jdk-sandbox: jdk/test/sun/security/krb5/auto/SSL.java@37a3f951eb3a (annotated)

4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	1	/*
8396 587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	2	* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	4	*
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	7	* published by the Free Software Foundation.
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	8	*
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	13	* accompanied this code).
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	14	*
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	18	*
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4534 diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4534 diff changeset	20	* or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 4534 diff changeset	21	* questions.
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	22	*/
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	23
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	24	/*
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	25	* @test
4534 791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	26	* @bug 6894643 6913636
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	27	* @summary Test JSSE Kerberos ciphersuite
8396 587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	28	* @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	29	* @run main/othervm SSL TLS_KRB5_WITH_RC4_128_MD5
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	30	* @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_SHA
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	31	* @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_MD5
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	32	* @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_SHA
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	33	* @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_MD5
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	34	* @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_SHA
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	35	* @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_MD5
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	36	* @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
587947f96036 7018928: test failure: sun/security/krb5/auto/SSL.java weijun parents: 7172 diff changeset	37	* @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	38	*/
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	39	import java.io.*;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	40	import java.net.InetAddress;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	41	import javax.net.ssl.*;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	42	import java.security.Principal;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	43	import java.util.Date;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	44	import sun.security.jgss.GSSUtil;
4534 791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	45	import sun.security.krb5.PrincipalName;
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	46	import sun.security.krb5.internal.ktab.KeyTab;
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	47
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	48	public class SSL {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	49
5975 076cd013e5e4 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) weijun parents: 5506 diff changeset	50	private static String krb5Cipher;
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	51	private static final int LOOP_LIMIT = 3;
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	52	private static int loopCount = 0;
4346 aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	53	private static volatile String server;
aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	54	private static volatile int port;
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	55
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	56	public static void main(String[] args) throws Exception {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	57
5975 076cd013e5e4 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) weijun parents: 5506 diff changeset	58	krb5Cipher = args[0];
076cd013e5e4 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) weijun parents: 5506 diff changeset	59
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	60	KDC kdc = KDC.create(OneKDC.REALM);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	61	// Run this after KDC, so our own DNS service can be started
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	62	try {
4346 aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	63	server = InetAddress.getLocalHost().getHostName().toLowerCase();
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	64	} catch (java.net.UnknownHostException e) {
4346 aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	65	server = "localhost";
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	66	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	67
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	68	kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	69	kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	70	KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	71	System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	72
4534 791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	73	// Add 3 versions of keys into keytab
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	74	KeyTab ktab = KeyTab.create(OneKDC.KTAB);
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	75	PrincipalName service = new PrincipalName(
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	76	"host/" + server, PrincipalName.KRB_NT_SRV_HST);
7172 01308fd663b3 6997740: ktab entry related test compilation error weijun parents: 5975 diff changeset	77	ktab.addEntry(service, "pass1".toCharArray(), 1, true);
01308fd663b3 6997740: ktab entry related test compilation error weijun parents: 5975 diff changeset	78	ktab.addEntry(service, "pass2".toCharArray(), 2, true);
01308fd663b3 6997740: ktab entry related test compilation error weijun parents: 5975 diff changeset	79	ktab.addEntry(service, "pass3".toCharArray(), 3, true);
4534 791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	80	ktab.save();
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	81
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	82	// and use the middle one as the real key
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	83	kdc.addPrincipal("host/" + server, "pass2".toCharArray());
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	84
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	85	// JAAS config entry name ssl
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	86	System.setProperty("java.security.auth.login.config", OneKDC.JAAS_CONF);
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	87	File f = new File(OneKDC.JAAS_CONF);
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	88	FileOutputStream fos = new FileOutputStream(f);
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	89	fos.write((
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	90	"ssl {\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	91	" com.sun.security.auth.module.Krb5LoginModule required\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	92	" principal=\"host/" + server + "\"\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	93	" useKeyTab=true\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	94	" keyTab=" + OneKDC.KTAB + "\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	95	" isInitiator=false\n" +
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	96	" storeKey=true;\n};\n"
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	97	).getBytes());
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	98	fos.close();
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	99	f.deleteOnExit();
791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	100
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	101	Context c;
4534 791203c47f4e 6913636: kvno check in JSSE weijun parents: 4346 diff changeset	102	final Context s = Context.fromJAAS("ssl");
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	103
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	104	// There's no keytab file when server starts.
