PageRenderTime 282ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/VeyoHealth/dcm4che-2.0.27/dcm4che-net/src/main/java/org/dcm4che2/net/NetworkConnection.java

https://bitbucket.org/masoudn/veyohealth
Java | 801 lines | 380 code | 102 blank | 319 comment | 71 complexity | 58b69f29f4e31167649e4cfd9584460e MD5 | raw file
  1. /* ***** BEGIN LICENSE BLOCK *****
  2. * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3. *
  4. * The contents of this file are subject to the Mozilla Public License Version
  5. * 1.1 (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. * http://www.mozilla.org/MPL/
  8. *
  9. * Software distributed under the License is distributed on an "AS IS" basis,
  10. * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11. * for the specific language governing rights and limitations under the
  12. * License.
  13. *
  14. * The Original Code is part of dcm4che, an implementation of DICOM(TM) in
  15. * Java(TM), hosted at http://sourceforge.net/projects/dcm4che.
  16. *
  17. * The Initial Developer of the Original Code is
  18. * Gunter Zeilinger, Huetteldorferstr. 24/10, 1150 Vienna/Austria/Europe.
  19. * Portions created by the Initial Developer are Copyright (C) 2002-2005
  20. * the Initial Developer. All Rights Reserved.
  21. *
  22. * Contributor(s):
  23. * Gunter Zeilinger <gunterze@gmail.com>
  24. * Damien Evans <damien.daddy@gmail.com>
  25. *
  26. * Alternatively, the contents of this file may be used under the terms of
  27. * either the GNU General Public License Version 2 or later (the "GPL"), or
  28. * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  29. * in which case the provisions of the GPL or the LGPL are applicable instead
  30. * of those above. If you wish to allow use of your version of this file only
  31. * under the terms of either the GPL or the LGPL, and not to allow others to
  32. * use your version of this file under the terms of the MPL, indicate your
  33. * decision by deleting the provisions above and replace them with the notice
  34. * and other provisions required by the GPL or the LGPL. If you do not delete
  35. * the provisions above, a recipient may use your version of this file under
  36. * the terms of any one of the MPL, the GPL or the LGPL.
  37. *
  38. * ***** END LICENSE BLOCK ***** */
  39. package org.dcm4che2.net;
  40. import java.io.IOException;
  41. import java.net.InetAddress;
  42. import java.net.InetSocketAddress;
  43. import java.net.ServerSocket;
  44. import java.net.Socket;
  45. import java.net.SocketAddress;
  46. import java.net.SocketException;
  47. import java.net.UnknownHostException;
  48. import java.util.Arrays;
  49. import java.util.List;
  50. import java.util.concurrent.Executor;
  51. import java.util.concurrent.atomic.AtomicInteger;
  52. import javax.net.ssl.SSLContext;
  53. import javax.net.ssl.SSLServerSocket;
  54. import javax.net.ssl.SSLServerSocketFactory;
  55. import javax.net.ssl.SSLSocket;
  56. import javax.net.ssl.SSLSocketFactory;
  57. import org.slf4j.Logger;
  58. import org.slf4j.LoggerFactory;
  59. /**
  60. * A DICOM Part 15, Annex H compliant class, <code>NetworkConnection</code>
  61. * encapsulates the properties associated with a connection to a TCP/IP network.
  62. * <p>
  63. * The <i>network connection</i> describes one TCP port on one network device.
  64. * This can be used for a TCP connection over which a DICOM association can be
  65. * negotiated with one or more Network AEs. It specifies 8 the hostname and TCP
  66. * port number. A network connection may support multiple Network AEs. The
  67. * Network AE selection takes place during association negotiation based on the
  68. * called and calling AE-titles.
