< prev index next >
test/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
--- 1,7 ----
/*
! * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*** 25,46 ****
* @test
* @bug 4323990 4413069
* @summary HttpsURLConnection doesn't send Proxy-Authorization on CONNECT
* Incorrect checking of proxy server response
* @modules java.base/sun.net.www
* @run main/othervm ProxyAuthTest
*
* No way to reserve and restore java.lang.Authenticator, need to run this
* test in othervm mode.
*/
import java.io.*;
import java.net.*;
- import java.security.KeyStore;
- import javax.net.*;
import javax.net.ssl.*;
- import java.security.cert.*;
/*
* ProxyAuthTest.java -- includes a simple server that can serve
* Http get request in both clear and secure channel, and a client
* that makes https requests behind the firewall through an
--- 25,44 ----
* @test
* @bug 4323990 4413069
* @summary HttpsURLConnection doesn't send Proxy-Authorization on CONNECT
* Incorrect checking of proxy server response
* @modules java.base/sun.net.www
+ * @library /javax/net/ssl/templates
* @run main/othervm ProxyAuthTest
*
* No way to reserve and restore java.lang.Authenticator, need to run this
* test in othervm mode.
*/
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
/*
* ProxyAuthTest.java -- includes a simple server that can serve
* Http get request in both clear and secure channel, and a client
* that makes https requests behind the firewall through an
*** 54,183 ****
static String pathToStores = "../../../../../../javax/net/ssl/etc";
static String keyStoreFile = "keystore";
static String trustStoreFile = "truststore";
static String passwd = "passphrase";
! volatile private static int serverPort = 0;
!
! /*
! * The TestServer implements a OriginServer that
! * processes HTTP requests and responses.
! */
! static class TestServer extends OriginServer {
! public TestServer(ServerSocket ss) throws Exception {
! super(ss);
}
- /*
- * Returns an array of bytes containing the bytes for
- * the data sent in the response.
- *
- * @return bytes for the data in the response
- */
- public byte[] getBytes() {
- return "Proxy authentication for tunneling succeeded ..".
- getBytes();
- }
- }
/*
* Main method to create the server and the client
*/
public static void main(String args[]) throws Exception {
String keyFilename =
! System.getProperty("test.src", "./") + "/" + pathToStores +
! "/" + keyStoreFile;
String trustFilename =
! System.getProperty("test.src", "./") + "/" + pathToStores +
! "/" + trustStoreFile;
! System.setProperty("javax.net.ssl.keyStore", keyFilename);
! System.setProperty("javax.net.ssl.keyStorePassword", passwd);
! System.setProperty("javax.net.ssl.trustStore", trustFilename);
! System.setProperty("javax.net.ssl.trustStorePassword", passwd);
! boolean useSSL = true;
! /*
! * setup the server
! */
try {
! ServerSocketFactory ssf =
! ProxyAuthTest.getServerSocketFactory(useSSL);
! ServerSocket ss = ssf.createServerSocket(serverPort);
! serverPort = ss.getLocalPort();
! new TestServer(ss);
! } catch (Exception e) {
! System.out.println("Server side failed:" +
! e.getMessage());
! throw e;
! }
! // trigger the client
! try {
! doClientSide();
! } catch (Exception e) {
! System.out.println("Client side failed: " + e.getMessage());
! throw e;
! }
! }
!
! private static ServerSocketFactory getServerSocketFactory
! (boolean useSSL) throws Exception {
! if (useSSL) {
! SSLServerSocketFactory ssf = null;
! // set up key manager to do server authentication
! SSLContext ctx;
! KeyManagerFactory kmf;
! KeyStore ks;
! char[] passphrase = passwd.toCharArray();
!
! ctx = SSLContext.getInstance("TLS");
! kmf = KeyManagerFactory.getInstance("SunX509");
! ks = KeyStore.getInstance("JKS");
! ks.load(new FileInputStream(System.getProperty(
! "javax.net.ssl.keyStore")), passphrase);
! kmf.init(ks, passphrase);
! ctx.init(kmf.getKeyManagers(), null, null);
! ssf = ctx.getServerSocketFactory();
! return ssf;
! } else {
! return ServerSocketFactory.getDefault();
! }
}
- static void doClientSide() throws Exception {
/*
* setup up a proxy with authentication information
*/
setupProxy();
/*
* we want to avoid URLspoofCheck failures in cases where the cert
* DN name does not match the hostname in the URL.
