|
2
|
1 |
/*
|
|
5506
|
2 |
* Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved.
|
|
2
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
4 |
*
|
|
|
5 |
* This code is free software; you can redistribute it and/or modify it
|
|
|
6 |
* under the terms of the GNU General Public License version 2 only, as
|
|
|
7 |
* published by the Free Software Foundation.
|
|
|
8 |
*
|
|
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that
|
|
|
13 |
* accompanied this code).
|
|
|
14 |
*
|
|
|
15 |
* You should have received a copy of the GNU General Public License version
|
|
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
18 |
*
|
|
5506
|
19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
|
20 |
* or visit www.oracle.com if you need additional information or have any
|
|
|
21 |
* questions.
|
|
2
|
22 |
*/
|
|
|
23 |
import sun.management.jmxremote.ConnectorBootstrap;
|
|
|
24 |
|
|
|
25 |
import java.io.File;
|
|
|
26 |
import java.io.FileInputStream;
|
|
|
27 |
import java.io.InputStream;
|
|
|
28 |
import java.io.FilenameFilter;
|
|
|
29 |
import java.io.IOException;
|
|
|
30 |
|
|
|
31 |
import java.security.GeneralSecurityException;
|
|
|
32 |
import java.security.KeyStore;
|
|
|
33 |
|
|
|
34 |
import java.util.Properties;
|
|
|
35 |
import java.util.Iterator;
|
|
|
36 |
import java.util.Set;
|
|
|
37 |
import java.util.Arrays;
|
|
|
38 |
import java.util.ArrayList;
|
|
|
39 |
import java.util.HashMap;
|
|
|
40 |
import java.util.Map;
|
|
|
41 |
import java.util.Enumeration;
|
|
|
42 |
|
|
|
43 |
import javax.management.remote.*;
|
|
|
44 |
import javax.management.*;
|
|
|
45 |
|
|
|
46 |
import sun.management.AgentConfigurationError;
|
|
|
47 |
|
|
|
48 |
import util.TestLogger;
|
|
|
49 |
|
|
|
50 |
/**
|
|
|
51 |
* <p>This class implements unit test for RMI Bootstrap.
|
|
|
52 |
* When called with no arguments main() looks in the directory indicated
|
|
|
53 |
* by the "test.src" system property for files called management*ok.properties
|
|
|
54 |
* or management*ko.properties. The *ok.properties files are assumed to be
|
|
|
55 |
* valid Java M&M config files for which the bootstrap should succeed.
|
|
|
56 |
* The *ko.properties files are assumed to be configurations for which the
|
|
|
57 |
* bootstrap & connection test will fail.</p>
|
|
|
58 |
*
|
|
|
59 |
* <p>The rmi port number can be specified with the "rmi.port" system property.
|
|
|
60 |
* If not, this test will use 12424</p>
|
|
|
61 |
*
|
|
|
62 |
* <p>When called with some argument, the main() will interprete its args to
|
|
|
63 |
* be Java M&M configuration file names. The filenames are expected to end
|
|
|
64 |
* with ok.properties or ko.properties - and are interpreted as above.</p>
|
|
|
65 |
*
|
|
|
66 |
* <p>Note that a limitation of the RMI registry (bug 4267864) prevent
|
|
|
67 |
* this test from succeeding if more than 1 configuration is used.
|
|
|
68 |
* As long as 4267864 isn't fix, this test must be called as many times
|
|
|
69 |
* as needed but with a single argument (no arguments, or several arguments
|
|
|
70 |
* will fail).</p>
|
|
|
71 |
*
|
|
|
72 |
* <p>Debug traces are logged in "sun.management.test"</p>
|
|
|
73 |
**/
|
|
|
74 |
public class RmiSslNoKeyStoreTest {
|
|
|
75 |
|
|
|
76 |
static TestLogger log =
|
|
|
77 |
new TestLogger("RmiSslNoKeyStoreTest");
|
|
|
78 |
|
|
|
79 |
/**
|
|
|
80 |
* When launching several registries, we increment the port number
|
|
|
81 |
* to avoid falling into "port number already in use" problems.
