1 /*

     2  * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * under the terms of the GNU General Public License version 2 only, as

     7  * published by the Free Software Foundation.

     8  *

     9  * This code is distributed in the hope that it will be useful, but WITHOUT

    10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

    11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

    12  * version 2 for more details (a copy is included in the LICENSE file that

    13  * accompanied this code).

    14  *

    15  * You should have received a copy of the GNU General Public License version

    16  * 2 along with this work; if not, write to the Free Software Foundation,

    17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

    18  *

    19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

    20  * or visit www.oracle.com if you need additional information or have any

    21  * questions.

    22  */

    23 

    24 import java.net.HttpURLPermission;

    25 /*

    26  * Run the tests once without security manager and once with

    27  *

    28  * @test

    29  * @bug 8010464

    30  * @compile ../../../com/sun/net/httpserver/SimpleSSLContext.java

    31  * @run main/othervm/policy=policy.1 URLTest one

    32  * @run main/othervm URLTest one

    33  * @run main/othervm/policy=policy.2 URLTest two

    34  * @run main/othervm URLTest two

    35  * @run main/othervm/policy=policy.3 URLTest three

    36  * @run main/othervm URLTest three

    37  */

    38 

    39 import java.net.*;

    40 import java.io.*;

    41 import java.util.*;

    42 import java.util.concurrent.*;

    43 import java.util.logging.*;

    44 import com.sun.net.httpserver.*;

    45 import javax.net.ssl.*;

    46 

    47 public class URLTest {

    48     static boolean failed = false;

    49 

    50     public static void main (String[] args) throws Exception {

    51         boolean no = false, yes = true;

    52 

    53         if (System.getSecurityManager() == null) {

    54             yes = false;

    55         }

    56         createServers();

    57         InetSocketAddress addr1 = httpServer.getAddress();

    58         int port1 = addr1.getPort();

    59         InetSocketAddress addr2 = httpsServer.getAddress();

    60         int port2 = addr2.getPort();

    61 

    62           // each of the following cases is run with a different policy file

    63 

    64         switch (args[0]) {

    65           case "one":

    66             String url1 = "http://127.0.0.1:"+ port1 + "/foo.html";

    67             String url2 = "https://127.0.0.1:"+ port2 + "/foo.html";

    68             String url3 = "http://127.0.0.1:"+ port1 + "/bar.html";

    69             String url4 = "https://127.0.0.1:"+ port2 + "/bar.html";

    70 

    71             // simple positive test. Should succceed

    72             test(url1, "GET", "X-Foo", no);

    73             test(url1, "GET", "Z-Bar", "X-Foo", no);

    74             test(url1, "GET", "X-Foo", "Z-Bar", no);

    75             test(url1, "GET", "Z-Bar", no);

    76             test(url2, "POST", "X-Fob", no);

    77 

    78             // reverse the methods, should fail

    79             test(url1, "POST", "X-Foo", yes);

    80             test(url2, "GET", "X-Fob", yes);

    81 

    82             // different URLs, should fail

    83             test(url3, "GET", "X-Foo", yes);

    84             test(url4, "POST", "X-Fob", yes);

    85             break;

    86 

    87           case "two":

    88             url1 = "http://127.0.0.1:"+ port1 + "/foo.html";

    89             url2 = "https://127.0.0.1:"+ port2 + "/foo.html";

    90             url3 = "http://127.0.0.1:"+ port1 + "/bar.html";

    91             url4 = "https://127.0.0.1:"+ port2 + "/bar.html";

    92 

    93             // simple positive test. Should succceed

    94             test(url1, "GET", "X-Foo", no);

    95             test(url2, "POST", "X-Fob", no);

    96             test(url3, "GET", "X-Foo", no);

    97             test(url4, "POST", "X-Fob", no);

    98             break;

    99 

   100           case "three":

   101             url1 = "http://127.0.0.1:"+ port1 + "/foo.html";

   102             url2 = "https://127.0.0.1:"+ port2 + "/a/c/d/e/foo.html";

   103             url3 = "http://127.0.0.1:"+ port1 + "/a/b/c";

   104             url4 = "https://127.0.0.1:"+ port2 + "/a/b/c";

   105 

   106             test(url1, "GET", "X-Foo", yes);

   107             test(url2, "POST", "X-Zxc", no);

   108             test(url3, "DELETE", "Y-Foo", no);

   109             test(url4, "POST", "Y-Foo", yes);

   110             break;

