author | xuelei |
Mon, 25 Jun 2018 13:41:39 -0700 | |
changeset 50768 | 68fa3d4026ea |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
1 |
/* |
35298 | 2 |
* Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved. |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
4 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
5 |
* This code is free software; you can redistribute it and/or modify it |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation. Oracle designates this |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
8 |
* particular file as subject to the "Classpath" exception as provided |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
10 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
15 |
* accompanied this code). |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
16 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
17 |
* You should have received a copy of the GNU General Public License version |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
20 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
22 |
* or visit www.oracle.com if you need additional information or have any |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
23 |
* questions. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
24 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
25 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
26 |
// |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
27 |
// SunJSSE does not support dynamic system properties, no way to re-use |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
28 |
// system properties in samevm/agentvm mode. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
29 |
// |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
30 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
31 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
32 |
* @test |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
33 |
* @bug 7068321 |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
34 |
* @summary Support TLS Server Name Indication (SNI) Extension in JSSE Server |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
35 |
* @run main/othervm SSLSocketSNISensitive PKIX www.example.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
36 |
* @run main/othervm SSLSocketSNISensitive SunX509 www.example.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
37 |
* @run main/othervm SSLSocketSNISensitive PKIX www.example.net |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
38 |
* @run main/othervm SSLSocketSNISensitive SunX509 www.example.net |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
39 |
* @run main/othervm SSLSocketSNISensitive PKIX www.invalid.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
40 |
* @run main/othervm SSLSocketSNISensitive SunX509 www.invalid.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
41 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
42 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
43 |
import java.net.*; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
44 |
import java.util.*; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
45 |
import java.io.*; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
46 |
import javax.net.ssl.*; |
22268
d72c97c708ae
8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property
xuelei
parents:
16020
diff
changeset
|
47 |
import java.security.Security; |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
48 |
import java.security.KeyStore; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
49 |
import java.security.KeyFactory; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
50 |
import java.security.cert.Certificate; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
51 |
import java.security.cert.X509Certificate; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
52 |
import java.security.cert.CertificateFactory; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
53 |
import java.security.spec.*; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
54 |
import java.security.interfaces.*; |
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
14318
diff
changeset
|
55 |
import java.util.Base64; |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
56 |
|
50768 | 57 |
// Note: this test case works only on TLS 1.2 and prior versions because of |
58 |
// the use of MD5withRSA signed certificate. |
|
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
59 |
public class SSLSocketSNISensitive { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
60 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
61 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
62 |
* ============================================================= |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
63 |
* Set the various variables needed for the tests, then |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
64 |
* specify what tests to run on each side. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
65 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
66 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
67 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
68 |
* Should we run the client or server in a separate thread? |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
69 |
* Both sides can throw exceptions, but do you have a preference |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
70 |
* as to which side should be the main thread. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
71 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
72 |
static boolean separateServerThread = false; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
73 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
74 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
75 |
* Where do we find the keystores? |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
76 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
77 |
// Certificates and key used in the test. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
78 |
static String trustedCertStr = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
79 |
"-----BEGIN CERTIFICATE-----\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
80 |
"MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
