/* * Copyright (C) 2014 The Android Open Source Project * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package javax.net.ssl; import java.io.IOException; import java.net.InetAddress; import java.net.ServerSocket; import java.net.SocketException; import javax.net.ServerSocketFactory; import java.security.*; /** * SSLServerSocketFactorys create * SSLServerSockets. * * @since 1.4 * @see SSLSocket * @see SSLServerSocket * @author David Brownell */ public abstract class SSLServerSocketFactory extends ServerSocketFactory { private static SSLServerSocketFactory defaultServerSocketFactory; private static int lastVersion = -1; private static void log(String msg) { if (SSLSocketFactory.DEBUG) { System.out.println(msg); } } /** * Constructor is used only by subclasses. */ protected SSLServerSocketFactory() { /* NOTHING */ } /** * Returns the default SSL server socket factory. * *

The first time this method is called, the security property * "ssl.ServerSocketFactory.provider" is examined. If it is non-null, a * class by that name is loaded and instantiated. If that is successful and * the object is an instance of SSLServerSocketFactory, it is made the * default SSL server socket factory. * *

Otherwise, this method returns * SSLContext.getDefault().getServerSocketFactory(). If that * call fails, an inoperative factory is returned. * * @return the default ServerSocketFactory * @see SSLContext#getDefault */ public static synchronized ServerSocketFactory getDefault() { // Android-changed: Use security version instead of propertyChecked. // // We use the same lookup logic in SSLSocketFactory.getDefault(). Any changes // made here must be mirrored in that class. if (defaultServerSocketFactory != null && lastVersion == Security.getVersion()) { return defaultServerSocketFactory; } lastVersion = Security.getVersion(); SSLServerSocketFactory previousDefaultServerSocketFactory = defaultServerSocketFactory; defaultServerSocketFactory = null; String clsName = SSLSocketFactory.getSecurityProperty ("ssl.ServerSocketFactory.provider"); if (clsName != null) { // The instance for the default socket factory is checked for updates quite // often (for instance, every time a security provider is added). Which leads // to unnecessary overload and excessive error messages in case of class-loading // errors. Avoid creating a new object if the class name is the same as before. if (previousDefaultServerSocketFactory != null && clsName.equals(previousDefaultServerSocketFactory.getClass().getName())) { defaultServerSocketFactory = previousDefaultServerSocketFactory; return defaultServerSocketFactory; } Class cls = null; log("setting up default SSLServerSocketFactory"); try { log("setting up default SSLServerSocketFactory"); try { cls = Class.forName(clsName); } catch (ClassNotFoundException e) { // Android-changed; Try the contextClassLoader first. ClassLoader cl = Thread.currentThread().getContextClassLoader(); if (cl == null) { cl = ClassLoader.getSystemClassLoader(); } if (cl != null) { cls = Class.forName(clsName, true, cl); } } log("class " + clsName + " is loaded"); SSLServerSocketFactory fac = (SSLServerSocketFactory) cls.newInstance(); log("instantiated an instance of class " + clsName); defaultServerSocketFactory = fac; if (defaultServerSocketFactory != null) { return defaultServerSocketFactory; } } catch (Exception e) { log("SSLServerSocketFactory instantiation failed: " + e); // Android-changed: Fallback to the default SSLContext if an exception // is thrown during the initialization of ssl.ServerSocketFactory.provider. } } try { SSLContext context = SSLContext.getDefault(); if (context != null) { defaultServerSocketFactory = context.getServerSocketFactory(); } } catch (NoSuchAlgorithmException e) { } if (defaultServerSocketFactory == null) { defaultServerSocketFactory = new DefaultSSLServerSocketFactory( new IllegalStateException("No ServerSocketFactory implementation found")); } return defaultServerSocketFactory; } /** * Returns the list of cipher suites which are enabled by default. * Unless a different list is enabled, handshaking on an SSL connection * will use one of these cipher suites. The minimum quality of service * for these defaults requires confidentiality protection and server * authentication (that is, no anonymous cipher suites). * * @see #getSupportedCipherSuites() * @return array of the cipher suites enabled by default */ public abstract String [] getDefaultCipherSuites(); /** * Returns the names of the cipher suites which could be enabled for use * on an SSL connection created by this factory. * Normally, only a subset of these will actually * be enabled by default, since this list may include cipher suites which * do not meet quality of service requirements for those defaults. Such * cipher suites are useful in specialized applications. * * @return an array of cipher suite names * @see #getDefaultCipherSuites() */ public abstract String [] getSupportedCipherSuites(); } // // The default factory does NOTHING. // class DefaultSSLServerSocketFactory extends SSLServerSocketFactory { private final Exception reason; DefaultSSLServerSocketFactory(Exception reason) { this.reason = reason; } private ServerSocket throwException() throws SocketException { throw (SocketException) new SocketException(reason.toString()).initCause(reason); } public ServerSocket createServerSocket() throws IOException { return throwException(); } public ServerSocket createServerSocket(int port) throws IOException { return throwException(); } public ServerSocket createServerSocket(int port, int backlog) throws IOException { return throwException(); } public ServerSocket createServerSocket(int port, int backlog, InetAddress ifAddress) throws IOException { return throwException(); } public String [] getDefaultCipherSuites() { return new String[0]; } public String [] getSupportedCipherSuites() { return new String[0]; } }