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	105	s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	106
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	107	Thread server = new Thread(new Runnable() {
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	108	public void run() {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	109	try {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	110	s.doAs(new JsseServerAction(), null);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	111	} catch (Exception e) {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	112	e.printStackTrace();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	113	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	114	}
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	115	});
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	116	server.setDaemon(true);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	117	server.start();
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	118
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	119	// Warm the server
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	120	Thread.sleep(2000);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	121
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	122	// Now create the keytab
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	123
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	124	/*
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	125	// Add 3 versions of keys into keytab
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	126	KeyTab ktab = KeyTab.create(OneKDC.KTAB);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	127	PrincipalName service = new PrincipalName(
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	128	"host/" + server, PrincipalName.KRB_NT_SRV_HST);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	129	ktab.addEntry(service, "pass1".toCharArray(), 1);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	130	ktab.addEntry(service, "pass2".toCharArray(), 2);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	131	ktab.addEntry(service, "pass3".toCharArray(), 3);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	132	ktab.save();
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	133
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	134	// and use the middle one as the real key
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	135	kdc.addPrincipal("host/" + server, "pass2".toCharArray());
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	136	*/
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	137	c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	138	c.startAsClient("host/" + server, GSSUtil.GSS_KRB5_MECH_OID);
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	139	c.doAs(new JsseClientAction(), null);
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	140
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	141	// Add another version of key, make sure it can be loaded
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	142	Thread.sleep(2000);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	143	ktab = KeyTab.getInstance(OneKDC.KTAB);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	144	ktab.addEntry(service, "pass4".toCharArray(), 4, true);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	145	ktab.save();
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	146	kdc.addPrincipal("host/" + server, "pass4".toCharArray());
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	147
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	148	c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	149	c.startAsClient("host/" + server, GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	150	c.doAs(new JsseClientAction(), null);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	151
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	152	// Revoke the old key
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	153	/*Thread.sleep(2000);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	154	ktab = KeyTab.create(OneKDC.KTAB);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	155	ktab.addEntry(service, "pass5".toCharArray(), 5, false);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	156	ktab.save();
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	157
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	158	c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	159	c.startAsClient("host/" + server, GSSUtil.GSS_KRB5_MECH_OID);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	160	try {
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	161	c.doAs(new JsseClientAction(), null);
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	162	throw new Exception("Should fail this time.");
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	163	} catch (SSLException e) {
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	164	// Correct behavior.
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	165	}*/
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	166	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	167
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	168	// Following codes copied from
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	169	// http://java.sun.com/javase/6/docs/technotes/guides/security/jgss/lab/part2.html#JSSE
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	170	private static class JsseClientAction implements Action {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	171	public byte[] run(Context s, byte[] input) throws Exception {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	172	SSLSocketFactory sslsf =
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	173	(SSLSocketFactory) SSLSocketFactory.getDefault();
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	174	System.out.println("Connecting " + server + ":" + port);
4346 aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	175	SSLSocket sslSocket = (SSLSocket) sslsf.createSocket(server, port);
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	176
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	177	// Enable only a KRB5 cipher suite.
