diff options
| author | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2013-11-11 20:52:36 +0000 |
|---|---|---|
| committer | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2013-11-11 20:52:36 +0000 |
| commit | 4af1d0a0d6fb6f4784067d320e42504922710788 (patch) | |
| tree | 6cdb6232d5b326b49362a84a1d7b0e5b851e12b2 /bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java | |
| parent | e409be78733ceb5a8f2cb98f774269ecc89dcfa1 (diff) | |
| download | mocca-4af1d0a0d6fb6f4784067d320e42504922710788.tar.gz mocca-4af1d0a0d6fb6f4784067d320e42504922710788.tar.bz2 mocca-4af1d0a0d6fb6f4784067d320e42504922710788.zip | |
Allow to disable certain ciphersuites for SSL connections
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1213 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java')
| -rw-r--r-- | bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java new file mode 100644 index 00000000..a9e96126 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/spring/InternalSSLSocketFactory.java @@ -0,0 +1,83 @@ +package at.gv.egiz.bku.spring; + +import java.io.IOException; +import java.net.InetAddress; +import java.net.Socket; +import java.net.UnknownHostException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +public class InternalSSLSocketFactory extends SSLSocketFactory { + + private SSLSocketFactory proxy; + private String[] suites; + + public InternalSSLSocketFactory(SSLSocketFactory socketFactory, + String[] disabledSuites) { + this.proxy = socketFactory; + List<String> dSuites = Arrays.asList(disabledSuites); + List<String> suites = new ArrayList<String>(Arrays.asList(proxy.getDefaultCipherSuites())); + suites.removeAll(dSuites); + this.suites = suites.toArray(new String[suites.size()]); + } + + @Override + public Socket createSocket(Socket s, String host, int port, + boolean autoClose) throws IOException { + Socket socket = proxy.createSocket(s, host, port, autoClose); + setCipherSuites(socket); + return socket; + } + + @Override + public String[] getDefaultCipherSuites() { + return suites; + } + + @Override + public String[] getSupportedCipherSuites() { + return proxy.getSupportedCipherSuites(); + } + + @Override + public Socket createSocket(String host, int port) throws IOException, + UnknownHostException { + Socket socket = proxy.createSocket(host, port); + setCipherSuites(socket); + return socket; + } + + @Override + public Socket createSocket(InetAddress host, int port) throws IOException { + Socket socket = proxy.createSocket(host, port); + setCipherSuites(socket); + return socket; + } + + @Override + public Socket createSocket(String host, int port, InetAddress localHost, + int localPort) throws IOException, UnknownHostException { + Socket socket = proxy.createSocket(host, port, localHost, + localPort); + setCipherSuites(socket); + return socket; + } + + @Override + public Socket createSocket(InetAddress address, int port, + InetAddress localAddress, int localPort) throws IOException { + Socket socket = proxy.createSocket(address, port, localAddress, + localPort); + setCipherSuites(socket); + return socket; + } + + private void setCipherSuites(Socket socket) { + if (socket instanceof SSLSocket) + ((SSLSocket) socket).setEnabledCipherSuites(suites); + } +} |