Package org.apache.hadoop.security.ssl
Class DelegatingSSLSocketFactory
java.lang.Object
javax.net.SocketFactory
javax.net.ssl.SSLSocketFactory
org.apache.hadoop.security.ssl.DelegatingSSLSocketFactory
A
SSLSocketFactory that can delegate to various SSL implementations.
Specifically, either OpenSSL or JSSE can be used. OpenSSL offers better
performance than JSSE and is made available via the
wildlfy-openssl
library.
The factory has several different modes of operation:
- OpenSSL: Uses the wildly-openssl library to delegate to the system installed OpenSSL. If the wildfly-openssl integration is not properly setup, an exception is thrown.
- Default: Attempts to use the OpenSSL mode, if it cannot load the necessary libraries, it falls back to the Default_JSEE mode.
- Default_JSSE: Delegates to the JSSE implementation of SSL, but it disables the GCM cipher when running on Java 8.
- Default_JSSE_with_GCM: Delegates to the JSSE implementation of SSL with no modification to the list of enabled ciphers.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumDefault indicates Ordered, preferred OpenSSL, if failed to load then fall back to Default_JSSE. -
Method Summary
Modifier and TypeMethodDescriptioncreateSocket(String host, int port) createSocket(String host, int port, InetAddress localHost, int localPort) createSocket(InetAddress host, int port) createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) createSocket(Socket s, String host, int port, boolean autoClose) Get the channel mode of this instance.String[]static DelegatingSSLSocketFactorySingleton instance of the SSLSocketFactory.String[]static voidInitialize a singleton SSL socket factory.static voidFor testing only: reset the socket factory.Methods inherited from class javax.net.ssl.SSLSocketFactory
createSocket, getDefault
-
Method Details
-
initializeDefaultFactory
public static void initializeDefaultFactory(DelegatingSSLSocketFactory.SSLChannelMode preferredMode) throws IOException Initialize a singleton SSL socket factory.- Parameters:
preferredMode- applicable only if the instance is not initialized.- Throws:
IOException- if an error occurs.
-
resetDefaultFactory
@VisibleForTesting public static void resetDefaultFactory()For testing only: reset the socket factory. -
getDefaultFactory
Singleton instance of the SSLSocketFactory. SSLSocketFactory must be initialized with appropriate SSLChannelMode using initializeDefaultFactory method.- Returns:
- instance of the SSLSocketFactory, instance must be initialized by initializeDefaultFactory.
-
getProviderName
-
getDefaultCipherSuites
- Specified by:
getDefaultCipherSuitesin classSSLSocketFactory
-
getSupportedCipherSuites
- Specified by:
getSupportedCipherSuitesin classSSLSocketFactory
-
getChannelMode
Get the channel mode of this instance.- Returns:
- a channel mode.
-
createSocket
- Overrides:
createSocketin classSocketFactory- Throws:
IOException
-
createSocket
- Specified by:
createSocketin classSSLSocketFactory- Throws:
IOException
-
createSocket
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException - Specified by:
createSocketin classSocketFactory- Throws:
IOException
-
createSocket
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException - Specified by:
createSocketin classSocketFactory- Throws:
IOException
-
createSocket
- Specified by:
createSocketin classSocketFactory- Throws:
IOException
-
createSocket
- Specified by:
createSocketin classSocketFactory- Throws:
IOException
-