*/
! HttpsURLConnection.setDefaultHostnameVerifier(
! new NameVerifier());
! URL url = new URL("https://" + "localhost:" + serverPort
+ "/index.html");
! BufferedReader in = null;
! try {
! in = new BufferedReader(new InputStreamReader(
! url.openStream()));
String inputLine;
System.out.print("Client recieved from the server: ");
! while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
! in.close();
! } catch (SSLException e) {
! if (in != null)
! in.close();
! throw e;
}
}
static class NameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
--- 52,169 ----
static String pathToStores = "../../../../../../javax/net/ssl/etc";
static String keyStoreFile = "keystore";
static String trustStoreFile = "truststore";
static String passwd = "passphrase";
! /**
! * read the response, don't care for the syntax of the request-line
! * for this testing
! */
! private static void readRequest(BufferedReader in) throws IOException {
! String line = null;
! System.out.println("Server received: ");
! do {
! if (line != null) {
! System.out.println(line);
! }
! line = in.readLine();
! } while ((line.length() != 0) &&
! (line.charAt(0) != '\r') && (line.charAt(0) != '\n'));
}
/*
* Main method to create the server and the client
*/
public static void main(String args[]) throws Exception {
String keyFilename =
! SSLTest.TEST_SRC + "/" + pathToStores + "/" + keyStoreFile;
String trustFilename =
! SSLTest.TEST_SRC + "/" + pathToStores + "/" + trustStoreFile;
! SSLTest.setup(keyFilename, trustFilename, passwd);
! new SSLTest()
! .setServerApplication((socket, test) -> {
! DataOutputStream out = new DataOutputStream(
! socket.getOutputStream());
try {
! BufferedReader in = new BufferedReader(
! new InputStreamReader(socket.getInputStream()));
! // read the request
! readRequest(in);
! // retrieve bytecodes
! byte[] bytecodes =
! "Proxy authentication for tunneling succeeded .."
! .getBytes();
!
! // send bytecodes in response (assumes HTTP/1.0 or later)
! out.writeBytes("HTTP/1.0 200 OK\r\n");
! out.writeBytes("Content-Length: " + bytecodes.length +
! "\r\n");
! out.writeBytes("Content-Type: text/html\r\n\r\n");
! out.write(bytecodes);
! out.flush();
! } catch (Exception e) {
! // write out error response
! out.writeBytes("HTTP/1.0 400 " + e.getMessage() + "\r\n");
! out.writeBytes("Content-Type: text/html\r\n\r\n");
! out.flush();
! }
! })
! .setClientPeer(test -> {
! doClientSide(test);
! })
! .runTest();
! }
!
! private static void doClientSide(SSLTest test) throws Exception {
!
! // Wait for server to get started.
! //
! // The server side takes care of the issue if the server cannot
! // get started in 90 seconds. The client side would just ignore
! // the test case if the serer is not ready.
! if (!test.waitForServerSignal()) {
! System.out.print("The server is not ready yet in 90 seconds. "
! + "Ignore in client side.");
! return;
}
/*
* setup up a proxy with authentication information
*/
setupProxy();
/*
* we want to avoid URLspoofCheck failures in cases where the cert
* DN name does not match the hostname in the URL.
*/
! HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
!
! URL url = new URL("https://" + "localhost:" + test.getServerPort()
+ "/index.html");
!
! // Signal the server, the client is ready to communicate.
! test.signalClientReady();
!
! try (BufferedReader in = new BufferedReader(
! new InputStreamReader(url.openStream()))) {
!
String inputLine;
System.out.print("Client recieved from the server: ");
! while ((inputLine = in.readLine()) != null) {
System.out.println(inputLine);
! }
}
}
static class NameVerifier implements HostnameVerifier {
+
+ @Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
*** 193,209 ****
pserver.needUserAuth(true);
pserver.setUserAuth("Test", "test123");
pserver.start();
System.setProperty("https.proxyHost", "localhost");
! System.setProperty("https.proxyPort", String.valueOf(
! pserver.getPort()));
}
public static class TestAuthenticator extends Authenticator {
public PasswordAuthentication getPasswordAuthentication() {
! return new PasswordAuthentication("Test",
! "test123".toCharArray());
}
}
}
--- 179,195 ----
pserver.needUserAuth(true);
pserver.setUserAuth("Test", "test123");
pserver.start();
System.setProperty("https.proxyHost", "localhost");
! System.setProperty("https.proxyPort",
! String.valueOf(pserver.getPort()));
}
public static class TestAuthenticator extends Authenticator {
+ @Override
public PasswordAuthentication getPasswordAuthentication() {
! return new PasswordAuthentication("Test", "test123".toCharArray());
}
}
}
< prev index next >