/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort);
InputStream sslIS = sslSocket.getInputStream();
OutputStream sslOS = sslSocket.getOutputStream();
for (int i = 0; i < 10; i++) {
sslOS.write(280);
sslOS.flush();
sslIS.read();
}
for (int i = 0; i < 10; i++) {
sslOS.write(280);
sslOS.flush();
sslIS.read();
}
sslSocket.close();
}
public SSLResult fingerprint() throws IOException, FingerprintError {
SSLConfigCollector scc;
scc = new SSLConfigCollector(host, port, si);
scc.setCertValidator(cv);
startDate = new Date();
sslSupport = SSLResult.UNKNOWN;
// If a delay is set, wait some time, except for
// the first request
if (!initial && (delay > 0)) {
if (Debug.get(Debug.Delay)) {
System.err.println("Delaying request.");
}
try {
Thread.sleep(delay);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
}
}
initial = false;
try {
scc.probe();
sslSupport = SSLResult.SUPPORTED;
sslSupportReason = null;
} catch (NoSSLException e) {
// This exception is thrown when the protocol support
// for ssl is not available
sslSupport = SSLResult.UNSUPPORTED;
sslSupportReason = e.toString();
} catch (FingerprintException e) {
sslSupport = SSLResult.UNSUPPORTED;
sslSupportReason = e.toString();
} catch (IOException e) {
sslSupport = SSLResult.UNKNOWN;
sslSupportReason = e.toString();
}
endDate = new Date();
protos = scc.getSupportedProtos();
ProbeResult pres =
new ProbeResult(
host,
port,
startDate,
endDate,
sslSupport,
sslSupportReason,
scc.getServerCertificates(),
scc.serverCertificateVerifies(),
scc.serverCertNameMatch());
pres.setProtosResult(protos);
return pres;
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
// Send HTTP POST request to server
URL url = new URL("https://localhost:" + serverPort);
HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
HttpsURLConnection http = (HttpsURLConnection) url.openConnection();
http.setDoOutput(true);
http.setRequestMethod("POST");
PrintStream ps = new PrintStream(http.getOutputStream());
try {
ps.println(postMsg);
ps.flush();
if (http.getResponseCode() != 200) {
throw new RuntimeException("test Failed");
}
} finally {
ps.close();
http.disconnect();
closeReady = true;
}
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
// create SSLEngine.
SSLEngine ssle = createSSLEngine(true);
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
// Create a non-blocking socket channel.
SocketChannel sc = SocketChannel.open();
sc.configureBlocking(false);
InetSocketAddress isa = new InetSocketAddress(InetAddress.getLocalHost(), serverPort);
sc.connect(isa);
// Complete connection.
while (!sc.finishConnect()) {
// waiting for the connection completed.
}
// handshaking
handshaking(ssle, sc, null);
// send out application data
deliver(ssle, sc);
// receive application data
receive(ssle, sc);
// close the socket channel.
sc.close();
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
/*
* See if an unknown keystore actually gets checked ok.
*/
System.out.println("==============");
System.out.println("Starting test0");
KeyStore uks = KeyStore.getInstance("JKS");
SSLContext ctx = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
uks.load(new FileInputStream(unknownFilename), cpasswd);
kmf.init(uks, cpasswd);
TrustManager[] tms = new TrustManager[] {new MyJavaxX509TrustManager()};
ctx.init(kmf.getKeyManagers(), tms, null);
SSLSocketFactory sslsf = (SSLSocketFactory) ctx.getSocketFactory();
System.out.println("Trying first socket " + serverPort);
SSLSocket sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort);
doTest(sslSocket);
/*
* Now try the other way.
*/
com.sun.net.ssl.SSLContext ctx1 = com.sun.net.ssl.SSLContext.getInstance("TLS");
com.sun.net.ssl.KeyManagerFactory kmf1 =
com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
kmf1.init(uks, cpasswd);
com.sun.net.ssl.TrustManager[] tms1 =
new com.sun.net.ssl.TrustManager[] {new MyComX509TrustManager()};
ctx1.init(kmf1.getKeyManagers(), tms1, null);
sslsf = (SSLSocketFactory) ctx1.getSocketFactory();
System.out.println("Trying second socket " + serverPort1);
sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort1);
doTest(sslSocket);
System.out.println("Completed test1");
}
/*
* Primary constructor, used to drive remainder of the test.
*
* Fork off the other side, then do your work.
*/
InvalidateServerSessionRenegotiate() throws Exception {
if (separateServerThread) {
startServer(true);
startClient(false);
} else {
startClient(true);
startServer(false);
}
/*
* Wait for other side to close down.
