Path: blob/master/test/jdk/sun/security/ssl/ProtocolVersion/HttpsProtocols.java
41153 views
/*1* Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 4671289 819049226* @summary passing https.protocols from command line doesn't work.27* @run main/othervm -Dhttps.protocols=SSLv3 HttpsProtocols28* @author Brad Wetmore29*/3031import java.io.*;32import java.net.*;33import javax.net.ssl.*;34import java.security.Security;3536public class HttpsProtocols implements HostnameVerifier {3738/*39* =============================================================40* Set the various variables needed for the tests, then41* specify what tests to run on each side.42*/4344/*45* Should we run the client or server in a separate thread?46* Both sides can throw exceptions, but do you have a preference47* as to which side should be the main thread.48*/49static boolean separateServerThread = true;5051/*52* Where do we find the keystores?53*/54static String pathToStores = "../../../../javax/net/ssl/etc";55static String keyStoreFile = "keystore";56static String trustStoreFile = "truststore";57static String passwd = "passphrase";5859/*60* Is the server ready to serve?61*/62volatile static boolean serverReady = false;6364/*65* Turn on SSL debugging?66*/67static boolean debug = false;6869/*70* If the client or server is doing some kind of object creation71* that the other side depends on, and that thread prematurely72* exits, you may experience a hang. The test harness will73* terminate all hung threads after its timeout has expired,74* currently 3 minutes by default, but you might try to be75* smart about it....76*/7778/*79* Define the server side of the test.80*81* If the server prematurely exits, serverReady will be set to true82* to avoid infinite hangs.83*/84void doServerSide() throws Exception {85SSLServerSocketFactory sslssf =86(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();87SSLServerSocket sslServerSocket =88(SSLServerSocket) sslssf.createServerSocket(serverPort);8990// Enable all supported protocols on server side to test SSLv391sslServerSocket.setEnabledProtocols(sslServerSocket.getSupportedProtocols());9293serverPort = sslServerSocket.getLocalPort();9495/*96* Signal Client, we're ready for his connect.97*/98serverReady = true;99100SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();101102DataOutputStream out =103new DataOutputStream(sslSocket.getOutputStream());104105BufferedReader in =106new BufferedReader(new InputStreamReader(107sslSocket.getInputStream()));108109// read the request110readRequest(in);111112byte [] bytecodes = "Hello world".getBytes();113114out.writeBytes("HTTP/1.0 200 OK\r\n");115out.writeBytes("Content-Length: " + bytecodes.length +116"\r\n");117118out.writeBytes("Content-Type: text/html\r\n\r\n");119out.write(bytecodes);120out.flush();121122sslSocket.close();123}124125/**126* read the response, don't care for the syntax of the request-line127*/128private static void readRequest(BufferedReader in)129throws IOException {130String line = null;131do {132line = in.readLine();133System.out.println("Server received: " + line);134} while ((line.length() != 0) &&135(line.charAt(0) != '\r') && (line.charAt(0) != '\n'));136}137138/*139* Define the client side of the test.140*141* If the server prematurely exits, serverReady will be set to true142* to avoid infinite hangs.143*/144void doClientSide() throws Exception {145146/*147* Wait for server to get started.148*/149while (!serverReady) {150Thread.sleep(50);151}152153HostnameVerifier reservedHV =154HttpsURLConnection.getDefaultHostnameVerifier();155try {156HttpsURLConnection.setDefaultHostnameVerifier(this);157158URL url = new URL("https://localhost:" + serverPort + "/");159HttpURLConnection urlc = (HttpURLConnection) url.openConnection();160161System.out.println("response is " + urlc.getResponseCode());162} finally {163HttpsURLConnection.setDefaultHostnameVerifier(reservedHV);164}165}166167public boolean verify(String hostname, SSLSession session) {168return true;169}170171/*172* =============================================================173* The remainder is just support stuff174*/175176// use any free port by default177volatile int serverPort = 0;178179volatile Exception serverException = null;180volatile Exception clientException = null;181182public static void main(String[] args) throws Exception {183// reset the security property to make sure that the algorithms184// and keys used in this test are not disabled.185Security.setProperty("jdk.tls.disabledAlgorithms", "");186187String keyFilename =188System.getProperty("test.src", "./") + "/" + pathToStores +189"/" + keyStoreFile;190String trustFilename =191System.getProperty("test.src", "./") + "/" + pathToStores +192"/" + trustStoreFile;193194System.setProperty("javax.net.ssl.keyStore", keyFilename);195System.setProperty("javax.net.ssl.keyStorePassword", passwd);196System.setProperty("javax.net.ssl.trustStore", trustFilename);197System.setProperty("javax.net.ssl.trustStorePassword", passwd);198199String prop = System.getProperty("https.protocols");200System.out.println("protocols = " + prop);201202if ((prop == null) || (!prop.equals("SSLv3"))) {203throw new Exception("https.protocols not set properly");204}205206if (debug)207System.setProperty("javax.net.debug", "all");208209/*210* Start the tests.211*/212new HttpsProtocols();213}214215Thread clientThread = null;216Thread serverThread = null;217218/*219* Primary constructor, used to drive remainder of the test.220*221* Fork off the other side, then do your work.222*/223HttpsProtocols() throws Exception {224if (separateServerThread) {225startServer(true);226startClient(false);227} else {228startClient(true);229startServer(false);230}231232/*233* Wait for other side to close down.234*/235if (separateServerThread) {236serverThread.join();237} else {238clientThread.join();239}240241/*242* When we get here, the test is pretty much over.243*244* If the main thread excepted, that propagates back245* immediately. If the other thread threw an exception, we246* should report back.247*/248if (serverException != null) {249System.out.print("Server Exception:");250throw serverException;251}252if (clientException != null) {253System.out.print("Client Exception:");254throw clientException;255}256}257258void startServer(boolean newThread) throws Exception {259if (newThread) {260serverThread = new Thread() {261public void run() {262try {263doServerSide();264} catch (Exception e) {265/*266* Our server thread just died.267*268* Release the client, if not active already...269*/270System.err.println("Server died...");271serverReady = true;272serverException = e;273}274}275};276serverThread.start();277} else {278doServerSide();279}280}281282void startClient(boolean newThread) throws Exception {283if (newThread) {284clientThread = new Thread() {285public void run() {286try {287doClientSide();288} catch (Exception e) {289/*290* Our client thread just died.291*/292System.err.println("Client died...");293clientException = e;294}295}296};297clientThread.start();298} else {299doClientSide();300}301}302}303304305