Exemplo n.º 1
0
  @Override
  public String[] getEnableableProtocols(SSLContext context) {
    String[] requestedProtocols = endpoint.getSslEnabledProtocolsArray();
    if ((requestedProtocols == null) || (requestedProtocols.length == 0)) {
      return defaultServerProtocols;
    }

    List<String> protocols = new ArrayList<String>(Arrays.asList(requestedProtocols));
    protocols.retainAll(Arrays.asList(context.getSupportedSSLParameters().getProtocols()));

    if (protocols.isEmpty()) {
      log.warn(
          sm.getString(
              "jsse.requested_protocols_not_supported", Arrays.asList(requestedProtocols)));
    }
    if (log.isDebugEnabled()) {
      log.debug(sm.getString("jsse.enableable_protocols", protocols));
      if (protocols.size() != requestedProtocols.length) {
        List<String> skipped = new ArrayList<String>(Arrays.asList(requestedProtocols));
        skipped.removeAll(protocols);
        log.debug(sm.getString("jsse.unsupported_protocols", skipped));
      }
    }
    return protocols.toArray(new String[protocols.size()]);
  }
Exemplo n.º 2
0
  @Override
  public String[] getEnableableCiphers(SSLContext context) {
    String requestedCiphersStr = endpoint.getCiphers();

    if (ALLOW_ALL_SUPPORTED_CIPHERS.equals(requestedCiphersStr)) {
      return context.getSupportedSSLParameters().getCipherSuites();
    }
    if ((requestedCiphersStr == null) || (requestedCiphersStr.trim().length() == 0)) {
      return defaultServerCipherSuites;
    }

    List<String> requestedCiphers = new ArrayList<String>();
    for (String rc : requestedCiphersStr.split(",")) {
      final String cipher = rc.trim();
      if (cipher.length() > 0) {
        requestedCiphers.add(cipher);
      }
    }
    if (requestedCiphers.isEmpty()) {
      return defaultServerCipherSuites;
    }
    List<String> ciphers = new ArrayList<String>(requestedCiphers);
    ciphers.retainAll(Arrays.asList(context.getSupportedSSLParameters().getCipherSuites()));

    if (ciphers.isEmpty()) {
      log.warn(sm.getString("jsse.requested_ciphers_not_supported", requestedCiphersStr));
    }
    if (log.isDebugEnabled()) {
      log.debug(sm.getString("jsse.enableable_ciphers", ciphers));
      if (ciphers.size() != requestedCiphers.size()) {
        List<String> skipped = new ArrayList<String>(requestedCiphers);
        skipped.removeAll(ciphers);
        log.debug(sm.getString("jsse.unsupported_ciphers", skipped));
      }
    }

    return ciphers.toArray(new String[ciphers.size()]);
  }
  protected void logSupportedParameters() {
    if (LOGGED.compareAndSet(false, true)) {
      try {
        final SSLContext context = SSLContext.getDefault();
        final String[] protocols = context.getSupportedSSLParameters().getProtocols();
        final SSLSocketFactory factory = context.getSocketFactory();
        final String[] cipherSuites = factory.getSupportedCipherSuites();
        LOGGER.info("Supported protocols: {}", Arrays.toString(protocols));
        LOGGER.info("Supported cipher suites: {}", Arrays.toString(cipherSuites));
      } catch (NoSuchAlgorithmException ignored) {

      }
    }
  }
  @Override
  public List<Attribute> getMonitorData() {
    ArrayList<Attribute> attrs = new ArrayList<>(13);

    attrs.add(createAttribute("javaVersion", System.getProperty("java.version")));
    attrs.add(createAttribute("javaVendor", System.getProperty("java.vendor")));
    attrs.add(createAttribute("jvmVersion", System.getProperty("java.vm.version")));
    attrs.add(createAttribute("jvmVendor", System.getProperty("java.vm.vendor")));
    attrs.add(createAttribute("javaHome", System.getProperty("java.home")));
    attrs.add(createAttribute("classPath", System.getProperty("java.class.path")));
    attrs.add(createAttribute("workingDirectory", System.getProperty("user.dir")));

    String osInfo =
        System.getProperty("os.name")
            + " "
            + System.getProperty("os.version")
            + " "
            + System.getProperty("os.arch");
    attrs.add(createAttribute("operatingSystem", osInfo));
    String sunOsArchDataModel = System.getProperty("sun.arch.data.model");
    if (sunOsArchDataModel != null) {
      String jvmArch = sunOsArchDataModel;
      if (!sunOsArchDataModel.toLowerCase().equals("unknown")) {
        jvmArch += "-bit";
      }
      attrs.add(createAttribute("jvmArchitecture", jvmArch));
    } else {
      attrs.add(createAttribute("jvmArchitecture", "unknown"));
    }

    try {
      attrs.add(createAttribute("systemName", InetAddress.getLocalHost().getCanonicalHostName()));
    } catch (Exception e) {
      logger.traceException(e);
    }

    Runtime runtime = Runtime.getRuntime();
    attrs.add(createAttribute("availableCPUs", runtime.availableProcessors()));
    attrs.add(createAttribute("maxMemory", runtime.maxMemory()));
    attrs.add(createAttribute("usedMemory", runtime.totalMemory()));
    attrs.add(createAttribute("freeUsedMemory", runtime.freeMemory()));
    String installPath = DirectoryServer.getServerRoot();
    if (installPath != null) {
      attrs.add(createAttribute("installPath", installPath));
    }
    String instancePath = DirectoryServer.getInstanceRoot();
    if (instancePath != null) {
      attrs.add(createAttribute("instancePath", instancePath));
    }

    // Get the JVM input arguments.
    RuntimeMXBean rtBean = ManagementFactory.getRuntimeMXBean();
    List<String> jvmArguments = rtBean.getInputArguments();
    if (jvmArguments != null && !jvmArguments.isEmpty()) {
      StringBuilder argList = new StringBuilder();
      for (String jvmArg : jvmArguments) {
        if (argList.length() > 0) {
          argList.append(" ");
        }

        argList.append("\"");
        argList.append(jvmArg);
        argList.append("\"");
      }

      attrs.add(createAttribute("jvmArguments", argList.toString()));
    }

    // Get the list of supported SSL protocols and ciphers.
    Collection<String> supportedTlsProtocols;
    Collection<String> supportedTlsCiphers;
    try {
      final SSLContext context = SSLContext.getDefault();
      final SSLParameters parameters = context.getSupportedSSLParameters();
      supportedTlsProtocols = Arrays.asList(parameters.getProtocols());
      supportedTlsCiphers = Arrays.asList(parameters.getCipherSuites());
    } catch (Exception e) {
      // A default SSL context should always be available.
      supportedTlsProtocols = Collections.emptyList();
      supportedTlsCiphers = Collections.emptyList();
    }

    addAttribute(attrs, ATTR_SUPPORTED_TLS_PROTOCOLS, supportedTlsProtocols);
    addAttribute(attrs, ATTR_SUPPORTED_TLS_CIPHERS, supportedTlsCiphers);

    return attrs;
  }