81 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
82 |
"MTIwNDE3MTIwNjA3WhcNMzMwMzI4MTIwNjA3WjA7MQswCQYDVQQGEwJVUzENMAsG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
83 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
84 |
"KoZIhvcNAQEBBQADgY0AMIGJAoGBANY+7Enp+1S566kLcKk+qe4Ki6BxaHGZ+v7r\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
85 |
"vLksx9IQZCbAEf4YLbrZhKzKD3SPIJXyxPFwknAknIh3Knk8mViOZks7T8L3GnJr\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
86 |
"TBaVvDyTzDJum/QYiahfO2qpfN/Oya2UILmqsBAeLyWpzbQsAyWBXfoUtkOUgnzK\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
87 |
"fk6QAKYrAgMBAAGjgaUwgaIwHQYDVR0OBBYEFEtmQi7jT1ijXOafPsfkrLwSVu9e\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
88 |
"MGMGA1UdIwRcMFqAFEtmQi7jT1ijXOafPsfkrLwSVu9eoT+kPTA7MQswCQYDVQQG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
89 |
"EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
90 |
"Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
91 |
"BQADgYEAkKWxMc4+ODk5WwLXXweB8/IKfVfrizNn0KLEgsZ6xNXFIXDpiPGAFcgl\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
92 |
"MzFO424JgyvUulsUc/X16Cnuwwntkk6KUG7vEV7h4o9sAV7Cax3gfQE/EZFb4ybn\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
93 |
"aBm1UsujMKd/ovqbbbxJbmOWzCeo0QfIGleDEyh3NBBZ0i11Kiw=\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
94 |
"-----END CERTIFICATE-----"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
95 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
96 |
// web server certificate, www.example.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
97 |
static String targetCertStr_A = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
98 |
"-----BEGIN CERTIFICATE-----\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
99 |
"MIICVTCCAb6gAwIBAgIBAjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
100 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
101 |
"MTIwNDE3MTIwNjA4WhcNMzIwMTAzMTIwNjA4WjBVMQswCQYDVQQGEwJVUzENMAsG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
102 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAWBgNV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
103 |
"BAMTD3d3dy5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
104 |
"4zFp3PZNzsd3ZwG6FNNWO9eSN+UBymlf8oCwpKJM2tIinmMWvWIXnlx/2UXIfSAq\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
105 |
"QEG3aXkAFyEiGGpQlBbqcfrESsHsiz2pnnm5dG2v/eS0Bwz1jmcuNmwnh3UQw2Vl\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
106 |
"+BLk8ukdrLjiCT8jARiHExYf1Xg+wUqQ9y8NV26hdaUCAwEAAaNPME0wCwYDVR0P\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
107 |
"BAQDAgPoMB0GA1UdDgQWBBQwtx+gqzn2w4y82brXlp7tqBYEZDAfBgNVHSMEGDAW\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
108 |
"gBRLZkIu409Yo1zmnz7H5Ky8ElbvXjANBgkqhkiG9w0BAQQFAAOBgQAJWo8B6Ud+\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
109 |
"/OU+UcZLihlfMX02OSlK2ZB7mfqpj2G3JT9yb0A+VbY3uuajmaYYIIxl3kXGz/n8\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
110 |
"M2Q/Ux/MDxG+IFKHC26Kuj4dAQgzjq2pILVPTE2QnaQTNCsgVZtTaC47SG9FRSoC\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
111 |
"qvnIvn/oTpKSqus76I1cR4joDtiV2OEuVw==\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
112 |
"-----END CERTIFICATE-----"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
113 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
114 |
// Private key in the format of PKCS#8 |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
115 |
static String targetPrivateKey_A = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
116 |
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOMxadz2Tc7Hd2cB\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
117 |
"uhTTVjvXkjflAcppX/KAsKSiTNrSIp5jFr1iF55cf9lFyH0gKkBBt2l5ABchIhhq\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
118 |
"UJQW6nH6xErB7Is9qZ55uXRtr/3ktAcM9Y5nLjZsJ4d1EMNlZfgS5PLpHay44gk/\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
119 |
"IwEYhxMWH9V4PsFKkPcvDVduoXWlAgMBAAECgYAqX2nuIyXp3fvgA0twXOYlbRRB\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
120 |
"Rn3qAXM6qFPJsNeCrFR2k+aG1cev6nKR1FkLNTeMGnWZv06MAcr5IML8i7WXyG4C\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
121 |
"LY/C0gedn94FDKFlln+bTENwQTGjn4lKysDA+IuNpasTeMCajbic+dPByhIdTOjZ\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
122 |
"iMCyxbLfpk40zQopVQJBAPyfGmkeHB3GjdbdgujWCGKb2UxBa4O8dy3O4l2yizTn\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
123 |
"uUqMGcwGY4ciNSVvZQ7jKo4vDmkSuYib4/woPChaNfMCQQDmO0BQuSWYGNtSwV35\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
124 |
"lafZfX1dNCLKm1iNA6A12evXgvQiE9WT4mqionig0VZW16HtiY4/BkHOcos/K9Um\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
125 |
"ARQHAkA8mkaRtSF1my5nv1gqVz5Hua+VdZQ/VDUbDiiL5cszc+ulkJqXsWirAG/T\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
126 |
"fTe3LJQG7A7+8fkEZrF4yoY0AAA1AkEAotokezULj5N9iAL5SzL9wIzQYV4ggfny\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
127 |
"YATBjXXxKccakwQ+ndWZIiMUeoS4ssLialhTgucVI0fIkU2a/r/ifwJAc6e+5Pvh\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
128 |
"MghQj/U788Od/v6rgqz/NGsduZ7uilCMcWiwA73OR2MHMH/OIuoofuEPrfuV9isV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
129 |
"xVXhgpKfP/pdOA=="; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
130 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
131 |
// web server certificate, www.example.net |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
132 |
static String targetCertStr_B = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
133 |
"-----BEGIN CERTIFICATE-----\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
134 |
"MIICVTCCAb6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
135 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
136 |
"MTIwNDE3MTIwNjA5WhcNMzIwMTAzMTIwNjA5WjBVMQswCQYDVQQGEwJVUzENMAsG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
137 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAWBgNV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
138 |
"BAMTD3d3dy5leGFtcGxlLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
139 |
"2VlzF1fvWYczDChrUeJiLJ1M/dIShCaOTfYGiXfQGEZCAWTacUclwr+rVMnZ75/c\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
140 |
"wwg5pNdXRijxMil8DBTS1gFcIFQhosLHvzIAe6ULlg/xB+/L6KBz+NTWfo/2KF6t\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
