示例#1
0
 public void close() {
   try {
     serverSocket.close();
   } catch (Exception e) {
     throw new RuntimeException(e);
   }
 }
示例#2
0
  public static void main(String[] args) throws IOException {

    System.out.println("opening a secure socket");

    SSLServerSocketFactory secSocketFactory =
        (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
    SSLServerSocket secSocket = (SSLServerSocket) secSocketFactory.createServerSocket(portNo);

    String[] enabledCipherSuites = {"SSL_DH_anon_WITH_RC4_128_MD5"};
    secSocket.setEnabledCipherSuites(enabledCipherSuites);

    System.out.println("Listening on port no: " + portNo);
    SSLSocket socket = (SSLSocket) secSocket.accept();

    System.out.println("Got a connection from: " + socket.getInetAddress().toString());
    PrintWriter out = new PrintWriter(socket.getOutputStream(), true);
    BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));

    String line = in.readLine();
    while (line != null) {
      System.out.println(line);
      line = in.readLine();
    }

    out.close();
    in.close();
    socket.close();
    secSocket.close();
  }
示例#3
0
 static void accept(KeyStore keyStore, char[] keyPassword, KeyStore trustStore, int port)
     throws GeneralSecurityException, IOException {
   SSLContext sslContext = SSLContexts.create(keyStore, keyPassword, trustStore);
   SSLServerSocket serverSocket =
       (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(port);
   try {
     serverSocket.setNeedClientAuth(true);
     SSLSocket clientSocket = (SSLSocket) serverSocket.accept();
     javax.security.cert.X509Certificate peer =
         clientSocket.getSession().getPeerCertificateChain()[0];
     logger.info("peer: " + peer.getSubjectDN().getName());
     ServerThread.handle(clientSocket);
   } finally {
     serverSocket.close();
   }
 }
示例#4
0
    public void run() {
      try {
        store = provideKeys ? getKeyStore(keys) : null;
        KeyManager[] keyManagers = store != null ? getKeyManagers(store) : null;
        TrustManager[] trustManagers = new TrustManager[] {trustManager};

        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagers, trustManagers, null);

        SSLServerSocket serverSocket =
            (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket();

        if (clientAuth == CLIENT_AUTH_WANTED) {
          serverSocket.setWantClientAuth(true);
        } else if (clientAuth == CLIENT_AUTH_NEEDED) {
          serverSocket.setNeedClientAuth(true);
        } else {
          serverSocket.setWantClientAuth(false);
        }

        serverSocket.bind(new InetSocketAddress(port));

        SSLSocket clientSocket = (SSLSocket) serverSocket.accept();

        InputStream istream = clientSocket.getInputStream();
        byte[] buffer = new byte[1024];
        istream.read(buffer);

        OutputStream ostream = clientSocket.getOutputStream();
        ostream.write(testData.getBytes());
        ostream.flush();

        while (notFinished) {
          Thread.currentThread().sleep(500);
        }

        clientSocket.close();
        serverSocket.close();

      } catch (Exception ex) {
        exception = ex;
      }
    }
示例#5
0
  /*
   * Define the server side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doServerSide() throws Exception {
    SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
    SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort);
    serverPort = sslServerSocket.getLocalPort();

    /*
     * Signal Client, we're ready for his connect.
     */
    serverReady = true;

    SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
    try {
      InputStream sslIS = sslSocket.getInputStream();
      OutputStream sslOS = sslSocket.getOutputStream();
      BufferedReader br = new BufferedReader(new InputStreamReader(sslIS));
      PrintStream ps = new PrintStream(sslOS);

      // process HTTP POST request from client
      System.out.println("status line: " + br.readLine());
      String msg = null;
      while ((msg = br.readLine()) != null && msg.length() > 0) ;

      msg = br.readLine();
      if (msg.equals(postMsg)) {
        ps.println("HTTP/1.1 200 OK\n\n");
      } else {
        ps.println("HTTP/1.1 500 Not OK\n\n");
      }
      ps.flush();

      // close the socket
      while (!closeReady) {
        Thread.sleep(50);
      }
    } finally {
      sslSocket.close();
      sslServerSocket.close();
    }
  }
示例#6
0
 @Override
 public void close() throws IOException {
   _sslSocket.close();
 }
 public void close() throws IOException {
   s.close();
 }
  /*
   * Define the server side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doServerSide() throws Exception {
    KeyStore ks = KeyStore.getInstance("JKS");
    com.sun.net.ssl.SSLContext ctx = com.sun.net.ssl.SSLContext.getInstance("TLS");
    com.sun.net.ssl.KeyManagerFactory kmf =
        com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");

    ks.load(new FileInputStream(keyFilename), cpasswd);
    kmf.init(ks, cpasswd);

    com.sun.net.ssl.TrustManager[] tms =
        new com.sun.net.ssl.TrustManager[] {new MyComX509TrustManager()};

    ctx.init(kmf.getKeyManagers(), tms, null);

