001/* 002 * SonarQube 003 * Copyright (C) 2009-2016 SonarSource SA 004 * mailto:contact AT sonarsource DOT com 005 * 006 * This program is free software; you can redistribute it and/or 007 * modify it under the terms of the GNU Lesser General Public 008 * License as published by the Free Software Foundation; either 009 * version 3 of the License, or (at your option) any later version. 010 * 011 * This program is distributed in the hope that it will be useful, 012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014 * Lesser General Public License for more details. 015 * 016 * You should have received a copy of the GNU Lesser General Public License 017 * along with this program; if not, write to the Free Software Foundation, 018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 019 */ 020package org.sonarqube.ws.client; 021 022import com.google.common.annotations.VisibleForTesting; 023import java.io.IOException; 024import java.net.InetAddress; 025import java.net.Socket; 026import javax.net.ssl.SSLSocket; 027import javax.net.ssl.SSLSocketFactory; 028 029/** 030 * {@link SSLSocketFactory} which enables all the versions of TLS. This is required 031 * to support TLSv1.2 on Java 7. Note that Java 8 supports TLSv1.2 natively, without 032 * any configuration 033 */ 034public class Tls12Java7SocketFactory extends SSLSocketFactory { 035 036 @VisibleForTesting 037 static final String[] TLS_PROTOCOLS = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"}; 038 039 private final SSLSocketFactory delegate; 040 041 public Tls12Java7SocketFactory(SSLSocketFactory delegate) { 042 this.delegate = delegate; 043 } 044 045 @Override 046 public String[] getDefaultCipherSuites() { 047 return delegate.getDefaultCipherSuites(); 048 } 049 050 @Override 051 public String[] getSupportedCipherSuites() { 052 return delegate.getSupportedCipherSuites(); 053 } 054 055 @Override 056 public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException { 057 Socket underlyingSocket = delegate.createSocket(socket, host, port, autoClose); 058 return overrideProtocol(underlyingSocket); 059 } 060 061 @Override 062 public Socket createSocket(String host, int port) throws IOException { 063 Socket underlyingSocket = delegate.createSocket(host, port); 064 return overrideProtocol(underlyingSocket); 065 } 066 067 @Override 068 public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException { 069 Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort); 070 return overrideProtocol(underlyingSocket); 071 } 072 073 @Override 074 public Socket createSocket(InetAddress host, int port) throws IOException { 075 Socket underlyingSocket = delegate.createSocket(host, port); 076 return overrideProtocol(underlyingSocket); 077 } 078 079 @Override 080 public Socket createSocket(InetAddress host, int port, InetAddress localAddress, int localPort) throws IOException { 081 Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort); 082 return overrideProtocol(underlyingSocket); 083 } 084 085 /** 086 * Enables TLS v1.0, 1.1 and 1.2 on the socket 087 */ 088 private static Socket overrideProtocol(Socket socket) { 089 if (socket instanceof SSLSocket) { 090 ((SSLSocket) socket).setEnabledProtocols(TLS_PROTOCOLS); 091 } 092 return socket; 093 } 094}