http-client-branch: make test MockServer more resilient to rogue clients http-client-branch
authordfuchs
Wed, 06 Dec 2017 10:44:31 +0000
branchhttp-client-branch
changeset 55962 35376c843df1
parent 55958 24e637188a68
child 55963 ae2750657f98
http-client-branch: make test MockServer more resilient to rogue clients
test/jdk/java/net/httpclient/MockServer.java
test/jdk/java/net/httpclient/SplitResponse.java
--- a/test/jdk/java/net/httpclient/MockServer.java	Wed Dec 06 10:33:27 2017 +0000
+++ b/test/jdk/java/net/httpclient/MockServer.java	Wed Dec 06 10:44:31 2017 +0000
@@ -50,6 +50,15 @@
     private final List<Connection> removals;
     private final List<Connection> additions;
     AtomicInteger counter = new AtomicInteger(0);
+    // if specified (not null), only requests which
+    // contain this value in their status line
+    // will be taken into account and returned by activity().
+    // Other requests will get summarily closed.
+    // When specified, this can prevent answering to rogue
+    // (external) clients that might be lurking
+    // on the test machine instead of answering
+    // to the test client.
+   final String root;
 
     // waits up to 20 seconds for something to happen
     // dont use this unless certain activity coming.
@@ -58,6 +67,19 @@
             doRemovalsAndAdditions();
             for (Connection c : sockets) {
                 if (c.poll()) {
+                    if (root != null) {
+                        // if a root was specified in MockServer
+                        // constructor, rejects (by closing) all
+                        // requests whose statusLine does not contain
+                        // root.
+                        if (!c.statusLine.contains(root)) {
+                            System.out.println("Bad statusLine: "
+                                    + c.statusLine
+                                    + " closing connection");
+                            c.close();
+                            continue;
+                        }
+                    }
                     return c;
                 }
             }
@@ -118,6 +140,7 @@
         final InputStream is;
         final OutputStream os;
         final ArrayBlockingQueue<String> incoming;
+        volatile String statusLine;
 
         final static String CRLF = "\r\n";
 
@@ -143,6 +166,7 @@
                     while ((i=s.indexOf(CRLF)) != -1) {
                         String s1 = s.substring(0, i+2);
                         System.out.println("Server got: " + s1.substring(0,i));
+                        if (statusLine == null) statusLine = s1.substring(0,i);
                         incoming.put(s1);
                         if (i+2 == s.length()) {
                             s = "";
@@ -250,8 +274,10 @@
         }
     }
 
-    MockServer(int port, ServerSocketFactory factory) throws IOException {
+    MockServer(int port, ServerSocketFactory factory, String root) throws IOException {
         ss = factory.createServerSocket(port);
+        this.root = root; // if specified, any request which don't have this value
+                          // in their statusLine will be rejected.
         sockets = Collections.synchronizedList(new LinkedList<>());
         removals = new LinkedList<>();
         additions = new LinkedList<>();
@@ -259,6 +285,10 @@
         setDaemon(true);
     }
 
+    MockServer(int port, ServerSocketFactory factory) throws IOException {
+        this(port, factory, "/foo/");
+    }
+
     MockServer(int port) throws IOException {
         this(port, ServerSocketFactory.getDefault());
     }
--- a/test/jdk/java/net/httpclient/SplitResponse.java	Wed Dec 06 10:33:27 2017 +0000
+++ b/test/jdk/java/net/httpclient/SplitResponse.java	Wed Dec 06 10:44:31 2017 +0000
@@ -132,6 +132,34 @@
         out.println("server is: " + uri);
         server.start();
 
+
+        // The following code can be uncommented to verify that the
+        // MockServer will reject rogue requests whose URI does not
+        // contain "/foo/".
+        //
+        //        Thread go = new Thread() {
+        //            public void run() {
+        //                try {
+        //                    HttpClient client = newHttpClient();
+        //                    URI uri2 = URI.create(uri.toString().replace("/foo/","/"));
+        //                    HttpRequest request = HttpRequest
+        //                        .newBuilder(uri2).version(version).build();
+        //                    while (true) {
+        //                        try {
+        //                            client.send(request, HttpResponse.BodyHandler.asString());
+        //                        } catch (IOException ex) {
+        //                            System.out.println("Client rejected " + request);
+        //                        }
+        //                        sleep(250);
+        //                    }
+        //                } catch ( Throwable x) {
+        //                }
+        //            }
+        //        };
+        //        go.setDaemon(true);
+        //        go.start();
+
+
         HttpClient client = newHttpClient();
         HttpRequest request = HttpRequest.newBuilder(uri).version(version).build();
         HttpResponse<String> r;