@Override public void setNeedClientAuth(boolean need) { sock.setNeedClientAuth(need); }
public void setNeedClientAuth(final SSLContext context, final SSLSocket sslSocket, final boolean value) { if (value) sslSocket.setNeedClientAuth(value); }
default void setNeedClientAuth(SSLContext context, SSLSocket sslSocket, boolean value) { sslSocket.setNeedClientAuth(value); }
public void setNeedClientAuth(final boolean need) { delegate.setNeedClientAuth(need); }
@Override public Socket accept() throws IOException { Socket socket = super.accept(); SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(socket, socket.getInetAddress().getHostName(), socket.getPort(), true); sslSocket.setUseClientMode(false); sslSocket.setNeedClientAuth(false); ArrayList<String> secureProtocols = new ArrayList<>(); for (String p : sslSocket.getEnabledProtocols()) { if (!p.contains("SSLv3")) { secureProtocols.add(p); } } sslSocket.setEnabledProtocols(secureProtocols.toArray(new String[secureProtocols.size()])); return sslSocket; } };
/** * Connect to a remote node such as a Broker. * * @param wireFormat The WireFormat to be used. * @param socketFactory The socket factory to be used. Forcing SSLSockets * for obvious reasons. * @param remoteLocation The remote location. * @param localLocation The local location. * @param needClientAuth If set to true, the underlying socket will need * client certificate authentication. * @throws UnknownHostException If TcpTransport throws. * @throws IOException If TcpTransport throws. */ @SuppressWarnings({ "unchecked", "rawtypes" }) public SslTransport(WireFormat wireFormat, SSLSocketFactory socketFactory, URI remoteLocation, URI localLocation, boolean needClientAuth) throws IOException { super(wireFormat, socketFactory, remoteLocation, localLocation); if (this.socket != null) { ((SSLSocket)this.socket).setNeedClientAuth(needClientAuth); // Lets try to configure the SSL SNI field. Handy in case your using // a single proxy to route to different messaging apps. // On java 1.7 it seems like it can only be configured via reflection. // TODO: find out if this will work on java 1.8 HashMap props = new HashMap(); props.put("host", remoteLocation.getHost()); IntrospectionSupport.setProperties(this.socket, props); } }
public Socket createSSLSocket(String host, int port) throws IOException { this.initSSLContext(); InetAddress address = InetAddress.getByName(host); javax.net.ssl.SSLSocketFactory socketFactory = this.sslContext.getSocketFactory(); SSLSocket socket = (SSLSocket) socketFactory.createSocket(address, port); if (this.jsseSecurityDomain.getProtocols() != null){ socket.setEnabledProtocols(this.jsseSecurityDomain.getProtocols()); } if (this.jsseSecurityDomain.getCipherSuites() != null) { socket.setEnabledCipherSuites(this.jsseSecurityDomain.getCipherSuites()); } socket.setNeedClientAuth(this.jsseSecurityDomain.isClientAuth()); return socket; }
@Override public SSLSocket createSSLSocket(Socket socket) throws IOException { InetSocketAddress remoteAddress = (InetSocketAddress) socket.getRemoteSocketAddress(); String clientAuth = context.getProperty(CLIENT_AUTH).getValue(); SSLContext sslContext = sslContextService.createSSLContext(SSLContextService.ClientAuth.valueOf(clientAuth)); SSLSocketFactory socketFactory = sslContext.getSocketFactory(); SSLSocket sslSocket = (SSLSocket) (socketFactory.createSocket(socket, remoteAddress.getHostName(), socket.getPort(), true)); sslSocket.setUseClientMode(false); if (SSLContextService.ClientAuth.REQUIRED.toString().equals(clientAuth)) { this.setRequireTLS(true); sslSocket.setNeedClientAuth(true); } return sslSocket; } };
sslSocket.setUseClientMode(false); if (clientAuth == CLIENT_AUTH_REQUIRED) { sslSocket.setNeedClientAuth(true); } else if (clientAuth == CLIENT_AUTH_REQUESTED) { sslSocket.setWantClientAuth(true);
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
delegate.setNeedClientAuth(need);
delegate.setNeedClientAuth(need);
delegate.setNeedClientAuth(need);
@Override public void setNeedClientAuth(boolean need) { sock.setNeedClientAuth(need); }
public void setNeedClientAuth(boolean state) { delegate.setNeedClientAuth(state); }
protected void handShake() throws IOException { ssl.setNeedClientAuth(true); ssl.startHandshake(); } /**
@Override protected void handShake() throws IOException { ssl.setNeedClientAuth(true); synchronousHandshake(ssl); }
@Override public Socket acceptSocket(ServerSocket socket) throws IOException { Socket asock; try { asock = socket.accept(); assert asock instanceof SSLSocket; if(clientAuthNeed) { ((SSLSocket) asock).setNeedClientAuth(clientAuthNeed); } else { ((SSLSocket) asock).setWantClientAuth(clientAuthWant); } } catch (SSLException e) { throw new SocketException("SSL handshake error" + e.toString()); } return asock; }
socket.setNeedClientAuth(isNeedClientAuth); socket.setWantClientAuth(isWantClientAuth);
sslSocket.setNeedClientAuth(isNeedClientAuth); sslSocket.setWantClientAuth(isWantClientAuth);