org.mozilla.jss.ssl
public class SSLServerSocket extends ServerSocket
Field Summary | |
---|---|
static int | DEFAULT_BACKLOG
The default size of the listen queue. |
Constructor Summary | |
---|---|
SSLServerSocket(int port)
Creates a server socket listening on the given port.
| |
SSLServerSocket(int port, int backlog)
Creates a server socket listening on the given port. | |
SSLServerSocket(int port, int backlog, InetAddress bindAddr)
Creates a server socket listening on the given port. | |
SSLServerSocket(int port, int backlog, InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback)
Creates a server socket listening on the given port. | |
SSLServerSocket(int port, int backlog, InetAddress bindAddr, SSLCertificateApprovalCallback certApprovalCallback, boolean reuseAddr)
Creates a server socket listening on the given port. |
Method Summary | |
---|---|
Socket | accept()
Accepts a connection. |
void | bypassPKCS11(boolean enable)
Enables the bypass of PKCS11 for performance on this socket.
|
static void | clearSessionCache()
Empties the SSL client session ID cache. |
void | close()
Closes this socket. |
static void | configServerSessionIDCache(int maxSidEntries, int ssl2EntryTimeout, int ssl3EntryTimeout, String cacheFileDirectory)
Configures the session ID cache. |
void | enableFDX(boolean enable)
Enable simultaneous read/write by separate read and write threads
(full duplex) for this socket.
|
void | enableRollbackDetection(boolean enable)
Enable rollback detection for this socket.
|
void | enableSSL2(boolean enable)
Enables SSL v2 on this socket. |
void | enableSSL3(boolean enable)
Enables SSL v3 on this socket. |
void | enableStepDown(boolean enable)
This option, enableStepDown, is concerned with the generation
of step-down keys which are used with export suites.
|
void | enableTLS(boolean enable)
Enables TLS on this socket. |
void | enableV2CompatibleHello(boolean enable)
Enable sending v3 client hello in v2 format for this socket.
|
protected void | finalize() |
InetAddress | getInetAddress() |
int | getLocalPort() |
boolean | getReuseAddress() |
int | getSoTimeout()
Returns the current value of the SO_TIMEOUT socket option. |
String | getSSLOptions() |
void | requestClientAuth(boolean b)
Enables/disables the request of client authentication. |
void | requireClientAuth(boolean require, boolean onRedo)
Sets whether the socket requires client authentication from the remote
peer. |
void | requireClientAuth(int mode)
Sets whether the socket requires client authentication from the remote
peer. |
void | setClientCert(X509Certificate cert)
Sets the certificate to use for client authentication. |
void | setClientCertNickname(String nick)
Sets the nickname of the certificate to use for client authentication. |
void | setNeedClientAuth(boolean b) |
void | setNeedClientAuthNoExpiryCheck(boolean b)
Enables/disables the request of client authentication. |
void | setReuseAddress(boolean reuse) |
void | setServerCert(X509Certificate certnickname)
Sets the certificate to use for server authentication. |
void | setServerCertNickname(String nick)
Sets the certificate to use for server authentication. |
void | setSoTimeout(int timeout)
Sets the SO_TIMEOUT socket option. |
void | setUseClientMode(boolean b)
Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol. |
String | toString()
Returns the addresses and ports of this socket
or an error message if the socket is not in a valid state. |
void | useCache(boolean b)
Enables/disables the session cache. |
Parameters: backlog The size of the socket's listen queue.
Parameters: backlog The size of the socket's listen queue. bindAddr The local address to which to bind. If null, an unspecified local address will be bound to.
Parameters: backlog The size of the socket's listen queue. bindAddr The local address to which to bind. If null, an unspecified local address will be bound to. certApprovalCallback Will get called to approve any certificate presented by the client.
Parameters: backlog The size of the socket's listen queue. bindAddr The local address to which to bind. If null, an unspecified local address will be bound to. certApprovalCallback Will get called to approve any certificate presented by the client. reuseAddr Reuse the local bind port; this parameter sets the SO_REUSEADDR option on the socket before calling bind(). The default is false for backward compatibility.
Returns: java.net.Socket Local socket for client communication
Throws: IOException If an input or output exception occurred SocketTimeoutException If the socket timesout trying to connect InterruptedIOException If an input or output is interrupted SSLSocketException JSS subclass of java.net.SocketException
SSLSocket.bypassPKCS11Default
.Parameters: maxSidEntries The maximum number of entries in the cache. If
0 is passed, the default of 10,000 is used. ssl2EntryTimeout The lifetime in seconds of an SSL2 session.
The minimum timeout value is 5 seconds and the maximum is 24 hours.
Values outside this range are replaced by the server default value
of 100 seconds. ssl3EntryTimeout The lifetime in seconds of an SSL3 session.
The minimum timeout value is 5 seconds and the maximum is 24 hours.
Values outside this range are replaced by the server default value
of 100 seconds. cacheFileDirectory The pathname of the directory that
will contain the session cache. If null is passed, the server default
is used: /tmp
on Unix and \\temp
on Windows.
SSLSocket.enableFDXDefault
.SSLSocket.enableRollbackDetectionDefault
.SSLSocket.enableSSL2Default
.SSLSocket.enableSSL3Default
.SSLSocket.enableStepDownDefault
.SSLSocket.enableTLSDefault
.SSLSocket.enableV2CompatibleHelloDefault
.Returns: the local address of this server socket.
Returns: The local port.
Returns: The timeout time in milliseconds.
Returns: a String listing the current SSLOptions for this socket.
See Also: SSLServerSocket
Deprecated: use requireClientAuth(int)
Sets whether the socket requires client authentication from the remote peer. If requestClientAuth() has not already been called, this method will tell the socket to request client auth as well as requiring it.Parameters: mode One of: SSLSocket.SSL_REQUIRE_NEVER, SSLSocket.SSL_REQUIRE_ALWAYS, SSLSocket.SSL_REQUIRE_FIRST_HANDSHAKE, SSLSocket.SSL_REQUIRE_NO_ERROR
Deprecated: As of JSS 3.0. This method is misnamed. Use
requestClientAuth
instead.
Deprecated: As of JSS 3.0. This method is misnamed. Use
requestClientAuthNoExpiryCheck
instead.
In addition, the client certificate's expiration will not prevent it from being accepted.
Parameters: timeout The timeout time in milliseconds.
Parameters: b true if this end of the socket is the SSL slient, false if it is the SSL server.