001/* SslRMIServerSocketFactory.java -- 
002   Copyright (C) 2006 Free Software Foundation
003
004This file is part of GNU Classpath.
005
006GNU Classpath is free software; you can redistribute it and/or modify
007it under the terms of the GNU General Public License as published by
008the Free Software Foundation; either version 2, or (at your option)
009any later version.
010
011GNU Classpath is distributed in the hope that it will be useful, but
012WITHOUT ANY WARRANTY; without even the implied warranty of
013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014General Public License for more details.
015
016You should have received a copy of the GNU General Public License
017along with GNU Classpath; see the file COPYING.  If not, write to the
018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
01902110-1301 USA.
020
021Linking this library statically or dynamically with other modules is
022making a combined work based on this library.  Thus, the terms and
023conditions of the GNU General Public License cover the whole
024combination.
025
026As a special exception, the copyright holders of this library give you
027permission to link this library with independent modules to produce an
028executable, regardless of the license terms of these independent
029modules, and to copy and distribute the resulting executable under
030terms of your choice, provided that you also meet, for each linked
031independent module, the terms and conditions of the license of that
032module.  An independent module is a module which is not derived from
033or based on this library.  If you modify this library, you may extend
034this exception to your version of the library, but you are not
035obligated to do so.  If you do not wish to do so, delete this
036exception statement from your version. */
037
038package javax.rmi.ssl;
039
040import java.io.IOException;
041import javax.net.ssl.SSLServerSocketFactory;
042import javax.net.ssl.SSLServerSocket;
043import java.net.ServerSocket;
044import java.rmi.server.RMIServerSocketFactory;
045
046/**
047 * SslRMIServerSocketFactory
048 *
049 * This class implements an RMIServerSocketFactory for SSL sockets.
050 * it uses the defeult SSLServerSocketFactory.
051 *
052 * @author Sven de Marothy
053 * @since 1.5
054 */
055public class SslRMIServerSocketFactory implements RMIServerSocketFactory
056{
057  private String[] enabledCipherSuites, enabledProtocols;
058  private boolean needClientAuth;
059
060  /**
061   * The SSL ServerSocket factory.
062   */
063  private static SSLServerSocketFactory socketFactory = 
064    (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
065
066  /**
067   * Creates a new SslRMIServerSocketFactory with the default socket
068   * cipher suites and protocols, and without requiring client authorisation.
069   */
070  public SslRMIServerSocketFactory()
071  {
072    enabledCipherSuites = enabledProtocols = null;
073    needClientAuth = false;
074  }
075
076  /**
077   * Creates a new SslRMIServerSocketFactory with a given set of socket
078   * cipher suites and protocols. needClientAuth specifies if client
079   * authorization is required.
080   *
081   * @param enabledCipherSuites - the cypher suites to enable
082   * or <code>null</code> for the defauls.
083   * @param enabledCipherSuites - the protocols to enable, 
084   * or <code>null</code> for the defauls.
085   * @param needClientAuth - specify client authorization requirement.
086   * @throws IllegalArgumentException if any of the ciphers or protocols
087   *  specified are not available.
088   */
089  public SslRMIServerSocketFactory(String[] enabledCipherSuites, 
090                                   String[] enabledProtocols, 
091                                   boolean needClientAuth)
092  {
093    this.enabledCipherSuites = enabledCipherSuites;
094    this.enabledProtocols = enabledProtocols; 
095    this.needClientAuth = needClientAuth;
096    try 
097      {
098        if( enabledProtocols != null || enabledCipherSuites != null )
099          createServerSocket( 0 ); // stupid way to test the parameters  
100      }
101    catch(IOException e)
102      {
103        // Can this happen? FIXME.
104        throw new IllegalArgumentException();
105      }
106  }
107
108  /**
109   * Creates an SSLServerSocket on a given port 
110   *
111   * @throws IOException if an error occurs on socket creation.
112   */
113  public ServerSocket createServerSocket(int port) throws IOException
114  {
115    SSLServerSocket socket = (SSLServerSocket)socketFactory.
116      createServerSocket( port );
117    if( enabledCipherSuites != null )
118      socket.setEnabledCipherSuites( enabledCipherSuites );
119    if( enabledProtocols != null )
120      socket.setEnabledProtocols( enabledProtocols );
121    socket.setNeedClientAuth( needClientAuth );
122    return socket;
123  }
124
125  /**
126   * Compare two SslRMIServerSocketFactor instances
127   */ 
128  public boolean equals(Object obj)
129  {
130    if( !(obj instanceof SslRMIServerSocketFactory) )
131      return false;
132    SslRMIServerSocketFactory s = (SslRMIServerSocketFactory)obj;
133    if( needClientAuth != s.needClientAuth )
134      return false;
135    
136    if(!cmpStrArray(enabledCipherSuites, s.enabledCipherSuites))
137      return false;
138
139    if(!cmpStrArray(enabledProtocols, s.enabledProtocols))
140      return false;
141
142    return true;
143  }
144
145  /**
146   * Compare two string arrays.
147   */
148  static boolean cmpStrArray(String[] a, String[] b)
149  {
150    if( ( a == null || b == null ) && a != b )
151      return false;
152
153    if( a != null )
154      {
155        if( a.length != b.length )
156          return false;
157        for( int i = 0; i < a.length; i++ )
158          if(!a[i].equals(b[i]))
159            return false;
160      }
161
162    return true;
163  }
164
165  /**
166   * Returns the enabled cipher suites, or <code>null</code> 
167   * if the defaults are to be used.
168   * @returns a string array of cipher suite names
169   */
170  public String[] getEnabledCipherSuites()
171  {  
172    if( enabledCipherSuites == null )
173      return null;
174    return (String[])enabledCipherSuites.clone();
175  }
176
177  /**
178   * Returns the enabled protocols, or <code>null</code> if the defaults are
179   * to be used.
180   *
181   * @returns a string array of protocol names
182   */
183  public String[] getEnabledProtocols()
184  {
185    if( enabledProtocols == null )
186      return null;
187    return (String[])enabledProtocols.clone();
188  }
189
190  /**
191   * Returns whether client authorization is needed.
192   */
193  public boolean getNeedClientAuth()
194  {
195    return needClientAuth;
196  }
197
198  /**
199   * Returns the hash code of this object.
200   */
201  public int hashCode()
202  {
203    int hash = 0;
204    if( enabledCipherSuites != null )
205      for(int i = 0; i < enabledCipherSuites.length; i++ )
206        hash = hash ^ enabledCipherSuites[i].hashCode();
207    if( enabledProtocols != null )
208      for(int i = 0; i < enabledProtocols.length; i++ )
209        hash = hash ^ enabledProtocols[i].hashCode();
210    hash = ( needClientAuth ) ? (hash^0xFFFF) : hash;
211    return hash;
212 }
213}