Example 16 with SSLSocket
use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.
the class SslBytesServerTest method testPlainText.
@Test(timeout = 60000)
public void testPlainText() throws Exception {
final SSLSocket client = newClient();
threadPool.submit(() -> {
client.startHandshake();
return null;
});
// Instead of passing the Client Hello, we simulate plain text was passed in
proxy.flushToServer(0, "GET / HTTP/1.1\r\n".getBytes(StandardCharsets.UTF_8));
// We expect that the server sends the TLS Alert.
TLSRecord record = proxy.readFromServer();
Assert.assertNotNull(record);
Assert.assertEquals(TLSRecord.Type.ALERT, record.getType());
record = proxy.readFromServer();
Assert.assertNull(record);
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
client.close();
}Example 17 with SSLSocket
use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.
the class SslBytesServerTest method testRequestWithBigContentReadBlockedThenReset.
@Test(timeout = 60000)
public void testRequestWithBigContentReadBlockedThenReset() throws Exception {
// Don't run on Windows (buggy JVM)
Assume.assumeTrue(!OS.IS_WINDOWS);
final SSLSocket client = newClient();
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
client.startHandshake();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
byte[] data = new byte[128 * 1024];
Arrays.fill(data, (byte) 'X');
final String content = new String(data, StandardCharsets.UTF_8);
Future<Object> request = threadPool.submit(() -> {
OutputStream clientOutput = client.getOutputStream();
clientOutput.write(("" + "GET /echo_suppress_exception HTTP/1.1\r\n" + "Host: localhost\r\n" + "Content-Length: " + content.length() + "\r\n" + "\r\n" + content).getBytes(StandardCharsets.UTF_8));
clientOutput.flush();
return null;
});
// but we write only 5 of them, so the server goes in read blocked state
for (int i = 0; i < 5; ++i) {
// Application data
TLSRecord record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToServer(record, 0);
}
Assert.assertNull(request.get(5, TimeUnit.SECONDS));
// The server should be read blocked, and we send a RST
TimeUnit.MILLISECONDS.sleep(500);
proxy.sendRSTToServer();
// Wait a while to detect spinning
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslFills.get(), Matchers.lessThan(40));
Assert.assertThat(sslFlushes.get(), Matchers.lessThan(40));
Assert.assertThat(httpParses.get(), Matchers.lessThan(50));
client.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
ServletOutputStream(javax.servlet.ServletOutputStream)
OutputStream(java.io.OutputStream)
EndPoint(org.eclipse.jetty.io.EndPoint)
ChannelEndPoint(org.eclipse.jetty.io.ChannelEndPoint)
Test(org.junit.Test)
Example 18 with SSLSocket
use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.
the class SslBytesServerTest method testRequestIncompleteThenReset.
@Test(timeout = 60000)
public void testRequestIncompleteThenReset() throws Exception {
final SSLSocket client = newClient();
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
client.startHandshake();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
threadPool.submit(() -> {
OutputStream clientOutput = client.getOutputStream();
clientOutput.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost\r\n" + "\r\n").getBytes(StandardCharsets.UTF_8));
clientOutput.flush();
return null;
});
// Application data
TLSRecord record = proxy.readFromClient();
byte[] bytes = record.getBytes();
byte[] chunk1 = new byte[2 * bytes.length / 3];
System.arraycopy(bytes, 0, chunk1, 0, chunk1.length);
proxy.flushToServer(100, chunk1);
proxy.sendRSTToServer();
// Wait a while to detect spinning
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
client.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
ServletOutputStream(javax.servlet.ServletOutputStream)
OutputStream(java.io.OutputStream)
Test(org.junit.Test)
Example 19 with SSLSocket
use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.
the class SslBytesServerTest method testHandshakeAndRequestOneByteAtATime.
@Test(timeout = 60000)
public void testHandshakeAndRequestOneByteAtATime() throws Exception {
final SSLSocket client = newClient();
Future<Object> handshake = threadPool.submit(() -> {
client.startHandshake();
return null;
});
// Client Hello
TLSRecord record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
// Server Hello + Certificate + Server Done
record = proxy.readFromServer();
proxy.flushToClient(record);
// Client Key Exchange
record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
// Change Cipher Spec
record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
// Client Done
record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
// Change Cipher Spec
record = proxy.readFromServer();
proxy.flushToClient(record);
// Server Done
record = proxy.readFromServer();
proxy.flushToClient(record);
Assert.assertNull(handshake.get(1, TimeUnit.SECONDS));
Future<Object> request = threadPool.submit(() -> {
OutputStream clientOutput = client.getOutputStream();
clientOutput.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost\r\n" + "\r\n").getBytes(StandardCharsets.UTF_8));
clientOutput.flush();
return null;
});
// Application data
record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
Assert.assertNull(request.get(1, TimeUnit.SECONDS));
// Application data
record = proxy.readFromServer();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToClient(record);
BufferedReader reader = new BufferedReader(new InputStreamReader(client.getInputStream(), StandardCharsets.UTF_8));
String line = reader.readLine();
Assert.assertNotNull(line);
Assert.assertTrue(line.startsWith("HTTP/1.1 200 "));
while ((line = reader.readLine()) != null) {
if (line.trim().length() == 0)
break;
}
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(1000);
Assert.assertThat(sslFills.get(), Matchers.lessThan(2000));
Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
// An average of 958 httpParses is seen in standard Oracle JDK's
// An average of 1183 httpParses is seen in OpenJDK JVMs.