  69. *
  70. * @author gunter zeilinger(gunterze@gmail.com)
  71. * @version $Revision: 16079 $ $Date: 2008-04-01 05:03:40 -0500 (Tue, 01 Apr
  72. * 2008) $
  73. * @since Nov 24, 2005
  74. */
  75. public class NetworkConnection {
  76. static Logger log = LoggerFactory.getLogger(NetworkConnection.class);
  77. public static final int DEFAULT = 0;
  78. public static final int ONLY_ACTIVE = -1;
  79. private static final String[] TLS_NULL = { "SSL_RSA_WITH_NULL_SHA" };
  80. private static final String[] TLS_3DES_EDE_CBC = { "SSL_RSA_WITH_3DES_EDE_CBC_SHA" };
  81. private static final String[] TLS_AES_128_CBC = {
  82. "TLS_RSA_WITH_AES_128_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA" };
  83. private static String[] TLS_WO_SSLv2 = { "TLSv1", "SSLv3" };
  84. private static String[] TLS_AND_SSLv2 = { "TLSv1", "SSLv3", "SSLv2Hello" };
  85. private String commonName;
  86. private String hostname;
  87. private int port = ONLY_ACTIVE;
  88. private String[] tlsCipherSuite = {};
  89. private Boolean installed;
  90. private int backlog = 50;
  91. private int connectTimeout = 5000;
  92. private int requestTimeout = 5000;
  93. private int acceptTimeout = 5000;
  94. private int releaseTimeout = 5000;
  95. private int socketCloseDelay = 50;
  96. private int sendBufferSize = DEFAULT;
  97. private int receiveBufferSize = DEFAULT;
  98. private boolean tcpNoDelay = true;
  99. private boolean tlsNeedClientAuth = true;
  100. private String[] tlsProtocol = TLS_AND_SSLv2;
  101. private Device device;
  102. protected ServerSocket server;
  103. // Limiting factors
  104. private List<String> excludeConnectionsFrom;
  105. private int maxScpAssociations = 50;
  106. private AtomicInteger associationCount = new AtomicInteger();
  107. private InetAddress addr;
  108. private InetAddress addr() throws UnknownHostException {
  109. if (addr == null && hostname != null)
  110. addr = InetAddress.getByName(hostname);
  111. return addr;
  112. }
  113. /**
  114. * @see java.lang.Object#toString()
  115. */
  116. @Override
  117. public String toString() {
  118. StringBuffer sb = new StringBuffer("NetworkConnection[");
  119. sb.append(hostname).append(':').append(port);
  120. if (tlsCipherSuite.length != 0)
  121. sb.append(", TLS").append(Arrays.asList(tlsCipherSuite));
  122. if (installed != null)
  123. sb.append(", installed=").append(installed);
  124. if (commonName != null)
  125. sb.append(", cn=").append(commonName);
  126. sb.append(']');
  127. return sb.toString();
  128. }
  129. /**
  130. * Get the <code>Device</code> object that this Network Connection belongs
  131. * to.
  132. *
  133. * @return Device
  134. */
  135. public Device getDevice() {
  136. return device;
  137. }
  138. /**
  139. * Set the <code>Device</code> object that this Network Connection belongs
  140. * to.
  141. *
  142. * @param device
  143. * The owning <code>Device</code> object.
  144. */
  145. void setDevice(Device device) {
  146. this.device = device;
  147. }
  148. /**
  149. * This is the DNS name for this particular connection. This is used to
  150. * obtain the current IP address for connections. Hostname must be
  151. * sufficiently qualified to be unambiguous for any client DNS user.
  152. *
  153. * @return A String containing the host name.
  154. */
  155. public String getHostname() {
  156. return hostname;
  157. }
  158. /**
  159. * This is the DNS name for this particular connection. This is used to
  160. * obtain the current IP address for connections. Hostname must be
  161. * sufficiently qualified to be unambiguous for any client DNS user.
  162. *
  163. * @param hostname
  164. * A String containing the host name.
  165. */
  166. public void setHostname(String hostname) {
  167. if (hostname == null || !hostname.equals(this.hostname))
  168. addr = null;
  169. this.hostname = hostname;
  170. }
  171. /**
  172. * An arbitrary name for the Network Connections object. Can be a meaningful
  173. * name or any unique sequence of characters.
