--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/javax/net/ssl/TLS/TLSClientPropertyTest.java Tue Sep 12 19:03:39 2017 +0200
@@ -0,0 +1,212 @@
+/*
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8049432 8069038
+ * @summary New tests for TLS property jdk.tls.client.protocols
+ * @summary javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be
+ * updated for JDK-8061210
+ * @modules java.security.jgss
+ * java.security.jgss/sun.security.krb5:+open
+ * java.security.jgss/sun.security.krb5.internal:+open
+ * java.security.jgss/sun.security.krb5.internal.ccache
+ * java.security.jgss/sun.security.krb5.internal.crypto
+ * java.security.jgss/sun.security.krb5.internal.ktab
+ * java.base/sun.security.util
+ * @run main/othervm TLSClientPropertyTest NoProperty
+ * @run main/othervm TLSClientPropertyTest SSLv3
+ * @run main/othervm TLSClientPropertyTest TLSv1
+ * @run main/othervm TLSClientPropertyTest TLSv11
+ * @run main/othervm TLSClientPropertyTest TLSv12
+ * @run main/othervm TLSClientPropertyTest WrongProperty
+ */
+
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.List;
+import javax.net.ssl.SSLContext;
+
+/**
+ * Sets the property jdk.tls.client.protocols to one of this protocols:
+ * SSLv3,TLSv1,TLSv1.1,TLSv1.2 and TLSV(invalid) or removes this
+ * property (if any),then validates the default, supported and current
+ * protocols in the SSLContext.
+ */
+public class TLSClientPropertyTest {
+ private final String[] expectedSupportedProtos = new String[] {
+ "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"
+ };
+
+ public static void main(String[] args) throws Exception {
+
+ if (args.length < 1) {
+ throw new RuntimeException(
+ "Incorrect arguments,expected arguments: testCase");
+ }
+
+ String[] expectedDefaultProtos;
+ String testCase = args[0];
+ String contextProtocol;
+ switch (testCase) {
+ case "NoProperty":
+ if (System.getProperty("jdk.tls.client.protocols") != null) {
+ System.getProperties().remove("jdk.tls.client.protocols");
+ }
+ contextProtocol = null;
+ expectedDefaultProtos = new String[] {
+ "TLSv1", "TLSv1.1", "TLSv1.2"
+ };
+ break;
+ case "SSLv3":
+ contextProtocol = "SSLv3";
+ expectedDefaultProtos = new String[] {
+ };
+ break;
+ case "TLSv1":
+ contextProtocol = "TLSv1";
+ expectedDefaultProtos = new String[] {
+ "TLSv1"
+ };
+ break;
+ case "TLSv11":
+ contextProtocol = "TLSv1.1";
+ expectedDefaultProtos = new String[] {
+ "TLSv1", "TLSv1.1"
+ };
+ break;
+ case "TLSv12":
+ contextProtocol = "TLSv1.2";
+ expectedDefaultProtos = new String[] {
+ "TLSv1", "TLSv1.1", "TLSv1.2"
+ };
+ break;
+ case "WrongProperty":
+ expectedDefaultProtos = new String[] {};
+ contextProtocol = "TLSV";
+ break;
+ default:
+ throw new RuntimeException("test case is wrong");
+ }
+ if (contextProtocol != null) {
+ System.setProperty("jdk.tls.client.protocols", contextProtocol);
+ }
+ try {
+ TLSClientPropertyTest test = new TLSClientPropertyTest();
+ test.test(contextProtocol, expectedDefaultProtos);
+ if (testCase.equals("WrongProperty")) {
+ throw new RuntimeException(
+ "Test failed: NoSuchAlgorithmException " +
+ "is expected when input wrong protocol");
+ } else {
+ System.out.println("Test " + contextProtocol + " passed");
+ }
+ } catch (NoSuchAlgorithmException nsae) {
+ if (testCase.equals("WrongProperty")) {
+ System.out.println("NoSuchAlgorithmException is expected,"
+ + contextProtocol + " test passed");
+ } else {
+ throw nsae;
+ }
+ }
+
+ }
+
+ /**
+ * The parameter passed is the user enforced protocol. Does not catch
+ * NoSuchAlgorithmException, WrongProperty test will use it.
+ */
+ public void test(String expectedContextProto,
+ String[] expectedDefaultProtos) throws NoSuchAlgorithmException {
+
+ SSLContext context = null;
+ try {
+ if (expectedContextProto != null) {
+ context = SSLContext.getInstance(expectedContextProto);
+ context.init(null, null, null);
+ } else {
+ context = SSLContext.getDefault();
+ }
+ printContextDetails(context);
+ } catch (KeyManagementException ex) {
+ error(null, ex);
+ }
+
+ validateContext(expectedContextProto, expectedDefaultProtos, context);
+ }
+
+ /**
+ * Simple print utility for SSLContext's protocol details.
+ */
+ private void printContextDetails(SSLContext context) {
+ System.out.println("Default Protocols: "
+ + Arrays.toString(context.getDefaultSSLParameters()
+ .getProtocols()));
+ System.out.println("Supported Protocols: "
+ + Arrays.toString(context.getSupportedSSLParameters()
+ .getProtocols()));
+ System.out.println("Current Protocol : " + context.getProtocol());
+
+ }
+
+ /**
+ * Error handler.
+ */
+ private void error(String msg, Throwable tble) {
+ String finalMsg = "FAILED " + (msg != null ? msg : "");
+ if (tble != null) {
+ throw new RuntimeException(finalMsg, tble);
+ }
+ throw new RuntimeException(finalMsg);
+ }
+
+ /**
+ * Validates the SSLContext's protocols against the user enforced protocol.
+ */
+ private void validateContext(String expectedProto,
+ String[] expectedDefaultProtos, SSLContext context) {
+ if (expectedProto == null) {
+ expectedProto = "Default";
+ }
+ if (!context.getProtocol().equals(expectedProto)) {
+ error("Invalid current protocol: " + context.getProtocol()
+ + ", Expected:" + expectedProto, null);
+ }
+ List<String> actualDefaultProtos = Arrays.asList(context
+ .getDefaultSSLParameters().getProtocols());
+ for (String p : expectedDefaultProtos) {
+ if (!actualDefaultProtos.contains(p)) {
+ error("Default protocol " + p + "missing", null);
+ }
+ }
+ List<String> actualSupportedProtos = Arrays.asList(context
+ .getSupportedSSLParameters().getProtocols());
+
+ for (String p : expectedSupportedProtos) {
+ if (!actualSupportedProtos.contains(p)) {
+ error("Expected to support protocol:" + p, null);
+ }
+ }
+ }
+}