author | mchung |
Thu, 28 May 2015 10:54:48 -0700 | |
changeset 30820 | 0d4717a011d3 |
parent 23052 | 241885315119 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
10328 | 2 |
* Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
5506 | 19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
2 | 22 |
*/ |
23 |
||
24 |
/* |
|
25 |
* @test |
|
26 |
* @bug 4432868 |
|
27 |
* @summary A client-hello message may not always be read correctly |
|
30820 | 28 |
* @modules java.base/sun.net.www |
10328 | 29 |
* @run main/othervm ClientHelloRead |
30 |
* |
|
31 |
* SunJSSE does not support dynamic system properties, no way to re-use |
|
32 |
* system properties in samevm/agentvm mode. |
|
2 | 33 |
*/ |
34 |
||
35 |
import java.io.*; |
|
36 |
import java.net.*; |
|
37 |
import java.security.KeyStore; |
|
38 |
import javax.net.*; |
|
39 |
import javax.net.ssl.*; |
|
40 |
import java.security.cert.*; |
|
41 |
||
42 |
/* |
|
43 |
* ClientHelloRead.java -- includes a simple server that can serve |
|
44 |
* Http get request in both clear and secure channel, and a client |
|
45 |
* that makes https requests behind the firewall through a |
|
46 |
* proxy. The proxy delays the bytes sent from client to the server |
|
47 |
* The server should read all delayed bytes to construct a correct |
|
48 |
* V2 ClientHello Message, if it doesn't, it will throw a SSL |
|
49 |
* handshake exception |
|
50 |
*/ |
|
51 |
||
52 |
public class ClientHelloRead { |
|
53 |
/* |
|
54 |
* Where do we find the keystores? |
|
55 |
*/ |
|
23052
241885315119
8032473: Restructure JSSE regression test hierarchy in jdk test
xuelei
parents:
10328
diff
changeset
|
56 |
static String pathToStores = "../../../../javax/net/ssl/etc"; |
2 | 57 |
static String keyStoreFile = "keystore"; |
58 |
static String trustStoreFile = "truststore"; |
|
59 |
static String passwd = "passphrase"; |
|
60 |
||
61 |
volatile private static int serverPort = 0; |
|
62 |
||
63 |
/* |
|
64 |
* The TestServer implements a OriginServer that |
|
65 |
* processes HTTP requests and responses. |
|
66 |
*/ |
|
67 |
static class TestServer extends OriginServer { |
|
68 |
public TestServer(ServerSocket ss) throws Exception { |
|
69 |
super(ss); |
|
70 |
} |
|
71 |
||
72 |
/* |
|
73 |
* Returns an array of bytes containing the bytes for |
|
74 |
* the data sent in the response. |
|
75 |
* |
|
76 |
* @return bytes for the data in the response |
|
77 |
*/ |
|
78 |
public byte[] getBytes() { |
|
79 |
return "SSL V2 Client Hello read was successful..". |
|
80 |
getBytes(); |
|
81 |
} |
|
82 |
} |
|
83 |
||
84 |
/* |
|
85 |
* Main method to create the server and client |
|
86 |
*/ |
|
87 |
public static void main(String args[]) throws Exception |
|
88 |
{ |
|
89 |
String keyFilename = |
|
90 |
System.getProperty("test.src", "./") + "/" + pathToStores + |
|
91 |
"/" + keyStoreFile; |
|
92 |
String trustFilename = |
|
93 |
System.getProperty("test.src", "./") + "/" + pathToStores + |
|
94 |
"/" + trustStoreFile; |
|
95 |
||
96 |
System.setProperty("javax.net.ssl.keyStore", keyFilename); |
|
97 |
System.setProperty("javax.net.ssl.keyStorePassword", passwd); |
|
98 |
System.setProperty("javax.net.ssl.trustStore", trustFilename); |
|
99 |
System.setProperty("javax.net.ssl.trustStorePassword", passwd); |
|
100 |
||
101 |
boolean useSSL = true; |
|
102 |
/* |
|
103 |
