1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
4  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5  *
6  * This code is free software; you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License version 2 only, as
8  * published by the Free Software Foundation.  Oracle designates this
9  * particular file as subject to the "Classpath" exception as provided
10  * by Oracle in the LICENSE file that accompanied this code.
11  *
12  * This code is distributed in the hope that it will be useful, but WITHOUT
13  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15  * version 2 for more details (a copy is included in the LICENSE file that
16  * accompanied this code).
17  *
18  * You should have received a copy of the GNU General Public License version
19  * 2 along with this work; if not, write to the Free Software Foundation,
20  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
21  *
22  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
23  * or visit www.oracle.com if you need additional information or have any
24  * questions.
25  */
26 
27 
28 package javax.net.ssl;
29 
30 import java.io.IOException;
31 import java.net.InetAddress;
32 import java.net.ServerSocket;
33 import java.net.SocketException;
34 import javax.net.ServerSocketFactory;
35 import java.security.*;
36 
37 /**
38  * <code>SSLServerSocketFactory</code>s create
39  * <code>SSLServerSocket</code>s.
40  *
41  * @since 1.4
42  * @see SSLSocket
43  * @see SSLServerSocket
44  * @author David Brownell
45  */
46 public abstract class SSLServerSocketFactory extends ServerSocketFactory
47 {
48     private static SSLServerSocketFactory defaultServerSocketFactory;
49 
50     private static int lastVersion = -1;
51 
log(String msg)52     private static void log(String msg) {
53         if (SSLSocketFactory.DEBUG) {
54             System.out.println(msg);
55         }
56     }
57 
58     /**
59      * Constructor is used only by subclasses.
60      */
SSLServerSocketFactory()61     protected SSLServerSocketFactory() { /* NOTHING */ }
62 
63     /**
64      * Returns the default SSL server socket factory.
65      *
66      * <p>The first time this method is called, the security property
67      * "ssl.ServerSocketFactory.provider" is examined. If it is non-null, a
68      * class by that name is loaded and instantiated. If that is successful and
69      * the object is an instance of SSLServerSocketFactory, it is made the
70      * default SSL server socket factory.
71      *
72      * <p>Otherwise, this method returns
73      * <code>SSLContext.getDefault().getServerSocketFactory()</code>. If that
74      * call fails, an inoperative factory is returned.
75      *
76      * @return the default <code>ServerSocketFactory</code>
77      * @see SSLContext#getDefault
78      */
getDefault()79     public static synchronized ServerSocketFactory getDefault() {
80         // Android-changed: Use security version instead of propertyChecked.
81         //
82         // We use the same lookup logic in SSLSocketFactory.getDefault(). Any changes
83         // made here must be mirrored in that class.
84         if (defaultServerSocketFactory != null && lastVersion == Security.getVersion()) {
85             return defaultServerSocketFactory;
86         }
87 
88         lastVersion = Security.getVersion();
89         SSLServerSocketFactory previousDefaultServerSocketFactory = defaultServerSocketFactory;
90         defaultServerSocketFactory = null;
91 
92         String clsName = SSLSocketFactory.getSecurityProperty
93                 ("ssl.ServerSocketFactory.provider");
94         if (clsName != null) {
95             // The instance for the default socket factory is checked for updates quite
96             // often (for instance, every time a security provider is added). Which leads
97             // to unnecessary overload and excessive error messages in case of class-loading
98             // errors. Avoid creating a new object if the class name is the same as before.
99             if (previousDefaultServerSocketFactory != null
100                     && clsName.equals(previousDefaultServerSocketFactory.getClass().getName())) {
101                 defaultServerSocketFactory = previousDefaultServerSocketFactory;
102                 return defaultServerSocketFactory;
103             }
104             Class cls = null;
105             log("setting up default SSLServerSocketFactory");
106             try {
107                 log("setting up default SSLServerSocketFactory");
108                 try {
109                     cls = Class.forName(clsName);
110                 } catch (ClassNotFoundException e) {
111                     // Android-changed; Try the contextClassLoader first.