  174. *
  175. * @return A String containing the name.
  176. */
  177. public String getCommonName() {
  178. return commonName;
  179. }
  180. /**
  181. * An arbitrary name for the Network Connections object. Can be a meaningful
  182. * name or any unique sequence of characters.
  183. *
  184. * @param name
  185. * A String containing the name.
  186. */
  187. public void setCommonName(String name) {
  188. this.commonName = name;
  189. }
  190. /**
  191. * The TCP port that the AE is listening on. (This may be missing for a
  192. * network connection that only initiates associations.)
  193. *
  194. * @return An int containing the port number.
  195. */
  196. public int getPort() {
  197. return port;
  198. }
  199. /**
  200. * The TCP port that the AE is listening on.
  201. *
  202. * A valid port value is between 0 and 65535, or {@link #ONLY_ACTIVE} for
  203. * network connection that only initiates associations.
  204. *
  205. * A port number of <code>zero</code> will let the system pick up an
  206. * ephemeral port.
  207. *
  208. * @param port
  209. * The port number
  210. */
  211. public void setPort(int port) {
  212. if (port < ONLY_ACTIVE || port > 0xFFFF) {
  213. throw new IllegalArgumentException("port out of range:" + port);
  214. }
  215. this.port = port;
  216. }
  217. /**
  218. * The TLS CipherSuites that are supported on this particular connection.
  219. * TLS CipherSuites shall be described using an RFC-2246 string
  220. * representation (e.g. 'SSL_RSA_WITH_3DES_EDE_CBC_SHA')
  221. *
  222. * @return A String array containing the supported cipher suites
  223. */
  224. public String[] getTlsCipherSuite() {
  225. return tlsCipherSuite.clone();
  226. }
  227. /**
  228. * The TLS CipherSuites that are supported on this particular connection.
  229. * TLS CipherSuites shall be described using an RFC-2246 string
  230. * representation (e.g. 'SSL_RSA_WITH_3DES_EDE_CBC_SHA')
  231. *
  232. * @param tlsCipherSuite
  233. * A String array containing the supported cipher suites
  234. */
  235. public void setTlsCipherSuite(String[] tlsCipherSuite) {
  236. checkNotNull("tlsCipherSuite", tlsCipherSuite);
  237. this.tlsCipherSuite = tlsCipherSuite.clone();
  238. }
  239. private static void checkNotNull(String name, Object[] a) {
  240. if (a == null)
  241. throw new NullPointerException(name);
  242. for (int i = 0; i < a.length; i++)
  243. if (a[i] == null)
  244. throw new NullPointerException(name + '[' + i + ']');
  245. }
  246. public void setTlsWithoutEncyrption() {
  247. this.tlsCipherSuite = TLS_NULL;
  248. }
  249. public void setTls3DES_EDE_CBC() {
  250. this.tlsCipherSuite = TLS_3DES_EDE_CBC;
  251. }
  252. public void setTlsAES_128_CBC() {
  253. this.tlsCipherSuite = TLS_AES_128_CBC;
  254. }
  255. /**
  256. * True if the Network Connection is installed on the network. If not
  257. * present, information about the installed status of the Network Connection
  258. * is inherited from the device.
  259. *
  260. * @return boolean True if the NetworkConnection is installed on the
  261. * network.
  262. */
  263. public boolean isInstalled() {
  264. return installed != null ? installed.booleanValue() : device == null
  265. || device.isInstalled();
  266. }
  267. /**
  268. * True if the Network Connection is installed on the network. If not
  269. * present, information about the installed status of the Network Connection
  270. * is inherited from the device.
  271. *
  272. * @param installed
  273. * True if the NetworkConnection is installed on the network.
