1/*
2 * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26
27package javax.net.ssl;
28
29import java.io.IOException;
30import java.net.InetAddress;
31import java.net.ServerSocket;
32import java.net.SocketException;
33import javax.net.ServerSocketFactory;
34import java.security.*;
35
36/**
37 * <code>SSLServerSocketFactory</code>s create
38 * <code>SSLServerSocket</code>s.
39 *
40 * @since 1.4
41 * @see SSLSocket
42 * @see SSLServerSocket
43 * @author David Brownell
44 */
45public abstract class SSLServerSocketFactory extends ServerSocketFactory
46{
47    private static SSLServerSocketFactory theFactory;
48
49    private static boolean propertyChecked;
50
51    private static void log(String msg) {
52        if (SSLSocketFactory.DEBUG) {
53            System.out.println(msg);
54        }
55    }
56
57    /**
58     * Constructor is used only by subclasses.
59     */
60    protected SSLServerSocketFactory() { /* NOTHING */ }
61
62    /**
63     * Returns the default SSL server socket factory.
64     *
65     * <p>The first time this method is called, the security property
66     * "ssl.ServerSocketFactory.provider" is examined. If it is non-null, a
67     * class by that name is loaded and instantiated. If that is successful and
68     * the object is an instance of SSLServerSocketFactory, it is made the
69     * default SSL server socket factory.
70     *
71     * <p>Otherwise, this method returns
72     * <code>SSLContext.getDefault().getServerSocketFactory()</code>. If that
73     * call fails, an inoperative factory is returned.
74     *
75     * @return the default <code>ServerSocketFactory</code>
76     * @see SSLContext#getDefault
77     */
78    public static synchronized ServerSocketFactory getDefault() {
79        if (theFactory != null) {
80            return theFactory;
81        }
82
83        if (propertyChecked == false) {
84            propertyChecked = true;
85            String clsName = SSLSocketFactory.getSecurityProperty
86                                        ("ssl.ServerSocketFactory.provider");
87            if (clsName != null) {
88                log("setting up default SSLServerSocketFactory");
89                try {
90                    Class<?> cls = null;
91                    try {
92                        cls = Class.forName(clsName);
93                    } catch (ClassNotFoundException e) {
94                        ClassLoader cl = ClassLoader.getSystemClassLoader();
95                        if (cl != null) {
96                            cls = cl.loadClass(clsName);
97                        }
98                    }
99                    log("class " + clsName + " is loaded");
100                    @SuppressWarnings("deprecation")
101                    SSLServerSocketFactory fac = (SSLServerSocketFactory)cls.newInstance();
102                    log("instantiated an instance of class " + clsName);
103                    theFactory = fac;
104                    return fac;
105                } catch (Exception e) {
106                    log("SSLServerSocketFactory instantiation failed: " + e);
107                    theFactory = new DefaultSSLServerSocketFactory(e);
108                    return theFactory;
109                }
110            }
111        }
112
113        try {
114            return SSLContext.getDefault().getServerSocketFactory();
115        } catch (NoSuchAlgorithmException e) {
116            return new DefaultSSLServerSocketFactory(e);
117        }
118    }
119
120    /**
121     * Returns the list of cipher suites which are enabled by default.
122     * Unless a different list is enabled, handshaking on an SSL connection
123     * will use one of these cipher suites.  The minimum quality of service
124     * for these defaults requires confidentiality protection and server
125     * authentication (that is, no anonymous cipher suites).
126     * <P>
127     * The returned array includes cipher suites from the list of standard
128     * cipher suite names in the <a href=
129     * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
130     * JSSE Cipher Suite Names</a> section of the Java Cryptography
131     * Architecture Standard Algorithm Name Documentation, and may also
132     * include other cipher suites that the provider supports.
133     *
134     * @see #getSupportedCipherSuites()
135     * @return array of the cipher suites enabled by default
136     */
137    public abstract String [] getDefaultCipherSuites();
138
139
140    /**
141     * Returns the names of the cipher suites which could be enabled for use
142     * on an SSL connection created by this factory.
143     * Normally, only a subset of these will actually
144     * be enabled by default, since this list may include cipher suites which
145     * do not meet quality of service requirements for those defaults.  Such
146     * cipher suites are useful in specialized applications.
147     * <P>
148     * The returned array includes cipher suites from the list of standard
149     * cipher suite names in the <a href=
150     * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
151     * JSSE Cipher Suite Names</a> section of the Java Cryptography
152     * Architecture Standard Algorithm Name Documentation, and may also
153     * include other cipher suites that the provider supports.
154     *
155     * @return an array of cipher suite names
156     * @see #getDefaultCipherSuites()
157     */
158    public abstract String [] getSupportedCipherSuites();
159}
160
161
162//
163// The default factory does NOTHING.
164//
165class DefaultSSLServerSocketFactory extends SSLServerSocketFactory {
166
167    private final Exception reason;
168
169    DefaultSSLServerSocketFactory(Exception reason) {
170        this.reason = reason;
171    }
172
173    private ServerSocket throwException() throws SocketException {
174        throw (SocketException)
175            new SocketException(reason.toString()).initCause(reason);
176    }
177
178    @Override
179    public ServerSocket createServerSocket() throws IOException {
180        return throwException();
181    }
182
183
184    @Override
185    public ServerSocket createServerSocket(int port)
186    throws IOException
187    {
188        return throwException();
189    }
190
191    @Override
192    public ServerSocket createServerSocket(int port, int backlog)
193    throws IOException
194    {
195        return throwException();
196    }
197
198    @Override
199    public ServerSocket
200    createServerSocket(int port, int backlog, InetAddress ifAddress)
201    throws IOException
202    {
203        return throwException();
204    }
205
206    @Override
207    public String [] getDefaultCipherSuites() {
208        return new String[0];
209    }
210
211    @Override
212    public String [] getSupportedCipherSuites() {
213        return new String[0];
214    }
215}
216