112                     ClassLoader cl = Thread.currentThread().getContextClassLoader();
113                     if (cl == null) {
114                         cl = ClassLoader.getSystemClassLoader();
115                     }
116 
117                     if (cl != null) {
118                         cls = Class.forName(clsName, true, cl);
119                     }
120                 }
121                 log("class " + clsName + " is loaded");
122                 SSLServerSocketFactory fac = (SSLServerSocketFactory) cls.newInstance();
123                 log("instantiated an instance of class " + clsName);
124                 defaultServerSocketFactory = fac;
125                 if (defaultServerSocketFactory != null) {
126                     return defaultServerSocketFactory;
127                 }
128             } catch (Exception e) {
129                 log("SSLServerSocketFactory instantiation failed: " + e);
130                 // Android-changed: Fallback to the default SSLContext if an exception
131                 // is thrown during the initialization of ssl.ServerSocketFactory.provider.
132             }
133         }
134 
135         try {
136             SSLContext context = SSLContext.getDefault();
137             if (context != null) {
138                 defaultServerSocketFactory = context.getServerSocketFactory();
139             }
140         } catch (NoSuchAlgorithmException e) {
141         }
142 
143         if (defaultServerSocketFactory == null) {
144             defaultServerSocketFactory = new DefaultSSLServerSocketFactory(
145                     new IllegalStateException("No ServerSocketFactory implementation found"));
146         }
147 
148         return defaultServerSocketFactory;
149     }
150 
151     /**
152      * Returns the list of cipher suites which are enabled by default.
153      * Unless a different list is enabled, handshaking on an SSL connection
154      * will use one of these cipher suites.  The minimum quality of service
155      * for these defaults requires confidentiality protection and server
156      * authentication (that is, no anonymous cipher suites).
157      *
158      * @see #getSupportedCipherSuites()
159      * @return array of the cipher suites enabled by default
160      */
getDefaultCipherSuites()161     public abstract String [] getDefaultCipherSuites();
162 
163 
164     /**
165      * Returns the names of the cipher suites which could be enabled for use
166      * on an SSL connection created by this factory.
167      * Normally, only a subset of these will actually
168      * be enabled by default, since this list may include cipher suites which
169      * do not meet quality of service requirements for those defaults.  Such
170      * cipher suites are useful in specialized applications.
171      *
172      * @return an array of cipher suite names
173      * @see #getDefaultCipherSuites()
174      */
getSupportedCipherSuites()175     public abstract String [] getSupportedCipherSuites();
176 }
177 
178 
179 //
180 // The default factory does NOTHING.
181 //
182 class DefaultSSLServerSocketFactory extends SSLServerSocketFactory {
183 
184     private final Exception reason;
185 
DefaultSSLServerSocketFactory(Exception reason)186     DefaultSSLServerSocketFactory(Exception reason) {
187         this.reason = reason;
188     }
189 
throwException()190     private ServerSocket throwException() throws SocketException {
191         throw (SocketException)
192             new SocketException(reason.toString()).initCause(reason);
193     }
194 
195     @Override
createServerSocket()196     public ServerSocket createServerSocket() throws IOException {
197         return throwException();
198     }
199 
200 
201     @Override
createServerSocket(int port)202     public ServerSocket createServerSocket(int port)
203     throws IOException
204     {
205         return throwException();
206     }
207 
208     @Override
createServerSocket(int port, int backlog)209     public ServerSocket createServerSocket(int port, int backlog)
210     throws IOException
211     {
212         return throwException();
213     }
214 
215     @Override
216     public ServerSocket
createServerSocket(int port, int backlog, InetAddress ifAddress)217     createServerSocket(int port, int backlog, InetAddress ifAddress)
218     throws IOException
219     {
220         return throwException();
221     }
222 
223     @Override
getDefaultCipherSuites()224     public String [] getDefaultCipherSuites() {
225         return new String[0];
226     }
227 
228     @Override
getSupportedCipherSuites()229     public String [] getSupportedCipherSuites() {
230         return new String[0];
231     }
232 }
233