|
|
|
82 |
**/
|
|
|
83 |
static int testPort = 0;
|
|
|
84 |
|
|
|
85 |
/**
|
|
|
86 |
* Default values for RMI configuration properties.
|
|
|
87 |
**/
|
|
|
88 |
public static interface DefaultValues {
|
|
|
89 |
public static final String PORT="0";
|
|
|
90 |
public static final String CONFIG_FILE_NAME="management.properties";
|
|
|
91 |
public static final String USE_SSL="true";
|
|
|
92 |
public static final String USE_AUTHENTICATION="true";
|
|
|
93 |
public static final String PASSWORD_FILE_NAME="jmxremote.password";
|
|
|
94 |
public static final String ACCESS_FILE_NAME="jmxremote.access";
|
|
|
95 |
public static final String KEYSTORE="keystore";
|
|
|
96 |
public static final String KEYSTORE_PASSWD="password";
|
|
|
97 |
public static final String TRUSTSTORE="truststore";
|
|
|
98 |
public static final String TRUSTSTORE_PASSWD="trustword";
|
|
|
99 |
}
|
|
|
100 |
|
|
|
101 |
/**
|
|
|
102 |
* Names of RMI configuration properties.
|
|
|
103 |
**/
|
|
|
104 |
public static interface PropertyNames {
|
|
|
105 |
public static final String PORT="com.sun.management.jmxremote.port";
|
|
|
106 |
public static final String CONFIG_FILE_NAME=
|
|
|
107 |
"com.sun.management.config.file";
|
|
|
108 |
public static final String USE_SSL="com.sun.management.jmxremote.ssl";
|
|
|
109 |
public static final String USE_AUTHENTICATION=
|
|
|
110 |
"com.sun.management.jmxremote.authenticate";
|
|
|
111 |
public static final String PASSWORD_FILE_NAME=
|
|
|
112 |
"com.sun.management.jmxremote.password.file";
|
|
|
113 |
public static final String ACCESS_FILE_NAME=
|
|
|
114 |
"com.sun.management.jmxremote.access.file";
|
|
|
115 |
public static final String INSTRUMENT_ALL=
|
|
|
116 |
"com.sun.management.instrumentall";
|
|
|
117 |
public static final String CREDENTIALS =
|
|
|
118 |
"jmx.remote.credentials";
|
|
|
119 |
public static final String KEYSTORE="javax.net.ssl.keyStore";
|
|
|
120 |
public static final String KEYSTORE_PASSWD=
|
|
|
121 |
"javax.net.ssl.keyStorePassword";
|
|
|
122 |
public static final String KEYSTORE_TYPE="javax.net.ssl.keyStoreType";
|
|
|
123 |
public static final String TRUSTSTORE="javax.net.ssl.trustStore";
|
|
|
124 |
public static final String TRUSTSTORE_PASSWD=
|
|
|
125 |
"javax.net.ssl.trustStorePassword";
|
|
|
126 |
}
|
|
|
127 |
|
|
|
128 |
/**
|
|
|
129 |
* Compute the full path name for a default file.
|
|
|
130 |
* @param basename basename (with extension) of the default file.
|
|
|
131 |
* @return ${JRE}/lib/management/${basename}
|
|
|
132 |
**/
|
|
|
133 |
private static String getDefaultFileName(String basename) {
|
|
|
134 |
final String fileSeparator = File.separator;
|
|
|
135 |
final StringBuffer defaultFileName =
|
|
|
136 |
new StringBuffer(System.getProperty("java.home")).
|
|
|
137 |
append(fileSeparator).append("lib").append(fileSeparator).
|
|
|
138 |
append("management").append(fileSeparator).