*/
if (separateServerThread) {
serverThread.join();
} else {
clientThread.join();
}
/*
* When we get here, the test is pretty much over.
*
* If the main thread excepted, that propagates back
* immediately. If the other thread threw an exception, we
* should report back.
*/
if (serverException != null) {
System.out.print("Server Exception:");
throw serverException;
}
if (clientException != null) {
System.out.print("Client Exception:");
throw clientException;
}
/*
* Give the Handshaker Thread a chance to run
*/
Thread.sleep(1000);
synchronized (this) {
if (handshakesCompleted != 2) {
throw new Exception("Didn't see 2 handshake completed events.");
}
}
}
/*
* Define the server side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doServerSide() throws Exception {
SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort);
serverPort = sslServerSocket.getLocalPort();
/*
* Signal Client, we're ready for his connect.
*/
serverReady = true;
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
try {
InputStream sslIS = sslSocket.getInputStream();
OutputStream sslOS = sslSocket.getOutputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(sslIS));
PrintStream ps = new PrintStream(sslOS);
// process HTTP POST request from client
System.out.println("status line: " + br.readLine());
String msg = null;
while ((msg = br.readLine()) != null && msg.length() > 0) ;
msg = br.readLine();
if (msg.equals(postMsg)) {
ps.println("HTTP/1.1 200 OK\n\n");
} else {
ps.println("HTTP/1.1 500 Not OK\n\n");
}
ps.flush();
// close the socket
while (!closeReady) {
Thread.sleep(50);
}
} finally {
sslSocket.close();
sslServerSocket.close();
}
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
URL url = new URL("https://" + "localhost:" + serverPort + "/etc/hosts");
URLConnection urlc = url.openConnection();
if (!(urlc instanceof com.sun.net.ssl.HttpsURLConnection)) {
throw new Exception("URLConnection ! instanceof " + "com.sun.net.ssl.HttpsURLConnection");
}
BufferedReader in = null;
try {
in = new BufferedReader(new InputStreamReader(urlc.getInputStream()));
String inputLine;
System.out.print("Client reading... ");
while ((inputLine = in.readLine()) != null) System.out.println(inputLine);
System.out.println("Cipher Suite: " + ((HttpsURLConnection) urlc).getCipherSuite());
X509Certificate[] certs = ((HttpsURLConnection) urlc).getServerCertificateChain();
for (int i = 0; i < certs.length; i++) {
System.out.println(certs[0]);
}
in.close();
} catch (SSLException e) {
if (in != null) in.close();
throw e;
}
System.out.println("Client reports: SUCCESS");
}
private void handshake() throws IOException {
if (handshakeCompleted) {
return;
}
if (DEBUG) {
log("Starting handshake...");
}
synchronized (this) {
if (handshakeCompleted) {
if (DEBUG) {
log("Handshake already completed...");
}
return;
}
int counter = 0;
if (DEBUG) {
log("Begin handshake");
}
sslEngine.beginHandshake();
writeInternal(emptyBuffer);
while (counter++ < 250
&& sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
if (DEBUG) {
log("Handshake status: " + sslEngineResult.getHandshakeStatus());
}
if (sslEngineResult.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
if (DEBUG) {
log("Begin UNWRAP");
}
netInBuffer.clear();
while (socketChannel.read(netInBuffer) < 1) {
try {
if (DEBUG) {
log("Spinning on channel read...");
}
Thread.sleep(50);
} catch (InterruptedException e) {
throw new IOException(e);
}
}
netInBuffer.flip();
unwrap(netInBuffer);
if (DEBUG) {
log("Done UNWRAP: " + sslEngineResult.getHandshakeStatus());
}
if (sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
emptyBuffer.clear();
writeInternal(emptyBuffer);
if (DEBUG) {
log("Done WRAP after UNWRAP: " + sslEngineResult.getHandshakeStatus());
}
}
} else if (sslEngineResult.getHandshakeStatus()
== SSLEngineResult.HandshakeStatus.NEED_WRAP) {
if (DEBUG) {
log("Begin WRAP");
}
emptyBuffer.clear();
writeInternal(emptyBuffer);
if (DEBUG) {
log("Done WRAP: " + sslEngineResult.getHandshakeStatus());
}
} else {
try {
if (DEBUG) {
log("Sleeping... Status: " + sslEngineResult.getHandshakeStatus());
}
Thread.sleep(500);
} catch (InterruptedException e) {
throw new IOException(e);
}
}
}
if (sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
throw new SSLHandshakeException(
"SSL handshake failed after "
+ counter
+ " trials! -> "
+ sslEngineResult.getHandshakeStatus());
}
if (DEBUG) {
log("Handshake completed!");
}
in.clear();
in.flip();
handshakeCompleted = true;
}
}