1
/*
2
 * Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 8141370
27
 * @key intermittent
28
 * @library /test/lib
29
 * @build DeadSSLSocketFactory
30
 * @run main/othervm DeadSSLLdapTimeoutTest
31
 */
32

33
import java.io.EOFException;
34
import java.io.IOException;
35
import java.net.InetAddress;
36
import java.net.InetSocketAddress;
37
import java.net.ServerSocket;
38
import java.net.Socket;
39
import java.net.SocketAddress;
40
import java.net.SocketTimeoutException;
41
import javax.naming.Context;
42
import javax.naming.InitialContext;
43
import javax.naming.NamingException;
44
import java.util.Hashtable;
45
import java.util.concurrent.Callable;
46
import java.util.concurrent.CountDownLatch;
47
import java.util.concurrent.TimeUnit;
48
import javax.naming.directory.InitialDirContext;
49
import javax.net.ssl.SSLHandshakeException;
50

51
import jdk.test.lib.net.URIBuilder;
52

53
import static java.util.concurrent.TimeUnit.NANOSECONDS;
54

55

56
class DeadServerTimeoutSSLTest implements Callable<Boolean> {
57

58
    Hashtable<Object, Object> env;
59
    DeadSSLServer server;
60
    boolean passed = false;
61

62
    public DeadServerTimeoutSSLTest(Hashtable<Object, Object> env) throws IOException {
63
        SocketAddress sockAddr = new InetSocketAddress(
64
                InetAddress.getLoopbackAddress(), 0);
65
        this.server = new DeadSSLServer(sockAddr);
66
        this.env = env;
67
    }
68

69
    public void handleNamingException(NamingException e) {
70
        if (e.getCause() instanceof SocketTimeoutException
71
                || e.getCause().getCause() instanceof SocketTimeoutException) {
72
            // SSL connect will timeout via readReply using
73
            // SocketTimeoutException
74
            System.out.println("PASS: Observed expected SocketTimeoutException");
75
            pass();
76
        } else if (e.getCause() instanceof SSLHandshakeException
77
                && e.getCause().getCause() instanceof EOFException) {
78
            // test seems to be failing intermittently on some
79
            // platforms.
80
            System.out.println("PASS: Observed expected SSLHandshakeException/EOFException");
81
            pass();
82
        } else {
83
            fail(e);
84
        }
85
    }
86

87
    public void pass() {
88
        this.passed = true;
89
    }
90

91
    public void fail() {
92
        throw new RuntimeException("Test failed");
93
    }
94

95
    public void fail(Exception e) {
96
        System.err.println("FAIL: Unexpected exception was observed:" + e.getMessage());
97
        throw new RuntimeException("Test failed", e);
98
    }
99

100
    boolean shutItDown(InitialContext ctx) {
101
        try {
102
            if (ctx != null) ctx.close();
103
            return true;
104
        } catch (NamingException ex) {
105
            return false;
106
        }
107
    }
108

109
    public Boolean call() {
110
        InitialContext ctx = null;
111

112
        try {
113
            server.serverStarted.await(); // Wait for the server to start-up
114
            Thread.sleep(200); // to be sure
115

116
            env.put(Context.PROVIDER_URL,
117
                    URIBuilder.newBuilder()
118
                            .scheme("ldap")
119
                            .loopback()
120
                            .port(server.getLocalPort())
121
                            .buildUnchecked().toString()
122
            );
123

124
            long start = System.nanoTime();
125
            try {
126
                ctx = new InitialDirContext(env);
127
                fail();
128
            } catch (NamingException e) {
129
                long end = System.nanoTime();
130
                System.out.println(this.getClass().toString() + " - elapsed: "
131
                        + NANOSECONDS.toMillis(end - start));
132
                handleNamingException(e);
133
            } finally {
134
                // Stop the server side thread
135
                server.testDone.countDown();
136
                shutItDown(ctx);
137
                server.close();
138
            }
139
            return passed;
140
        } catch (IOException | InterruptedException e) {
141
            throw new RuntimeException(e);
142
        }
143
    }
144
}
145

146
class DeadSSLServer extends Thread {
147
    ServerSocket serverSock;
148
    // Latch to be used by client to wait for server to start
149
    CountDownLatch serverStarted = new CountDownLatch(1);
150

151
    // Latch to be used by server thread to wait for client to finish testing
152
    CountDownLatch testDone = new CountDownLatch(1);
153

154
    public DeadSSLServer(SocketAddress socketAddress) throws IOException {
155
        // create unbound server socket
156
        var srvSock = new ServerSocket();
157
        // bind it to the address provided
158
        srvSock.bind(socketAddress);
159
        this.serverSock = srvSock;
160
        start();
161
    }
162

