JSS 3.1.1

org.mozilla.jss.ssl
Class SSLServerSocket

java.lang.Object
  |
  +--java.net.ServerSocket
        |
        +--org.mozilla.jss.ssl.SSLServerSocket

public class SSLServerSocket
extends java.net.ServerSocket

SSL server socket.


Field Summary
private static java.net.InetAddress anyLocalAddr
           
private  SocketBase base
           
static int DEFAULT_BACKLOG
          The default size of the listen queue.
private  boolean handshakeAsClient
           
private  SocketProxy sockProxy
           
private static java.lang.String UNIX_TEMP_DIR
           
private static java.lang.String WINDOWS_TEMP_DIR
           
 
Fields inherited from class java.net.ServerSocket
factory, impl
 
Constructor Summary
SSLServerSocket(int port)
          Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog)
          Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr)
          Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback)
          Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, java.net.InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback, boolean reuseAddr)
          Creates a server socket listening on the given port.
 
Method Summary
(package private) static void ()
           
 java.net.Socket accept()
          Accepts a connection.
static void clearSessionCache()
          Empties the SSL client session ID cache.
 void close()
          Closes this socket.
static void configServerSessionIDCache(int maxSidEntries, int ssl2EntryTimeout, int ssl3EntryTimeout, java.lang.String cacheFileDirectory)
          Configures the session ID cache.
 void enableSSL2(boolean enable)
          Enables SSL v2 on this socket.
 void enableSSL3(boolean enable)
          Enables SSL v3 on this socket.
protected  void finalize()
           
 java.net.InetAddress getInetAddress()
           
protected  boolean getReuseAddress()
           
 int getSoTimeout()
          Returns the current value of the SO_TIMEOUT socket option.
 void requestClientAuth(boolean b)
          Enables/disables the request of client authentication.
 void requireClientAuth(boolean require, boolean onRedo)
          Sets whether the socket requires client authentication from the remote peer.
 void setClientCertNickname(java.lang.String nick)
          Sets the nickname of the certificate to use for client authentication.
 void setNeedClientAuth(boolean b)
          Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuth instead.
 void setNeedClientAuthNoExpiryCheck(boolean b)
          Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuthNoExpiryCheck instead.
protected  void setReuseAddress(boolean reuse)
           
 void setServerCertNickname(java.lang.String nickname)
          Sets the certificate to use for server authentication.
 void setSoTimeout(int timeout)
          Sets the SO_TIMEOUT socket option.
 void setUseClientMode(boolean b)
          Determines whether this end of the socket is the client or the server for purposes of the SSL protocol.
private  byte[] socketAccept(SSLSocket s, int timeout, boolean handshakeAsClient)
           
private  void socketListen(int backlog)
           
 void useCache(boolean b)
          Enables/disables the session cache.
 
Methods inherited from class java.net.ServerSocket
getLocalPort, implAccept, setSocketFactory, toString
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, registerNatives, wait, wait, wait
 

Field Detail

DEFAULT_BACKLOG

public static final int DEFAULT_BACKLOG
The default size of the listen queue.

sockProxy

private SocketProxy sockProxy

handshakeAsClient

private boolean handshakeAsClient

base

private SocketBase base

anyLocalAddr

private static java.net.InetAddress anyLocalAddr

UNIX_TEMP_DIR

private static final java.lang.String UNIX_TEMP_DIR

WINDOWS_TEMP_DIR

private static final java.lang.String WINDOWS_TEMP_DIR
Constructor Detail

SSLServerSocket

public SSLServerSocket(int port)
                throws java.io.IOException
Creates a server socket listening on the given port. The listen queue will be of size DEFAULT_BACKLOG.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog)
                throws java.io.IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       java.net.InetAddress bindAddr)
                throws java.io.IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       java.net.InetAddress bindAddr,
                       SSLCertificateApprovalCallback certApprovalCallback)
                throws java.io.IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.
certApprovalCallback - Will get called to approve any certificate presented by the client.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       java.net.InetAddress bindAddr,
                       SSLCertificateApprovalCallback certApprovalCallback,
                       boolean reuseAddr)
                throws java.io.IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.
certApprovalCallback - Will get called to approve any certificate presented by the client.
reuseAddr - Reuse the local bind port; this parameter sets the SO_REUSEADDR option on the socket before calling bind(). The default is false for backward compatibility.
Method Detail

