test/sun/security/krb5/auto/SSL.java

Print this page


   1 /*
   2  * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 6894643 6913636 8005523 8025123
  27  * @summary Test JSSE Kerberos ciphersuite
  28 
  29  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA
  30  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA unbound
  31  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA unbound sni
  32  * @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_SHA
  33  * @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_MD5
  34  * @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_SHA
  35  * @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_MD5
  36  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_SHA
  37  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_MD5
  38  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
  39  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
  40  */
  41 import java.io.*;
  42 import java.net.InetAddress;
  43 import java.security.AccessControlException;
  44 import java.security.Permission;
  45 import javax.net.ssl.*;
  46 import java.security.Principal;

  47 import java.util.Date;
  48 import java.util.List;
  49 import java.util.ArrayList;
  50 import java.util.Locale;
  51 import javax.security.auth.kerberos.ServicePermission;
  52 import sun.security.jgss.GSSUtil;
  53 import sun.security.krb5.PrincipalName;
  54 import sun.security.krb5.internal.ktab.KeyTab;
  55 
  56 public class SSL extends SecurityManager {
  57 
  58     private static String krb5Cipher;
  59     private static final int LOOP_LIMIT = 3;
  60     private static int loopCount = 0;
  61     private static volatile String server;
  62     private static volatile int port;
  63     private static String sniHostname = null;
  64     private static String sniMatcherPattern = null;
  65 
  66     private static String permChecks = "";
  67 
  68     // 0-Not started, 1-Start OK, 2-Failure
  69     private static volatile int serverState = 0;
  70 
  71     @Override
  72     public void checkPermission(Permission perm, Object context) {
  73         checkPermission(perm);
  74     }
  75 
  76     public void checkPermission(Permission perm) {
  77         if (!(perm instanceof ServicePermission)) {
  78             return;
  79         }
  80         ServicePermission p = (ServicePermission)perm;
  81         permChecks = permChecks + p.getActions().toUpperCase().charAt(0);
  82     }
  83 
  84     public static void main(String[] args) throws Exception {



  85 
  86         krb5Cipher = args[0];
  87 
  88         boolean unbound = args.length > 1;
  89 
  90         System.setSecurityManager(new SSL());
  91 
  92         KDC kdc = KDC.create(OneKDC.REALM);
  93         server = "host." + OneKDC.REALM.toLowerCase(Locale.US);
  94 
  95         if (args.length > 2) {
  96             sniHostname = "test." + server;
  97             sniMatcherPattern = ".*";
  98         }
  99 
 100         kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
 101         kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
 102         KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
 103         System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
 104 


   1 /*
   2  * Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 6894643 6913636 8005523 8025123
  27  * @summary Test JSSE Kerberos ciphersuite
  28 
  29  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA
  30  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA unbound
  31  * @run main/othervm SSL TLS_KRB5_WITH_RC4_128_SHA unbound sni
  32  * @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_SHA
  33  * @run main/othervm SSL TLS_KRB5_WITH_3DES_EDE_CBC_MD5
  34  * @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_SHA
  35  * @run main/othervm SSL TLS_KRB5_WITH_DES_CBC_MD5
  36  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_SHA
  37  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_RC4_40_MD5
  38  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
  39  * @run main/othervm SSL TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
  40  */
  41 import java.io.*;


  42 import java.security.Permission;
  43 import javax.net.ssl.*;
  44 import java.security.Principal;
  45 import java.security.Security;
  46 import java.util.Date;
  47 import java.util.List;
  48 import java.util.ArrayList;
  49 import java.util.Locale;
  50 import javax.security.auth.kerberos.ServicePermission;
  51 import sun.security.jgss.GSSUtil;
  52 import sun.security.krb5.PrincipalName;
  53 import sun.security.krb5.internal.ktab.KeyTab;
  54 
  55 public class SSL extends SecurityManager {
  56 
  57     private static String krb5Cipher;
  58     private static final int LOOP_LIMIT = 3;
  59     private static int loopCount = 0;
  60     private static volatile String server;
  61     private static volatile int port;
  62     private static String sniHostname = null;
  63     private static String sniMatcherPattern = null;
  64 
  65     private static String permChecks = "";
  66 
  67     // 0-Not started, 1-Start OK, 2-Failure
  68     private static volatile int serverState = 0;
  69 
  70     @Override
  71     public void checkPermission(Permission perm, Object context) {
  72         checkPermission(perm);
  73     }
  74 
  75     public void checkPermission(Permission perm) {
  76         if (!(perm instanceof ServicePermission)) {
  77             return;
  78         }
  79         ServicePermission p = (ServicePermission)perm;
  80         permChecks = permChecks + p.getActions().toUpperCase().charAt(0);
  81     }
  82 
  83     public static void main(String[] args) throws Exception {
  84         // reset the security property to make sure that the algorithms
  85         // and keys used in this test are not disabled.
  86         Security.setProperty("jdk.tls.disabledAlgorithms", "");
  87 
  88         krb5Cipher = args[0];
  89 
  90         boolean unbound = args.length > 1;
  91 
  92         System.setSecurityManager(new SSL());
  93 
  94         KDC kdc = KDC.create(OneKDC.REALM);
  95         server = "host." + OneKDC.REALM.toLowerCase(Locale.US);
  96 
  97         if (args.length > 2) {
  98             sniHostname = "test." + server;
  99             sniMatcherPattern = ".*";
 100         }
 101 
 102         kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
 103         kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
 104         KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
 105         System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
 106