163
    public void run() {
164
        // Signal client to proceed with the test
165
        serverStarted.countDown();
166
        while (true) {
167
            try (var acceptedSocket = serverSock.accept()) {
168
                System.err.println("Accepted connection:" + acceptedSocket);
169
                int iteration = 0;
170
                // Wait for socket to get opened by DeadSSLSocketFactory and connected to the test server
171
                while (iteration++ < 20) {
172
                    if (DeadSSLSocketFactory.firstCreatedSocket.get() != null &&
173
                        DeadSSLSocketFactory.firstCreatedSocket.get().isConnected()) {
174
                        break;
175
                    }
176
                    try {
177
                        TimeUnit.MILLISECONDS.sleep(50);
178
                    } catch (InterruptedException ie) {
179
                    }
180
                }
181
                Socket clientSideSocket = DeadSSLSocketFactory.firstCreatedSocket.get();
182
                System.err.printf("Got SSLSocketFactory connection after %d iterations: %s%n",
183
                        iteration, clientSideSocket);
184

185
                if (clientSideSocket == null || !clientSideSocket.isConnected()) {
186
                    // If after 1000 ms client side connection is not opened - probably other local process
187
                    // tried to connect to the test server socket. Close current connection and retry accept.
188
                    continue;
189
                } else {
190
                    // Check if accepted socket is connected to the LDAP client
191
                    if (acceptedSocket.getLocalPort() == clientSideSocket.getPort() &&
192
                            acceptedSocket.getPort() == clientSideSocket.getLocalPort() &&
193
                            acceptedSocket.getInetAddress().equals(clientSideSocket.getLocalAddress())) {
194
                        System.err.println("Accepted connection is originated from LDAP client:" + acceptedSocket);
195
                        try {
196
                            // Give LDAP client time to fully establish the connection.
197
                            // When client is done - the accepted socket will be closed
198
                            testDone.await();
199
                        } catch (InterruptedException e) {
200
                        }
201
                        break;
202
                    } else {
203
                        // If accepted socket is not from the LDAP client - the accepted connection will be closed and new
204
                        // one will be accepted
205
                        System.err.println("SSLSocketFactory connection has been established, but originated not from" +
206
                                " the test's LDAP client:" + acceptedSocket);
207
                    }
208
                }
209
            } catch (Exception e) {
210
                System.err.println("Server socket. Failure to accept connection:" + e.getMessage());
211
            }
212
        }
213
    }
214

215
    public int getLocalPort() {
216
        return serverSock.getLocalPort();
217
    }
218

219
    public void close() throws IOException {
220
        serverSock.close();
221
    }
222
}
223

224
public class DeadSSLLdapTimeoutTest {
225
    // com.sun.jndi.ldap.connect.timeout value to set
226
    static final String CONNECT_TIMEOUT_MS = "10";
227

228
    // com.sun.jndi.ldap.read.timeout value to set
229
    static final String READ_TIMEOUT_MS = "3000";
230

231
    static Hashtable<Object, Object> createEnv() {
232
        Hashtable<Object, Object> env = new Hashtable<>(11);
233
        env.put(Context.INITIAL_CONTEXT_FACTORY,
234
                "com.sun.jndi.ldap.LdapCtxFactory");
235
        return env;
236
    }
237

238
    public static void main(String[] args) throws Exception {
239
        //
240
        // Running this test serially as it seems to tickle a problem
241
        // on older kernels
242
        //
243
        // run the DeadServerTest with connect / read timeouts set
244
        // and ssl enabled
245
        // this should exit with a SocketTimeoutException as the root cause
246
        // it should also use the connect timeout instead of the read timeout
247
        System.out.printf("Running connect timeout test with %sms connect timeout," +
248
                          " %sms read timeout & SSL%n",
249
                          CONNECT_TIMEOUT_MS, READ_TIMEOUT_MS);
250

251
        Hashtable<Object, Object> sslenv = createEnv();
252
        // Setup connect timeout environment property
253
        sslenv.put("com.sun.jndi.ldap.connect.timeout", CONNECT_TIMEOUT_MS);
254
        // Setup read timeout environment property
255
        sslenv.put("com.sun.jndi.ldap.read.timeout", READ_TIMEOUT_MS);
256
        // Setup DeadSSLSocketFactory to track the client's first LDAP connection
257
        sslenv.put("java.naming.ldap.factory.socket", "DeadSSLSocketFactory");
258
        // Use SSL protocol
259
        sslenv.put(Context.SECURITY_PROTOCOL, "ssl");
260

261
        boolean testFailed = !new DeadServerTimeoutSSLTest(sslenv).call();
262
        if (testFailed) {
263
            throw new AssertionError("some tests failed");
264
        }
265
    }
266
}
267

268

269