1 /* 2 * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 // 25 // SunJSSE does not support dynamic system properties, no way to re-use 26 // system properties in samevm/agentvm mode. 27 // 28 29 /* 30 * @test 31 * @bug 4392475 32 * @library /javax/net/ssl/templates 33 * @summary Calling setWantClientAuth(true) disables anonymous suites 34 * @run main/othervm/timeout=180 AnonCipherWithWantClientAuth 35 */ 36 37 import java.io.InputStream; 38 import java.io.OutputStream; 39 import java.security.Security; 40 41 import javax.net.ssl.SSLServerSocket; 42 import javax.net.ssl.SSLServerSocketFactory; 43 import javax.net.ssl.SSLSocket; 44 45 public class AnonCipherWithWantClientAuth { 46 47 /* 48 * Where do we find the keystores? 49 */ 50 static String pathToStores = "../../../../javax/net/ssl/etc"; 51 static String keyStoreFile = "keystore"; 52 static String trustStoreFile = "truststore"; 53 static String passwd = "passphrase"; 54 55 public static void main(String[] args) throws Exception { 56 Security.setProperty("jdk.tls.disabledAlgorithms", ""); 57 Security.setProperty("jdk.certpath.disabledAlgorithms", ""); 58 59 String keyFilename = 60 System.getProperty("test.src", "./") + "/" + pathToStores + 61 "/" + keyStoreFile; 62 String trustFilename = 63 System.getProperty("test.src", "./") + "/" + pathToStores + 64 "/" + trustStoreFile; 65 SSLTest.setup(keyFilename, trustFilename, passwd); 66 67 new SSLTest() 68 .setServerPeer(test -> { 69 SSLServerSocketFactory sslssf = 70 (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); 71 SSLServerSocket sslServerSocket = 72 (SSLServerSocket) sslssf.createServerSocket(SSLTest.FREE_PORT); 73 test.setServerPort(sslServerSocket.getLocalPort()); 74 SSLTest.print("Server is listening on port " 75 + test.getServerPort()); 76 77 String ciphers[] = { 78 "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 79 "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", 80 "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" }; 81 sslServerSocket.setEnabledCipherSuites(ciphers); 82 sslServerSocket.setWantClientAuth(true); 83 84 // Signal the client, the server is ready to accept connection. 85 test.signalServerReady(); 86 87 // Try to accept a connection in 30 seconds. 88 SSLSocket sslSocket = SSLTest.accept(sslServerSocket); 89 if (sslSocket == null) { 90 // Ignore the test case if no connection within 30 seconds. 91 SSLTest.print("No incoming client connection in 30 seconds." 92 + " Ignore in server side."); 93 return; 94 } 95 SSLTest.print("Server accepted connection"); 96 97 // handle the connection 98 try { 99 // Is it the expected client connection? 100 // 101 // Naughty test cases or third party routines may try to 102 // connection to this server port unintentionally. In 103 // order to mitigate the impact of unexpected client 104 // connections and avoid intermittent failure, it should 105 // be checked that the accepted connection is really linked 106 // to the expected client. 107 boolean clientIsReady = test.waitForClientSignal(); 108 109 if (clientIsReady) { 110 // Run the application in server side. 111 SSLTest.print("Run server application"); 112 113 InputStream sslIS = sslSocket.getInputStream(); 114 OutputStream sslOS = sslSocket.getOutputStream(); 115 116 sslIS.read(); 117 sslOS.write(85); 118 sslOS.flush(); 119 } else { 120 System.out.println( 121 "The client is not the expected one or timeout. " 122 + "Ignore in server side."); 123 } 124 } finally { 125 sslSocket.close(); 126 sslServerSocket.close(); 127 } 128 }) 129 .setClientApplication((socket, test) -> { 130 String ciphers[] = { 131 "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 132 "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5" }; 133 socket.setEnabledCipherSuites(ciphers); 134 socket.setUseClientMode(true); 135 136 InputStream sslIS = socket.getInputStream(); 137 OutputStream sslOS = socket.getOutputStream(); 138 139 sslOS.write(280); 140 sslOS.flush(); 141 sslIS.read(); 142 }) 143 .runTest(); 144 } 145 }