This is an automated email from the ASF dual-hosted git repository.
johnnyv pushed a commit to branch 2.2.X
in repository https://gitbox.apache.org/repos/asf/mina.git
The following commit(s) were added to refs/heads/2.2.X by this push:
new 557c6ea Small improvements and testing with SSL
557c6ea is described below
commit 557c6eac2430cd0b92c77c1a303ca5ab5ddab9d9
Author: Jonathan Valliere <[email protected]>
AuthorDate: Sat Jan 15 08:54:24 2022 -0500
Small improvements and testing with SSL
* Adds SSL inboundDone check and throws illegal state
* Fixes spelling mistake in SSLHandler
* Read/Write improvements to SslFilterTest
---
.../org/apache/mina/filter/ssl/SSLHandlerG0.java | 11 +-
.../mina/example/echoserver/ssl/SslFilterTest.java | 280 +++++++++++----------
2 files changed, 149 insertions(+), 142 deletions(-)
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
index db007b3..648e0bb 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
@@ -177,14 +177,19 @@ public class SSLHandlerG0 extends SSLHandler {
LOGGER.debug("{} receive_loop() - source {}",
toString(), message);
}
+ if (mEngine.isInboundDone()) {
+ throw new IllegalStateException("closed");
+ }
+
final IoBuffer source = message;
final IoBuffer dest = allocate_app_buffer(source.remaining());
final SSLEngineResult result = mEngine.unwrap(source.buf(),
dest.buf());
if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("{} receive_loop() - bytes-consumed {},
bytes-produced {}, status {}, handshake {}", toString(),
- result.bytesConsumed(),
result.bytesProduced(), result.getStatus(), result.getHandshakeStatus());
+ LOGGER.debug("{} receive_loop() - bytes-consumed {},
bytes-produced {}, status {}, handshake {}",
+ toString(), result.bytesConsumed(),
result.bytesProduced(), result.getStatus(),
+ result.getHandshakeStatus());
}
if (result.bytesProduced() == 0) {
@@ -467,7 +472,7 @@ public class SSLHandlerG0 extends SSLHandler {
switch (result.getHandshakeStatus()) {
case NEED_UNWRAP:
if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("{}
lwrwrite_handshake_loopite() - handshake needs unwrap, invoking receive",
+ LOGGER.debug("{} write_handshake_loop()
- handshake needs unwrap, invoking receive",
toString());
}
this.receive(next, ZERO);
diff --git
a/mina-example/src/test/java/org/apache/mina/example/echoserver/ssl/SslFilterTest.java
b/mina-example/src/test/java/org/apache/mina/example/echoserver/ssl/SslFilterTest.java
index 7a999aa..dfe4d08 100644
---
a/mina-example/src/test/java/org/apache/mina/example/echoserver/ssl/SslFilterTest.java
+++
b/mina-example/src/test/java/org/apache/mina/example/echoserver/ssl/SslFilterTest.java
@@ -22,6 +22,10 @@ package org.apache.mina.example.echoserver.ssl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
+import java.io.BufferedReader;
+import java.io.BufferedWriter;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.charset.StandardCharsets;
@@ -52,144 +56,142 @@ import org.junit.Test;
*/
public class SslFilterTest {
- private int port;
- private SocketAcceptor acceptor;
-
- @Before
- public void setUp() throws Exception {
- acceptor = new NioSocketAcceptor();
- }
-
- @After
- public void tearDown() throws Exception {
- acceptor.setCloseOnDeactivation(true);
- acceptor.dispose();
- }
-
- @Test
- public void testMessageSentIsCalled() throws Exception {
- testMessageSentIsCalled(false);
- }
-
- @Test
- public void testMessageSentIsCalled_With_SSL() throws Exception {
- testMessageSentIsCalled(true);
- }
-
- private void testMessageSentIsCalled(boolean useSSL) throws Exception {
- // Workaround to fix TLS issue :
