org.mozilla.jss.ssl

Class SSLServerSocket


public class SSLServerSocket
extends java.net.ServerSocket

SSL server socket.

Field Summary

static int
DEFAULT_BACKLOG
The default size of the listen queue.

Constructor Summary

SSLServerSocket(int port)
Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog)
Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, InetAddress bindAddr)
Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback)
Creates a server socket listening on the given port.
SSLServerSocket(int port, int backlog, InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback, boolean reuseAddr)
Creates a server socket listening on the given port.

Method Summary

Socket
accept()
Accepts a connection.
static void
clearSessionCache()
Empties the SSL client session ID cache.
void
close()
Closes this socket.
static void
configServerSessionIDCache(int maxSidEntries, int ssl2EntryTimeout, int ssl3EntryTimeout, String cacheFileDirectory)
Configures the session ID cache.
void
enableSSL2(boolean enable)
Enables SSL v2 on this socket.
void
enableSSL3(boolean enable)
Enables SSL v3 on this socket.
protected void
finalize()
InetAddress
getInetAddress()
int
getLocalPort()
boolean
getReuseAddress()
int
getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option.
void
requestClientAuth(boolean b)
Enables/disables the request of client authentication.
void
requireClientAuth(boolean require, boolean onRedo)
Sets whether the socket requires client authentication from the remote peer.
void
setClientCert(X509Certificate cert)
Sets the certificate to use for client authentication.
void
setClientCertNickname(String nick)
Sets the nickname of the certificate to use for client authentication.
void
setNeedClientAuth(boolean b)
Deprecated. As of JSS 3.0.
void
setNeedClientAuthNoExpiryCheck(boolean b)
Deprecated. As of JSS 3.0.
void
setReuseAddress(boolean reuse)
void
setServerCert(X509Certificate certnickname)
Sets the certificate to use for server authentication.
void
setServerCertNickname(String nick)
Sets the certificate to use for server authentication.
void
setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option.
void
setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server for purposes of the SSL protocol.
String
toString()
Returns the addresses and ports of this socket.
void
useCache(boolean b)
Enables/disables the session cache.

Field Details

DEFAULT_BACKLOG

public static final int DEFAULT_BACKLOG
The default size of the listen queue.
Field Value:
50

Constructor Details

SSLServerSocket

public SSLServerSocket(int port)
            throws IOException
Creates a server socket listening on the given port. The listen queue will be of size DEFAULT_BACKLOG.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog)
            throws IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       InetAddress bindAddr)
            throws IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       InetAddress bindAddr,
                       SSLCertificateApprovalCallback certApprovalCallback)
            throws IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.
certApprovalCallback - Will get called to approve any certificate presented by the client.

SSLServerSocket

public SSLServerSocket(int port,
                       int backlog,
                       InetAddress bindAddr,
                       SSLCertificateApprovalCallback certApprovalCallback,
                       boolean reuseAddr)
            throws IOException
Creates a server socket listening on the given port.
Parameters:
backlog - The size of the socket's listen queue.
bindAddr - The local address to which to bind. If null, an unspecified local address will be bound to.
certApprovalCallback - Will get called to approve any certificate presented by the client.
reuseAddr - Reuse the local bind port; this parameter sets the SO_REUSEADDR option on the socket before calling bind(). The default is false for backward compatibility.

Method Details

accept

public Socket accept()
            throws IOException
Accepts a connection. This call will block until a connection is made or the timeout is reached.

clearSessionCache

public static void clearSessionCache()
Empties the SSL client session ID cache.

close

public void close()
            throws IOException
Closes this socket.

configServerSessionIDCache

public static void configServerSessionIDCache(int maxSidEntries,
                                              int ssl2EntryTimeout,
                                              int ssl3EntryTimeout,
                                              String cacheFileDirectory)
            throws SocketException
Configures the session ID cache.
Parameters:
maxSidEntries - The maximum number of entries in the cache. If 0 is passed, the default of 10,000 is used.
ssl2EntryTimeout - The lifetime in seconds of an SSL2 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.
ssl3EntryTimeout - The lifetime in seconds of an SSL3 session. The minimum timeout value is 5 seconds and the maximum is 24 hours. Values outside this range are replaced by the server default value of 100 seconds.
cacheFileDirectory - The pathname of the directory that will contain the session cache. If null is passed, the server default is used: /tmp on Unix and \\temp on Windows.

enableSSL2

public void enableSSL2(boolean enable)
            throws SocketException
Enables SSL v2 on this socket. It is enabled by default, unless the default has been changed with SSLSocket.enableSSL2Default.

enableSSL3

public void enableSSL3(boolean enable)
            throws SocketException
Enables SSL v3 on this socket. It is enabled by default, unless the default has been changed with SSLSocket.enableSSL3Default.

finalize

protected void finalize()
            throws Throwable

getInetAddress

public InetAddress getInetAddress()
Returns:
the local address of this server socket.

getLocalPort

public int getLocalPort()
Returns:
The local port.

getReuseAddress

public boolean getReuseAddress()
            throws SocketException

getSoTimeout

public int getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option.
Returns:
The timeout time in milliseconds.

requestClientAuth

public void requestClientAuth(boolean b)
            throws SocketException
Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.

requireClientAuth

public void requireClientAuth(boolean require,
                              boolean onRedo)
            throws SocketException
Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.

setClientCert

public void setClientCert(X509Certificate cert)
            throws SocketException
Sets the certificate to use for client authentication.

setClientCertNickname

public void setClientCertNickname(String nick)
            throws SocketException
Sets the nickname of the certificate to use for client authentication.

setNeedClientAuth

public void setNeedClientAuth(boolean b)
            throws SocketException

Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuth instead.


setNeedClientAuthNoExpiryCheck

public void setNeedClientAuthNoExpiryCheck(boolean b)
            throws SocketException

Deprecated. As of JSS 3.0. This method is misnamed. Use requestClientAuthNoExpiryCheck instead.

Enables/disables the request of client authentication. This is only meaningful for the server end of the SSL connection. During the next handshake, the remote peer will be asked to authenticate itself.

In addition, the client certificate's expiration will not prevent it from being accepted.

See Also:
org.mozilla.jss.ssl.SSLServerSocket.requireClientAuth public void requestClientAuthNoExpiryCheck(boolean b) throws SocketException { base.requestClientAuthNoExpiryCheck(b); } /**

setReuseAddress

public void setReuseAddress(boolean reuse)
            throws SocketException

setServerCert

public void setServerCert(X509Certificate certnickname)
            throws SocketException
Sets the certificate to use for server authentication.

setServerCertNickname

public void setServerCertNickname(String nick)
            throws SocketException
Sets the certificate to use for server authentication.

setSoTimeout

public void setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option.
Parameters:
timeout - The timeout time in milliseconds.

setUseClientMode

public void setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server for purposes of the SSL protocol. By default, it is the server.
Parameters:
b - true if this end of the socket is the SSL slient, false if it is the SSL server.

toString

public String toString()
Returns the addresses and ports of this socket.

useCache

public void useCache(boolean b)
            throws SocketException
Enables/disables the session cache. By default, the session cache is enabled.