  274. */
  275. public void setInstalled(boolean installed) {
  276. this.installed = Boolean.valueOf(installed);
  277. }
  278. public boolean isListening() {
  279. return port != ONLY_ACTIVE;
  280. }
  281. public boolean isTLS() {
  282. return tlsCipherSuite.length > 0;
  283. }
  284. public int getBacklog() {
  285. return backlog;
  286. }
  287. public void setBacklog(int backlog) {
  288. if (backlog < 1)
  289. throw new IllegalArgumentException("backlog: " + backlog);
  290. this.backlog = backlog;
  291. }
  292. public int getAcceptTimeout() {
  293. return acceptTimeout;
  294. }
  295. public void setAcceptTimeout(int timeout) {
  296. if (timeout < 0)
  297. throw new IllegalArgumentException("timeout: " + timeout);
  298. this.acceptTimeout = timeout;
  299. }
  300. public int getConnectTimeout() {
  301. return connectTimeout;
  302. }
  303. public void setConnectTimeout(int timeout) {
  304. if (timeout < 0)
  305. throw new IllegalArgumentException("timeout: " + timeout);
  306. this.connectTimeout = timeout;
  307. }
  308. /**
  309. * Timeout in ms for receiving A-ASSOCIATE-RQ, 5000 by default
  310. *
  311. * @param An
  312. * int value containing the milliseconds.
  313. */
  314. public int getRequestTimeout() {
  315. return requestTimeout;
  316. }
  317. /**
  318. * Timeout in ms for receiving A-ASSOCIATE-RQ, 5000 by default
  319. *
  320. * @param timeout
  321. * An int value containing the milliseconds.
  322. */
  323. public void setRequestTimeout(int timeout) {
  324. if (timeout < 0)
  325. throw new IllegalArgumentException("timeout: " + timeout);
  326. this.requestTimeout = timeout;
  327. }
  328. /**
  329. * Timeout in ms for receiving A-RELEASE-RP, 5000 by default.
  330. *
  331. * @return An int value containing the milliseconds.
  332. */
  333. public int getReleaseTimeout() {
  334. return releaseTimeout;
  335. }
  336. /**
  337. * Timeout in ms for receiving A-RELEASE-RP, 5000 by default.
  338. *
  339. * @param timeout
  340. * An int value containing the milliseconds.
  341. */
  342. public void setReleaseTimeout(int timeout) {
  343. if (timeout < 0)
  344. throw new IllegalArgumentException("timeout: " + timeout);
  345. this.releaseTimeout = timeout;
  346. }
  347. /**
  348. * Delay in ms for Socket close after sending A-ABORT, 50ms by default.
  349. *
  350. * @return An int value containing the milliseconds.
  351. */
  352. public int getSocketCloseDelay() {
  353. return socketCloseDelay;
  354. }
  355. /**
  356. * Delay in ms for Socket close after sending A-ABORT, 50ms by default.
  357. *
  358. * @param delay
  359. * An int value containing the milliseconds.
  360. */
  361. public void setSocketCloseDelay(int delay) {
  362. if (delay < 0)
  363. throw new IllegalArgumentException("delay: " + delay);
  364. this.socketCloseDelay = delay;
  365. }
  366. /**
  367. * Get the SO_RCVBUF socket value in KB.
  368. *
  369. * @return An int value containing the buffer size in KB.
  370. */
  371. public int getReceiveBufferSize() {
  372. return receiveBufferSize;
  373. }
  374. /**
  375. * Set the SO_RCVBUF socket option to specified value in KB.
  376. *
  377. * @param bufferSize
  378. * An int value containing the buffer size in KB.
  379. */
  380. public void setReceiveBufferSize(int size) {
  381. if (size < 0)
  382. throw new IllegalArgumentException("size: " + size);
  383. this.receiveBufferSize = size;
  384. }
  385. /**
  386. * Get the SO_SNDBUF socket option value in KB,
  387. *
  388. * @return An int value containing the buffer size in KB.
