diff -r 895a6a380484 -r 270557b396eb test/jdk/java/net/httpclient/DigestEchoServer.java --- a/test/jdk/java/net/httpclient/DigestEchoServer.java Mon Apr 15 15:52:38 2019 -0300 +++ b/test/jdk/java/net/httpclient/DigestEchoServer.java Thu Apr 18 17:56:46 2019 +0100 @@ -80,6 +80,8 @@ Boolean.parseBoolean(System.getProperty("test.debug", "false")); public static final boolean NO_LINGER = Boolean.parseBoolean(System.getProperty("test.nolinger", "false")); + public static final boolean TUNNEL_REQUIRES_HOST = + Boolean.parseBoolean(System.getProperty("test.requiresHost", "false")); public enum HttpAuthType { SERVER, PROXY, SERVER307, PROXY305 /* add PROXY_AND_SERVER and SERVER_PROXY_NONE */ @@ -1522,6 +1524,36 @@ } } + boolean badRequest(StringBuilder response, String hostport, List hosts) { + String message = null; + if (hosts.isEmpty()) { + message = "No host header provided\r\n"; + } else if (hosts.size() > 1) { + message = "Multiple host headers provided\r\n"; + for (String h : hosts) { + message = message + "host: " + h + "\r\n"; + } + } else { + String h = hosts.get(0); + if (!hostport.equalsIgnoreCase(h) + && !hostport.equalsIgnoreCase(h + ":80") + && !hostport.equalsIgnoreCase(h + ":443")) { + message = "Bad host provided: [" + h + + "] doesnot match [" + hostport + "]\r\n"; + } + } + if (message != null) { + int length = message.getBytes(StandardCharsets.UTF_8).length; + response.append("HTTP/1.1 400 BadRequest\r\n") + .append("Content-Length: " + length) + .append("\r\n\r\n") + .append(message); + return true; + } + + return false; + } + boolean authorize(StringBuilder response, String requestLine, String headers) { if (authorization != null) { return authorization.authorize(response, requestLine, headers); @@ -1635,6 +1667,7 @@ assert connect.equalsIgnoreCase("connect"); String hostport = tokenizer.nextToken(); InetSocketAddress targetAddress; + List hosts = new ArrayList<>(); try { URI uri = new URI("https", hostport, "/", null, null); int port = uri.getPort(); @@ -1659,9 +1692,30 @@ System.out.println(now() + "Tunnel: Reading header: " + (line = readLine(ccis))); headers.append(line).append("\r\n"); + int index = line.indexOf(':'); + if (index >= 0) { + String key = line.substring(0, index).trim(); + if (key.equalsIgnoreCase("host")) { + hosts.add(line.substring(index+1).trim()); + } + } + } + StringBuilder response = new StringBuilder(); + if (TUNNEL_REQUIRES_HOST) { + if (badRequest(response, hostport, hosts)) { + System.out.println(now() + "Tunnel: Sending " + response); + // send the 400 response + pw.print(response.toString()); + pw.flush(); + toClose.close(); + continue; + } else { + assert hosts.size() == 1; + System.out.println(now() + + "Tunnel: Host header verified " + hosts); + } } - StringBuilder response = new StringBuilder(); final boolean authorize = authorize(response, requestLine, headers.toString()); if (!authorize) { System.out.println(now() + "Tunnel: Sending "