141 |
"xatmcToNrCcwi7eUOfbzQje65Tizs56jJYem2m7Rk0ECAwEAAaNPME0wCwYDVR0P\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
142 |
"BAQDAgPoMB0GA1UdDgQWBBQT/FR0cAWcZQ7h0X79KGki34OSQjAfBgNVHSMEGDAW\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
143 |
"gBRLZkIu409Yo1zmnz7H5Ky8ElbvXjANBgkqhkiG9w0BAQQFAAOBgQB67cPIT6fz\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
144 |
"6Ws8fBpYgW2ad4ci66i1WduBD9CpGFE+jRK2feRj6hvYBXocKj0AMWUFIEB2E3hA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
145 |
"oIjxcf1GxIpHVl9DjlhxqXbA0Ktl7/NGNRlDSLTizOTl3FB1mMTlOGvXDVmpcFhl\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
146 |
"HuoP1hYvhTsBwPx5igGNchuPtDIUzL2mXw==\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
147 |
"-----END CERTIFICATE-----"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
148 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
149 |
static String targetPrivateKey_B = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
150 |
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANlZcxdX71mHMwwo\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
151 |
"a1HiYiydTP3SEoQmjk32Bol30BhGQgFk2nFHJcK/q1TJ2e+f3MMIOaTXV0Yo8TIp\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
152 |
"fAwU0tYBXCBUIaLCx78yAHulC5YP8Qfvy+igc/jU1n6P9ihercWrZnE6DawnMIu3\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
153 |
"lDn280I3uuU4s7OeoyWHptpu0ZNBAgMBAAECgYEAl19H26sfhD+32rDPxZCgBShs\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
154 |
"dZ33zVe45i0Bcn4iTLWpxKTDyf7eGps4rO2DvfKdYqt40ggzvSZIjUH9JcDe8GmG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
155 |
"d3m0ILB7pg4jsFlpyeHpTO8grPLxA1G9s3o0DoFpz/rooqgFfe/DrRDmRoOSkgfV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
156 |
"/gseIbgJHRO/Ctyvdh0CQQD6uFd0HxhH1jl/JzvPzIH4LSnPcdEh9zsMEb6uzh75\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
157 |
"9qL+IHD5N2I/pYZTKqDFIwhJf701+LKag55AX/zrDt7rAkEA3e00AbnwanDMa6Wj\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
158 |
"+gFekUQveSVra38LiihzCkyVvQpFjbiF1rUhSNQ0dpU5/hmrYF0C6H9VXAesfkUY\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
159 |
"WhpDgwJAYjgZOop77piDycZK7isFt32p5XSHIzFBVocVFlH1XKM8UyXOXDNQL/Le\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
160 |
"XnJSrSf+NRzvuNcG0PVC56Ey6brXpQJAY4M4vcltt5zq3R5CQBmbGRJ1IyKXX3Vx\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
161 |
"bDslEqoyvri7ZYgnY5aG3UxiVgYmIf3KrgQnCLAIS6MZQumiuMxsFwJAK5pEG063\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
162 |
"9ngUof4fDMvZphqZjZR1zMKz/V/9ge0DWBINaqFgsgebNu+MyImsC8C6WKjGmV/2\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
163 |
"f1MY0D7sC2vU/Q=="; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
164 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
165 |
// web server certificate, www.invalid.com |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
166 |
static String targetCertStr_C = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
167 |
"-----BEGIN CERTIFICATE-----\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
168 |
"MIICVTCCAb6gAwIBAgIBAzANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
169 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
170 |
"MTIwNDE3MTIwNjA5WhcNMzIwMTAzMTIwNjA5WjBVMQswCQYDVQQGEwJVUzENMAsG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
171 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAWBgNV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
172 |
"BAMTD3d3dy5pbnZhbGlkLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
173 |
"q6MyQwzCr2nJ41l0frmHL0qULSyW51MhevBC+1W28i0LE/efrmpwV3LdnlQEGFak\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
174 |
"DLDwtnff3iru8dSMcA7KdWVkivsE7ZTP+qFDaWBAy7XXiSsv6yZ2Nh4jJb0YcD28\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
175 |
"45zk2nAl5Az1/PuoTi1vpQxzFZKuBm1HGgz3MEZvBvMCAwEAAaNPME0wCwYDVR0P\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
176 |
"BAQDAgPoMB0GA1UdDgQWBBRRMifrND015Nm8N6gV5X7cg1YjjjAfBgNVHSMEGDAW\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
177 |
"gBRLZkIu409Yo1zmnz7H5Ky8ElbvXjANBgkqhkiG9w0BAQQFAAOBgQBjkUO6Ri/B\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
178 |
"uDC2gDMIyL5+NTe/1dPPQYM4HhCNa/KQYvU5lzCKO9Vpa+i+nyrUNNXUu8Tkyq4Y\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
179 |
"A+aGSm6+FT/i9rFwkYUdorBtD3KfQiwTIWrVERXBkWI5iZNaVZhx0TFy4vUpf65d\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
180 |
"QtwkbHpC66fdKc2EdLXkuY9KkmtZZJJ7YA==\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
181 |
"-----END CERTIFICATE-----"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
182 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
183 |
static String targetPrivateKey_C = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
184 |
"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKujMkMMwq9pyeNZ\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
185 |
"dH65hy9KlC0sludTIXrwQvtVtvItCxP3n65qcFdy3Z5UBBhWpAyw8LZ3394q7vHU\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
186 |
"jHAOynVlZIr7BO2Uz/qhQ2lgQMu114krL+smdjYeIyW9GHA9vOOc5NpwJeQM9fz7\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
187 |
"qE4tb6UMcxWSrgZtRxoM9zBGbwbzAgMBAAECgYASJDK40Y12Wvki1Z6xkkyOnBRj\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
188 |
"XfYpRykfxGtgA2RN3qLwHlk7Zzaul46DIKA6LlYynTUkJDF+Ww1cdDnP0lBlwcmM\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
189 |
"iD0ck3zYyYBLhQHuVbkK3SYE+ANRhM0icvvqANP2at/U4awQcPNEae/KCiecLNu3\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
190 |
"CJGqyhPDdrEAqPuJGQJBAN46pQC6l3yrcSYE2s53jSmsm2HVVOFlFXjU6k/RMTxG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
191 |
"FfDJtGUAOQ37rPQ06ugr/gjLAmmPp+FXozaBdA32D80CQQDFuGRgv3WYqbglIcRL\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
192 |
"JRs6xlj9w1F97s/aiUenuwhIPNiUoRbV7mnNuZ/sGF0svOVE7SazRjuFX6UqL9Y9\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
193 |
"HzG/AkEA170pCI8cl4w8eUNHRB9trGKEKjMXhwVCFh7lJf2ZBcGodSzr8w2HVhrZ\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
194 |
"Ke7hiemDYffrbJ1oxmv05+o+x3r0lQJBAL6adVm2+FyFMFnLZXmzeb59O4jWY5bt\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
195 |
"Qz6/HG6bpO5OidMuP99YCHMkQQDOs/PO3Y5GuAoW6IY4n/Y9S2B80+0CQBl1/H9/\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
196 |