    SSLServerSocketFactory sslssf = (SSLServerSocketFactory) ctx.getServerSocketFactory();

    SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort);
    serverPort = sslServerSocket.getLocalPort();

    sslServerSocket.setNeedClientAuth(true);

    /*
     * Create using the other type.
     */
    SSLContext ctx1 = SSLContext.getInstance("TLS");
    KeyManagerFactory kmf1 = KeyManagerFactory.getInstance("SunX509");

    TrustManager[] tms1 = new TrustManager[] {new MyJavaxX509TrustManager()};

    kmf1.init(ks, cpasswd);

    ctx1.init(kmf1.getKeyManagers(), tms1, null);

    sslssf = (SSLServerSocketFactory) ctx1.getServerSocketFactory();

    SSLServerSocket sslServerSocket1 = (SSLServerSocket) sslssf.createServerSocket(serverPort1);
    serverPort1 = sslServerSocket1.getLocalPort();
    sslServerSocket1.setNeedClientAuth(true);

    /*
     * Signal Client, we're ready for his connect.
     */
    serverReady = true;

    SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
    sslServerSocket.close();
    serverReady = false;

    InputStream sslIS = sslSocket.getInputStream();
    OutputStream sslOS = sslSocket.getOutputStream();

    sslIS.read();
    sslOS.write(85);
    sslOS.flush();
    sslSocket.close();

    sslSocket = (SSLSocket) sslServerSocket1.accept();
    sslIS = sslSocket.getInputStream();
    sslOS = sslSocket.getOutputStream();

    sslIS.read();
    sslOS.write(85);
    sslOS.flush();
    sslSocket.close();

    System.out.println("Server exiting!");
    System.out.flush();
  }
  public JSSESocketFactory(AbstractEndpoint<?> endpoint) {
    this.endpoint = endpoint;

    String sslProtocol = endpoint.getSslProtocol();
    if (sslProtocol == null) {
      sslProtocol = defaultProtocol;
    }

    SSLContext context;
    try {
      context = SSLContext.getInstance(sslProtocol);
      context.init(null, null, null);
    } catch (NoSuchAlgorithmException e) {
      // This is fatal for the connector so throw an exception to prevent
      // it from starting
      throw new IllegalArgumentException(e);
    } catch (KeyManagementException e) {
      // This is fatal for the connector so throw an exception to prevent
      // it from starting
      throw new IllegalArgumentException(e);
    }

    // Supported cipher suites aren't accessible directly from the
    // SSLContext so use the SSL server socket factory
    SSLServerSocketFactory ssf = context.getServerSocketFactory();
    String supportedCiphers[] = ssf.getSupportedCipherSuites();
    boolean found = false;
    for (String cipher : supportedCiphers) {
      if ("TLS_EMPTY_RENEGOTIATION_INFO_SCSV".equals(cipher)) {
        found = true;
        break;
      }
    }
    rfc5746Supported = found;

    // There is no standard way to determine the default protocols and
    // cipher suites so create a server socket to see what the defaults are
    SSLServerSocket socket;
    try {
      socket = (SSLServerSocket) ssf.createServerSocket();
    } catch (IOException e) {
      // This is very likely to be fatal but there is a slim chance that
      // the JSSE implementation just doesn't like creating unbound
      // sockets so allow the code to proceed.
      defaultServerCipherSuites = new String[0];
      defaultServerProtocols = new String[0];
      log.warn(sm.getString("jsse.noDefaultCiphers", endpoint.getName()));
      log.warn(sm.getString("jsse.noDefaultProtocols", endpoint.getName()));
      return;
    }

    try {
      defaultServerCipherSuites = socket.getEnabledCipherSuites();
      if (defaultServerCipherSuites.length == 0) {
        log.warn(sm.getString("jsse.noDefaultCiphers", endpoint.getName()));
      }

      // Filter out all the SSL protocols (SSLv2 and SSLv3) from the defaults
      // since they are no longer considered secure
      List<String> filteredProtocols = new ArrayList<String>();
      for (String protocol : socket.getEnabledProtocols()) {
        if (protocol.toUpperCase(Locale.ENGLISH).contains("SSL")) {
          log.debug(sm.getString("jsse.excludeDefaultProtocol", protocol));
          continue;
        }
        filteredProtocols.add(protocol);
      }
      defaultServerProtocols = filteredProtocols.toArray(new String[filteredProtocols.size()]);
      if (defaultServerProtocols.length == 0) {
        log.warn(sm.getString("jsse.noDefaultProtocols", endpoint.getName()));
      }
    } finally {
      try {
        socket.close();
      } catch (IOException e) {
        log.warn(sm.getString("jsse.exceptionOnClose"), e);
      }
    }
  }