5975 076cd013e5e4 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) weijun parents: 5506 diff changeset	178	String enabledSuites[] = {krb5Cipher};
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	179	sslSocket.setEnabledCipherSuites(enabledSuites);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	180	// Should check for exception if enabledSuites is not supported
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	181
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	182	BufferedReader in = new BufferedReader(new InputStreamReader(
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	183	sslSocket.getInputStream()));
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	184	BufferedWriter out = new BufferedWriter(new OutputStreamWriter(
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	185	sslSocket.getOutputStream()));
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	186
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	187	String outStr = "Hello There!\n";
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	188	out.write(outStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	189	out.flush();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	190	System.out.print("Sending " + outStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	191
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	192	String inStr = in.readLine();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	193	System.out.println("Received " + inStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	194
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	195	String cipherSuiteChosen = sslSocket.getSession().getCipherSuite();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	196	System.out.println("Cipher suite in use: " + cipherSuiteChosen);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	197	Principal self = sslSocket.getSession().getLocalPrincipal();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	198	System.out.println("I am: " + self.toString());
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	199	Principal peer = sslSocket.getSession().getPeerPrincipal();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	200	System.out.println("Server is: " + peer.toString());
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	201
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	202	sslSocket.close();
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	203	// This line should not be needed. It's the server's duty to
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	204	// forget the old key
f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	205	//sslSocket.getSession().invalidate();
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	206	return null;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	207	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	208	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	209
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	210	private static class JsseServerAction implements Action {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	211	public byte[] run(Context s, byte[] input) throws Exception {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	212	SSLServerSocketFactory sslssf =
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	213	(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	214	SSLServerSocket sslServerSocket =
4346 aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	215	(SSLServerSocket) sslssf.createServerSocket(0); // any port
aee26e5a53b0 6906854: SSL/Krb5 testcase should not use a fixed port number vinnie parents: 4344 diff changeset	216	port = sslServerSocket.getLocalPort();
9499 f3115698a012 6894072: always refresh keytab weijun parents: 8396 diff changeset	217	System.out.println("Listening on " + port);
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	218
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	219	// Enable only a KRB5 cipher suite.
5975 076cd013e5e4 6946669: SSL/Krb5 should not call EncryptedData.reset(data, false) weijun parents: 5506 diff changeset	220	String enabledSuites[] = {krb5Cipher};
4236 02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	221	sslServerSocket.setEnabledCipherSuites(enabledSuites);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	222	// Should check for exception if enabledSuites is not supported
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	223
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	224	while (loopCount++ < LOOP_LIMIT) {
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	225	System.out.println("Waiting for incoming connection...");
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	226
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	227	SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	228
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	229	System.out.println("Got connection from client "
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	230	+ sslSocket.getInetAddress());
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	231
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	232	BufferedReader in = new BufferedReader(new InputStreamReader(
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	233	sslSocket.getInputStream()));
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	234	BufferedWriter out = new BufferedWriter(new OutputStreamWriter(
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	235	sslSocket.getOutputStream()));
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	236
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	237	String inStr = in.readLine();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	238	System.out.println("Received " + inStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	239
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	240	String outStr = inStr + " " + new Date().toString() + "\n";
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	241	out.write(outStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	242	System.out.println("Sending " + outStr);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	243	out.flush();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	244
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	245	String cipherSuiteChosen =
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	246	sslSocket.getSession().getCipherSuite();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	247	System.out.println("Cipher suite in use: " + cipherSuiteChosen);
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	248	Principal self = sslSocket.getSession().getLocalPrincipal();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	249	System.out.println("I am: " + self.toString());
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	250	Principal peer = sslSocket.getSession().getPeerPrincipal();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	251	System.out.println("Client is: " + peer.toString());
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	252
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	253	sslSocket.close();
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	254	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	255	return null;
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	256	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	257	}
02f52c723b79 6894643: Separate out dependency on Kerberos vinnie parents: diff changeset	258	}

author	weijun
	Fri, 12 Aug 2011 11:20:45 +0800
changeset 10327	37a3f951eb3a
parent 9499	f3115698a012
child 11107	fc8efc57da08
permissions	-rw-r--r--