@Override public void setWantClientAuth(boolean b) { engine.setWantClientAuth(b); }
@Override public void setWantClientAuth(boolean b) { delegate.setWantClientAuth(b); }
@Override public void setWantClientAuth(boolean b) { engine.setWantClientAuth(b); }
@Override public void setWantClientAuth(final boolean b) { delegate.setWantClientAuth(b); }
public void setWantClientAuth(final SSLContext context, final SSLEngine sslEngine, final boolean value) { if (value) sslEngine.setWantClientAuth(value); }
default void setWantClientAuth(SSLContext context, SSLEngine sslEngine, boolean value) { sslEngine.setWantClientAuth(value); }
public void setWantClientAuth(final boolean want) { delegate.setWantClientAuth(want); }
@Override public void setWantClientAuth(boolean b) { engine.setWantClientAuth(b); }
public void setWantClientAuth(final boolean want) { currentRef.get().setWantClientAuth(want); }
public void setWantClientAuth(final boolean want) { currentRef.get().setWantClientAuth(want); }
public void setWantClientAuth(final boolean want) { currentRef.get().setWantClientAuth(want); }
private SSLEngine createSslEngine(SSLContext sslContext, String peerHost, int peerPort) { SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort); if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites); if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols); // SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation // only in client mode. Hence, validation is enabled only for clients. if (mode == Mode.SERVER) { sslEngine.setUseClientMode(false); if (needClientAuth) sslEngine.setNeedClientAuth(needClientAuth); else sslEngine.setWantClientAuth(wantClientAuth); } else { sslEngine.setUseClientMode(true); SSLParameters sslParams = sslEngine.getSSLParameters(); sslParams.setEndpointIdentificationAlgorithm(endpointIdentification); sslEngine.setSSLParameters(sslParams); } return sslEngine; }
/** * Creates a new SSL Engine that is configured to use server mode when handshaking. * * For Openfire, an engine is of this mode used for most purposes (as Openfire is a server by nature). * * @return A new, initialized SSLEngine instance (never null). */ public SSLEngine createServerModeSSLEngine() throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException { final SSLEngine sslEngine = createSSLEngine( ); sslEngine.setUseClientMode( false ); switch ( configuration.getClientAuth() ) { case needed: sslEngine.setNeedClientAuth( true ); break; case wanted: sslEngine.setWantClientAuth( true ); break; case disabled: sslEngine.setWantClientAuth( false ); break; } return sslEngine; }
switch (getClientAuth()) { case REQUEST: { engine.setWantClientAuth(true); break;
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** {@inheritDoc} */ @Override public <T> T setOption(final Option<T> option, final T value) throws IllegalArgumentException, IOException { if (option == Options.SSL_CLIENT_AUTH_MODE) { try { return option.cast(engine.getNeedClientAuth() ? SslClientAuthMode.REQUIRED : engine.getWantClientAuth() ? SslClientAuthMode.REQUESTED : SslClientAuthMode.NOT_REQUESTED); } finally { engine.setNeedClientAuth(value == SslClientAuthMode.REQUIRED); engine.setWantClientAuth(value == SslClientAuthMode.REQUESTED); } } else if (option == Options.SECURE) { throw new IllegalArgumentException(); } else { return delegate.setOption(option, value); } }
@SuppressWarnings("deprecation") private SSLEngine configureAndWrapEngine(SSLEngine engine, ByteBufAllocator alloc) { engine.setEnabledCipherSuites(cipherSuites); engine.setEnabledProtocols(protocols); engine.setUseClientMode(isClient()); if (isServer()) { switch (clientAuth) { case OPTIONAL: engine.setWantClientAuth(true); break; case REQUIRE: engine.setNeedClientAuth(true); break; case NONE: break; // exhaustive cases default: throw new Error("Unknown auth " + clientAuth); } } JdkApplicationProtocolNegotiator.SslEngineWrapperFactory factory = apn.wrapperFactory(); if (factory instanceof JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory) { return ((JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory) factory) .wrapSslEngine(engine, alloc, apn, isServer()); } return factory.wrapSslEngine(engine, apn, isServer()); }
/** {@inheritDoc} */ @Override public <T> T setOption(final Option<T> option, final T value) throws IllegalArgumentException, IOException { if (option == Options.SSL_CLIENT_AUTH_MODE) { final SSLEngine engine = sslConduitEngine.getEngine(); try { return option.cast(engine.getNeedClientAuth() ? SslClientAuthMode.REQUIRED : engine.getWantClientAuth() ? SslClientAuthMode.REQUESTED : SslClientAuthMode.NOT_REQUESTED); } finally { engine.setNeedClientAuth(value == SslClientAuthMode.REQUIRED); engine.setWantClientAuth(value == SslClientAuthMode.REQUESTED); } } else if (option == Options.SECURE) { throw new IllegalArgumentException(); } else { return connection.setOption(option, value); } }
/** {@inheritDoc} */ @Override public <T> T setOption(final Option<T> option, final T value) throws IllegalArgumentException, IOException { if (option == Options.SSL_CLIENT_AUTH_MODE) { final SSLEngine engine = conduit.getEngine(); try { return option.cast(engine.getNeedClientAuth() ? SslClientAuthMode.REQUIRED : engine.getWantClientAuth() ? SslClientAuthMode.REQUESTED : SslClientAuthMode.NOT_REQUESTED); } finally { engine.setNeedClientAuth(value == SslClientAuthMode.REQUIRED); engine.setWantClientAuth(value == SslClientAuthMode.REQUESTED); } } else if (option == Options.SECURE) { throw new IllegalArgumentException(); } else { return streamConnection.setOption(option, value); } }
@SuppressWarnings("deprecation") private SSLEngine configureAndWrapEngine(SSLEngine engine, ByteBufAllocator alloc) { engine.setEnabledCipherSuites(cipherSuites); engine.setEnabledProtocols(protocols); engine.setUseClientMode(isClient()); if (isServer()) { switch (clientAuth) { case OPTIONAL: engine.setWantClientAuth(true); break; case REQUIRE: engine.setNeedClientAuth(true); break; case NONE: break; // exhaustive cases default: throw new Error("Unknown auth " + clientAuth); } } JdkApplicationProtocolNegotiator.SslEngineWrapperFactory factory = apn.wrapperFactory(); if (factory instanceof JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory) { return ((JdkApplicationProtocolNegotiator.AllocatorAwareSslEngineWrapperFactory) factory) .wrapSslEngine(engine, alloc, apn, isServer()); } return factory.wrapSslEngine(engine, apn, isServer()); }