"0n/vrb6vW6Azds49tuS82RFAnOhtwTyBEajs08WF8rZQ3WD2RHJnH0+jjfL0anIp\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
197 |
"dQBSeNN7s7b6rRk="; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
198 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
199 |
// This is a certificate for client |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
200 |
static String targetCertStr_D= |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
201 |
"-----BEGIN CERTIFICATE-----\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
202 |
"MIICVDCCAb2gAwIBAgIBBTANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
203 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
204 |
"MTIwNDE3MTIwNjEwWhcNMzIwMTAzMTIwNjEwWjBUMQswCQYDVQQGEwJVUzENMAsG\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
205 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxFzAVBgNV\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
206 |
"BAMTDkludGVyT3AgVGVzdGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDo\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
207 |
"Q/KoAIAC2ljFfW2KwjnxTzi4NQJeUuk2seqKpsAY8x4O5dvixzUl6142zmljapqi\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
208 |
"bJloQVpfB+CEc5/l4h5gzGRVzkuqP1oPzDrpZ5GsvmvuHenV/TzCIgX1cLETzQVt\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
209 |
"6Rk06okoBPnw3hDJEJiEc1Rv7HCE8p/p+SaiHrskwwIDAQABo08wTTALBgNVHQ8E\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
210 |
"BAMCA+gwHQYDVR0OBBYEFPr91O33RIGfFSqza2AwQIgE4QswMB8GA1UdIwQYMBaA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
211 |
"FEtmQi7jT1ijXOafPsfkrLwSVu9eMA0GCSqGSIb3DQEBBAUAA4GBANIDFYgAhoj3\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
212 |
"B8u1YpqeoEp2Lt9TwrYBshaIrbmBPCwCGio0JIsoov3n8BCSg5F+8MnOtPl+TjeO\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
213 |
"0Ug+7guPdCk/wg8YNxLHgSsQlpcNJDjWiErqmUPVrg5BPPQb65qMund6KTmMN0y6\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
214 |
"4EbSmxRpZO/N0/5oK4umTk0EeXKNekBj\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
215 |
"-----END CERTIFICATE-----"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
216 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
217 |
static String targetPrivateKey_D = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
218 |
"MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAOhD8qgAgALaWMV9\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
219 |
"bYrCOfFPOLg1Al5S6Tax6oqmwBjzHg7l2+LHNSXrXjbOaWNqmqJsmWhBWl8H4IRz\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
220 |
"n+XiHmDMZFXOS6o/Wg/MOulnkay+a+4d6dX9PMIiBfVwsRPNBW3pGTTqiSgE+fDe\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
221 |
"EMkQmIRzVG/scITyn+n5JqIeuyTDAgMBAAECgYBw37yIKp4LRONJLnhSq6sO+0n8\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
222 |
"Mz6waiiN/Q6XTQwj09pysQAYCGlqwSRrDAqpVsBJWO+Ae+oYLrLMi4hUZnwN75v3\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
223 |
"pe1nXlrD11RmPLXwBxqFxNSvAs2FgLHZEtwHI7Bn8KybT/8bGkQ8csLceInYtMDD\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
224 |
"MuTyy2KRk/pj60zIKQJBAPgebQiAH6viFQ88AwHaNvQhlUfwmSC1i6f8LVoeqaHC\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
225 |
"lnP0LJBwlyDeeEInhHrCR2ibnCB6I/Pig+49XQgabK8CQQDvpJwuGEbsOO+3rkJJ\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
226 |
"OpOw4toG0QJZdRnT6l8I6BlboQRZSfFh+lGGahvFXkxc4KdUpJ7QPtXU7HHk6Huk\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
227 |
"8RYtAkA9CW8VGj+wTuuTVdX/jKjcIa7RhbSFwWNbrcOSWdys+Gt+luCnn6rt4QyA\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
228 |
"aaxDbquWZkFgE+voQR7nap0KM0XtAkAznd0WAJymHM1lXt9gLoHJQ9N6TGKZKiPa\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
229 |
"BU1a+cMcfV4WbVrUo7oTnZ9Fr73681iXXq3mZOJh7lvJ1llreZIxAkBEnbiTgEf4\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
230 |
"tvku68jHcRbRPmdS7CBSWNEBaHLOm4pUSTcxVTKKMHw7vmM5/UYUxJ8QNKCYxn6O\n" + |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
231 |
"+vtiBwBawwzN"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
232 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
233 |
static String[] serverCerts = {targetCertStr_A, |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
234 |
targetCertStr_B, targetCertStr_C}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
235 |
static String[] serverKeys = {targetPrivateKey_A, |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
236 |
targetPrivateKey_B, targetPrivateKey_C}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
237 |
static String[] clientCerts = {targetCertStr_D}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
238 |
static String[] clientKeys = {targetPrivateKey_D}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
239 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
240 |
static char passphrase[] = "passphrase".toCharArray(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
241 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
242 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
243 |
* Is the server ready to serve? |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
244 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
245 |
volatile static boolean serverReady = false; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
246 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
247 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
248 |
* Turn on SSL debugging? |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
249 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
250 |
static boolean debug = false; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
251 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
252 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
253 |
* Define the server side of the test. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
254 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
255 |
* If the server prematurely exits, serverReady will be set to true |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
256 |
* to avoid infinite hangs. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
257 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
258 |
void doServerSide() throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
259 |
SSLContext context = generateSSLContext(false); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