http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html
- java.lang.System.setProperty(
"sun.security.ssl.allowUnsafeRenegotiation", "true" );
-
- SSLFilter sslFilter = null;
- if (useSSL) {
- sslFilter = new
SSLFilter(BogusSslContextFactory.getInstance(true));
- acceptor.getFilterChain().addLast("sslFilter", sslFilter);
- }
- acceptor.getFilterChain().addLast(
- "codec",
- new ProtocolCodecFilter(new
TextLineCodecFactory(StandardCharsets.UTF_8)));
-
- EchoHandler handler = new EchoHandler();
- acceptor.setHandler(handler);
- acceptor.bind(new InetSocketAddress(0));
- port = acceptor.getLocalAddress().getPort();
- //System.out.println("MINA server started.");
-
- Socket socket = getClientSocket(useSSL);
- int bytesSent = 0;
- bytesSent += writeMessage(socket, "test-1\n");
-
- if (useSSL) {
- // Test renegotiation
- SSLSocket ss = (SSLSocket) socket;
- //ss.getSession().invalidate();
- ss.startHandshake();
- }
-
- bytesSent += writeMessage(socket, "test-2\n");
-
- int[] response = new int[bytesSent];
- for (int i = 0; i < response.length; i++) {
- response[i] = socket.getInputStream().read();
- }
-
- if (useSSL) {
- // Read SSL close notify.
- while (socket.getInputStream().read() >= 0) {
- continue;
- }
- }
-
- socket.close();
- while (acceptor.getManagedSessions().size() != 0) {
- Thread.sleep(100);
- }
-
- //System.out.println("handler: " + handler.sentMessages);
- assertEquals("handler should have sent 2 messages:", 2,
- handler.sentMessages.size());
- assertTrue(handler.sentMessages.contains("test-1"));
- assertTrue(handler.sentMessages.contains("test-2"));
- }
-
- private int writeMessage(Socket socket, String message) throws Exception {
- byte request[] = message.getBytes(StandardCharsets.UTF_8);
- socket.getOutputStream().write(request);
- return request.length;
- }
-
- private Socket getClientSocket(boolean ssl) throws Exception {
- if (ssl) {
- SSLContext ctx = SSLContext.getInstance("TLS");
- ctx.init(null, trustManagers, null);
- return ctx.getSocketFactory().createSocket("localhost", port);
- }
- return new Socket("localhost", port);
- }
-
- private static class EchoHandler extends IoHandlerAdapter {
-
- List<String> sentMessages = new ArrayList<String>();
-
- @Override
- public void exceptionCaught(IoSession session, Throwable cause)
- throws Exception {
- //cause.printStackTrace();
- }
-
- @Override
- public void messageReceived(IoSession session, Object message)
- throws Exception {
- session.write(message);
- }
-
- @Override
- public void messageSent(IoSession session, Object message)
- throws Exception {
- sentMessages.add(message.toString());
-
- if (sentMessages.size() >= 2) {
- session.closeNow();
- }
- }
- }
-
- TrustManager[] trustManagers = new TrustManager[] { new TrustAnyone() };
-
- private static class TrustAnyone implements X509TrustManager {
- public void checkClientTrusted(
- java.security.cert.X509Certificate[] x509Certificates, String
s)
- throws CertificateException {
- }
-
- public void checkServerTrusted(
- java.security.cert.X509Certificate[] x509Certificates, String
s)
- throws CertificateException {
- }
-
- public java.security.cert.X509Certificate[] getAcceptedIssuers() {
- return new java.security.cert.X509Certificate[0];
- }
- }
+ private int port;
+ private SocketAcceptor acceptor;
+
+ @Before
+ public void setUp() throws Exception {
+ acceptor = new NioSocketAcceptor();
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ acceptor.setCloseOnDeactivation(true);
+ acceptor.dispose();
+ }
+
+ @Test
+ public void testMessageSentIsCalled() throws Exception {
