List of usage examples for javax.net.ssl SSLSocket getEnabledProtocols
public abstract String[] getEnabledProtocols();
From source file:net.i2p.util.I2PSSLSocketFactory.java
/** * Select protocols and cipher suites to be used * based on configured inclusion and exclusion lists * as well as enabled and supported protocols and cipher suites. * * Adapted from Jetty SslContextFactory.java * * @since 0.9.16/*from w w w . ja va2s . c om*/ */ public static void setProtocolsAndCiphers(SSLSocket socket) { socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(), socket.getSupportedProtocols())); socket.setEnabledCipherSuites( selectCipherSuites(socket.getEnabledCipherSuites(), socket.getSupportedCipherSuites())); }
From source file:at.bitfire.davdroid.SSLSocketFactoryCompatTest.java
public void testUpgradeTLS() throws IOException { Socket s = factory.createSocket(server.getHostName(), server.getPort()); assertTrue(s instanceof SSLSocket); SSLSocket ssl = (SSLSocket) s; assertFalse(org.apache.commons.lang3.ArrayUtils.contains(ssl.getEnabledProtocols(), "SSLv3")); assertTrue(org.apache.commons.lang3.ArrayUtils.contains(ssl.getEnabledProtocols(), "TLSv1")); if (Build.VERSION.SDK_INT >= 16) { assertTrue(org.apache.commons.lang3.ArrayUtils.contains(ssl.getEnabledProtocols(), "TLSv1.1")); assertTrue(org.apache.commons.lang3.ArrayUtils.contains(ssl.getEnabledProtocols(), "TLSv1.2")); }/* w w w . j a v a2s.c o m*/ }
From source file:com.joyent.manta.http.MantaSSLConnectionSocketFactory.java
@Override protected void prepareSocket(final SSLSocket socket) throws IOException { final Set<String> enabledProtocols = new LinkedHashSet<>(Arrays.asList(socket.getEnabledProtocols())); final Set<String> enabledCipherSuites = new LinkedHashSet<>(Arrays.asList(socket.getEnabledCipherSuites())); if (LOG.isDebugEnabled()) { LOG.debug("Enabled TLS protocols: {}", MantaUtils.asString(enabledProtocols)); LOG.debug("Enabled cipher suites: {}", MantaUtils.asString(enabledCipherSuites)); }// w w w . ja v a 2s . c o m supportedCipherSuites.retainAll(enabledCipherSuites); if (!supportedCipherSuites.isEmpty()) { try { String[] supportedCiphers = new String[supportedCipherSuites.size()]; supportedCipherSuites.toArray(supportedCiphers); socket.setEnabledCipherSuites(supportedCiphers); } catch (IllegalArgumentException e) { String msg = String.format("Unsupported encryption provider. Supported providers: %s", MantaUtils.asString(socket.getEnabledCipherSuites())); throw new ConfigurationException(msg, e); } } supportedProtocols.retainAll(enabledProtocols); if (!supportedProtocols.isEmpty()) { String[] supportedProtos = new String[supportedProtocols.size()]; supportedProtocols.toArray(supportedProtos); socket.setEnabledProtocols(supportedProtos); } if (LOG.isDebugEnabled()) { LOG.debug("Supported TLS protocols: {}", MantaUtils.asString(supportedProtocols)); LOG.debug("Supported cipher suites: {}", MantaUtils.asString(supportedCipherSuites)); } }
From source file:com.ksc.http.conn.ssl.SdkTLSSocketFactory.java
/** * {@inheritDoc} Used to enforce the preferred TLS protocol during SSL handshake. *///from w w w . j av a 2 s.co m @Override protected final void prepareSocket(final SSLSocket socket) { String[] supported = socket.getSupportedProtocols(); String[] enabled = socket.getEnabledProtocols(); if (LOG.isDebugEnabled()) { LOG.debug("socket.getSupportedProtocols(): " + Arrays.toString(supported) + ", socket.getEnabledProtocols(): " + Arrays.toString(enabled)); } List<String> target = new ArrayList<String>(); if (supported != null) { // Append the preferred protocols in descending order of preference // but only do so if the protocols are supported TLSProtocol[] values = TLSProtocol.values(); for (int i = 0; i < values.length; i++) { final String pname = values[i].getProtocolName(); if (existsIn(pname, supported)) { target.add(pname); } } } if (enabled != null) { // Append the rest of the already enabled protocols to the end // if not already included in the list for (String pname : enabled) { if (!target.contains(pname)) { target.add(pname); } } } if (target.size() > 0) { String[] enabling = target.toArray(new String[target.size()]); socket.setEnabledProtocols(enabling); if (LOG.isDebugEnabled()) { LOG.debug("TLS protocol enabled for SSL handshake: " + Arrays.toString(enabling)); } } }
From source file:com.amazonaws.http.conn.ssl.SdkTLSSocketFactory.java