socketListen

private void socketListen(int backlog)
                   throws java.net.SocketException

static void ()

accept

public java.net.Socket accept()
                       throws java.io.IOException
Accepts a connection. This call will block until a connection is made or the timeout is reached.
Overrides:
accept in class java.net.ServerSocket

setSoTimeout

public void setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option.
Overrides:
setSoTimeout in class java.net.ServerSocket

getSoTimeout

public int getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option.
Overrides:
getSoTimeout in class java.net.ServerSocket

setReuseAddress

protected void setReuseAddress(boolean reuse)
                        throws java.net.SocketException

getReuseAddress

protected boolean getReuseAddress()
                           throws java.net.SocketException

socketAccept

private byte[] socketAccept(SSLSocket s,
                            int timeout,
                            boolean handshakeAsClient)
                     throws java.net.SocketException

clearSessionCache

public static void clearSessionCache()
Empties the SSL client session ID cache.

finalize

protected void finalize()
                 throws java.lang.Throwable
Overrides:
finalize in class java.lang.Object

close

public void close()
           throws java.io.IOException
Closes this socket.
Overrides:
close in class java.net.ServerSocket

configServerSessionIDCache

public static void configServerSessionIDCache(int maxSidEntries,
                                              int ssl2EntryTimeout,
                                              int ssl3EntryTimeout,
                                              java.lang.String cacheFileDirectory)
Configures the session ID cache.
Parameters:
maxSidEntries - The maximum number of entries in the cache. If 0 is passed, the default of 10,000 is used.
ssl2EntryTimeout - The lifetime in seconds of an SSL2 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.
ssl3EntryTimeout - The lifetime in seconds of an SSL3 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.
cacheFileDirectory - The pathname of the directory that will contain the session cache. If null is passed, the server default is used: /tmp on Unix and \\temp on Windows.

setServerCertNickname

public void setServerCertNickname(java.lang.String nickname)
                           throws java.net.SocketException
Sets the certificate to use for server authentication.

requestClientAuth

public void requestClientAuth(boolean b)
                       throws java.net.SocketException
Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.
See Also:
requireClientAuth(boolean, boolean)

setNeedClientAuth

public void setNeedClientAuth(boolean b)
                       throws java.net.SocketException
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuth instead.


setNeedClientAuthNoExpiryCheck

public void setNeedClientAuthNoExpiryCheck(boolean b)
                                    throws java.net.SocketException
Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuthNoExpiryCheck instead.

Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.

In addition, the client certificate's expiration will not prevent it from being accepted.

See Also:
public void requestClientAuthNoExpiryCheck(boolean b) throws SocketException { base.requestClientAuthNoExpiryCheck(b); } /**

enableSSL2

public void enableSSL2(boolean enable)
                throws java.net.SocketException
Enables SSL v2 on this socket. It is enabled by default, unless the default has been changed with SSLSocket.enableSSL2Default.

enableSSL3

public void enableSSL3(boolean enable)
                throws java.net.SocketException
Enables SSL v3 on this socket. It is enabled by default, unless the default has been changed with SSLSocket.enableSSL3Default.

getInetAddress

public java.net.InetAddress getInetAddress()
Overrides:
getInetAddress in class java.net.ServerSocket
Returns:
The remote peer's IP address.

requireClientAuth

public void requireClientAuth(boolean require,
                              boolean onRedo)
                       throws java.net.SocketException
Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.

setClientCertNickname

public void setClientCertNickname(java.lang.String nick)
                           throws java.net.SocketException
Sets the nickname of the certificate to use for client authentication.

setUseClientMode

public void setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server for purposes of the SSL protocol. By default, it is the server.
Parameters:
b - true if this end of the socket is the SSL slient, false if it is the SSL server.

useCache

public void useCache(boolean b)
              throws java.net.SocketException
Enables/disables the session cache. By default, the session cache is enabled.

JSS 3.1.1