  389. */
  390. public int getSendBufferSize() {
  391. return sendBufferSize;
  392. }
  393. /**
  394. * Set the SO_SNDBUF socket option to specified value in KB,
  395. *
  396. * @param bufferSize
  397. * An int value containing the buffer size in KB.
  398. */
  399. public void setSendBufferSize(int size) {
  400. if (size < 0)
  401. throw new IllegalArgumentException("size: " + size);
  402. this.sendBufferSize = size;
  403. }
  404. /**
  405. * Determine if this network connection is using Nagle's algorithm as part
  406. * of its network communication.
  407. *
  408. * @return boolean True if TCP no delay (disable Nagle's algorithm) is used.
  409. */
  410. public boolean isTcpNoDelay() {
  411. return tcpNoDelay;
  412. }
  413. /**
  414. * Set whether or not this network connection should use Nagle's algorithm
  415. * as part of its network communication.
  416. *
  417. * @param tcpNoDelay
  418. * boolean True if TCP no delay (disable Nagle's algorithm) should be
  419. * used.
  420. */
  421. public void setTcpNoDelay(boolean tcpNoDelay) {
  422. this.tcpNoDelay = tcpNoDelay;
  423. }
  424. public boolean isTlsNeedClientAuth() {
  425. return tlsNeedClientAuth;
  426. }
  427. public void setTlsNeedClientAuth(boolean tlsNeedClientAuth) {
  428. this.tlsNeedClientAuth = tlsNeedClientAuth;
  429. }
  430. public String[] getTlsProtocol() {
  431. return tlsProtocol.clone();
  432. }
  433. public void setTlsProtocol(String[] tlsProtocol) {
  434. this.tlsProtocol = tlsProtocol.clone();
  435. }
  436. public void enableSSLv2Hello() {
  437. this.tlsProtocol = TLS_AND_SSLv2;
  438. }
  439. public void disableSSLv2Hello() {
  440. this.tlsProtocol = TLS_WO_SSLv2;
  441. }
  442. private InetSocketAddress getEndPoint() throws UnknownHostException {
  443. return new InetSocketAddress(addr(), port);
  444. }
  445. private InetSocketAddress getBindPoint() throws UnknownHostException {
  446. // don't use loopback address as bind point to avoid
  447. // ConnectionException connection to remote endpoint
  448. return new InetSocketAddress(maskLoopBackAddress(addr()), 0);
  449. }
  450. private static InetAddress maskLoopBackAddress(InetAddress addr) {
  451. return addr != null && addr.isLoopbackAddress() ? null : addr;
  452. }
  453. /**
  454. * Returns server socket associated with this Network Connection, bound to
  455. * the TCP port, listening for connect requests. Returns <code>null</code>
  456. * if this network connection only initiates associations or was not yet
  457. * bound by {@link #bind}.
  458. *
  459. * @return server socket associated with this Network Connection or
  460. * <code>null</code>
  461. */
  462. public ServerSocket getServer() {
  463. return server;
  464. }
  465. /**
  466. * Create a socket as an SCU and connect to a peer network connection (the
  467. * SCP).
  468. *
  469. * @param peerConfig
  470. * The peer <code>NetworkConnection</code> object that this
  471. * network connection is connecting to.
  472. * @return Socket The created socket object.
  473. * @throws IOException
  474. * If the connection cannot be made due to network IO
  475. * reasons.
  476. */
  477. public Socket connect(NetworkConnection peerConfig) throws IOException {
  478. if (device == null)
  479. throw new IllegalStateException("Device not initalized");
  480. if (!peerConfig.isListening())
  481. throw new IllegalArgumentException("Only initiates associations - "
  482. + peerConfig);
  483. Socket s = isTLS() ? createTLSSocket() : new Socket();
  484. InetSocketAddress bindPoint = getBindPoint();
  485. InetSocketAddress endpoint = peerConfig.getEndPoint();
  486. log.debug("Initiate connection from {} to {}", bindPoint, endpoint);
  487. s.bind(bindPoint);
  488. setSocketOptions(s);
  489. s.connect(endpoint, connectTimeout);
  490. return s;
  491. }
  492. /**
  493. * Set options on a socket that was either just accepted (if this network
  494. * connection is an SCP), or just created (if this network connection is an
  495. * SCU).
