Skip to content
Snippets Groups Projects
Select Git revision
  • a0564580a98c0ff484465d5901fb006de48f73a6
  • master default
  • trunk
  • RELEASE_6_5_DRIVEDB
  • RELEASE_6_6_DRIVEDB
  • RELEASE_7_0_DRIVEDB
  • RELEASE_7_2_DRIVEDB
  • RELEASE_7_3_DRIVEDB
  • RELEASE_6_0_DRIVEDB
  • RELEASE_6_1_DRIVEDB
  • RELEASE_6_2_DRIVEDB
  • RELEASE_6_3_DRIVEDB
  • RELEASE_6_4_DRIVEDB
  • tags/RELEASE_7_4
  • tags/RELEASE_7_3
  • RELEASE_5_41_DRIVEDB
  • RELEASE_5_42_DRIVEDB
  • RELEASE_5_43_DRIVEDB
  • tags/RELEASE_7_2
  • tags/RELEASE_7_1
  • tags/RELEASE_7_0
  • RELEASE_5_40_DRIVEDB
22 results

scsiata.cpp

Blame
  • ExportableStreamCipher.java 10.52 KiB
    /*
     * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
     * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
     *
     * This code is free software; you can redistribute it and/or modify it
     * under the terms of the GNU General Public License version 2 only, as
     * published by the Free Software Foundation.  Oracle designates this
     * particular file as subject to the "Classpath" exception as provided
     * by Oracle in the LICENSE file that accompanied this code.
     *
     * This code is distributed in the hope that it will be useful, but WITHOUT
     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
     * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
     * version 2 for more details (a copy is included in the LICENSE file that
     * accompanied this code).
     *
     * You should have received a copy of the GNU General Public License version
     * 2 along with this work; if not, write to the Free Software Foundation,
     * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     *
     * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
     * or visit www.oracle.com if you need additional information or have any
     * questions.
     */
    
    //
    // SunJSSE does not support dynamic system properties, no way to re-use
    // system properties in samevm/agentvm mode.
    //
    
    /*
     * @test
     * @bug 4873188
     * @summary Support TLS 1.1
     * @modules java.security.jgss
     *          java.security.jgss/sun.security.jgss.krb5
     *          java.security.jgss/sun.security.krb5:+open
     *          java.security.jgss/sun.security.krb5.internal:+open
     *          java.security.jgss/sun.security.krb5.internal.ccache
     *          java.security.jgss/sun.security.krb5.internal.crypto
     *          java.security.jgss/sun.security.krb5.internal.ktab
     *          java.base/sun.security.util
     * @run main/othervm ExportableStreamCipher
     * @author Xuelei Fan
     */
    
    import java.io.IOException;
    import java.io.InputStream;
    import java.io.OutputStream;
    import javax.net.ssl.SSLException;
    import javax.net.ssl.SSLHandshakeException;
    import javax.net.ssl.SSLServerSocket;
    import javax.net.ssl.SSLServerSocketFactory;
    import javax.net.ssl.SSLSocket;
    import javax.net.ssl.SSLSocketFactory;
    
    public class ExportableStreamCipher {
    
        /*
         * =============================================================
         * Set the various variables needed for the tests, then
         * specify what tests to run on each side.
         */
    
        /*
         * Should we run the client or server in a separate thread?
         * Both sides can throw exceptions, but do you have a preference
         * as to which side should be the main thread.
         */
        static boolean separateServerThread = false;
    
        /*
         * Where do we find the keystores?
         */
        static String pathToStores = "../etc";
        static String keyStoreFile = "keystore";
        static String trustStoreFile = "truststore";
        static String passwd = "passphrase";
    
        /*
         * Is the server ready to serve?
         */
        volatile static boolean serverReady = false;
    
        /*
         * Turn on SSL debugging?
         */
        static boolean debug = false;
    
        /*
         * If the client or server is doing some kind of object creation
         * that the other side depends on, and that thread prematurely
         * exits, you may experience a hang.  The test harness will
         * terminate all hung threads after its timeout has expired,
         * currently 3 minutes by default, but you might try to be
         * smart about it....
         */
    
        /*
         * Define the server side of the test.
         *
         * If the server prematurely exits, serverReady will be set to true
         * to avoid infinite hangs.
         */
        void doServerSide() throws Exception {
            SSLServerSocketFactory sslssf =
                (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
            SSLServerSocket sslServerSocket =
                (SSLServerSocket) sslssf.createServerSocket(serverPort);
    
            serverPort = sslServerSocket.getLocalPort();
    
            /*
             * Signal Client, we're ready for his connect.
             */
            serverReady = true;
    
            SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
            InputStream sslIS = sslSocket.getInputStream();
            OutputStream sslOS = sslSocket.getOutputStream();
    
            boolean interrupted = false;
            try {
                sslIS.read();
                sslOS.write('A');
                sslOS.flush();
            } catch (IOException ioe) {
                // get the expected exception
                interrupted = true;
            } finally {
                sslSocket.close();
            }
    
            if (!interrupted) {
                throw new SSLHandshakeException(
                    "A weak cipher suite is negotiated, " +
                    "TLSv1.1 must not negotiate the exportable cipher suites.");
            }
        }
    