   111         }

   112         shutdown();

   113         if (failed) {

   114             throw new RuntimeException("Test failed");

   115         }

   116     }

   117 

   118     public static void test (

   119         String u, String method,

   120         String header, boolean exceptionExpected

   121     )

   122         throws Exception

   123     {

   124         test(u, method, header, null, exceptionExpected);

   125     }

   126 

   127     public static void test (

   128         String u, String method,

   129         String header1, String header2, boolean exceptionExpected

   130     )

   131         throws Exception

   132     {

   133         URL url = new URL(u);

   134         System.out.println ("url=" + u + " method="+method + " header1="+header1

   135                 +" header2 = " + header2

   136                 +" exceptionExpected="+exceptionExpected);

   137         HttpURLConnection urlc = (HttpURLConnection)url.openConnection();

   138         if (urlc instanceof HttpsURLConnection) {

   139             HttpsURLConnection ssl = (HttpsURLConnection)urlc;

   140             ssl.setHostnameVerifier(new HostnameVerifier() {

   141                 public boolean verify(String host, SSLSession sess) {

   142                     return true;

   143                 }

   144             });

   145             ssl.setSSLSocketFactory (ctx.getSocketFactory());

   146         }

   147         urlc.setRequestMethod(method);

   148         if (header1 != null) {

   149             urlc.addRequestProperty(header1, "foo");

   150         }

   151         if (header2 != null) {

   152             urlc.addRequestProperty(header2, "bar");

   153         }

   154         try {

   155             int g = urlc.getResponseCode();

   156             if (exceptionExpected) {

   157                 failed = true;

   158                 System.out.println ("FAIL");

   159                 return;

   160             }

   161             if (g != 200) {

   162                 String s = Integer.toString(g);

   163                 throw new RuntimeException("unexpected response "+ s);

   164             }

   165             InputStream is = urlc.getInputStream();

   166             int c,count=0;

   167             byte[] buf = new byte[1024];

   168             while ((c=is.read(buf)) != -1) {

   169                 count += c;

   170             }

   171             is.close();

   172         } catch (RuntimeException e) {

   173             if (! (e instanceof SecurityException) &&

   174                         !(e.getCause() instanceof SecurityException)  ||

   175                         !exceptionExpected)

   176             {

   177                 System.out.println ("FAIL");

   178                 //e.printStackTrace();

   179                 failed = true;

   180             }

   181         }

   182         System.out.println ("OK");

   183     }

   184 

   185     static HttpServer httpServer;

   186     static HttpsServer httpsServer;

   187     static HttpContext c, cs;

   188     static ExecutorService e, es;

   189     static SSLContext ctx;

   190 

   191     // These ports need to be hard-coded until we support port number

   192     // ranges in the permission class

   193 

   194     static final int PORT1 = 12567;

   195     static final int PORT2 = 12568;

   196 

   197     static void createServers() throws Exception {

   198         InetSocketAddress addr1 = new InetSocketAddress (PORT1);

   199         InetSocketAddress addr2 = new InetSocketAddress (PORT2);

   200         httpServer = HttpServer.create (addr1, 0);

   201         httpsServer = HttpsServer.create (addr2, 0);

   202 

   203         MyHandler h = new MyHandler();

   204 

   205         c = httpServer.createContext ("/", h);

   206         cs = httpsServer.createContext ("/", h);

   207         e = Executors.newCachedThreadPool();

   208         es = Executors.newCachedThreadPool();

   209         httpServer.setExecutor (e);

   210         httpsServer.setExecutor (es);

   211 

   212         // take the keystore from elsewhere in test hierarchy

   213         String keysdir = System.getProperty("test.src")

   214                 + "/../../../com/sun/net/httpserver/";

   215         ctx = new SimpleSSLContext(keysdir).get();

   216         httpsServer.setHttpsConfigurator(new HttpsConfigurator (ctx));

   217 

   218         httpServer.start();

   219         httpsServer.start();

   220     }

   221 

   222     static void shutdown() {

   223         httpServer.stop(1);

   224         httpsServer.stop(1);

   225         e.shutdown();

   226         es.shutdown();

   227     }

   228 

   229     static class MyHandler implements HttpHandler {

   230 

   231         MyHandler() {

   232         }

   233 

   234         public void handle(HttpExchange x) throws IOException {

   235             x.sendResponseHeaders(200, -1);

   236             x.close();

   237         }

   238     }

   239 

   240 }