Examples with SSLSocket javax.net.ssl.SSLSocket used on opensource projects

Search in sources :

Example 21 with SSLSocket

use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.

the class SslBytesClientTest method testServerRenegotiation.

@Test
public void testServerRenegotiation() throws Exception {
    Request request = client.newRequest("localhost", proxy.getPort());
    FutureResponseListener listener = new FutureResponseListener(request);
    request.scheme(HttpScheme.HTTPS.asString()).send(listener);
    Assert.assertTrue(proxy.awaitClient(5, TimeUnit.SECONDS));
    final SSLSocket server = (SSLSocket) acceptor.accept();
    server.setUseClientMode(false);
    Future<Object> handshake = threadPool.submit(() -> {
        server.startHandshake();
        return null;
    });
    SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
    Assert.assertNull(handshake.get(5, TimeUnit.SECONDS));
    // Read request
    InputStream serverInput = server.getInputStream();
    BufferedReader reader = new BufferedReader(new InputStreamReader(serverInput, StandardCharsets.UTF_8));
    String line = reader.readLine();
    Assert.assertTrue(line.startsWith("GET"));
    while (line.length() > 0) line = reader.readLine();
    OutputStream serverOutput = server.getOutputStream();
    byte[] data1 = new byte[1024];
    Arrays.fill(data1, (byte) 'X');
    String content1 = new String(data1, StandardCharsets.UTF_8);
    byte[] data2 = new byte[1024];
    Arrays.fill(data2, (byte) 'Y');
    final String content2 = new String(data2, StandardCharsets.UTF_8);
    // Write first part of the response
    serverOutput.write(("HTTP/1.1 200 OK\r\n" + "Content-Type: text/plain\r\n" + "Content-Length: " + (content1.length() + content2.length()) + "\r\n" + "\r\n" + content1).getBytes(StandardCharsets.UTF_8));
    serverOutput.flush();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    // Renegotiate
    Future<Object> renegotiation = threadPool.submit(() -> {
        server.startHandshake();
        return null;
    });
    // Renegotiation Handshake
    TLSRecord record = proxy.readFromServer();
    Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
    proxy.flushToClient(record);
    // Renegotiation Handshake
    record = proxy.readFromClient();
    Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
    proxy.flushToServer(record);
    // Trigger a read to have the server write the final renegotiation steps
    server.setSoTimeout(100);
    try {
        serverInput.read();
        Assert.fail();
    } catch (SocketTimeoutException x) {
    // Expected
    }
    // Renegotiation Handshake
    record = proxy.readFromServer();
    Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
    proxy.flushToClient(record);
    // Renegotiation Change Cipher
    record = proxy.readFromServer();
    Assert.assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType());
    proxy.flushToClient(record);
    // Renegotiation Handshake
    record = proxy.readFromServer();
    Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
    proxy.flushToClient(record);
    // Renegotiation Change Cipher
    record = proxy.readFromClient();
    Assert.assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType());
    proxy.flushToServer(record);
    // Renegotiation Handshake
    record = proxy.readFromClient();
    Assert.assertEquals(TLSRecord.Type.HANDSHAKE, record.getType());
    proxy.flushToServer(record);
    Assert.assertNull(renegotiation.get(5, TimeUnit.SECONDS));
    // Complete the response
    automaticProxyFlow = proxy.startAutomaticFlow();
    serverOutput.write(data2);
    serverOutput.flush();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    ContentResponse response = listener.get(5, TimeUnit.SECONDS);
    Assert.assertEquals(HttpStatus.OK_200, response.getStatus());
    Assert.assertEquals(data1.length + data2.length, response.getContent().length);
    server.close();
}
Also used : InputStreamReader(java.io.InputStreamReader) ContentResponse(org.eclipse.jetty.client.api.ContentResponse) InputStream(java.io.InputStream) SSLSocket(javax.net.ssl.SSLSocket) OutputStream(java.io.OutputStream) Request(org.eclipse.jetty.client.api.Request) SocketTimeoutException(java.net.SocketTimeoutException) BufferedReader(java.io.BufferedReader) FutureResponseListener(org.eclipse.jetty.client.util.FutureResponseListener) Test(org.junit.Test)

Example 22 with SSLSocket

use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.

the class SslBytesServerTest method testRequestWithCloseAlertAndShutdown.

@Test(timeout = 60000)
public void testRequestWithCloseAlertAndShutdown() throws Exception {
    // See next test on why we only run in Linux
    Assume.assumeTrue(OS.IS_LINUX);
    final SSLSocket client = newClient();
    SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
    client.startHandshake();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    Future<Object> request = threadPool.submit(() -> {
        OutputStream clientOutput = client.getOutputStream();
        clientOutput.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost\r\n" + "\r\n").getBytes(StandardCharsets.UTF_8));
        clientOutput.flush();
        return null;
    });
    // Application data
    TLSRecord record = proxy.readFromClient();
    proxy.flushToServer(record);
    Assert.assertNull(request.get(5, TimeUnit.SECONDS));
    client.close();
    // Close Alert
    record = proxy.readFromClient();
    proxy.flushToServer(record);
    // Socket close
    record = proxy.readFromClient();
    Assert.assertNull(String.valueOf(record), record);
    proxy.flushToServer(record);
    // Expect response from server
    // SSLSocket is limited and we cannot read the response, but we make sure
    // it is application data and not a close alert
    record = proxy.readFromServer();
    Assert.assertNotNull(record);
    Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
    proxy.flushToClient(record);
    // Socket close
    record = proxy.readFromServer();
    if (record != null) {
        Assert.assertEquals(record.getType(), Type.ALERT);
        // Now should be a raw close
        record = proxy.readFromServer();
        Assert.assertNull(String.valueOf(record), record);
    }
    // Check that we did not spin
    TimeUnit.MILLISECONDS.sleep(500);
    Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
    Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
    Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
}
Also used : SSLSocket(javax.net.ssl.SSLSocket) ServletOutputStream(javax.servlet.ServletOutputStream) OutputStream(java.io.OutputStream) Test(org.junit.Test)

Example 23 with SSLSocket

use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.

the class SslBytesServerTest method testServerShutdownOutputClientDoesNotCloseServerCloses.