|
|
|
139 |
append(basename);
|
|
|
140 |
return defaultFileName.toString();
|
|
|
141 |
}
|
|
|
142 |
|
|
|
143 |
/**
|
|
|
144 |
* Compute the full path name for a default file.
|
|
|
145 |
* @param basename basename (with extension) of the default file.
|
|
|
146 |
* @return ${JRE}/lib/management/${basename}
|
|
|
147 |
**/
|
|
|
148 |
private static String getDefaultStoreName(String basename) {
|
|
|
149 |
final String fileSeparator = File.separator;
|
|
|
150 |
final StringBuffer defaultFileName =
|
|
|
151 |
new StringBuffer(System.getProperty("test.src")).
|
|
|
152 |
append(fileSeparator).append("ssl").append(fileSeparator).
|
|
|
153 |
append(basename);
|
|
|
154 |
return defaultFileName.toString();
|
|
|
155 |
}
|
|
|
156 |
|
|
|
157 |
private static void checkKeystore(Properties props)
|
|
|
158 |
throws IOException, GeneralSecurityException {
|
|
|
159 |
if (log.isDebugOn())
|
|
|
160 |
log.debug("checkKeystore","Checking Keystore configuration");
|
|
|
161 |
|
|
|
162 |
final String keyStore =
|
|
|
163 |
System.getProperty(PropertyNames.KEYSTORE);
|
|
|
164 |
if (keyStore == null)
|
|
|
165 |
throw new IllegalArgumentException("System property " +
|
|
|
166 |
PropertyNames.KEYSTORE +
|
|
|
167 |
" not specified");
|
|
|
168 |
|
|
|
169 |
final String keyStorePass =
|
|
|
170 |
System.getProperty(PropertyNames.KEYSTORE_PASSWD);
|
|
|
171 |
if (keyStorePass == null) {
|
|
|
172 |
// We don't have the password, we can only check whether the
|
|
|
173 |
// file exists...
|
|
|
174 |
//
|
|
|
175 |
final File ksf = new File(keyStore);
|
|
|
176 |
if (! ksf.canRead())
|
|
|
177 |
throw new IOException(keyStore + ": not readable");
|
|
|
178 |
|
|
|
179 |
if (log.isDebugOn())
|
|
|
180 |
log.debug("checkSSL", "No password.");
|
|
|
181 |
throw new IllegalArgumentException("System property " +
|
|
|
182 |
PropertyNames.KEYSTORE_PASSWD +
|
|
|
183 |
" not specified");
|
|
|
184 |
}
|
|
|
185 |
|
|
|
186 |
// Now we're going to load the keyStore - just to check it's
|
|
|
187 |
// correct.
|
|
|
188 |
//
|
|
|
189 |
final String keyStoreType =
|
|
|
190 |
System.getProperty(PropertyNames.KEYSTORE_TYPE,
|
|
|
191 |
KeyStore.getDefaultType());
|
|
|
192 |
final KeyStore ks = KeyStore.getInstance(keyStoreType);
|
|
|
193 |
final FileInputStream fin = new FileInputStream(keyStore);
|
|
|
194 |
final char keypassword[] = keyStorePass.toCharArray();
|
|
|
195 |
|
|
|
196 |
try {
|
|
|
197 |
ks.load(fin,keypassword);
|
|
|
198 |
} finally {
|
|
|
199 |
Arrays.fill(keypassword,' ');
|
|
|
200 |
fin.close();
|
|
|
201 |
}
|
|
|
202 |
|
|
|
203 |
if (log.isDebugOn())
|
|
|
204 |
log.debug("checkSSL","SSL configuration successfully checked");
|
|
|
205 |
}
|
|
|
206 |
|
|
|
207 |
private void checkSslConfiguration() throws Exception {
|
|
|
208 |
final String defaultConf =
|
|
|
209 |
getDefaultFileName(DefaultValues.CONFIG_FILE_NAME);
|
|
|
210 |
final String confname =
|
|
|
211 |
System.getProperty(PropertyNames.CONFIG_FILE_NAME,defaultConf);
|
|
|
212 |
|
|
|
213 |
final Properties props = new Properties();
|
|
|
214 |
final File conf = new File(confname);
|
|
|
215 |
if (conf.exists()) {
|
|
|
216 |
FileInputStream fin = new FileInputStream(conf);
|
|
|
217 |
try {props.load(fin);} finally {fin.close();}
|
|
|
218 |
}
|
|
|
219 |
|
|
|
220 |
// Do we use SSL?
