionContext sessionContext, final InetSocketAddress remoteAddress) { final String hostName = remoteAddress.getHostName(); final int port = remoteAddress.getPort(); final Enumeration<byte[]> ids = sessionContext.getIds(); if (ids == null) { return; } while (ids.hasMoreElements()) { final byte[] id = ids.nextElement(); final SSLSession session = sessionContext.getSession(id); if (session != null && session.getPeerHost() != null && session.getPeerHost().equalsIgnoreCase(hostName) && session.getPeerPort() == port) { session.invalidate(); if (LOG.isDebugEnabled()) { LOG.debug("Invalidated session " + session); } } } }
throw new SSLException("NPN/ALPN unsupported: " + nextProtocols); ctx = SSLContext.getInstance(PROTOCOL); if (trustManagerFactory == null) { ctx.init(null, null, null); } else { trustManagerFactory.init((KeyStore) null); ctx.init(null, trustManagerFactory.getTrustManagers(), null); trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(ks); SSLSessionContext sessCtx = ctx.getClientSessionContext(); if (sessionCacheSize > 0) { sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE)); sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE)); throw new SSLException("failed to initialize the server-side SSL context", e);
throw new SSLException("NPN/ALPN unsupported: " + nextProtocols); KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ks, keyPasswordChars); ctx = SSLContext.getInstance(PROTOCOL); ctx.init(kmf.getKeyManagers(), null, null); SSLSessionContext sessCtx = ctx.getServerSessionContext(); if (sessionCacheSize > 0) { sessCtx.setSessionCacheSize((int) Math.min(sessionCacheSize, Integer.MAX_VALUE)); sessCtx.setSessionTimeout((int) Math.min(sessionTimeout, Integer.MAX_VALUE)); throw new SSLException("failed to initialize the server-side SSL context", e);
if (protocol == null) { return SSLContext.getDefault(); } else if (provider == null) { sslContext = SSLContext.getInstance(protocol); } else { sslContext = SSLContext.getInstance(protocol, provider); sslContext.init(keyManagers, trustManagers, secureRandom); sslContext.getClientSessionContext().setSessionCacheSize(optionMap.get(Options.SSL_CLIENT_SESSION_CACHE_SIZE, 0)); sslContext.getClientSessionContext().setSessionTimeout(optionMap.get(Options.SSL_CLIENT_SESSION_TIMEOUT, 0)); sslContext.getServerSessionContext().setSessionCacheSize(optionMap.get(Options.SSL_SERVER_SESSION_CACHE_SIZE, 0)); sslContext.getServerSessionContext().setSessionTimeout(optionMap.get(Options.SSL_SERVER_SESSION_TIMEOUT, 0)); return sslContext;
context = _sslProvider == null ? SSLContext.getInstance(_sslProtocol) : SSLContext.getInstance(_sslProtocol, _sslProvider); context.init(null, trust_managers, secureRandom); serverContext.setSessionCacheSize(getSslSessionCacheSize()); if (getSslSessionTimeout() > -1) serverContext.setSessionTimeout(getSslSessionTimeout());
public static SSLContext getSSLContext(TLSParameterBase parameters) throws GeneralSecurityException { // TODO do we need to cache the context String provider = parameters.getJsseProvider(); String protocol = parameters.getSecureSocketProtocol() != null ? parameters .getSecureSocketProtocol() : "TLS"; SSLContext ctx = provider == null ? SSLContext.getInstance(protocol) : SSLContext .getInstance(protocol, provider); KeyManager[] keyManagers = parameters.getKeyManagers(); if (keyManagers == null && parameters instanceof TLSClientParameters) { keyManagers = org.apache.cxf.configuration.jsse.SSLUtils.getDefaultKeyStoreManagers(LOG); } KeyManager[] configuredKeyManagers = configureKeyManagersWithCertAlias(parameters, keyManagers); TrustManager[] trustManagers = parameters.getTrustManagers(); if (trustManagers == null && parameters instanceof TLSClientParameters) { trustManagers = org.apache.cxf.configuration.jsse.SSLUtils.getDefaultTrustStoreManagers(LOG); } ctx.init(configuredKeyManagers, trustManagers, parameters.getSecureRandom()); if (parameters instanceof TLSClientParameters && ctx.getClientSessionContext() != null) { ctx.getClientSessionContext().setSessionTimeout(((TLSClientParameters)parameters).getSslCacheTimeout()); } return ctx; }
SSLSessionContext sessionContext = clientMode ? sslContext.getClientSessionContext() : sslContext.getServerSessionContext(); if (sessionContext != null) { if (sessionCacheSize >= 0) sessionContext.setSessionCacheSize(sessionCacheSize); if (sessionTimeout >= 0) sessionContext.setSessionTimeout(sessionTimeout); sslContext.init(x509KeyManager == null ? null : new KeyManager[]{ x509KeyManager }, new TrustManager[]{
try { SSLContext ctx = SSLContext.getDefault(); ctx.getClientSessionContext().setSessionTimeout(5); // in seconds SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket("host.com", 443); socket.setSoTimeout(5000); // in millis socket.startHandshake(); } catch (IOException ex) { sslAvailable = false; }
public SSLContext getSSLContext(AsyncHttpClientConfig config) throws GeneralSecurityException { SSLContext sslContext = config.getSSLContext(); if (sslContext == null) { sslContext = config.isAcceptAnyCertificate() ? looseTrustManagerSSLContext : SSLContext.getDefault(); if (config.getSslSessionCacheSize() != null) sslContext.getClientSessionContext().setSessionCacheSize(config.getSslSessionCacheSize()); if (config.getSslSessionTimeout() != null) sslContext.getClientSessionContext().setSessionTimeout(config.getSslSessionTimeout()); } return sslContext; } }
SSLContext sslContext = SSLContext.getDefault(); sslContext.getServerSessionContext().setSessionCacheSize(1000); SSLServerSocket ss = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(<port>);
@Override protected void performRuntime(ModelNode result, ModelNode operation, SSLContext sslContext) throws OperationFailedException { SSLSessionContext sessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext(); int sum = 0; for (byte[] b : Collections.list(sessionContext.getIds())) { int i = 1; sum += i; } result.set(sum); }
@Override protected void performRuntime(ModelNode result, ModelNode operation, SSLContext sslContext) throws OperationFailedException { SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext(); SSLSession sslSession = sslSessionContext.getSession(sessionId(operation)); if (sslSession != null) { performRuntime(result, operation, sslSession); } }
/** * Configures the given SSLSessionContext. * * @param sslSessionCtxt The SSLSessionContext to configure */ private void configureSSLSessionContext(SSLSessionContext sslSessionCtxt) { String attrValue = (String) attributes.get("sslSessionTimeout"); if (attrValue != null) { sslSessionCtxt.setSessionTimeout( Integer.parseInt(attrValue)); } attrValue = (String) attributes.get("ssl3SessionTimeout"); if (attrValue != null) { sslSessionCtxt.setSessionTimeout( Integer.parseInt(attrValue)); } attrValue = (String) attributes.get("sslSessionCacheSize"); if (attrValue != null) { sslSessionCtxt.setSessionCacheSize( Integer.parseInt(attrValue)); } }
public void setSessionTimeout(final int seconds) throws IllegalArgumentException { delegate.setSessionTimeout(seconds); }
public void setSessionCacheSize(final int size) throws IllegalArgumentException { delegate.setSessionCacheSize(size); }
public Enumeration<byte[]> getIds() { return delegate.getIds(); }