19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 * or visit www.oracle.com if you need additional information or have any |
20 * or visit www.oracle.com if you need additional information or have any |
21 * questions. |
21 * questions. |
22 */ |
22 */ |
23 |
23 |
|
24 import java.io.File; |
24 import java.net.URI; |
25 import java.net.URI; |
25 import java.net.http.HttpClient; |
26 import java.net.http.HttpClient; |
26 import java.net.http.HttpClient.Version; |
27 import java.net.http.HttpResponse.BodyHandlers; |
27 import java.net.http.HttpResponse.BodyHandler; |
|
28 import static java.net.http.HttpResponse.BodyHandlers.ofString; |
|
29 import java.net.http.HttpRequest; |
28 import java.net.http.HttpRequest; |
30 import java.net.http.HttpResponse; |
29 import java.net.http.HttpResponse; |
31 import javax.net.ssl.SSLContext; |
30 import javax.net.ssl.SSLContext; |
|
31 import javax.net.ssl.SSLException; |
32 import javax.net.ssl.SSLParameters; |
32 import javax.net.ssl.SSLParameters; |
33 |
33 |
34 /* |
34 /* |
35 * @test |
35 * @test |
36 * @build Server CertificateTest |
36 * @build Server CertificateTest |
37 * @run main/othervm CertificateTest good |
37 * @run main/othervm CertificateTest good.keystore expectSuccess |
38 * @run main/othervm CertificateTest bad |
38 * @run main/othervm CertificateTest bad.keystore expectFailure |
|
39 * @run main/othervm |
|
40 * -Djdk.internal.http.disableHostnameVerification |
|
41 * CertificateTest bad.keystore expectSuccess |
|
42 * @run main/othervm |
|
43 * -Djdk.internal.http.disableHostnameVerification=true |
|
44 * CertificateTest bad.keystore expectSuccess |
|
45 * @run main/othervm |
|
46 * -Djdk.internal.http.disableHostnameVerification=false |
|
47 * CertificateTest bad.keystore expectFailure |
|
48 * @run main/othervm |
|
49 * -Djdk.internal.http.disableHostnameVerification=xxyyzz |
|
50 * CertificateTest bad.keystore expectFailure |
39 */ |
51 */ |
40 |
52 |
41 /** |
53 /** |
42 * The test runs twice. In both cases it uses a valid self-signed certificate |
54 * The test runs a number of times. In all cases it uses a valid self-signed certificate |
43 * that is installed in the trust store (so is trusted) and the same cert is supplied |
55 * that is installed in the trust store (so is trusted) and the same cert is supplied |
44 * by the server for its own identity. Two servers on two different ports are used |
56 * by the server for its own identity. Two servers on two different ports are used |
45 * on the remote end. |
57 * on the remote end. |
46 * |
58 * |
47 * For the "good" run the cert contains the correct hostname of the target server |
59 * For the "good" run the cert contains the correct hostname of the target server |
49 * For the "bad" run, the cert contains an invalid hostname, and should be rejected. |
61 * For the "bad" run, the cert contains an invalid hostname, and should be rejected. |
50 */ |
62 */ |
51 public class CertificateTest { |
63 public class CertificateTest { |
52 static SSLContext ctx; |
64 static SSLContext ctx; |
53 static SSLParameters params; |
65 static SSLParameters params; |
54 static boolean good; |
66 static boolean expectSuccess; |
55 static String trustStoreProp; |
67 static String trustStoreProp; |
56 static String suffix; |
|
57 static Server server; |
68 static Server server; |
58 static int port; |
69 static int port; |
59 |
70 |
60 static String TESTSRC = System.getProperty("test.src"); |
71 static String TESTSRC = System.getProperty("test.src"); |
61 public static void main(String[] args) throws Exception |
72 public static void main(String[] args) throws Exception |
62 { |
73 { |
63 try { |
74 try { |
64 if (args[0].equals("good")) { |
75 String keystore = args[0]; |
65 good = true; |
76 trustStoreProp = TESTSRC + File.separatorChar + keystore; |
66 trustStoreProp = TESTSRC + "/good.keystore"; |
77 |
|
78 String passOrFail = args[1]; |
|
79 |
|
80 if (passOrFail.equals("expectSuccess")) { |
|
81 expectSuccess = true; |
67 } else { |
82 } else { |
68 good = false; |
83 expectSuccess = false; |
69 trustStoreProp = TESTSRC + "/bad.keystore"; |
|
70 } |
84 } |
71 server = new Server(trustStoreProp); |
85 server = new Server(trustStoreProp); |
72 port = server.getPort(); |
86 port = server.getPort(); |
73 System.setProperty("javax.net.ssl.trustStore", trustStoreProp); |
87 System.setProperty("javax.net.ssl.trustStore", trustStoreProp); |
74 System.setProperty("javax.net.ssl.trustStorePassword", "passphrase"); |
88 System.setProperty("javax.net.ssl.trustStorePassword", "passphrase"); |
101 .version(HttpClient.Version.HTTP_1_1) |
115 .version(HttpClient.Version.HTTP_1_1) |
102 .GET() |
116 .GET() |
103 .build(); |
117 .build(); |
104 |
118 |
105 try { |
119 try { |
106 HttpResponse<String> response = client.send(request, ofString()); |
120 HttpResponse<String> response = client.send(request, BodyHandlers.ofString()); |
107 System.out.printf("Status code %d received\n", response.statusCode()); |
121 System.out.printf("Status code %d received\n", response.statusCode()); |
108 if (good && response.statusCode() != 200) |
122 if (expectSuccess && response.statusCode() != 200) |
109 error = "Test failed: good: status should be 200"; |
123 error = "Test failed: good: status should be 200"; |
110 else if (!good) |
124 else if (!expectSuccess) |
111 error = "Test failed: bad: status should not be 200"; |
125 error = "Test failed: bad: status should not be 200"; |
112 } catch (Exception e) { |
126 } catch (SSLException e) { |
113 System.err.println("Exception good = " + good); |
127 System.err.println("Caught Exception " + e + ". expectSuccess = " + expectSuccess); |
114 exception = e; |
128 exception = e; |
115 if (good) |
129 if (expectSuccess) |
116 error = "Test failed: good: got exception"; |
130 error = "Test failed: expectSuccess:true, but got unexpected exception"; |
117 } |
131 } |
118 if (error != null) |
132 if (error != null) |
119 throw new RuntimeException(error, exception); |
133 throw new RuntimeException(error, exception); |
120 } |
134 } |
121 } |
135 } |