Assert.assertThat(httpParses.get(), Matchers.lessThan(2000));
client.close();
// Close Alert
record = proxy.readFromClient();
for (byte b : record.getBytes()) proxy.flushToServer(5, b);
// Socket close
record = proxy.readFromClient();
Assert.assertNull(String.valueOf(record), record);
proxy.flushToServer(record);
// Socket close
record = proxy.readFromServer();
// Raw close or alert
if (record != null) {
Assert.assertEquals(record.getType(), Type.ALERT);
// Now should be a raw close
record = proxy.readFromServer();
Assert.assertNull(String.valueOf(record), record);
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
SSLSocket(javax.net.ssl.SSLSocket)
ServletOutputStream(javax.servlet.ServletOutputStream)
OutputStream(java.io.OutputStream)
BufferedReader(java.io.BufferedReader)
Test(org.junit.Test)
Example 20 with SSLSocket
use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.
the class SslBytesClientTest method testServerRenegotiationWhenRenegotiationIsForbidden.
@Test
public void testServerRenegotiationWhenRenegotiationIsForbidden() throws Exception {
sslContextFactory.setRenegotiationAllowed(false);
Request request = client.newRequest("localhost", proxy.getPort());
FutureResponseListener listener = new FutureResponseListener(request);
request.scheme(HttpScheme.HTTPS.asString()).send(listener);
Assert.assertTrue(proxy.awaitClient(5, TimeUnit.SECONDS));
final SSLSocket server = (SSLSocket) acceptor.accept();
server.setUseClientMode(false);
Future<Object> handshake = threadPool.submit(() -> {
server.startHandshake();
return null;
});
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
Assert.assertNull(handshake.get(5, TimeUnit.SECONDS));
// Read request
InputStream serverInput = server.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(serverInput, StandardCharsets.UTF_8));
String line = reader.readLine();
Assert.assertTrue(line.startsWith("GET"));
while (line.length() > 0) line = reader.readLine();
OutputStream serverOutput = server.getOutputStream();
byte[] data1 = new byte[1024];
Arrays.fill(data1, (byte) 'X');
String content1 = new String(data1, StandardCharsets.UTF_8);
byte[] data2 = new byte[1024];
Arrays.fill(data2, (byte) 'Y');
final String content2 = new String(data2, StandardCharsets.UTF_8);
// Write first part of the response
serverOutput.write(("HTTP/1.1 200 OK\r\n" + "Content-Type: text/plain\r\n" + "Content-Length: " + (content1.length() + content2.length()) + "\r\n" + "\r\n" + content1).getBytes(StandardCharsets.UTF_8));
serverOutput.flush();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
// Renegotiate
threadPool.submit(() -> {
server.startHandshake();
return null;
});
// Renegotiation Handshake
TLSRecord record = proxy.readFromServer();
Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
proxy.flushToClient(record);
// Client sends close alert.
record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.ALERT, record.getType());
record = proxy.readFromClient();
Assert.assertNull(record);
server.close();
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
SSLSocket(javax.net.ssl.SSLSocket)
OutputStream(java.io.OutputStream)
Request(org.eclipse.jetty.client.api.Request)
BufferedReader(java.io.BufferedReader)
FutureResponseListener(org.eclipse.jetty.client.util.FutureResponseListener)
Test(org.junit.Test)
Aggregations
SSLSocket (javax.net.ssl.SSLSocket)326
IOException (java.io.IOException)101
Test (org.junit.Test)62
SSLContext (javax.net.ssl.SSLContext)59
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)59
Socket (java.net.Socket)57
OutputStream (java.io.OutputStream)50
InetSocketAddress (java.net.InetSocketAddress)39
CertificateException (java.security.cert.CertificateException)33
SSLException (javax.net.ssl.SSLException)32
SSLSession (javax.net.ssl.SSLSession)31
InputStream (java.io.InputStream)30
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)30
SSLServerSocket (javax.net.ssl.SSLServerSocket)27
SocketTimeoutException (java.net.SocketTimeoutException)24
SocketException (java.net.SocketException)23
ServerSocket (java.net.ServerSocket)22
UnknownHostException (java.net.UnknownHostException)21
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)21
InputStreamReader (java.io.InputStreamReader)19