        /*
         * Define the client side of the test.
         *
         * If the server prematurely exits, serverReady will be set to true
         * to avoid infinite hangs.
         */
        void doClientSide() throws Exception {
    
            /*
             * Wait for server to get started.
             */
            while (!serverReady) {
                Thread.sleep(50);
            }
    
            SSLSocketFactory sslsf =
                (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslSocket = (SSLSocket)
                sslsf.createSocket("localhost", serverPort);
    
            // enable TLSv1.1 only
            sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});
    
            // enable a exportable stream cipher
            sslSocket.setEnabledCipherSuites(
                new String[] {"SSL_RSA_EXPORT_WITH_RC4_40_MD5"});
    
            InputStream sslIS = sslSocket.getInputStream();
            OutputStream sslOS = sslSocket.getOutputStream();
    
            boolean interrupted = false;
            try {
                sslOS.write('B');
                sslOS.flush();
                sslIS.read();
            } catch (SSLException ssle) {
                // get the expected exception
                interrupted = true;
            } finally {
                sslSocket.close();
            }
    
            if (!interrupted) {
                throw new SSLHandshakeException(
                    "A weak cipher suite is negotiated, " +
                    "TLSv1.1 must not negotiate the exportable cipher suites.");
            }
        }
    
        /*
         * =============================================================
         * The remainder is just support stuff
         */
    
        // use any free port by default
        volatile int serverPort = 0;
    
        volatile Exception serverException = null;
        volatile Exception clientException = null;
    
        public static void main(String[] args) throws Exception {
            String keyFilename =
                System.getProperty("test.src", ".") + "/" + pathToStores +
                    "/" + keyStoreFile;
            String trustFilename =
                System.getProperty("test.src", ".") + "/" + pathToStores +
                    "/" + trustStoreFile;
    
            System.setProperty("javax.net.ssl.keyStore", keyFilename);
            System.setProperty("javax.net.ssl.keyStorePassword", passwd);
            System.setProperty("javax.net.ssl.trustStore", trustFilename);
            System.setProperty("javax.net.ssl.trustStorePassword", passwd);
    
            if (debug)
                System.setProperty("javax.net.debug", "all");
    
            /*
             * Start the tests.
             */
            new ExportableStreamCipher();
        }
    
        Thread clientThread = null;
        Thread serverThread = null;
    
        /*
         * Primary constructor, used to drive remainder of the test.
         *
         * Fork off the other side, then do your work.
         */
        ExportableStreamCipher() throws Exception {
            try {
                if (separateServerThread) {
                    startServer(true);
                    startClient(false);
                } else {
                    startClient(true);
                    startServer(false);
                }
            } catch (Exception e) {
                // swallow for now.  Show later
            }
    
            /*
             * Wait for other side to close down.
             */
            if (separateServerThread) {
                serverThread.join();
            } else {
                clientThread.join();
            }
    
            /*
             * When we get here, the test is pretty much over.
             * Which side threw the error?
             */
            Exception local;
            Exception remote;
            String whichRemote;
    
            if (separateServerThread) {
                remote = serverException;
                local = clientException;
                whichRemote = "server";
            } else {
                remote = clientException;
                local = serverException;
                whichRemote = "client";
            }
    
            /*
             * If both failed, return the curthread's exception, but also
             * print the remote side Exception
             */
            if ((local != null) && (remote != null)) {
                System.out.println(whichRemote + " also threw:");
                remote.printStackTrace();
                System.out.println();
                throw local;
            }
    
            if (remote != null) {
                throw remote;
            }
    
            if (local != null) {
                throw local;
            }
        }
    
        void startServer(boolean newThread) throws Exception {
            if (newThread) {
                serverThread = new Thread() {
                    public void run() {
                        try {
                            doServerSide();
                        } catch (Exception e) {
                            /*
                             * Our server thread just died.
                             *
                             * Release the client, if not active already...
                             */
                            System.err.println("Server died...");
                            serverReady = true;
                            serverException = e;
                        }
                    }
                };
                serverThread.start();
            } else {
                try {
                    doServerSide();
                } catch (Exception e) {
                    serverException = e;
                } finally {
                    serverReady = true;
                }
            }
        }
    
        void startClient(boolean newThread) throws Exception {
            if (newThread) {
                clientThread = new Thread() {
                    public void run() {
                        try {
                            doClientSide();
                        } catch (Exception e) {
                            /*
                             * Our client thread just died.
                             */
                            System.err.println("Client died...");
                            clientException = e;
                        }
                    }
                };
                clientThread.start();
            } else {
                try {
                    doClientSide();
                } catch (Exception e) {
                    clientException = e;
                }
            }
        }
    }