--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/net/www/protocol/http/ProxyTunnelServer.java Sat Dec 01 00:00:00 2007 +0000
@@ -0,0 +1,311 @@
+/*
+ * Copyright 2002 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ *
+ * This class includes a proxy server that processes HTTP CONNECT requests,
+ * and tunnels the data from the client to the server, once the CONNECT
+ * request is accepted.
+ * It is used by the TunnelThroughProxy test.
+ */
+
+import java.io.*;
+import java.net.*;
+import javax.net.ssl.*;
+import javax.net.ServerSocketFactory;
+import sun.net.www.*;
+
+public class ProxyTunnelServer extends Thread {
+
+ private static ServerSocket ss = null;
+ /*
+ * holds the registered user's username and password
+ * only one such entry is maintained
+ */
+ private String userPlusPass;
+
+ // client requesting for a tunnel
+ private Socket clientSocket = null;
+
+ /*
+ * Origin server's address and port that the client
+ * wants to establish the tunnel for communication.
+ */
+ private InetAddress serverInetAddr;
+ private int serverPort;
+
+ /*
+ * denote whether the proxy needs to authorize
+ * CONNECT requests.
+ */
+ static boolean needAuth = false;
+
+ public ProxyTunnelServer() throws IOException {
+ if (ss == null) {
+ ss = (ServerSocket) ServerSocketFactory.getDefault().
+ createServerSocket(0);
+ }
+ }
+
+ public void needUserAuth(boolean auth) {
+ needAuth = auth;
+ }
+
+ /*
+ * register users with the proxy, by providing username and
+ * password. The username and password are used for authorizing the
+ * user when a CONNECT request is made and needAuth is set to true.
+ */
+ public void setUserAuth(String uname, String passwd) {
+ userPlusPass = uname + ":" + passwd;
+ }
+
+ public void run() {
+ try {
+ clientSocket = ss.accept();
+ processRequests();
+ } catch (Exception e) {
+ System.out.println("Proxy Failed: " + e);
+ e.printStackTrace();
+ try {
+ ss.close();
+ }
+ catch (IOException excep) {
+ System.out.println("ProxyServer close error: " + excep);
+ excep.printStackTrace();
+ }
+ }
+ }
+
+ /*
+ * Processes the CONNECT requests, if needAuth is set to true, then
+ * the name and password are extracted from the Proxy-Authorization header
+ * of the request. They are checked against the one that is registered,
+ * if there is a match, connection is set in tunneling mode. If
+ * needAuth is set to false, Proxy-Authorization checks are not made
+ */
+ private void processRequests() throws Exception {
+
+ InputStream in = clientSocket.getInputStream();
+ MessageHeader mheader = new MessageHeader(in);
+ String statusLine = mheader.getValue(0);
+
+ if (statusLine.startsWith("CONNECT")) {
+ // retrieve the host and port info from the status-line
+ // retrieveConnectInfo(statusLine);
+ if (needAuth) {
+ String authInfo;
+ if ((authInfo = mheader.findValue("Proxy-Authorization"))
+ != null) {
+ if (authenticate(authInfo)) {
+ needAuth = false;
+ System.out.println(
+ "Proxy: client authentication successful");
+ }
+ }
+ }
+ respondForConnect(needAuth);
+
+ // connection set to the tunneling mode
+ if (!needAuth) {
+ // doTunnel();
+ /*
+ * done with tunneling, we process only one successful
+ * tunneling request
+ */
+ ss.close();
+ } else {
+ // we may get another request with Proxy-Authorization set
+ in.close();
+ clientSocket.close();
+ restart();
+ }
+ } else {
+ System.out.println("proxy server: processes only "
+ + "CONNECT method requests, recieved: "
+ + statusLine);
+ }
+ }
+
+ private void respondForConnect(boolean needAuth) throws Exception {
+
+ OutputStream out = clientSocket.getOutputStream();
+ PrintWriter pout = new PrintWriter(out);
+
+ if (needAuth) {
+ pout.println("HTTP/1.1 407 Proxy Auth Required");
+ pout.println("Proxy-Authenticate: Basic realm=\"WallyWorld\"");
+ pout.println();
+ pout.flush();
+ out.close();
+ } else {
+ pout.println("HTTP/1.1 500 Server Error");
+ pout.println();
+ pout.flush();
+ out.close();
+ }
+ }
+
+ private void restart() throws IOException {
+ (new Thread(this)).start();
+ }
+
+ /*sc
+ * note: Tunneling has to be provided in both directions, i.e
+ * from client->server and server->client, even if the application
+ * data may be unidirectional, SSL handshaking data flows in either
+ * direction.