260 |
SSLServerSocketFactory sslssf = context.getServerSocketFactory(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
261 |
SSLServerSocket sslServerSocket = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
262 |
(SSLServerSocket)sslssf.createServerSocket(serverPort); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
263 |
serverPort = sslServerSocket.getLocalPort(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
264 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
265 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
266 |
* Signal Client, we're ready for his connect. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
267 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
268 |
serverReady = true; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
269 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
270 |
SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
271 |
try { |
14318
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
272 |
sslSocket.setSoTimeout(5000); |
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
273 |
sslSocket.setSoLinger(true, 5); |
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
274 |
|
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
275 |
InputStream sslIS = sslSocket.getInputStream(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
276 |
OutputStream sslOS = sslSocket.getOutputStream(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
277 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
278 |
sslIS.read(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
279 |
sslOS.write('A'); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
280 |
sslOS.flush(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
281 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
282 |
SSLSession session = sslSocket.getSession(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
283 |
checkCertificate(session.getLocalCertificates(), |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
284 |
clientRequestedHostname); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
285 |
} finally { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
286 |
sslSocket.close(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
287 |
sslServerSocket.close(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
288 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
289 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
290 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
291 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
292 |
* Define the client side of the test. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
293 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
294 |
* If the server prematurely exits, serverReady will be set to true |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
295 |
* to avoid infinite hangs. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
296 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
297 |
void doClientSide() throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
298 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
299 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
300 |
* Wait for server to get started. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
301 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
302 |
while (!serverReady) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
303 |
Thread.sleep(50); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
304 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
305 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
306 |
SSLContext context = generateSSLContext(true); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
307 |
SSLSocketFactory sslsf = context.getSocketFactory(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
308 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
309 |
SSLSocket sslSocket = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
310 |
(SSLSocket)sslsf.createSocket("localhost", serverPort); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
311 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
312 |
SNIHostName serverName = new SNIHostName(clientRequestedHostname); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
313 |
List<SNIServerName> serverNames = new ArrayList<>(1); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
314 |
serverNames.add(serverName); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
315 |
SSLParameters params = sslSocket.getSSLParameters(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
316 |
params.setServerNames(serverNames); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
317 |
sslSocket.setSSLParameters(params); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
318 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
319 |
try { |
14318
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
320 |
sslSocket.setSoTimeout(5000); |
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
321 |
sslSocket.setSoLinger(true, 5); |
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
322 |
|
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
323 |
InputStream sslIS = sslSocket.getInputStream(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
324 |
OutputStream sslOS = sslSocket.getOutputStream(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
325 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
326 |
sslOS.write('B'); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
327 |
sslOS.flush(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
328 |
sslIS.read(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
329 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
330 |
SSLSession session = sslSocket.getSession(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
331 |
checkCertificate(session.getPeerCertificates(), |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
332 |
clientRequestedHostname); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
333 |
} finally { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
334 |
sslSocket.close(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
335 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
336 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