|
|
|
221 |
final String useSslStr =
|
|
|
222 |
props.getProperty(PropertyNames.USE_SSL,
|
|
|
223 |
DefaultValues.USE_SSL);
|
|
|
224 |
final boolean useSsl =
|
|
|
225 |
Boolean.valueOf(useSslStr).booleanValue();
|
|
|
226 |
|
|
|
227 |
log.debug("checkSslConfiguration",PropertyNames.USE_SSL+"="+useSsl);
|
|
|
228 |
if (useSsl == false) {
|
|
|
229 |
final String msg =
|
|
|
230 |
PropertyNames.USE_SSL+"="+useSsl+", can't run test";
|
|
|
231 |
throw new IllegalArgumentException(msg);
|
|
|
232 |
}
|
|
|
233 |
|
|
|
234 |
try {
|
|
|
235 |
checkKeystore(props);
|
|
|
236 |
} catch (Exception x) {
|
|
|
237 |
// Ok!
|
|
|
238 |
log.debug("checkSslConfiguration","Test configuration OK: " + x);
|
|
|
239 |
return;
|
|
|
240 |
}
|
|
|
241 |
|
|
|
242 |
final String msg = "KeyStore properly configured, can't run test";
|
|
|
243 |
throw new IllegalArgumentException(msg);
|
|
|
244 |
}
|
|
|
245 |
|
|
|
246 |
/**
|
|
|
247 |
* Test the configuration indicated by `file'.
|
|
|
248 |
* Sets the appropriate System properties for config file and
|
|
|
249 |
* port and then calls ConnectorBootstrap.initialize().
|
|
|
250 |
* eventually cleans up by calling ConnectorBootstrap.terminate().
|
|
|
251 |
* @return null if the test succeeds, an error message otherwise.
|
|
|
252 |
**/
|
|
|
253 |
private String testConfiguration(File file,int port) {
|
|
|
254 |
|
|
|
255 |
final String path = (file==null)?null:file.getAbsolutePath();
|
|
|
256 |
final String config = (path==null)?"Default config file":path;
|
|
|
257 |
|
|
|
258 |
try {
|
|
|
259 |
System.out.println("***");
|
|
|
260 |
System.out.println("*** Testing configuration (port="+
|
|
|
261 |
port + "): "+ path);
|
|
|
262 |
System.out.println("***");
|
|
|
263 |
|
|
|
264 |
System.setProperty("com.sun.management.jmxremote.port",
|
|
|
265 |
Integer.toString(port));
|
|
|
266 |
if (path != null)
|
|
|
267 |
System.setProperty("com.sun.management.config.file", path);
|
|
|
268 |
else
|
|
|
269 |
System.getProperties().