+ */
+ private void doTunnel() throws Exception {
+
+ Socket serverSocket = new Socket(serverInetAddr, serverPort);
+ ProxyTunnel clientToServer = new ProxyTunnel(
+ clientSocket, serverSocket);
+ ProxyTunnel serverToClient = new ProxyTunnel(
+ serverSocket, clientSocket);
+ clientToServer.start();
+ serverToClient.start();
+ System.out.println("Proxy: Started tunneling.......");
+
+ clientToServer.join();
+ serverToClient.join();
+ System.out.println("Proxy: Finished tunneling........");
+
+ clientToServer.close();
+ serverToClient.close();
+ }
+
+ /*
+ * This inner class provides unidirectional data flow through the sockets
+ * by continuously copying bytes from the input socket onto the output
+ * socket, until both sockets are open and EOF has not been received.
+ */
+ class ProxyTunnel extends Thread {
+ Socket sockIn;
+ Socket sockOut;
+ InputStream input;
+ OutputStream output;
+
+ public ProxyTunnel(Socket sockIn, Socket sockOut)
+ throws Exception {
+ this.sockIn = sockIn;
+ this.sockOut = sockOut;
+ input = sockIn.getInputStream();
+ output = sockOut.getOutputStream();
+ }
+
+ public void run() {
+ int BUFFER_SIZE = 400;
+ byte[] buf = new byte[BUFFER_SIZE];
+ int bytesRead = 0;
+ int count = 0; // keep track of the amount of data transfer
+
+ try {
+ while ((bytesRead = input.read(buf)) >= 0) {
+ output.write(buf, 0, bytesRead);
+ output.flush();
+ count += bytesRead;
+ }
+ } catch (IOException e) {
+ /*
+ * The peer end has closed the connection
+ * we will close the tunnel
+ */
+ close();
+ }
+ }
+
+ public void close() {
+ try {
+ if (!sockIn.isClosed())
+ sockIn.close();
+ if (!sockOut.isClosed())
+ sockOut.close();
+ } catch (IOException ignored) { }
+ }
+ }
+
+ /*
+ ***************************************************************
+ * helper methods follow
+ ***************************************************************
+ */
+
+ /*
+ * This method retrieves the hostname and port of the destination
+ * that the connect request wants to establish a tunnel for
+ * communication.
+ * The input, connectStr is of the form:
+ * CONNECT server-name:server-port HTTP/1.x
+ */
+ private void retrieveConnectInfo(String connectStr) throws Exception {
+ int starti;
+ int endi;
+ String connectInfo;
+ String serverName = null;
+ try {
+ starti = connectStr.indexOf(' ');
+ endi = connectStr.lastIndexOf(' ');
+ connectInfo = connectStr.substring(starti+1, endi).trim();
+ // retrieve server name and port
+ endi = connectInfo.indexOf(':');
+ serverName = connectInfo.substring(0, endi);
+ serverPort = Integer.parseInt(connectInfo.substring(endi+1));
+ } catch (Exception e) {
+ throw new IOException("Proxy recieved a request: "
+ + connectStr);
+ }
+ serverInetAddr = InetAddress.getByName(serverName);
+ }
+
+ public int getPort() {
+ return ss.getLocalPort();
+ }
+
+ /*
+ * do "basic" authentication, authInfo is of the form:
+ * Basic <encoded username":"password>
+ * reference RFC 2617
+ */
+ private boolean authenticate(String authInfo) throws IOException {
+ boolean matched = false;
+ try {
+ authInfo.trim();
+ int ind = authInfo.indexOf(' ');
+ String recvdUserPlusPass = authInfo.substring(ind + 1).trim();
+ // extract encoded (username:passwd
+ if (userPlusPass.equals(
+ new String(
+ (new sun.misc.BASE64Decoder()).
+ decodeBuffer(recvdUserPlusPass)
+ ))) {
+ matched = true;
+ }
+ } catch (Exception e) {
+ throw new IOException(
+ "Proxy received invalid Proxy-Authorization value: "
+ + authInfo);
+ }
+ return matched;
+ }
+}