337 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
338 |
private static void checkCertificate(Certificate[] certs, |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
339 |
String hostname) throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
340 |
if (certs != null && certs.length != 0) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
341 |
X509Certificate x509Cert = (X509Certificate)certs[0]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
342 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
343 |
String subject = x509Cert.getSubjectX500Principal().getName(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
344 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
345 |
if (!subject.contains(hostname)) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
346 |
throw new Exception( |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
347 |
"Not the expected certificate: " + subject); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
348 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
349 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
350 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
351 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
352 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
353 |
* ============================================================= |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
354 |
* The remainder is just support stuff |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
355 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
356 |
private static String tmAlgorithm; // trust manager |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
357 |
private static String clientRequestedHostname; // server name indication |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
358 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
359 |
private static void parseArguments(String[] args) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
360 |
tmAlgorithm = args[0]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
361 |
clientRequestedHostname = args[1]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
362 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
363 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
364 |
private static SSLContext generateSSLContext(boolean isClient) |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
365 |
throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
366 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
367 |
// generate certificate from cert string |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
368 |
CertificateFactory cf = CertificateFactory.getInstance("X.509"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
369 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
370 |
// create a key store |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
371 |
KeyStore ks = KeyStore.getInstance("JKS"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
372 |
ks.load(null, null); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
373 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
374 |
// import the trused cert |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
375 |
ByteArrayInputStream is = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
376 |
new ByteArrayInputStream(trustedCertStr.getBytes()); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
377 |
Certificate trusedCert = cf.generateCertificate(is); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
378 |
is.close(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
379 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
380 |
ks.setCertificateEntry("RSA Export Signer", trusedCert); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
381 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
382 |
String[] certStrs = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
383 |
String[] keyStrs = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
384 |
if (isClient) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
385 |
certStrs = clientCerts; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
386 |
keyStrs = clientKeys; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
387 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
388 |
certStrs = serverCerts; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
389 |
keyStrs = serverKeys; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
390 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
391 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
392 |
for (int i = 0; i < certStrs.length; i++) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
393 |
// generate the private key. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
394 |
String keySpecStr = keyStrs[i]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
395 |
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( |
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
14318
diff
changeset
|
396 |
Base64.getMimeDecoder().decode(keySpecStr)); |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
397 |
KeyFactory kf = KeyFactory.getInstance("RSA"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
398 |
RSAPrivateKey priKey = |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
399 |
(RSAPrivateKey)kf.generatePrivate(priKeySpec); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
400 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
401 |
// generate certificate chain |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
402 |
String keyCertStr = certStrs[i]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
403 |
is = new ByteArrayInputStream(keyCertStr.getBytes()); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
404 |
Certificate keyCert = cf.generateCertificate(is); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
405 |
is.close(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
406 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
407 |
Certificate[] chain = new Certificate[2]; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
408 |
chain[0] = keyCert; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
409 |
chain[1] = trusedCert; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
410 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
411 |