* setup the server |
|
104 |
*/ |
|
105 |
try { |
|
106 |
ServerSocketFactory ssf = |
|
107 |
ClientHelloRead.getServerSocketFactory(useSSL); |
|
108 |
ServerSocket ss = ssf.createServerSocket(serverPort); |
|
109 |
serverPort = ss.getLocalPort(); |
|
110 |
new TestServer(ss); |
|
111 |
} catch (Exception e) { |
|
112 |
System.out.println("Server side failed:" + |
|
113 |
e.getMessage()); |
|
114 |
throw e; |
|
115 |
} |
|
116 |
// trigger the client |
|
117 |
try { |
|
118 |
doClientSide(); |
|
119 |
} catch (Exception e) { |
|
120 |
System.out.println("Client side failed: " + |
|
121 |
e.getMessage()); |
|
122 |
throw e; |
|
123 |
} |
|
124 |
} |
|
125 |
||
126 |
private static ServerSocketFactory getServerSocketFactory |
|
127 |
(boolean useSSL) throws Exception { |
|
128 |
if (useSSL) { |
|
129 |
SSLServerSocketFactory ssf = null; |
|
130 |
// set up key manager to do server authentication |
|
131 |
SSLContext ctx; |
|
132 |
KeyManagerFactory kmf; |
|
133 |
KeyStore ks; |
|
134 |
char[] passphrase = passwd.toCharArray(); |
|
135 |
||
136 |
ctx = SSLContext.getInstance("TLS"); |
|
137 |
kmf = KeyManagerFactory.getInstance("SunX509"); |
|
138 |
ks = KeyStore.getInstance("JKS"); |
|
139 |
||
140 |
ks.load(new FileInputStream(System.getProperty( |
|
141 |
"javax.net.ssl.keyStore")), passphrase); |
|
142 |
kmf.init(ks, passphrase); |
|
143 |
ctx.init(kmf.getKeyManagers(), null, null); |
|
144 |
||
145 |
ssf = ctx.getServerSocketFactory(); |
|
146 |
return ssf; |
|
147 |
} else { |
|
148 |
return ServerSocketFactory.getDefault(); |
|
149 |
} |
|
150 |
} |
|
151 |
||
152 |
static void doClientSide() throws Exception { |
|
153 |
/* |
|
154 |
* setup up a proxy |
|
155 |
*/ |
|
156 |
setupProxy(); |
|
157 |
||
158 |
/* |
|
159 |
* we want to avoid URLspoofCheck failures in cases where the cert |
|
160 |
* DN name does not match the hostname in the URL. |
|
161 |
*/ |
|
10328 | 162 |
HostnameVerifier reservedHV = |
163 |
HttpsURLConnection.getDefaultHostnameVerifier(); |
|
2 | 164 |
try { |
10328 | 165 |
HttpsURLConnection.setDefaultHostnameVerifier( |
166 |
new NameVerifier()); |
|
167 |
URL url = new URL("https://" + "localhost:" + serverPort |
|
168 |
+ "/index.html"); |
|
169 |
BufferedReader in = null; |
|
170 |
try { |
|
171 |
in = new BufferedReader(new InputStreamReader( |
|
172 |
url.openStream())); |
|
173 |
String inputLine; |
|
174 |
System.out.print("Client recieved from the server: "); |
|
175 |
while ((inputLine = in.readLine()) != null) |
|
176 |
System.out.println(inputLine); |
|
2 | 177 |
in.close(); |
10328 | 178 |
} catch (SSLException e) { |
179 |
if (in != null) |
|
180 |
in.close(); |
|
181 |
throw e; |
|
182 |
} |
|
183 |
} finally { |
|
184 |
HttpsURLConnection.setDefaultHostnameVerifier(reservedHV); |
|
2 | 185 |
} |
186 |
} |
|
187 |
||
188 |
static class NameVerifier implements HostnameVerifier { |
|
189 |
public boolean verify(String hostname, SSLSession session) { |
|
190 |
return true; |
|
191 |
} |
|
192 |
} |
|
193 |
||
194 |
static void setupProxy() throws IOException { |
|
195 |
ProxyTunnelServer pserver = new ProxyTunnelServer(); |
|
196 |
pserver.start(); |
|
197 |
System.setProperty("https.proxyHost", "localhost"); |
|
198 |
System.setProperty("https.proxyPort", String.valueOf( |
|
199 |
pserver.getPort())); |
|
200 |
} |
|
201 |
||
202 |
} |