public class UnifiedServerSocket extends ServerSocket
!allowInsecureConnection
mode is needed so we can update the SSLContext (in particular, the
key store and/or trust store) without having to re-create the server socket. By starting with a plaintext socket
and delaying the upgrade to TLS until after a client has connected and begins a handshake, we can keep the same
UnifiedServerSocket instance around, and replace the default SSLContext in the provided X509Util when the key store
and/or trust store file changes on disk.Modifier and Type | Class and Description |
---|---|
static class |
UnifiedServerSocket.UnifiedSocket
The result of calling accept() on a UnifiedServerSocket.
|
Constructor and Description |
---|
UnifiedServerSocket(X509Util x509Util,
boolean allowInsecureConnection)
Creates an unbound unified server socket by calling
ServerSocket() . |
UnifiedServerSocket(X509Util x509Util,
boolean allowInsecureConnection,
int port)
Creates a unified server socket bound to the specified port by calling
ServerSocket(int) . |
UnifiedServerSocket(X509Util x509Util,
boolean allowInsecureConnection,
int port,
int backlog)
Creates a unified server socket bound to the specified port, with the specified backlog, by calling
ServerSocket(int, int) . |
UnifiedServerSocket(X509Util x509Util,
boolean allowInsecureConnection,
int port,
int backlog,
InetAddress bindAddr)
Creates a unified server socket bound to the specified port, with the specified backlog, and local IP address
to bind to, by calling
ServerSocket(int, int, InetAddress) . |
Modifier and Type | Method and Description |
---|---|
Socket |
accept() |
bind, bind, close, getChannel, getInetAddress, getLocalPort, getLocalSocketAddress, getReceiveBufferSize, getReuseAddress, getSoTimeout, implAccept, isBound, isClosed, setPerformancePreferences, setReceiveBufferSize, setReuseAddress, setSocketFactory, setSoTimeout, toString
public UnifiedServerSocket(X509Util x509Util, boolean allowInsecureConnection) throws IOException
ServerSocket()
.
Secure client connections will be upgraded to TLS once this socket detects the ClientHello message (start of a
TLS handshake). Plaintext client connections will either be accepted or rejected depending on the value of
the allowInsecureConnection
parameter.x509Util
- the X509Util that provides the SSLContext to use for secure connections.allowInsecureConnection
- if true, accept plaintext connections, otherwise close them.IOException
- if ServerSocket()
throws.public UnifiedServerSocket(X509Util x509Util, boolean allowInsecureConnection, int port) throws IOException
ServerSocket(int)
.
Secure client connections will be upgraded to TLS once this socket detects the ClientHello message (start of a
TLS handshake). Plaintext client connections will either be accepted or rejected depending on the value of
the allowInsecureConnection
parameter.x509Util
- the X509Util that provides the SSLContext to use for secure connections.allowInsecureConnection
- if true, accept plaintext connections, otherwise close them.port
- the port number, or 0
to use a port number that is automatically allocated.IOException
- if ServerSocket(int)
throws.public UnifiedServerSocket(X509Util x509Util, boolean allowInsecureConnection, int port, int backlog) throws IOException
ServerSocket(int, int)
.
Secure client connections will be upgraded to TLS once this socket detects the ClientHello message (start of a
TLS handshake). Plaintext client connections will either be accepted or rejected depending on the value of
the allowInsecureConnection
parameter.x509Util
- the X509Util that provides the SSLContext to use for secure connections.allowInsecureConnection
- if true, accept plaintext connections, otherwise close them.port
- the port number, or 0
to use a port number that is automatically allocated.backlog
- requested maximum length of the queue of incoming connections.IOException
- if ServerSocket(int, int)
throws.public UnifiedServerSocket(X509Util x509Util, boolean allowInsecureConnection, int port, int backlog, InetAddress bindAddr) throws IOException
ServerSocket(int, int, InetAddress)
.
Secure client connections will be upgraded to TLS once this socket detects the ClientHello message (start of a
TLS handshake). Plaintext client connections will either be accepted or rejected depending on the value of
the allowInsecureConnection
parameter.x509Util
- the X509Util that provides the SSLContext to use for secure connections.allowInsecureConnection
- if true, accept plaintext connections, otherwise close them.port
- the port number, or 0
to use a port number that is automatically allocated.backlog
- requested maximum length of the queue of incoming connections.bindAddr
- the local InetAddress the server will bind to.IOException
- if ServerSocket(int, int, InetAddress)
throws.public Socket accept() throws IOException
accept
in class ServerSocket
IOException
Copyright © 2008–2021 The Apache Software Foundation. All rights reserved.