@Test(timeout = 60000)
public void testServerShutdownOutputClientDoesNotCloseServerCloses() throws Exception {
    final SSLSocket client = newClient();
    final OutputStream clientOutput = client.getOutputStream();
    SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
    client.startHandshake();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    byte[] data = new byte[3 * 1024];
    Arrays.fill(data, (byte) 'Y');
    String content = new String(data, StandardCharsets.UTF_8);
    automaticProxyFlow = proxy.startAutomaticFlow();
    clientOutput.write(("" + "POST / HTTP/1.1\r\n" + "Host: localhost\r\n" + "Content-Type: text/plain\r\n" + "Content-Length: " + content.length() + "\r\n" + "Connection: close\r\n" + "\r\n" + content).getBytes(StandardCharsets.UTF_8));
    clientOutput.flush();
    BufferedReader reader = new BufferedReader(new InputStreamReader(client.getInputStream(), StandardCharsets.UTF_8));
    String line = reader.readLine();
    Assert.assertNotNull(line);
    Assert.assertTrue(line.startsWith("HTTP/1.1 200 "));
    while ((line = reader.readLine()) != null) {
        if (line.trim().length() == 0)
            break;
    }
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    // Check client is at EOF
    Assert.assertEquals(-1, client.getInputStream().read());
    // Client should close the socket, but let's hold it open.
    // Check that we did not spin
    TimeUnit.MILLISECONDS.sleep(500);
    Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
    Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
    Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
    // The server has shutdown the output since the client sent a Connection: close
    // but the client does not close, so the server must idle timeout the endPoint.
    TimeUnit.MILLISECONDS.sleep(idleTimeout + idleTimeout / 2);
    Assert.assertFalse(serverEndPoint.get().isOpen());
}
Also used : InputStreamReader(java.io.InputStreamReader) SSLSocket(javax.net.ssl.SSLSocket) ServletOutputStream(javax.servlet.ServletOutputStream) OutputStream(java.io.OutputStream) BufferedReader(java.io.BufferedReader) Test(org.junit.Test)

Example 24 with SSLSocket

use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.

the class SslBytesServerTest method testHandshakeThenReset.

@Test(timeout = 60000)
public void testHandshakeThenReset() throws Exception {
    final SSLSocket client = newClient();
    SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
    client.startHandshake();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    proxy.sendRSTToServer();
    // Wait a while to detect spinning
    TimeUnit.MILLISECONDS.sleep(500);
    Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
    Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
    Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
    client.close();
}
Also used : SSLSocket(javax.net.ssl.SSLSocket) Test(org.junit.Test)

Example 25 with SSLSocket

use of javax.net.ssl.SSLSocket in project jetty.project by eclipse.

the class SslBytesServerTest method testRequestWithImmediateRawClose.

@Test(timeout = 60000)
public void testRequestWithImmediateRawClose() throws Exception {
    final SSLSocket client = newClient();
    SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
    client.startHandshake();
    Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
    Future<Object> request = threadPool.submit(() -> {
        OutputStream clientOutput = client.getOutputStream();
        clientOutput.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost\r\n" + "\r\n").getBytes(StandardCharsets.UTF_8));
        clientOutput.flush();
        return null;
    });
    // Application data
    TLSRecord record = proxy.readFromClient();
    Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
    proxy.flushToServer(record, 0);
    // Close the raw socket, this generates a truncation attack
    proxy.flushToServer(null);
    Assert.assertNull(request.get(5, TimeUnit.SECONDS));
    // Application data
    record = proxy.readFromServer();
    Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
    proxy.flushToClient(record);
    // Expect raw close from server
    record = proxy.readFromServer();
    if (record != null) {
        Assert.assertEquals(record.getType(), Type.ALERT);
        // Now should be a raw close
        record = proxy.readFromServer();
        Assert.assertNull(String.valueOf(record), record);
    }
    // Check that we did not spin
    TimeUnit.MILLISECONDS.sleep(500);
    Assert.assertThat(sslFills.get(), Matchers.lessThan(20));
    Assert.assertThat(sslFlushes.get(), Matchers.lessThan(20));
    Assert.assertThat(httpParses.get(), Matchers.lessThan(20));
    client.close();
}
Also used : SSLSocket(javax.net.ssl.SSLSocket) ServletOutputStream(javax.servlet.ServletOutputStream) OutputStream(java.io.OutputStream) Test(org.junit.Test)

Aggregations

SSLSocket (javax.net.ssl.SSLSocket)326 IOException (java.io.IOException)101 Test (org.junit.Test)62 SSLContext (javax.net.ssl.SSLContext)59 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)59 Socket (java.net.Socket)57 OutputStream (java.io.OutputStream)50 InetSocketAddress (java.net.InetSocketAddress)39 CertificateException (java.security.cert.CertificateException)33 SSLException (javax.net.ssl.SSLException)32 SSLSession (javax.net.ssl.SSLSession)31 InputStream (java.io.InputStream)30 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)30 SSLServerSocket (javax.net.ssl.SSLServerSocket)27 SocketTimeoutException (java.net.SocketTimeoutException)24 SocketException (java.net.SocketException)23 ServerSocket (java.net.ServerSocket)22 UnknownHostException (java.net.UnknownHostException)21 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)21 InputStreamReader (java.io.InputStreamReader)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial