1 /*
   2  * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 
  27 package javax.net.ssl;
  28 
  29 import java.io.IOException;
  30 import java.net.InetAddress;
  31 import java.net.ServerSocket;
  32 import java.net.SocketException;
  33 import javax.net.ServerSocketFactory;
  34 import java.security.*;
  35 
  36 /**
  37  * <code>SSLServerSocketFactory</code>s create
  38  * <code>SSLServerSocket</code>s.
  39  *
  40  * @since 1.4
  41  * @see SSLSocket
  42  * @see SSLServerSocket
  43  * @author David Brownell
  44  */
  45 public abstract class SSLServerSocketFactory extends ServerSocketFactory {
  46 
  47     /**
  48      * Constructor is used only by subclasses.
  49      */
  50     protected SSLServerSocketFactory() { /* NOTHING */ }
  51 
  52     /**
  53      * Returns the default SSL server socket factory.
  54      *
  55      * <p>The first time this method is called, the security property
  56      * "ssl.ServerSocketFactory.provider" is examined. If it is non-null, a
  57      * class by that name is loaded and instantiated. If that is successful and
  58      * the object is an instance of SSLServerSocketFactory, it is made the
  59      * default SSL server socket factory.
  60      *
  61      * <p>Otherwise, this method returns
  62      * <code>SSLContext.getDefault().getServerSocketFactory()</code>. If that
  63      * call fails, an inoperative factory is returned.
  64      *
  65      * @return the default <code>ServerSocketFactory</code>
  66      * @see SSLContext#getDefault
  67      */
  68     public static ServerSocketFactory getDefault() {
  69         if (DefaultFactoryHolder.defaultFactory != null) {
  70             return DefaultFactoryHolder.defaultFactory;
  71         }
  72 
  73         try {
  74             return SSLContext.getDefault().getServerSocketFactory();
  75         } catch (NoSuchAlgorithmException | UnsupportedOperationException e) {
  76             return new DefaultSSLServerSocketFactory(e);
  77         }
  78     }
  79 
  80     /**
  81      * Returns the list of cipher suites which are enabled by default.
  82      * Unless a different list is enabled, handshaking on an SSL connection
  83      * will use one of these cipher suites.  The minimum quality of service
  84      * for these defaults requires confidentiality protection and server
  85      * authentication (that is, no anonymous cipher suites).
  86      * <P>
  87      * The returned array includes cipher suites from the list of standard
  88      * cipher suite names in the <a href=
  89      * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
  90      * JSSE Cipher Suite Names</a> section of the Java Cryptography
  91      * Architecture Standard Algorithm Name Documentation, and may also
  92      * include other cipher suites that the provider supports.
  93      *
  94      * @see #getSupportedCipherSuites()
  95      * @return array of the cipher suites enabled by default
  96      */
  97     public abstract String [] getDefaultCipherSuites();
  98 
  99 
 100     /**
 101      * Returns the names of the cipher suites which could be enabled for use
 102      * on an SSL connection created by this factory.
 103      * Normally, only a subset of these will actually
 104      * be enabled by default, since this list may include cipher suites which
 105      * do not meet quality of service requirements for those defaults.  Such
 106      * cipher suites are useful in specialized applications.
 107      * <P>
 108      * The returned array includes cipher suites from the list of standard
 109      * cipher suite names in the <a href=
 110      * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
 111      * JSSE Cipher Suite Names</a> section of the Java Cryptography
 112      * Architecture Standard Algorithm Name Documentation, and may also
 113      * include other cipher suites that the provider supports.
 114      *
 115      * @return an array of cipher suite names
 116      * @see #getDefaultCipherSuites()
 117      */
 118     public abstract String [] getSupportedCipherSuites();
 119 
 120     // lazy initialization holder class idiom for static default factory
 121     //
 122     // See Effective Java Second Edition: Item 71.
 123     private static final class DefaultFactoryHolder {
 124         private static final SSLServerSocketFactory defaultFactory;
 125 
 126         static {
 127             SSLServerSocketFactory mediator = null;
 128             String clsName = SSLSocketFactory.getSecurityProperty(
 129                     "ssl.ServerSocketFactory.provider");
 130             if (clsName != null) {
 131                 log("setting up default SSLServerSocketFactory");
 132                 try {
 133                     Class<?> cls = null;
 134                     try {
 135                         cls = Class.forName(clsName);
 136                     } catch (ClassNotFoundException e) {
 137                         ClassLoader cl = ClassLoader.getSystemClassLoader();
 138                         if (cl != null) {
 139                             cls = cl.loadClass(clsName);
 140                         }
 141                     }
 142                     log("class " + clsName + " is loaded");
 143 
 144                     mediator = (SSLServerSocketFactory)cls
 145                             .getDeclaredConstructor().newInstance();
 146                     log("instantiated an instance of class " + clsName);
 147                 } catch (Exception e) {
 148                     log("SSLServerSocketFactory instantiation failed: " + e);
 149                     mediator = new DefaultSSLServerSocketFactory(e);
 150                 }
 151             }
 152 
 153             defaultFactory = mediator;
 154         }
 155 
 156         private static void log(String msg) {
 157             if (SSLSocketFactory.DEBUG) {
 158                 System.out.println(msg);
 159             }
 160         }
 161     }
 162 }
 163 
 164 //
 165 // The default factory does NOTHING.
 166 //
 167 class DefaultSSLServerSocketFactory extends SSLServerSocketFactory {
 168 
 169     private final Exception reason;
 170 
 171     DefaultSSLServerSocketFactory(Exception reason) {
 172         this.reason = reason;
 173     }
 174 
 175     private ServerSocket throwException() throws SocketException {
 176         throw (SocketException)
 177             new SocketException(reason.toString()).initCause(reason);
 178     }
 179 
 180     @Override
 181     public ServerSocket createServerSocket() throws IOException {
 182         return throwException();
 183     }
 184 
 185 
 186     @Override
 187     public ServerSocket createServerSocket(int port)
 188     throws IOException
 189     {
 190         return throwException();
 191     }
 192 
 193     @Override
 194     public ServerSocket createServerSocket(int port, int backlog)
 195     throws IOException
 196     {
 197         return throwException();
 198     }
 199 
 200     @Override
 201     public ServerSocket
 202     createServerSocket(int port, int backlog, InetAddress ifAddress)
 203     throws IOException
 204     {
 205         return throwException();
 206     }
 207 
 208     @Override
 209     public String [] getDefaultCipherSuites() {
 210         return new String[0];
 211     }
 212 
 213     @Override
 214     public String [] getSupportedCipherSuites() {
 215         return new String[0];
 216     }
 217 }