  496. *
  497. * @param s
  498. * The <code>Socket</code> object.
  499. * @throws SocketException
  500. * If the options cannot be set on the socket.
  501. */
  502. protected void setSocketOptions(Socket s) throws SocketException {
  503. int size;
  504. size = s.getReceiveBufferSize();
  505. if (receiveBufferSize == DEFAULT) {
  506. receiveBufferSize = size;
  507. }
  508. else if (receiveBufferSize != size) {
  509. s.setReceiveBufferSize(receiveBufferSize);
  510. receiveBufferSize = s.getReceiveBufferSize();
  511. }
  512. size = s.getSendBufferSize();
  513. if (sendBufferSize == DEFAULT) {
  514. sendBufferSize = size;
  515. }
  516. else if (sendBufferSize != size) {
  517. s.setSendBufferSize(sendBufferSize);
  518. sendBufferSize = s.getSendBufferSize();
  519. }
  520. if (s.getTcpNoDelay() != tcpNoDelay) {
  521. s.setTcpNoDelay(tcpNoDelay);
  522. }
  523. }
  524. /**
  525. * Bind this network connection to a TCP port and start a server socket
  526. * accept loop.
  527. *
  528. * @param executor
  529. * The <code>Executor</code> implementation that
  530. * association threads should run within. The executor
  531. * determines the threading model.
  532. * @throws IOException
  533. * If there is a problem with the network interaction.
  534. */
  535. public synchronized void bind(final Executor executor) throws IOException {
  536. if (device == null)
  537. throw new IllegalStateException("Device not initalized");
  538. if (!isListening())
  539. throw new IllegalStateException("Only initiates associations - "
  540. + this);
  541. if (server != null)
  542. throw new IllegalStateException("Already listening - " + server);
  543. server = isTLS() ? createTLSServerSocket() : new ServerSocket();
  544. server.bind(getEndPoint(), backlog);
  545. executor.execute(new Runnable() {
  546. public void run() {
  547. SocketAddress sockAddr = server.getLocalSocketAddress();
  548. log.info("Start listening on {}", sockAddr);
  549. try {
  550. for (;;) {
  551. log.debug("Wait for connection on {}", sockAddr);
  552. Socket s = server.accept();
  553. setSocketOptions(s);
  554. if (checkConnection(s)) {
  555. Association a = Association.accept(s,
  556. NetworkConnection.this);
  557. executor.execute(a);
  558. }
  559. }
  560. }
  561. catch (Throwable e) {
  562. // assume exception was raised by graceful stop of server
  563. }
  564. log.info("Stop listening on {}", sockAddr);
  565. }
  566. });
  567. }
  568. /**
  569. * Check the incoming socket connection against the limitations set up for
  570. * this Network Connection.
  571. *
  572. * @param s
  573. * The socket connection.
  574. * @return boolean True if association negotiation should proceed.
  575. */
  576. protected boolean checkConnection(Socket s) {
  577. if (excludeConnectionsFrom == null
  578. || excludeConnectionsFrom.size() == 0)
  579. return true;
  580. // Check to see if this connection attempt is just a keep alive
  581. // ping from the CSS. Use a list of possible pingers in the case
  582. // of a high-availability network.
  583. for (String ip : excludeConnectionsFrom) {
  584. if (s.getInetAddress().getHostAddress().equals(ip)) {
  585. log.debug("Rejecting connection from {}", ip);
  586. try {
  587. s.close();
  588. } catch (IOException e) {
  589. log.debug("Caught IOException closing socket from {}", ip);
  590. }
  591. return false;
  592. }
  593. }
  594. return true;
  595. }
  596. /**
  597. * Increment the number of active associations.