|
|
|
270 |
remove("com.sun.management.config.file");
|
|
|
271 |
|
|
|
272 |
log.trace("testConfiguration","com.sun.management.jmxremote.port="+port);
|
|
|
273 |
if (path != null && log.isDebugOn())
|
|
|
274 |
log.trace("testConfiguration",
|
|
|
275 |
"com.sun.management.config.file="+path);
|
|
|
276 |
|
|
|
277 |
checkSslConfiguration();
|
|
|
278 |
|
|
|
279 |
final JMXConnectorServer cs;
|
|
|
280 |
try {
|
|
|
281 |
cs = ConnectorBootstrap.initialize();
|
|
|
282 |
} catch (AgentConfigurationError x) {
|
|
|
283 |
final String err = "Failed to initialize connector:" +
|
|
|
284 |
"\n\tcom.sun.management.jmxremote.port=" + port +
|
|
|
285 |
((path!=null)?"\n\tcom.sun.management.config.file="+path:
|
|
|
286 |
"\n\t"+config) +
|
|
|
287 |
"\n\tError is: " + x;
|
|
|
288 |
|
|
|
289 |
log.trace("testConfiguration","Expected failure: " + err);
|
|
|
290 |
log.debug("testConfiguration",x);
|
|
|
291 |
System.out.println("Got expected failure: " + x);
|
|
|
292 |
return null;
|
|
|
293 |
} catch (Exception x) {
|
|
|
294 |
log.debug("testConfiguration",x);
|
|
|
295 |
return x.toString();
|
|
|
296 |
}
|
|
|
297 |
try {
|
|
|
298 |
JMXConnector cc =
|
|
|
299 |
JMXConnectorFactory.connect(cs.getAddress(), null);
|
|
|
300 |
cc.close();
|
|
|
301 |
} catch (IOException x) {
|
|
|
302 |
final String err = "Failed to initialize connector:" +
|
|
|
303 |
"\n\tcom.sun.management.jmxremote.port=" + port +
|
|
|
304 |
((path!=null)?"\n\tcom.sun.management.config.file="+path:
|
|
|
305 |
"\n\t"+config) +
|
|
|
306 |
"\n\tError is: " + x;
|
|
|
307 |
|
|
|
308 |
log.trace("testConfiguration","Expected failure: " + err);
|
|
|
309 |
log.debug("testConfiguration",x);
|
|
|
310 |
System.out.println("Got expected failure: " + x);
|
|
|
311 |
return null;
|
|
|
312 |
} catch (Exception x) {
|
|
|
313 |
log.debug("testConfiguration",x);
|
|
|
314 |
return x.toString();
|
|
|
315 |
}
|
|
|
316 |
try {
|
|
|
317 |
cs.stop();
|
|
|
318 |
} catch (Exception x) {
|
|
|
319 |
final String err = "Failed to terminate: "+x;
|
|
|
320 |
log.trace("testConfiguration",err);
|
|
|
321 |
log.debug("testConfiguration",x);
|
|
|
322 |
}
|
|
|
323 |
final String err = "Bootstrap should have failed:" +
|
|
|
324 |
"\n\tcom.sun.management.jmxremote.port=" + port +
|
|
|
325 |
((path!=null)?"\n\tcom.sun.management.config.file="+path:
|
|
|
326 |
"\n\t"+config);
|
|
|
327 |
log.trace("testConfiguration",err);
|
|
|
328 |
return err;
|
|
|
329 |
} catch (Exception x) {
|
|
|
330 |
final String err = "Failed to test bootstrap for:" +
|
|
|
331 |
"\n\tcom.sun.management.jmxremote.port=" + port +
|
|
|
332 |
((path!=null)?"\n\tcom.sun.management.config.file="+path:
|
|
|
333 |
"\n\t"+config)+
|
|
|
334 |
"\n\tError is: " + x;
|
|
|
335 |
|
|
|
336 |
log.trace("testConfiguration",err);
|
|
|
337 |
log.debug("testConfiguration",x);
|
|
|
338 |
return err;
|
|
|
339 |
}
|
|
|
340 |
}
|
|
|
341 |
|
|
|
342 |
/**
|
|
|
343 |
* Test a configuration file. Determines whether the bootstrap
|
|
|
344 |
* should succeed or fail depending on the file name:
|
|
|
345 |
* *ok.properties: bootstrap should succeed.
|
|
|
346 |
* *ko.properties: bootstrap or connection should fail.
|
|
|
347 |
* @return null if the test succeeds, an error message otherwise.
