You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by je...@apache.org on 2013/04/08 21:48:54 UTC
git commit: Add basic SSL test (skipped)

Updated Branches:
  refs/heads/trunk 653d1a5ff -> 41cdd79bd


Add basic SSL test (skipped)


Project: http://git-wip-us.apache.org/repos/asf/mina/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina/commit/41cdd79b
Tree: http://git-wip-us.apache.org/repos/asf/mina/tree/41cdd79b
Diff: http://git-wip-us.apache.org/repos/asf/mina/diff/41cdd79b

Branch: refs/heads/trunk
Commit: 41cdd79bd7bf3f9c61a4fcdfef846919b9475f8b
Parents: 653d1a5
Author: Jeff MAURY <je...@apache.org>
Authored: Mon Apr 8 21:48:13 2013 +0200
Committer: Jeff MAURY <je...@apache.org>
Committed: Mon Apr 8 21:48:13 2013 +0200

----------------------------------------------------------------------
 .../org/apache/mina/transport/tcp/SslTest.java     |  173 +++++++++++++++
 .../org/apache/mina/transport/tcp/keystore.cert    |  Bin 0 -> 937 bytes
 .../org/apache/mina/transport/tcp/keystore.sslTest |  Bin 0 -> 1368 bytes
 .../apache/mina/transport/tcp/truststore.sslTest   |  Bin 0 -> 654 bytes
 4 files changed, 173 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
new file mode 100644
index 0000000..fb4aabd
--- /dev/null
+++ b/core/src/test/java/org/apache/mina/transport/tcp/SslTest.java
@@ -0,0 +1,173 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.mina.transport.tcp;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.Security;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.mina.api.AbstractIoHandler;
+import org.apache.mina.api.IoSession;
+import org.apache.mina.codec.textline.TextLineDecoder;
+import org.apache.mina.codec.textline.TextLineEncoder;
+import org.apache.mina.filter.codec.ProtocolCodecFilter;
+import org.apache.mina.transport.nio.tcp.NioTcpServer;
+import org.junit.Ignore;
+import org.junit.Test;
+
+/**
+ * Test a SSL session where the connection is established and closed twice. It should be
+ * processed correctly (Test for DIRMINA-650)
+ *
+ * @author <a href="http://mina.apache.org">Apache MINA Project</a>
+ */
+public class SslTest {
+    private static Exception clientError = null;
+
+    private static InetAddress address;
+
+    private static SSLSocketFactory factory;
+
+    /** A JVM independant KEY_MANAGER_FACTORY algorithm */
+    private static final String KEY_MANAGER_FACTORY_ALGORITHM;
+
+    static {
+        String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
+        if (algorithm == null) {
+            algorithm = KeyManagerFactory.getDefaultAlgorithm();
+        }
+
+        KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
+    }
+
+    private static class TestHandler extends AbstractIoHandler {
+        public void messageReceived(IoSession session, Object message) {
+            String line = (String) message;
+
+            if (line.startsWith("hello")) {
+                System.out.println("Server got: 'hello', waiting for 'send'");
+            } else if (line.startsWith("send")) {
+                System.out.println("Server got: 'send', sending 'data'");
+                session.write("data");
+            }
+        }
+    }
+
+    /**
+     * Starts a Server with the SSL Filter and a simple text line 
+     * protocol codec filter
+     */
+    private static int startServer() throws Exception {
+        NioTcpServer server = new NioTcpServer();
+
+        server.setReuseAddress(true);
+        server.getSessionConfig().setSslContext(createSSLContext());
+        server.setFilters(new ProtocolCodecFilter(new TextLineEncoder(), new TextLineDecoder()));
+        server.setIoHandler(new TestHandler());
+        server.bind(new InetSocketAddress(0));
+        return server.getServerSocketChannel().socket().getLocalPort();
+    }
+
+    /**
+     * Starts a client which will connect twice using SSL
+     */
+    private static void startClient(int port) throws Exception {
+        address = InetAddress.getByName("localhost");
+
+        SSLContext context = createSSLContext();
+        factory = context.getSocketFactory();
+
+        connectAndSend(port);
+
+        // This one will throw a SocketTimeoutException if DIRMINA-650 is not fixed
+        connectAndSend(port);
+    }
+
+    private static void connectAndSend(int port) throws Exception {
+        Socket parent = new Socket(address, port);
+        Socket socket = factory.createSocket(parent, address.getCanonicalHostName(), port, false);
+
+        System.out.println("Client sending: hello");
+        socket.getOutputStream().write("hello                      \n".getBytes());
+        socket.getOutputStream().flush();
+        socket.setSoTimeout(10000);
+
+        System.out.println("Client sending: send");
+        socket.getOutputStream().write("send\n".getBytes());
+        socket.getOutputStream().flush();
+
+        BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
+        String line = in.readLine();
+        System.out.println("Client got: " + line);
+        socket.close();
+
+    }
+
+    private static SSLContext createSSLContext() throws IOException, GeneralSecurityException {
+        char[] passphrase = "password".toCharArray();
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
+
+        KeyStore ks = KeyStore.getInstance("JKS");
+        KeyStore ts = KeyStore.getInstance("JKS");
+
+        ks.load(SslTest.class.getResourceAsStream("keystore.sslTest"), passphrase);
+        ts.load(SslTest.class.getResourceAsStream("truststore.sslTest"), passphrase);
+
+        kmf.init(ks, passphrase);
+        tmf.init(ts);
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        return ctx;
+    }
+
+    @Test
+    @Ignore("Waiting for the SSLHelper to be refactored")
+    public void testSSL() throws Exception {
+        final int port = startServer();
+
+        Thread t = new Thread() {
+            public void run() {
+                try {
+                    startClient(port);
+                } catch (Exception e) {
+                    clientError = e;
+                }
+            }
+        };
+        t.start();
+        t.join();
+        if (clientError != null)
+            throw clientError;
+    }
+}

http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert
new file mode 100644
index 0000000..d34502d
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.cert differ

http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest
new file mode 100644
index 0000000..36190ba
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/keystore.sslTest differ

http://git-wip-us.apache.org/repos/asf/mina/blob/41cdd79b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest
----------------------------------------------------------------------
diff --git a/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest
new file mode 100644
index 0000000..48c5963
Binary files /dev/null and b/core/src/test/resources/org/apache/mina/transport/tcp/truststore.sslTest differ