  598. */
  599. protected void incListenerConnectionCount() {
  600. associationCount.incrementAndGet();
  601. }
  602. /**
  603. * Decrement the number of active associations.
  604. */
  605. protected void decListenerConnectionCount() {
  606. for (;;) {
  607. int current = associationCount.get();
  608. if (current <= 0
  609. || associationCount.compareAndSet(current, current-1))
  610. return;
  611. }
  612. }
  613. /**
  614. * Check to see if the specified number of associations has been exceeded.
  615. *
  616. * @param maxAssociations
  617. * An int containing the maximum number of associations
  618. * allowed.
  619. * @return boolean True if the max association count has not been exceeded.
  620. */
  621. public boolean checkConnectionCountWithinLimit() {
  622. return associationCount.intValue() <= maxScpAssociations;
  623. }
  624. public synchronized void unbind() {
  625. if (server == null)
  626. return;
  627. try {
  628. server.close();
  629. }
  630. catch (Throwable e) {
  631. // Ignore errors when closing the server socket.
  632. }
  633. associationCount.set(0);
  634. server = null;
  635. }
  636. protected Socket createTLSSocket() throws IOException {
  637. SSLContext sslContext = device.getSSLContext();
  638. if (sslContext == null)
  639. throw new IllegalStateException("TLS Context not initialized!");
  640. SSLSocketFactory sf = sslContext.getSocketFactory();
  641. SSLSocket s = (SSLSocket) sf.createSocket();
  642. s.setEnabledProtocols(tlsProtocol);
  643. s.setEnabledCipherSuites(tlsCipherSuite);
  644. return s;
  645. }
  646. protected ServerSocket createTLSServerSocket() throws IOException {
  647. SSLContext sslContext = device.getSSLContext();
  648. if (sslContext == null)
  649. throw new IllegalStateException("TLS Context not initialized!");
  650. SSLServerSocketFactory ssf = sslContext.getServerSocketFactory();
  651. SSLServerSocket ss = (SSLServerSocket) ssf.createServerSocket();
  652. ss.setEnabledProtocols(tlsProtocol);
  653. ss.setEnabledCipherSuites(tlsCipherSuite);
  654. ss.setNeedClientAuth(tlsNeedClientAuth);
  655. return ss;
  656. }
  657. /**
  658. * Get a list of IP addresses from which we should ignore connections.
  659. * Useful in an environment that utilizes a load balancer. In the case of a
  660. * TCP ping from a load balancing switch, we don't want to spin off a new
  661. * thread and try to negotiate an association.
  662. *
  663. * @return Returns the list of IP addresses which should be ignored.
  664. */
  665. public List<String> getExcludeConnectionsFrom() {
  666. return excludeConnectionsFrom;
  667. }
  668. /**
  669. * Set a list of IP addresses from which we should ignore connections.
  670. * Useful in an environment that utilizes a load balancer. In the case of a
  671. * TCP ping from a load balancing switch, we don't want to spin off a new
  672. * thread and try to negotiate an association.
  673. *
  674. * @param excludeConnectionsFrom
  675. * the list of IP addresses which should be ignored.
  676. */
  677. public void setExcludeConnectionsFrom(List<String> excludeConnectionsFrom) {
  678. this.excludeConnectionsFrom = excludeConnectionsFrom;
  679. }
  680. /**
  681. * Get the maximum number of incoming associations that this Network
  682. * Connection will allow.
  683. *
  684. * @return int An int which defines the max associations.
  685. */
  686. public int getMaxScpAssociations() {
  687. return maxScpAssociations;
  688. }
  689. /**
  690. * Set the maximum number of incoming associations that this Network
  691. * Connection will allow.
  692. *
  693. * @param maxScpAssociations
  694. * An int which defines the max associations.
  695. */
  696. public void setMaxScpAssociations(int maxListenerAssociations) {
  697. this.maxScpAssociations = maxListenerAssociations;
  698. }
  699. }