diff --git a/src/main/java/com/ibm/as400/access/AS400.java b/src/main/java/com/ibm/as400/access/AS400.java index 455bd33f..dca163ba 100644 --- a/src/main/java/com/ibm/as400/access/AS400.java +++ b/src/main/java/com/ibm/as400/access/AS400.java @@ -34,6 +34,8 @@ import java.util.TimeZone; import java.util.Vector; +import javax.net.ssl.SSLSocketFactory; + import org.ietf.jgss.GSSCredential; import org.ietf.jgss.GSSManager; @@ -5873,4 +5875,18 @@ public void setEnabledCipherSuites(String[] suites) // ======== END ================= // Previous chunk of code moved from SecureAS400 // ======== END ================= + + /** + * Set the {@link SSLSocketFactory} that will be used when making secure connections. + *
+ * Note:An exception will be thrown if the AS400 object is not an instance of SecureAS400. + * + * @param sslSocketFactory the {@link SSLSocketFactory} to use + */ + public void setSSLSocketFactory(SSLSocketFactory sslSocketFactory) + { + ensureSecureInstance(); + + useSSLConnection_.sslSocketFactory_ = sslSocketFactory; + } } diff --git a/src/main/java/com/ibm/as400/access/AS400JDBCDriver.java b/src/main/java/com/ibm/as400/access/AS400JDBCDriver.java index b1b4e844..454673cd 100644 --- a/src/main/java/com/ibm/as400/access/AS400JDBCDriver.java +++ b/src/main/java/com/ibm/as400/access/AS400JDBCDriver.java @@ -25,6 +25,9 @@ import java.sql.SQLFeatureNotSupportedException; import java.sql.Statement; import java.util.logging.Logger; + +import javax.net.ssl.SSLSocketFactory; + /* endif */ import java.util.Properties; import java.util.MissingResourceException; @@ -123,6 +126,8 @@ public class AS400JDBCDriver static final String DATABASE_PRODUCT_NAME_ = "DB2 UDB for AS/400"; // @D0A static final String DRIVER_NAME_ = "AS/400 Toolbox for Java JDBC Driver"; // @D0C @C5C @C6C static final String DRIVER_LEVEL_ = Copyright.DRIVER_LEVEL; + + public static final String PROPERTY_SSL_SOCKET_FACTORY = "property.ssl-socket-factory"; /* ifdef JDBC40 */ public static final int JDBC_MAJOR_VERSION_ = 4; // JDBC spec version: 4.0 @@ -1186,6 +1191,10 @@ else if (clearPassword == null) as400 = AS400.newInstance(secure, serverName, userName); else as400 = AS400.newInstance(secure, serverName, userName, clearPassword, additionalAuthenticationFactor); + Object sslSocketFactoryObject = jdProperties.getOriginalInfo().get(PROPERTY_SSL_SOCKET_FACTORY); + if ((sslSocketFactoryObject != null) && (sslSocketFactoryObject instanceof SSLSocketFactory)) { + as400.setSSLSocketFactory((SSLSocketFactory) sslSocketFactoryObject); + } } catch (AS400SecurityException e) { diff --git a/src/main/java/com/ibm/as400/access/PortMapper.java b/src/main/java/com/ibm/as400/access/PortMapper.java index 046b6e0c..7ee3daed 100644 --- a/src/main/java/com/ibm/as400/access/PortMapper.java +++ b/src/main/java/com/ibm/as400/access/PortMapper.java @@ -220,7 +220,7 @@ static SocketContainer getServerSocket(String systemName, if (Trace.traceOn_) Trace.log(Trace.DIAGNOSTIC, "Starting a secure socket to " + serviceName); { // JSSE is supported since v5r4. sc = (SocketContainer)AS400.loadImpl("com.ibm.as400.access.SocketContainerJSSE"); - sc.setProperties(socket, null, systemName, srvPort, null); + sc.setProperties(socket, null, systemName, srvPort, useSSL); } } else diff --git a/src/main/java/com/ibm/as400/access/SSLOptions.java b/src/main/java/com/ibm/as400/access/SSLOptions.java index 1173c9d9..9f341152 100644 --- a/src/main/java/com/ibm/as400/access/SSLOptions.java +++ b/src/main/java/com/ibm/as400/access/SSLOptions.java @@ -15,6 +15,8 @@ import java.io.Serializable; +import javax.net.ssl.SSLSocketFactory; + // Class to move SSL configuration options from proxy client to proxy server. class SSLOptions implements Serializable { @@ -47,4 +49,5 @@ class SSLOptions implements Serializable int proxyEncryptionMode_ = SecureAS400.CLIENT_TO_SERVER; // Sslight removed boolean useSslight_ = false; + SSLSocketFactory sslSocketFactory_ = null; } diff --git a/src/main/java/com/ibm/as400/access/SocketContainerJSSE.java b/src/main/java/com/ibm/as400/access/SocketContainerJSSE.java index ae457fac..140ebb5d 100644 --- a/src/main/java/com/ibm/as400/access/SocketContainerJSSE.java +++ b/src/main/java/com/ibm/as400/access/SocketContainerJSSE.java @@ -32,7 +32,7 @@ void setProperties(Socket socket, String serviceName, String systemName, int por { if (Trace.isTraceOn()) Trace.log(Trace.DIAGNOSTIC, "SocketContainerJSSE: create SSLSocket"); - SSLSocketFactory sslFactory = (SSLSocketFactory)SSLSocketFactory.getDefault(); + SSLSocketFactory sslFactory = ((options != null) && (options.sslSocketFactory_ != null)) ? options.sslSocketFactory_ : (SSLSocketFactory)SSLSocketFactory.getDefault(); sslSocket_ = (SSLSocket)sslFactory.createSocket(socket, systemName, port, true); //@P4A START if(SecureAS400.changeCipherSuites)