001/**
002 * Logback: the reliable, generic, fast and flexible logging framework.
003 * Copyright (C) 1999-2015, QOS.ch. All rights reserved.
004 *
005 * This program and the accompanying materials are dual-licensed under
006 * either the terms of the Eclipse Public License v1.0 as published by
007 * the Eclipse Foundation
008 *
009 *   or (per the licensee's choosing)
010 *
011 * under the terms of the GNU Lesser General Public License version 2.1
012 * as published by the Free Software Foundation.
013 */
014package ch.qos.logback.core.net.ssl;
015
016/**
017 * An object that has configurable SSL parameters.
018 * <p>
019 * This interface allows us o decouple the
020 * {@link ch.qos.logback.core.net.ssl.SSLParametersConfiguration
021 * SSLParametersConfiguration} from {@link javax.net.ssl.SSLSocket SSLSocket}
022 * and {@link javax.net.ssl.SSLServerSocket SSLServerSocket} to facilitate unit
023 * testing.
024 *
025 * @author Carl Harris
026 * @author Bruno Harbulot
027 */
028public interface SSLConfigurable {
029
030    /**
031     * Gets the set of protocols that the SSL component enables by default.
032     * 
033     * @return protocols (generally a subset of the set returned by
034     *         {@link #getSupportedProtocols()}); the return value may be an empty
035     *         array but must never be {@code null}.
036     */
037    String[] getDefaultProtocols();
038
039    /**
040     * Gets the set of protocols that the SSL component supports.
041     * 
042     * @return protocols supported protocols; the return value may be an empty array
043     *         but must never be {@code null}.
044     */
045    String[] getSupportedProtocols();
046
047    /**
048     * Sets the enabled protocols on the SSL component.
049     * 
050     * @param protocols the protocols to enable
051     */
052    void setEnabledProtocols(String[] protocols);
053
054    /**
055     * Gets the set of cipher suites that the SSL component enables by default.
056     * 
057     * @return cipher suites (generally a subset of the set returned by
058     *         {@link #getSupportedCipherSuites()}); the return value may be an
059     *         empty array but must never be {@code null}
060     */
061    String[] getDefaultCipherSuites();
062
063    /**
064     * Gets the set of cipher suites that the SSL component supports.
065     * 
066     * @return supported cipher suites; the return value may be an empty array but
067     *         must never be {@code null}
068     */
069    String[] getSupportedCipherSuites();
070
071    /**
072     * Sets the enabled cipher suites on the SSL component.
073     * 
074     * @param cipherSuites the cipher suites to enable
075     */
076    void setEnabledCipherSuites(String[] cipherSuites);
077
078    /**
079     * Sets a flag indicating whether the SSL component should require client
080     * authentication.
081     * 
082     * @param state the flag state to set
083     */
084    void setNeedClientAuth(boolean state);
085
086    /**
087     * Sets a flag indicating whether the SSL component should request client
088     * authentication.
089     * 
090     * @param state the flag state to set
091     */
092    void setWantClientAuth(boolean state);
093
094    void setHostnameVerification(boolean verifyHostname);
095
096}