You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by je...@apache.org on 2013/04/08 21:48:54 UTC
git commit: Add basic SSL test (skipped)
Updated Branches:
refs/heads/trunk 653d1a5ff -> 41cdd79bd
Add basic SSL test (skipped)
Project: http://git-wip-us.apache.org/repos/asf/mina/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina/commit/41cdd79b
Tree: http://git-wip-us.apache.org/repos/asf/mina/tree/41cdd79b
Diff: http://git-wip-us.apache.org/repos/asf/mina/diff/41cdd79b
Branch: refs/heads/trunk
Commit: 41cdd79bd7bf3f9c61a4fcdfef846919b9475f8b
Parents: 653d1a5
Author: Jeff MAURY <je...@apache.org>
Authored: Mon Apr 8 21:48:13 2013 +0200
Committer: Jeff MAURY <je...@apache.org>
Committed: Mon Apr 8 21:48:13 2013 +0200
----------------------------------------------------------------------
.../org/apache/mina/transport/tcp/SslTest.java | 173 +++++++++++++++
.../org/apache/mina/transport/tcp/keystore.cert | Bin 0 -> 937 bytes
.../org/apache/mina/transport/tcp/keystore.sslTest | Bin 0 -> 1368 bytes
.../apache/mina/transport/tcp/truststore.sslTest | Bin 0 -> 654 bytes
4 files changed, 173 insertions(+), 0 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
new file mode 100644
index 0000000..fb4aabd
--- /dev/null
+++ b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
@@ -0,0 +1,173 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.mina.transport.tcp;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.Security;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.mina.api.AbstractIoHandler;
+import org.apache.mina.api.IoSession;
+import org.apache.mina.codec.textline.TextLineDecoder;
+import org.apache.mina.codec.textline.TextLineEncoder;
+import org.apache.mina.filter.codec.ProtocolCodecFilter;
+import org.apache.mina.transport.nio.tcp.NioTcpServer;
+import org.junit.Ignore;
+import org.junit.Test;
+
+/**
+ * Test a SSL session where the connection is established and closed twice. It should be
+ * processed correctly (Test for DIRMINA-650)
+ *
+ * @author <a href="http://mina.apache.org">Apache MINA Project</a>
+ */
+public class SslTest {
+ private static Exception clientError = null;
+
+ private static InetAddress address;
+
+ private static SSLSocketFactory factory;
+
+ /** A JVM independant KEY_MANAGER_FACTORY algorithm */
+ private static final String KEY_MANAGER_FACTORY_ALGORITHM;
+
+ static {
+ String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
+ if (algorithm == null) {
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ }
+
+ KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
+ }
+
+ private static class TestHandler extends AbstractIoHandler {
+ public void messageReceived(IoSession session, Object message) {
+ String line = (String) message;
+
+ if (line.startsWith("hello")) {
+ System.out.println("Server got: 'hello', waiting for 'send'");
+ } else if (line.startsWith("send")) {
+ System.out.println("Server got: 'send', sending 'data'");
+ session.write("data");
+ }
+ }
+ }
+
+ /**
+ * Starts a Server with the SSL Filter and a simple text line
+ * protocol codec filter
+ */
+ private static int startServer() throws Exception {
+ NioTcpServer server = new NioTcpServer();
+
+ server.setReuseAddress(true);
+ server.getSessionConfig().setSslContext(createSSLContext());
+ server.setFilters(new ProtocolCodecFilter(new TextLineEncoder(), new TextLineDecoder()));
+ server.setIoHandler(new TestHandler());
+ server.bind(new InetSocketAddress(0));
+ return server.getServerSocketChannel().socket().getLocalPort();
+ }
+
+ /**
+ * Starts a client which will connect twice using SSL
+ */
+ private static void startClient(int port) throws Exception {
+ address = InetAddress.getByName("localhost");
+
+ SSLContext context = createSSLContext();
+ factory = context.getSocketFactory();
+
+ connectAndSend(port);
+
+ // This one will throw a SocketTimeoutException if DIRMINA-650 is not fixed
+ connectAndSend(port);
+ }
+
+ private static void connectAndSend(int port) throws Exception {
+ Socket parent = new Socket(address, port);
+ Socket socket = factory.createSocket(parent, address.getCanonicalHostName(), port, false);
+
+ System.out.println("Client sending: hello");
+ socket.getOutputStream().write("hello \n".getBytes());
+ socket.getOutputStream().flush();
+ socket.setSoTimeout(10000);
+
+ System.out.println("Client sending: send");
+ socket.getOutputStream().write("send\n".getBytes());
+ socket.getOutputStream().flush();
+
+ BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
+ String line = in.readLine();
+ System.out.println("Client got: " + line);
+ socket.close();
+
+ }
+
+ private static SSLContext createSSLContext() throws IOException, GeneralSecurityException {
+ char[] passphrase = "password".toCharArray();
+
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+
+ KeyStore ks = KeyStore.getInstance("JKS");
+ KeyStore ts = KeyStore.getInstance("JKS");
+
+ ks.load(SslTest.class.getResourceAsStream("keystore.sslTest"), passphrase);
+ ts.load(SslTest.class.getResourceAsStream("truststore.sslTest"), passphrase);
+
+ kmf.init(ks, passphrase);
+ tmf.init(ts);
+ ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+ return ctx;
+ }
+
+ @Test
+ @Ignore("Waiting for the SSLHelper to be refactored")
+ public void testSSL() throws Exception {
+ final int port = startServer();
+
+ Thread t = new Thread() {
+ public void run() {
+ try {
+ startClient(port);
+ } catch (Exception e) {
+ clientError = e;
+ }
+ }
+ };
+ t.start();
+ t.join();
+ if (clientError != null)
+ throw clientError;
+ }
+}
http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert
new file mode 100644
index 0000000..d34502d
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert differ
http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest
new file mode 100644
index 0000000..36190ba
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest differ
http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest
new file mode 100644
index 0000000..48c5963
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest differ