1 /*
   2  * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 
  27 package javax.net.ssl;
  28 
  29 import java.io.IOException;
  30 import java.net.InetAddress;
  31 import java.net.ServerSocket;
  32 import java.net.SocketException;
  33 import javax.net.ServerSocketFactory;
  34 import java.security.*;
  35 
  36 /**
  37  * <code>SSLServerSocketFactory</code>s create
  38  * <code>SSLServerSocket</code>s.
  39  *
  40  * @since 1.4
  41  * @see SSLSocket
  42  * @see SSLServerSocket
  43  * @author David Brownell
  44  */
  45 public abstract class SSLServerSocketFactory extends ServerSocketFactory
  46 {
  47     private static SSLServerSocketFactory theFactory;
  48 
  49     private static boolean propertyChecked;
  50 
  51     private static void log(String msg) {
  52         if (SSLSocketFactory.DEBUG) {
  53             System.out.println(msg);
  54         }
  55     }
  56 
  57     /**
  58      * Constructor is used only by subclasses.
  59      */
  60     protected SSLServerSocketFactory() { /* NOTHING */ }
  61 
  62     /**
  63      * Returns the default SSL server socket factory.
  64      *
  65      * <p>The first time this method is called, the security property
  66      * "ssl.ServerSocketFactory.provider" is examined. If it is non-null, a
  67      * class by that name is loaded and instantiated. If that is successful and
  68      * the object is an instance of SSLServerSocketFactory, it is made the
  69      * default SSL server socket factory.
  70      *
  71      * <p>Otherwise, this method returns
  72      * <code>SSLContext.getDefault().getServerSocketFactory()</code>. If that
  73      * call fails, an inoperative factory is returned.
  74      *
  75      * @return the default <code>ServerSocketFactory</code>
  76      * @see SSLContext#getDefault
  77      */
  78     public static synchronized ServerSocketFactory getDefault() {
  79         if (theFactory != null) {
  80             return theFactory;
  81         }
  82 
  83         if (propertyChecked == false) {
  84             propertyChecked = true;
  85             String clsName = SSLSocketFactory.getSecurityProperty
  86                                         ("ssl.ServerSocketFactory.provider");
  87             if (clsName != null) {
  88                 log("setting up default SSLServerSocketFactory");
  89                 try {
  90                     Class<?> cls = null;
  91                     try {
  92                         cls = Class.forName(clsName);
  93                     } catch (ClassNotFoundException e) {
  94                         ClassLoader cl = ClassLoader.getSystemClassLoader();
  95                         if (cl != null) {
  96                             cls = cl.loadClass(clsName);
  97                         }
  98                     }
  99                     log("class " + clsName + " is loaded");
 100                     @SuppressWarnings("deprecation")
 101                     SSLServerSocketFactory fac = (SSLServerSocketFactory)cls.newInstance();
 102                     log("instantiated an instance of class " + clsName);
 103                     theFactory = fac;
 104                     return fac;
 105                 } catch (Exception e) {
 106                     log("SSLServerSocketFactory instantiation failed: " + e);
 107                     theFactory = new DefaultSSLServerSocketFactory(e);
 108                     return theFactory;
 109                 }
 110             }
 111         }
 112 
 113         try {
 114             return SSLContext.getDefault().getServerSocketFactory();
 115         } catch (NoSuchAlgorithmException | UnsupportedOperationException e) {
 116             return new DefaultSSLServerSocketFactory(e);
 117         }
 118     }
 119 
 120     /**
 121      * Returns the list of cipher suites which are enabled by default.
 122      * Unless a different list is enabled, handshaking on an SSL connection
 123      * will use one of these cipher suites.  The minimum quality of service
 124      * for these defaults requires confidentiality protection and server
 125      * authentication (that is, no anonymous cipher suites).
 126      * <P>
 127      * The returned array includes cipher suites from the list of standard
 128      * cipher suite names in the <a href=
 129      * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
 130      * JSSE Cipher Suite Names</a> section of the Java Cryptography
 131      * Architecture Standard Algorithm Name Documentation, and may also
 132      * include other cipher suites that the provider supports.
 133      *
 134      * @see #getSupportedCipherSuites()
 135      * @return array of the cipher suites enabled by default
 136      */
 137     public abstract String [] getDefaultCipherSuites();
 138 
 139 
 140     /**
 141      * Returns the names of the cipher suites which could be enabled for use
 142      * on an SSL connection created by this factory.
 143      * Normally, only a subset of these will actually
 144      * be enabled by default, since this list may include cipher suites which
 145      * do not meet quality of service requirements for those defaults.  Such
 146      * cipher suites are useful in specialized applications.
 147      * <P>
 148      * The returned array includes cipher suites from the list of standard
 149      * cipher suite names in the <a href=
 150      * "{@docRoot}/../specs/security/standard-names.html#jsse-cipher-suite-names">
 151      * JSSE Cipher Suite Names</a> section of the Java Cryptography
 152      * Architecture Standard Algorithm Name Documentation, and may also
 153      * include other cipher suites that the provider supports.
 154      *
 155      * @return an array of cipher suite names
 156      * @see #getDefaultCipherSuites()
 157      */
 158     public abstract String [] getSupportedCipherSuites();
 159 }
 160 
 161 
 162 //
 163 // The default factory does NOTHING.
 164 //
 165 class DefaultSSLServerSocketFactory extends SSLServerSocketFactory {
 166 
 167     private final Exception reason;
 168 
 169     DefaultSSLServerSocketFactory(Exception reason) {
 170         this.reason = reason;
 171     }
 172 
 173     private ServerSocket throwException() throws SocketException {
 174         throw (SocketException)
 175             new SocketException(reason.toString()).initCause(reason);
 176     }
 177 
 178     @Override
 179     public ServerSocket createServerSocket() throws IOException {
 180         return throwException();
 181     }
 182 
 183 
 184     @Override
 185     public ServerSocket createServerSocket(int port)
 186     throws IOException
 187     {
 188         return throwException();
 189     }
 190 
 191     @Override
 192     public ServerSocket createServerSocket(int port, int backlog)
 193     throws IOException
 194     {
 195         return throwException();
 196     }
 197 
 198     @Override
 199     public ServerSocket
 200     createServerSocket(int port, int backlog, InetAddress ifAddress)
 201     throws IOException
 202     {
 203         return throwException();
 204     }
 205 
 206     @Override
 207     public String [] getDefaultCipherSuites() {
 208         return new String[0];
 209     }
 210 
 211     @Override
 212     public String [] getSupportedCipherSuites() {
 213         return new String[0];
 214     }
 215 }