|
|
|
348 |
**/
|
|
|
349 |
private String testConfigurationFile(String fileName) {
|
|
|
350 |
File file = new File(fileName);
|
|
|
351 |
final String portStr = System.getProperty("rmi.port","12424");
|
|
|
352 |
final int port = Integer.parseInt(portStr);
|
|
|
353 |
|
|
|
354 |
return testConfiguration(file,port+testPort++);
|
|
|
355 |
}
|
|
|
356 |
|
|
|
357 |
|
|
|
358 |
/**
|
|
|
359 |
* Tests the specified configuration files.
|
|
|
360 |
* If args[] is not empty, each element in args[] is expected to be
|
|
|
361 |
* a filename ending either by ok.properties or ko.properties.
|
|
|
362 |
* Otherwise, the configuration files will be automatically determined
|
|
|
363 |
* by looking at all *.properties files located in the directory
|
|
|
364 |
* indicated by the System property "test.src".
|
|
|
365 |
* @throws RuntimeException if the test fails.
|
|
|
366 |
**/
|
|
|
367 |
public void run(String args[]) {
|
|
|
368 |
final String defaultKeyStore =
|
|
|
369 |
getDefaultStoreName(DefaultValues.KEYSTORE);
|
|
|
370 |
final String keyStore =
|
|
|
371 |
System.getProperty(PropertyNames.KEYSTORE, defaultKeyStore);
|
|
|
372 |
|
|
|
373 |
for (int i=0; i<args.length; i++) {
|
|
|
374 |
|
|
|
375 |
String errStr =testConfigurationFile(args[i]);
|
|
|
376 |
if (errStr != null) {
|
|
|
377 |
throw new RuntimeException(errStr);
|
|
|
378 |
}
|
|
|
379 |
|
|
|
380 |
if ((System.getProperty(PropertyNames.KEYSTORE) == null) &&
|
|
|
381 |
(System.getProperty(PropertyNames.KEYSTORE_PASSWD) == null)) {
|
|
|
382 |
try {
|
|
|
383 |
|
|
|
384 |
// Specify the keystore, but don't specify the
|
|
|
385 |
// password.
|
|
|
386 |
//
|
|
|
387 |
System.setProperty(PropertyNames.KEYSTORE,keyStore);
|
|
|
388 |
log.trace("run",PropertyNames.KEYSTORE+"="+keyStore);
|
|
|
389 |
|
|
|
390 |
errStr =testConfigurationFile(args[i]);
|
|
|
391 |
if (errStr != null) {
|
|
|
392 |
throw new RuntimeException(errStr);
|
|
|
393 |
}
|
|
|
394 |
} finally {
|
|
|
395 |
System.getProperties().remove(PropertyNames.KEYSTORE);
|
|
|
396 |
}
|
|
|
397 |
}
|
|
|
398 |
}
|
|
|
399 |
}
|
|
|
400 |
|
|
|
401 |
/**
|
|
|
402 |
* Calls run(args[]).
|
|
|
403 |
* exit(1) if the test fails.
|
|
|
404 |
**/
|
|
|
405 |
public static void main(String args[]) {
|
|
|
406 |
RmiSslNoKeyStoreTest manager = new RmiSslNoKeyStoreTest();
|
|
|
407 |
try {
|
|
|
408 |
manager.run(args);
|
|
|
409 |
} catch (RuntimeException r) {
|
|
|
410 |
System.err.println("Test Failed: "+ r.getMessage());
|
|
|
411 |
System.exit(1);
|
|
|
412 |
} catch (Throwable t) {
|
|
|
413 |
System.err.println("Test Failed: "+ t);
|
|
|
414 |
t.printStackTrace();
|
|
|
415 |
System.exit(2);
|
|
|
416 |
}
|
|
|
417 |
System.out.println("**** Test RmiSslNoKeyStoreTest Passed ****");
|
|
|
418 |
}
|
|
|
419 |
|
|
|
420 |
}
|