// import the key entry. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
412 |
ks.setKeyEntry("key-entry-" + i, priKey, passphrase, chain); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
413 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
414 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
415 |
// create SSL context |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
416 |
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
417 |
tmf.init(ks); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
418 |
|
50768 | 419 |
SSLContext ctx = SSLContext.getInstance("TLSv1.2"); |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
420 |
KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
421 |
kmf.init(ks, passphrase); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
422 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
423 |
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
424 |
ks = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
425 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
426 |
return ctx; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
427 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
428 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
429 |
// use any free port by default |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
430 |
volatile int serverPort = 0; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
431 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
432 |
volatile Exception serverException = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
433 |
volatile Exception clientException = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
434 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
435 |
public static void main(String[] args) throws Exception { |
22268
d72c97c708ae
8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property
xuelei
parents:
16020
diff
changeset
|
436 |
// MD5 is used in this test case, don't disable MD5 algorithm. |
35298 | 437 |
Security.setProperty("jdk.certpath.disabledAlgorithms", |
438 |
"MD2, RSA keySize < 1024"); |
|
439 |
Security.setProperty("jdk.tls.disabledAlgorithms", |
|
440 |
"SSLv3, RC4, DH keySize < 768"); |
|
22268
d72c97c708ae
8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property
xuelei
parents:
16020
diff
changeset
|
441 |
|
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
442 |
if (debug) |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
443 |
System.setProperty("javax.net.debug", "all"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
444 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
445 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
446 |
* Get the customized arguments. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
447 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
448 |
parseArguments(args); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
449 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
450 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
451 |
* Start the tests. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
452 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
453 |
new SSLSocketSNISensitive(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
454 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
455 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
456 |
Thread clientThread = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
457 |
Thread serverThread = null; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
458 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
459 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
460 |
* Primary constructor, used to drive remainder of the test. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
461 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
462 |
* Fork off the other side, then do your work. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
463 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
464 |
SSLSocketSNISensitive() throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
465 |
try { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
466 |
if (separateServerThread) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
467 |
startServer(true); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
468 |
startClient(false); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
469 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
470 |
startClient(true); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
471 |
startServer(false); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
472 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
473 |
} catch (Exception e) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
474 |
// swallow for now. Show later |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
475 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
476 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
477 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
478 |
* Wait for other side to close down. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
479 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
480 |
if (separateServerThread) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
481 |
serverThread.join(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
482 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
483 |
clientThread.join(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
484 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
485 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
486 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
487 |
* When we get here, the test is pretty much over. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
488 |
* Which side threw the error? |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
489 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
490 |
Exception local; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
491 |
Exception remote; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
492 |
String whichRemote; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
493 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
494 |
if (separateServerThread) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
495 |
remote = serverException; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
