You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by je...@apache.org on 2013/03/26 00:19:08 UTC
git commit: Add unit test for DIRMINA-937. Ignored for the build not
to fail
Updated Branches:
refs/heads/2.0 2c1bf3950 -> 1c0b3f1b7
Add unit test for DIRMINA-937. Ignored for the build not to fail
Project: http://git-wip-us.apache.org/repos/asf/mina/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina/commit/1c0b3f1b
Tree: http://git-wip-us.apache.org/repos/asf/mina/tree/1c0b3f1b
Diff: http://git-wip-us.apache.org/repos/asf/mina/diff/1c0b3f1b
Branch: refs/heads/2.0
Commit: 1c0b3f1b7ea69cf0f24f10e5e742d86d1a8d4a99
Parents: 2c1bf39
Author: Jeff MAURY <je...@apache.org>
Authored: Tue Mar 26 00:18:43 2013 +0100
Committer: Jeff MAURY <je...@apache.org>
Committed: Tue Mar 26 00:18:43 2013 +0100
----------------------------------------------------------------------
.../apache/mina/filter/ssl/SslDIRMINA937Test.java | 170 +++++++++++++++
1 files changed, 170 insertions(+), 0 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina/blob/1c0b3f1b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java
----------------------------------------------------------------------
diff --git a/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java
new file mode 100644
index 0000000..0086729
--- /dev/null
+++ b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java
@@ -0,0 +1,170 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.mina.filter.ssl;
+
+import static org.junit.Assert.*;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.Security;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder;
+import org.apache.mina.core.service.IoHandlerAdapter;
+import org.apache.mina.core.session.IoSession;
+import org.apache.mina.filter.codec.ProtocolCodecFilter;
+import org.apache.mina.filter.codec.textline.TextLineCodecFactory;
+import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
+import org.apache.mina.transport.socket.nio.NioSocketConnector;
+import org.apache.mina.util.AvailablePortFinder;
+import org.junit.Ignore;
+import org.junit.Test;
+
+/**
+ * Test an SSL session where the connection cannot be established with the server due to
+ * incompatible protocols (Test for DIRMINA-937)
+ *
+ * @author <a href="http://mina.apache.org">Apache MINA Project</a>
+ */
+public class SslDIRMINA937Test {
+ /** A static port used for his test, chosen to avoid collisions */
+ private static final int port = AvailablePortFinder.getNextAvailable(5555);
+
+ private static Exception clientError = null;
+
+ /** A JVM independant KEY_MANAGER_FACTORY algorithm */
+ private static final String KEY_MANAGER_FACTORY_ALGORITHM;
+
+ static {
+ String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
+ if (algorithm == null) {
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ }
+
+ KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
+ }
+
+ private static class TestHandler extends IoHandlerAdapter {
+ public void messageReceived(IoSession session, Object message) throws Exception {
+ String line = (String) message;
+
+ if (line.startsWith("hello")) {
+ System.out.println("Server got: 'hello', waiting for 'send'");
+ Thread.sleep(1500);
+ } else if (line.startsWith("send")) {
+ System.out.println("Server got: 'send', sending 'data'");
+ session.write("data");
+ }
+ }
+ }
+
+ /**
+ * Starts a Server with the SSL Filter and a simple text line
+ * protocol codec filter
+ */
+ private static void startServer() throws Exception {
+ NioSocketAcceptor acceptor = new NioSocketAcceptor();
+
+ acceptor.setReuseAddress(true);
+ DefaultIoFilterChainBuilder filters = acceptor.getFilterChain();
+
+ // Inject the SSL filter
+ SSLContext context = createSSLContext("TLSv1");
+ SslFilter sslFilter = new SslFilter(context);
+ sslFilter.setEnabledProtocols(new String[] { "TLSv1" });
+ //sslFilter.setEnabledCipherSuites(getServerCipherSuites(context.getDefaultSSLParameters().getCipherSuites()));
+ filters.addLast("sslFilter", sslFilter);
+
+ // Inject the TestLine codec filter
+ filters.addLast("text", new ProtocolCodecFilter(new TextLineCodecFactory()));
+
+ acceptor.setHandler(new TestHandler());
+ acceptor.bind(new InetSocketAddress(port));
+ }
+
+ /**
+ * Starts a client which will connect twice using SSL
+ */
+ private static void startClient(final CountDownLatch counter) throws Exception {
+ NioSocketConnector connector = new NioSocketConnector();
+
+ DefaultIoFilterChainBuilder filters = connector.getFilterChain();
+ SslFilter sslFilter = new SslFilter(createSSLContext("TLSv1.1"));
+ sslFilter.setEnabledProtocols(new String[] { "TLSv1.1" });
+ sslFilter.setUseClientMode(true);
+ //sslFilter.setEnabledCipherSuites(getClientCipherSuites());
+ filters.addLast("sslFilter", sslFilter);
+ connector.setHandler(new IoHandlerAdapter() {
+ @Override
+ public void sessionCreated(IoSession session) throws Exception {
+ session.setAttribute(SslFilter.USE_NOTIFICATION, Boolean.TRUE);
+ }
+
+ @Override
+ public void messageReceived(IoSession session, Object message) throws Exception {
+ if (message == SslFilter.SESSION_SECURED) {
+ counter.countDown();
+ }
+ }
+
+
+ });
+ connector.connect(new InetSocketAddress("localhost", port));
+ }
+
+ private static SSLContext createSSLContext(String protocol) throws IOException, GeneralSecurityException {
+ char[] passphrase = "password".toCharArray();
+
+ SSLContext ctx = SSLContext.getInstance(protocol);
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+
+ KeyStore ks = KeyStore.getInstance("JKS");
+ KeyStore ts = KeyStore.getInstance("JKS");
+
+ ks.load(SslDIRMINA937Test.class.getResourceAsStream("keystore.sslTest"), passphrase);
+ ts.load(SslDIRMINA937Test.class.getResourceAsStream("truststore.sslTest"), passphrase);
+
+ kmf.init(ks, passphrase);
+ tmf.init(ts);
+ ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+ return ctx;
+ }
+
+ /**
+ * Test is ignore as it will cause the build to fail
+ */
+ @Test
+ @Ignore
+ public void testDIRMINA937() throws Exception {
+ startServer();
+
+ final CountDownLatch counter = new CountDownLatch(1);
+ startClient(counter);
+ assertTrue(counter.await(10, TimeUnit.SECONDS));
+ }
+}