Examples with SNIMatcher - javax.net.ssl.SNIMatcher

Example 1 with SNIMatcher

use of javax.net.ssl.SNIMatcher in project netty by netty.

the class Java8SslUtils method setSNIMatcher.

static void setSNIMatcher(SSLParameters parameters) {
    SNIMatcher matcher = new SNIMatcher(0) {

        @Override
        public boolean matches(SNIServerName sniServerName) {
            return false;
        }
    };
    parameters.setSNIMatchers(Collections.singleton(matcher));
}

Also used : SNIServerName(javax.net.ssl.SNIServerName) SNIMatcher(javax.net.ssl.SNIMatcher)

Example 2 with SNIMatcher

use of javax.net.ssl.SNIMatcher in project jetty.project by eclipse.

the class SniX509ExtendedKeyManager method chooseServerAlias.

protected String chooseServerAlias(String keyType, Principal[] issuers, Collection<SNIMatcher> matchers, SSLSession session) {
    // Look for the aliases that are suitable for the keytype and issuers
    String[] aliases = _delegate.getServerAliases(keyType, issuers);
    if (aliases == null || aliases.length == 0)
        return null;
    // Look for the SNI information.
    String host = null;
    X509 x509 = null;
    if (matchers != null) {
        for (SNIMatcher m : matchers) {
            if (m instanceof SslContextFactory.AliasSNIMatcher) {
                SslContextFactory.AliasSNIMatcher matcher = (SslContextFactory.AliasSNIMatcher) m;
                host = matcher.getHost();
                x509 = matcher.getX509();
                break;
            }
        }
    }
    if (LOG.isDebugEnabled())
        LOG.debug("Matched {} with {} from {}", host, x509, Arrays.asList(aliases));
    // Check if the SNI selected alias is allowable
    if (x509 != null) {
        for (String a : aliases) {
            if (a.equals(x509.getAlias())) {
                session.putValue(SNI_X509, x509);
                return a;
            }
        }
        return null;
    }
    return NO_MATCHERS;
}

Also used : SNIMatcher(javax.net.ssl.SNIMatcher)

Example 3 with SNIMatcher

use of javax.net.ssl.SNIMatcher in project jdk8u_jdk by JetBrains.

the class SSLEchoServer method init.

/*
     * Creates server instance.
     *
     * @param cipherSuiteFilter Filter for enabled cipher suites
     * @param sniMatcherPattern Pattern for SNI server hame
     */
static SSLEchoServer init(String cipherSuiteFilter, String sniPattern) throws NoSuchAlgorithmException, IOException {
    SSLContext context = SSLContext.getDefault();
    SSLServerSocketFactory ssf = (SSLServerSocketFactory) context.getServerSocketFactory();
    SSLServerSocket ssocket = (SSLServerSocket) ssf.createServerSocket(0);
    // specify enabled cipher suites
    if (cipherSuiteFilter != null) {
        String[] ciphersuites = UnboundSSLUtils.filterStringArray(ssf.getSupportedCipherSuites(), cipherSuiteFilter);
        System.out.println("Server: enabled cipher suites: " + Arrays.toString(ciphersuites));
        ssocket.setEnabledCipherSuites(ciphersuites);
    }
    // specify SNI matcher pattern
    if (sniPattern != null) {
        System.out.println("Server: set SNI matcher: " + sniPattern);
        SNIMatcher matcher = SNIHostName.createSNIMatcher(sniPattern);
        List<SNIMatcher> matchers = new ArrayList<>();
        matchers.add(matcher);
        SSLParameters params = ssocket.getSSLParameters();
        params.setSNIMatchers(matchers);
        ssocket.setSSLParameters(params);
    }
    return new SSLEchoServer(ssocket);
}

Also used : SNIMatcher(javax.net.ssl.SNIMatcher) SSLParameters(javax.net.ssl.SSLParameters) ArrayList(java.util.ArrayList) SSLServerSocketFactory(javax.net.ssl.SSLServerSocketFactory) SSLContext(javax.net.ssl.SSLContext) SSLServerSocket(javax.net.ssl.SSLServerSocket)

Aggregations

SNIMatcher (javax.net.ssl.SNIMatcher)3 ArrayList (java.util.ArrayList)1 SNIServerName (javax.net.ssl.SNIServerName)1 SSLContext (javax.net.ssl.SSLContext)1 SSLParameters (javax.net.ssl.SSLParameters)1 SSLServerSocket (javax.net.ssl.SSLServerSocket)1 SSLServerSocketFactory (javax.net.ssl.SSLServerSocketFactory)1