org.apache.hadoop.security.ssl
Class SslSocketConnectorSecure

java.lang.Object
  org.mortbay.component.AbstractLifeCycle
      org.mortbay.jetty.AbstractBuffers
          org.mortbay.jetty.AbstractConnector
              org.mortbay.jetty.bio.SocketConnector
                  org.mortbay.jetty.security.SslSocketConnector
                      org.apache.hadoop.security.ssl.SslSocketConnectorSecure

All Implemented Interfaces:

org.mortbay.component.LifeCycle, org.mortbay.io.Buffers, org.mortbay.jetty.Connector

public class SslSocketConnectorSecure
extends org.mortbay.jetty.security.SslSocketConnector

This subclass of the Jetty SslSocketConnector exists solely to control the TLS protocol versions allowed. This is fallout from the POODLE vulnerability (CVE-2014-3566), which requires that SSLv3 be disabled. Only TLS 1.0 and later protocols are allowed.

Nested Class Summary

Nested classes/interfaces inherited from class org.mortbay.jetty.security.SslSocketConnector

org.mortbay.jetty.security.SslSocketConnector.SslConnection

Nested classes/interfaces inherited from class org.mortbay.jetty.bio.SocketConnector

org.mortbay.jetty.bio.SocketConnector.Connection

Nested classes/interfaces inherited from class org.mortbay.jetty.AbstractBuffers

org.mortbay.jetty.AbstractBuffers.ThreadBuffers

Nested classes/interfaces inherited from interface org.mortbay.component.LifeCycle

org.mortbay.component.LifeCycle.Listener

Field Summary

Fields inherited from class org.mortbay.jetty.security.SslSocketConnector

DEFAULT_KEYSTORE, KEYPASSWORD_PROPERTY, PASSWORD_PROPERTY

Fields inherited from class org.mortbay.jetty.bio.SocketConnector

_connections, _serverSocket

Fields inherited from class org.mortbay.jetty.AbstractConnector

_lowResourceMaxIdleTime, _maxIdleTime, _soLingerTime

Fields inherited from class org.mortbay.component.AbstractLifeCycle

_listeners

Constructor Summary

SslSocketConnectorSecure()

Method Summary

protected ServerSocket

newServerSocket(String host, int port, int backlog) Create a new ServerSocket that will not accept SSLv3 connections, but will accept TLSv1.x connections.

Methods inherited from class org.mortbay.jetty.security.SslSocketConnector

accept, configure, createFactory, customize, getExcludeCipherSuites, getHandshakeTimeout, getKeystore, getKeystoreType, getNeedClientAuth, getProtocol, getProvider, getSecureRandomAlgorithm, getSslKeyManagerFactoryAlgorithm, getSslTrustManagerFactoryAlgorithm, getTruststore, getTruststoreType, getWantClientAuth, isAllowRenegotiate, isConfidential, isIntegral, setAllowRenegotiate, setExcludeCipherSuites, setHandshakeTimeout, setKeyPassword, setKeystore, setKeystoreType, setNeedClientAuth, setPassword, setProtocol, setProvider, setSecureRandomAlgorithm, setSslKeyManagerFactoryAlgorithm, setSslTrustManagerFactoryAlgorithm, setTrustPassword, setTruststore, setTruststoreType, setWantClientAuth

Methods inherited from class org.mortbay.jetty.bio.SocketConnector

close, doStart, doStop, getConnection, getLocalPort, newBuffer, newHttpConnection, open

Methods inherited from class org.mortbay.jetty.AbstractConnector

checkForwardedHeaders, connectionClosed, connectionOpened, getAcceptorPriorityOffset, getAcceptors, getAcceptQueueSize, getConfidentialPort, getConfidentialScheme, getConnections, getConnectionsDurationAve, getConnectionsDurationMax, getConnectionsDurationMin, getConnectionsDurationTotal, getConnectionsOpen, getConnectionsOpenMax, getConnectionsOpenMin, getConnectionsRequestsAve, getConnectionsRequestsMax, getConnectionsRequestsMin, getForwardedForHeader, getForwardedHostHeader, getForwardedServerHeader, getHost, getHostHeader, getIntegralPort, getIntegralScheme, getLeftMostValue, getLowResourceMaxIdleTime, getMaxIdleTime, getName, getPort, getRequests, getResolveNames, getReuseAddress, getServer, getSoLingerTime, getStatsOn, getStatsOnMs, getThreadPool, isForwarded, join, newContinuation, persist, setAcceptorPriorityOffset, setAcceptors, setAcceptQueueSize, setConfidentialPort, setConfidentialScheme, setForwarded, setForwardedForHeader, setForwardedHostHeader, setForwardedServerHeader, setHost, setHostHeader, setIntegralPort, setIntegralScheme, setLowResourceMaxIdleTime, setMaxIdleTime, setName, setPort, setResolveNames, setReuseAddress, setServer, setSoLingerTime, setStatsOn, setThreadPool, statsReset, stopAccept, toString

Methods inherited from class org.mortbay.jetty.AbstractBuffers

getBuffer, getHeaderBufferSize, getRequestBufferSize, getResponseBufferSize, returnBuffer, setHeaderBufferSize, setRequestBufferSize, setResponseBufferSize

Methods inherited from class org.mortbay.component.AbstractLifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.mortbay.jetty.Connector

getHeaderBufferSize, getRequestBufferSize, getResponseBufferSize, setHeaderBufferSize, setRequestBufferSize, setResponseBufferSize

Methods inherited from interface org.mortbay.component.LifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Methods inherited from interface org.mortbay.io.Buffers

getBuffer, returnBuffer

Constructor Detail

SslSocketConnectorSecure

public SslSocketConnectorSecure()

Method Detail

newServerSocket

protected ServerSocket newServerSocket(String host,
                                       int port,
                                       int backlog)
                                throws IOException

Create a new ServerSocket that will not accept SSLv3 connections, but will accept TLSv1.x connections.

Overrides:

newServerSocket in class org.mortbay.jetty.security.SslSocketConnector

Throws:

IOException