/** * {@inheritDoc}// w ww .jav a 2s. com * * Used to enforce the preferred TLS protocol during SSL handshake. */ @Override protected final void prepareSocket(final SSLSocket socket) { String[] supported = socket.getSupportedProtocols(); String[] enabled = socket.getEnabledProtocols(); if (log.isDebugEnabled()) { log.debug("socket.getSupportedProtocols(): " + Arrays.toString(supported) + ", socket.getEnabledProtocols(): " + Arrays.toString(enabled)); } List<String> target = new ArrayList<String>(); if (supported != null) { // Append the preferred protocols in descending order of preference // but only do so if the protocols are supported TLSProtocol[] values = TLSProtocol.values(); for (int i = 0; i < values.length; i++) { final String pname = values[i].getProtocolName(); if (existsIn(pname, supported)) target.add(pname); } } if (enabled != null) { // Append the rest of the already enabled protocols to the end // if not already included in the list for (String pname : enabled) { if (!target.contains(pname)) target.add(pname); } } if (target.size() > 0) { String[] enabling = target.toArray(new String[target.size()]); socket.setEnabledProtocols(enabling); if (log.isDebugEnabled()) { log.debug("TLS protocol enabled for SSL handshake: " + Arrays.toString(enabling)); } } }
From source file:github.popeen.dsub.service.ssl.SSLSocketFactory.java
private String[] getProtocols(SSLSocket sslSocket) { String[] protocols = sslSocket.getEnabledProtocols(); // Remove SSLv3 if it is not the only option if (protocols.length > 1) { List<String> protocolList = new ArrayList(Arrays.asList(protocols)); protocolList.remove("SSLv3"); protocols = protocolList.toArray(new String[protocolList.size()]); }/* ww w . jav a 2 s. com*/ return protocols; }
From source file:com.dubsar_dictionary.SecureClient.SecureSocketFactory.java
private void setupCrypto(SSLSocket socket) { // Log.d(TAG, "in setupCrypto"); String[] protocols = getEnabledProtocols(); if (protocols != null) { socket.setEnabledProtocols(protocols); }/*from w w w . ja va2 s .com*/ String[] ciphers = getEnabledCipherSuites(); if (ciphers != null) { socket.setEnabledCipherSuites(ciphers); } protocols = socket.getEnabledProtocols(); if (protocols == null) { Log.e(TAG, "protocols is null"); return; } for (String protocol : protocols) { Log.d(TAG, protocol + " is enabled"); } ciphers = socket.getEnabledCipherSuites(); if (ciphers == null) { Log.e(TAG, "ciphers is null"); return; } for (String cipher : ciphers) { Log.d(TAG, cipher + " is enabled"); } // no? // socket.setHandshakeTimeout(mHandshakeTimeoutMillis); }
From source file:com.predic8.membrane.core.transport.ssl.SSLContext.java
public Socket createSocket(InetAddress host, int port, int connectTimeout) throws IOException { Socket s = new Socket(); s.connect(new InetSocketAddress(host, port), connectTimeout); SSLSocketFactory sslsf = sslc.getSocketFactory(); SSLSocket ssls = (SSLSocket) sslsf.createSocket(s, host.getHostName(), port, true); if (protocols != null) { ssls.setEnabledProtocols(protocols); } else {//from www . java2 s.co m String[] protocols = ssls.getEnabledProtocols(); Set<String> set = new HashSet<String>(); for (String protocol : protocols) { if (protocol.equals("SSLv3") || protocol.equals("SSLv2Hello")) { continue; } set.add(protocol); } ssls.setEnabledProtocols(set.toArray(new String[0])); } applyCiphers(ssls); return ssls; }
From source file:com.serphacker.serposcope.scraper.http.extensions.ScrapClientSSLConnectionFactory.java
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { SSLSocketFactory sslSocketFactory = insecure ? insecoreSSLSocketfactory : defaultSSLSocketFactory; final SSLSocket sslsock = (SSLSocket) sslSocketFactory.createSocket(socket, target, port, true); if (supportedProtocols != null) { sslsock.setEnabledProtocols(supportedProtocols); } else {//from ww w . j a v a 2s. c o m // If supported protocols are not explicitly set, remove all SSL protocol versions final String[] allProtocols = sslsock.getEnabledProtocols(); final List<String> enabledProtocols = new ArrayList<String>(allProtocols.length); for (String protocol : allProtocols) { if (!protocol.startsWith("SSL")) { enabledProtocols.add(protocol); } } if (!enabledProtocols.isEmpty()) { sslsock.setEnabledProtocols(enabledProtocols.toArray(new String[enabledProtocols.size()])); } } if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } if (this.log.isDebugEnabled()) { this.log.debug("Enabled protocols: " + Arrays.asList(sslsock.getEnabledProtocols())); this.log.debug("Enabled cipher suites:" + Arrays.asList(sslsock.getEnabledCipherSuites())); } prepareSocket(sslsock); this.log.debug("Starting handshake"); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; }
From source file:com.predic8.membrane.core.transport.ssl.SSLContext.java
public Socket createSocket(InetAddress host, int port, InetAddress addr, int localPort, int connectTimeout) throws IOException { Socket s = new Socket(); s.bind(new InetSocketAddress(addr, localPort)); s.connect(new InetSocketAddress(host, port), connectTimeout); SSLSocketFactory sslsf = sslc.getSocketFactory(); SSLSocket ssls = (SSLSocket) sslsf.createSocket(s, host.getHostName(), port, true); applyCiphers(ssls);//from w w w . j a v a2s. c o m if (protocols != null) { ssls.setEnabledProtocols(protocols); } else { String[] protocols = ssls.getEnabledProtocols(); Set<String> set = new HashSet<String>(); for (String protocol : protocols) { if (protocol.equals("SSLv3") || protocol.equals("SSLv2Hello")) { continue; } set.add(protocol); } ssls.setEnabledProtocols(set.toArray(new String[0])); } return ssls; }