1 /* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.conscrypt; 18 19 import java.io.IOException; 20 import java.net.InetAddress; 21 import java.net.Socket; 22 import javax.net.ssl.SSLServerSocket; 23 24 /** 25 * BoringSSL-based implementation of server sockets. 26 */ 27 final class ConscryptServerSocket extends SSLServerSocket { 28 private final SSLParametersImpl sslParameters; 29 private boolean channelIdEnabled; 30 private boolean useEngineSocket; 31 32 ConscryptServerSocket(SSLParametersImpl sslParameters) throws IOException { 33 this.sslParameters = sslParameters; 34 } 35 36 ConscryptServerSocket(int port, SSLParametersImpl sslParameters) 37 throws IOException { 38 super(port); 39 this.sslParameters = sslParameters; 40 } 41 42 ConscryptServerSocket(int port, int backlog, SSLParametersImpl sslParameters) 43 throws IOException { 44 super(port, backlog); 45 this.sslParameters = sslParameters; 46 } 47 48 ConscryptServerSocket(int port, 49 int backlog, 50 InetAddress iAddress, 51 SSLParametersImpl sslParameters) 52 throws IOException { 53 super(port, backlog, iAddress); 54 this.sslParameters = sslParameters; 55 } 56 57 /** 58 * Configures the socket to be created for this instance. 59 */ 60 ConscryptServerSocket setUseEngineSocket(boolean useEngineSocket) { 61 this.useEngineSocket = useEngineSocket; 62 return this; 63 } 64 65 @Override 66 public boolean getEnableSessionCreation() { 67 return sslParameters.getEnableSessionCreation(); 68 } 69 70 @Override 71 public void setEnableSessionCreation(boolean flag) { 72 sslParameters.setEnableSessionCreation(flag); 73 } 74 75 /** 76 * The names of the protocols' versions that may be used on this SSL 77 * connection. 78 * @return an array of protocols names 79 */ 80 @Override 81 public String[] getSupportedProtocols() { 82 return NativeCrypto.getSupportedProtocols(); 83 } 84 85 /** 86 * The names of the protocols' versions that in use on this SSL connection. 87 * 88 * @return an array of protocols names 89 */ 90 @Override 91 public String[] getEnabledProtocols() { 92 return sslParameters.getEnabledProtocols(); 93 } 94 95 /** 96 * This method enables the protocols' versions listed by 97 * getSupportedProtocols(). 98 * 99 * @param protocols names of all the protocols to enable. 100 * 101 * @throws IllegalArgumentException when one or more of the names in the 102 * array are not supported, or when the array is null. 103 */ 104 @Override 105 public void setEnabledProtocols(String[] protocols) { 106 sslParameters.setEnabledProtocols(protocols); 107 } 108 109 @Override 110 public String[] getSupportedCipherSuites() { 111 return NativeCrypto.getSupportedCipherSuites(); 112 } 113 114 @Override 115 public String[] getEnabledCipherSuites() { 116 return sslParameters.getEnabledCipherSuites(); 117 } 118 119 /** 120 * Enables/disables the TLS Channel ID extension for this server socket. 121 */ 122 void setChannelIdEnabled(boolean enabled) { 123 channelIdEnabled = enabled; 124 } 125 126 /** 127 * Checks whether the TLS Channel ID extension is enabled for this server socket. 128 */ 129 boolean isChannelIdEnabled() { 130 return channelIdEnabled; 131 } 132 133 /** 134 * This method enables the cipher suites listed by 135 * getSupportedCipherSuites(). 136 * 137 * @param suites the names of all the cipher suites to enable 138 * @throws IllegalArgumentException when one or more of the ciphers in array 139 * suites are not supported, or when the array is null. 140 */ 141 @Override 142 public void setEnabledCipherSuites(String[] suites) { 143 sslParameters.setEnabledCipherSuites(suites); 144 } 145 146 @Override 147 public boolean getWantClientAuth() { 148 return sslParameters.getWantClientAuth(); 149 } 150 151 @Override 152 public void setWantClientAuth(boolean want) { 153 sslParameters.setWantClientAuth(want); 154 } 155 156 @Override 157 public boolean getNeedClientAuth() { 158 return sslParameters.getNeedClientAuth(); 159 } 160 161 @Override 162 public void setNeedClientAuth(boolean need) { 163 sslParameters.setNeedClientAuth(need); 164 } 165 166 @Override 167 public void setUseClientMode(boolean mode) { 168 sslParameters.setUseClientMode(mode); 169 } 170 171 @Override 172 public boolean getUseClientMode() { 173 return sslParameters.getUseClientMode(); 174 } 175 176 @Override 177 public Socket accept() throws IOException { 178 final AbstractConscryptSocket socket; 179 if (useEngineSocket) { 180 socket = Platform.createEngineSocket(sslParameters); 181 } else { 182 socket = Platform.createFileDescriptorSocket(sslParameters); 183 } 184 185 socket.setChannelIdEnabled(channelIdEnabled); 186 implAccept(socket); 187 return socket; 188 } 189 } 190