| 1 | /* |
| 2 | Copyright (C) 2002-2004 MySQL AB |
| 3 | |
| 4 | This program is free software; you can redistribute it and/or modify |
| 5 | it under the terms of version 2 of the GNU General Public License as |
| 6 | published by the Free Software Foundation. |
| 7 | |
| 8 | There are special exceptions to the terms and conditions of the GPL |
| 9 | as it is applied to this software. View the full text of the |
| 10 | exception in file EXCEPTIONS-CONNECTOR-J in the directory of this |
| 11 | software distribution. |
| 12 | |
| 13 | This program is distributed in the hope that it will be useful, |
| 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | GNU General Public License for more details. |
| 17 | |
| 18 | You should have received a copy of the GNU General Public License |
| 19 | along with this program; if not, write to the Free Software |
| 20 | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| 21 | |
| 22 | |
| 23 | |
| 24 | */ |
| 25 | package com.mysql.jdbc; |
| 26 | |
| 27 | import java.io.BufferedInputStream; |
| 28 | import java.io.BufferedOutputStream; |
| 29 | import java.io.IOException; |
| 30 | |
| 31 | /** |
| 32 | * Holds functionality that falls under export-control regulations. |
| 33 | * |
| 34 | * @author Mark Matthews |
| 35 | * |
| 36 | * @version $Id: ExportControlled.java,v 1.1.2.1 2005/05/13 18:58:38 mmatthews |
| 37 | * Exp $ |
| 38 | */ |
| 39 | public class ExportControlled { |
| 40 | protected static boolean enabled() { |
| 41 | // we may wish to un-static-ify this class |
| 42 | // this static method call may be removed entirely by the compiler |
| 43 | return true; |
| 44 | } |
| 45 | |
| 46 | /** |
| 47 | * Converts the socket being used in the given MysqlIO to an SSLSocket by |
| 48 | * performing the SSL/TLS handshake. |
| 49 | * |
| 50 | * @param mysqlIO |
| 51 | * the MysqlIO instance containing the socket to convert to an |
| 52 | * SSLSocket. |
| 53 | * |
| 54 | * @throws CommunicationsException |
| 55 | * if the handshake fails, or if this distribution of |
| 56 | * Connector/J doesn't contain the SSL crytpo hooks needed to |
| 57 | * perform the handshake. |
| 58 | */ |
| 59 | protected static void transformSocketToSSLSocket(MysqlIO mysqlIO) |
| 60 | throws CommunicationsException { |
| 61 | javax.net.ssl.SSLSocketFactory sslFact = (javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory |
| 62 | .getDefault(); |
| 63 | |
| 64 | try { |
| 65 | mysqlIO.mysqlConnection = sslFact.createSocket( |
| 66 | mysqlIO.mysqlConnection, mysqlIO.host, mysqlIO.port, true); |
| 67 | |
| 68 | // need to force TLSv1, or else JSSE tries to do a SSLv2 handshake |
| 69 | // which MySQL doesn't understand |
| 70 | ((javax.net.ssl.SSLSocket) mysqlIO.mysqlConnection) |
| 71 | .setEnabledProtocols(new String[] { "TLSv1" }); //$NON-NLS-1$ |
| 72 | ((javax.net.ssl.SSLSocket) mysqlIO.mysqlConnection) |
| 73 | .startHandshake(); |
| 74 | |
| 75 | if (mysqlIO.connection.getUseUnbufferedInput()) { |
| 76 | mysqlIO.mysqlInput = mysqlIO.mysqlConnection.getInputStream(); |
| 77 | } else { |
| 78 | mysqlIO.mysqlInput = new BufferedInputStream( |
| 79 | mysqlIO.mysqlConnection.getInputStream(), 16384); |
| 80 | } |
| 81 | |
| 82 | mysqlIO.mysqlOutput = new BufferedOutputStream( |
| 83 | mysqlIO.mysqlConnection.getOutputStream(), 16384); |
| 84 | |
| 85 | mysqlIO.mysqlOutput.flush(); |
| 86 | } catch (IOException ioEx) { |
| 87 | throw new CommunicationsException(mysqlIO.connection, |
| 88 | mysqlIO.lastPacketSentTimeMs, ioEx); |
| 89 | } |
| 90 | } |
| 91 | |
| 92 | private ExportControlled() { /* prevent instantiation */ |
| 93 | } |
| 94 | } |