496 |
local = clientException; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
497 |
whichRemote = "server"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
498 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
499 |
remote = clientException; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
500 |
local = serverException; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
501 |
whichRemote = "client"; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
502 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
503 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
504 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
505 |
* If both failed, return the curthread's exception, but also |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
506 |
* print the remote side Exception |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
507 |
*/ |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
508 |
if ((local != null) && (remote != null)) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
509 |
System.out.println(whichRemote + " also threw:"); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
510 |
remote.printStackTrace(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
511 |
System.out.println(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
512 |
throw local; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
513 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
514 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
515 |
if (remote != null) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
516 |
throw remote; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
517 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
518 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
519 |
if (local != null) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
520 |
throw local; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
521 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
522 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
523 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
524 |
void startServer(boolean newThread) throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
525 |
if (newThread) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
526 |
serverThread = new Thread() { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
527 |
public void run() { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
528 |
try { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
529 |
doServerSide(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
530 |
} catch (Exception e) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
531 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
532 |
* Our server thread just died. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
533 |
* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
534 |
* Release the client, if not active already... |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
535 |
*/ |
14318
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
536 |
System.err.println("Server died, because of " + e); |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
537 |
serverReady = true; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
538 |
serverException = e; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
539 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
540 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
541 |
}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
542 |
serverThread.start(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
543 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
544 |
try { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
545 |
doServerSide(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
546 |
} catch (Exception e) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
547 |
serverException = e; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
548 |
} finally { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
549 |
serverReady = true; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
550 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
551 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
552 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
553 |
|
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
554 |
void startClient(boolean newThread) throws Exception { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
555 |
if (newThread) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
556 |
clientThread = new Thread() { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
557 |
public void run() { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
558 |
try { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
559 |
doClientSide(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
560 |
} catch (Exception e) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
561 |
/* |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
562 |
* Our client thread just died. |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
563 |
*/ |
14318
96795215f33f
8001466: Nightly regression test failure of SSLSocketSNISensitive.java
xuelei
parents:
14194
diff
changeset
|
564 |
System.err.println("Client died, because of " + e); |
14194
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
565 |
clientException = e; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
566 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
567 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
568 |
}; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
569 |
clientThread.start(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
570 |
} else { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
571 |
try { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
572 |
doClientSide(); |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
573 |
} catch (Exception e) { |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
574 |
clientException = e; |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
575 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
576 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
577 |
} |
971f46db533d
7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
xuelei
parents:
diff
changeset
|
578 |
} |