+ testMessageSentIsCalled(false);
+ }
+
+ @Test
+ public void testMessageSentIsCalled_With_SSL() throws Exception {
+ testMessageSentIsCalled(true);
+ }
+
+ private void testMessageSentIsCalled(boolean useSSL) throws Exception {
+ // Workaround to fix TLS issue :
+ //
http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html
+
java.lang.System.setProperty("sun.security.ssl.allowUnsafeRenegotiation",
"true");
+
+ SSLFilter sslFilter = null;
+ if (useSSL) {
+ sslFilter = new
SSLFilter(BogusSslContextFactory.getInstance(true));
+ acceptor.getFilterChain().addLast("sslFilter",
sslFilter);
+ }
+ acceptor.getFilterChain().addLast("codec",
+ new ProtocolCodecFilter(new
TextLineCodecFactory(StandardCharsets.UTF_8)));
+
+ EchoHandler handler = new EchoHandler();
+ acceptor.setHandler(handler);
+ acceptor.bind(new InetSocketAddress(0));
+ port = acceptor.getLocalAddress().getPort();
+ // System.out.println("MINA server started.");
+
+ Socket socket = getClientSocket(useSSL);
+
+ BufferedWriter output = new BufferedWriter(new
OutputStreamWriter(socket.getOutputStream()));
+ BufferedReader input = new BufferedReader(new
InputStreamReader(socket.getInputStream()));
+
+ output.write("test-1\n");
+ output.flush();
+
+ assert input.readLine().equals("test-1");
+
+ if (useSSL) {
+ // Test renegotiation
+ SSLSocket ss = (SSLSocket) socket;
+ // ss.getSession().invalidate();
+ ss.startHandshake();
+ }
+
+ output.write("test-2\n");
+ output.flush();
+
+ assert input.readLine().equals("test-2");
+
+ if (useSSL) {
+ // Read SSL close notify.
+ while (socket.getInputStream().read() >= 0) {
+ continue;
+ }
+ }
+
+ socket.close();
+ while (acceptor.getManagedSessions().size() != 0) {
+ Thread.sleep(100);
+ }
+
+ // System.out.println("handler: " + handler.sentMessages);
+ assertEquals("handler should have sent 2 messages:", 2,
handler.sentMessages.size());
+ assertTrue(handler.sentMessages.contains("test-1"));
+ assertTrue(handler.sentMessages.contains("test-2"));
+ }
+
+ private int writeMessage(Socket socket, String message) throws
Exception {
+ byte request[] = message.getBytes(StandardCharsets.UTF_8);
+ socket.getOutputStream().write(request);
+ return request.length;
+ }
+
+ private Socket getClientSocket(boolean ssl) throws Exception {
+ if (ssl) {
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ ctx.init(null, trustManagers, null);
+ return ctx.getSocketFactory().createSocket("localhost",
port);
+ }
+ return new Socket("localhost", port);
+ }
+
+ private static class EchoHandler extends IoHandlerAdapter {
+
+ List<String> sentMessages = new ArrayList<String>();
+
+ @Override
+ public void exceptionCaught(IoSession session, Throwable cause)
throws Exception {
+ // cause.printStackTrace();
+ }
+
+ @Override
+ public void messageReceived(IoSession session, Object message)
throws Exception {
+ session.write(message);
+ }
+
+ @Override
+ public void messageSent(IoSession session, Object message)
throws Exception {
+ sentMessages.add(message.toString());
+
+ if (sentMessages.size() >= 2) {
+ session.closeNow();
+ }
+ }
+ }
+
+ TrustManager[] trustManagers = new TrustManager[] { new TrustAnyone() };
+
+ private static class TrustAnyone implements X509TrustManager {
+ public void
checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates,
String s)
+ throws CertificateException {
+ }
+
+ public void
checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates,
String s)
+ throws CertificateException {
+ }
+
+ public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
+ return new java.security.cert.X509Certificate[0];
+ }
+ }
}
