Add unit test for DIRMINA-937. Ignored for the build not to fail
Project: http://git-wip-us.apache.org/repos/asf/mina/repo Commit: http://git-wip-us.apache.org/repos/asf/mina/commit/885ec9fa Tree: http://git-wip-us.apache.org/repos/asf/mina/tree/885ec9fa Diff: http://git-wip-us.apache.org/repos/asf/mina/diff/885ec9fa Branch: refs/heads/2.0 Commit: 885ec9fa3fb9b01cf41ade4751832ca1e4397af7 Parents: ab618cd Author: Jeff MAURY <[email protected]> Authored: Tue Mar 26 00:18:43 2013 +0100 Committer: Jeff MAURY <[email protected]> Committed: Wed Nov 27 13:23:05 2013 +0100 ---------------------------------------------------------------------- .../mina/filter/ssl/SslDIRMINA937Test.java | 170 +++++++++++++++++++ 1 file changed, 170 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mina/blob/885ec9fa/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java ---------------------------------------------------------------------- diff --git a/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java new file mode 100644 index 0000000..0086729 --- /dev/null +++ b/mina-core/src/test/java/org/apache/mina/filter/ssl/SslDIRMINA937Test.java @@ -0,0 +1,170 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.mina.filter.ssl; + +import static org.junit.Assert.*; +import java.io.IOException; +import java.net.InetSocketAddress; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.Security; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.TimeUnit; + +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManagerFactory; + +import org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder; +import org.apache.mina.core.service.IoHandlerAdapter; +import org.apache.mina.core.session.IoSession; +import org.apache.mina.filter.codec.ProtocolCodecFilter; +import org.apache.mina.filter.codec.textline.TextLineCodecFactory; +import org.apache.mina.transport.socket.nio.NioSocketAcceptor; +import org.apache.mina.transport.socket.nio.NioSocketConnector; +import org.apache.mina.util.AvailablePortFinder; +import org.junit.Ignore; +import org.junit.Test; + +/** + * Test an SSL session where the connection cannot be established with the server due to + * incompatible protocols (Test for DIRMINA-937) + * + * @author <a href="http://mina.apache.org";>Apache MINA Project</a> + */ +public class SslDIRMINA937Test { + /** A static port used for his test, chosen to avoid collisions */ + private static final int port = AvailablePortFinder.getNextAvailable(5555); + + private static Exception clientError = null; + + /** A JVM independant KEY_MANAGER_FACTORY algorithm */ + private static final String KEY_MANAGER_FACTORY_ALGORITHM; + + static { + String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); + if (algorithm == null) { + algorithm = KeyManagerFactory.getDefaultAlgorithm(); + } + + KEY_MANAGER_FACTORY_ALGORITHM = algorithm; + } + + private static class TestHandler extends IoHandlerAdapter { + public void messageReceived(IoSession session, Object message) throws Exception { + String line = (String) message; + + if (line.startsWith("hello")) { + System.out.println("Server got: 'hello', waiting for 'send'"); + Thread.sleep(1500); + } else if (line.startsWith("send")) { + System.out.println("Server got: 'send', sending 'data'"); + session.write("data"); + } + } + } + + /** + * Starts a Server with the SSL Filter and a simple text line + * protocol codec filter + */ + private static void startServer() throws Exception { + NioSocketAcceptor acceptor = new NioSocketAcceptor(); + + acceptor.setReuseAddress(true); + DefaultIoFilterChainBuilder filters = acceptor.getFilterChain(); + + // Inject the SSL filter + SSLContext context = createSSLContext("TLSv1"); + SslFilter sslFilter = new SslFilter(context); + sslFilter.setEnabledProtocols(new String[] { "TLSv1" }); + //sslFilter.setEnabledCipherSuites(getServerCipherSuites(context.getDefaultSSLParameters().getCipherSuites())); + filters.addLast("sslFilter", sslFilter); + + // Inject the TestLine codec filter + filters.addLast("text", new ProtocolCodecFilter(new TextLineCodecFactory())); + + acceptor.setHandler(new TestHandler()); + acceptor.bind(new InetSocketAddress(port)); + } + + /** + * Starts a client which will connect twice using SSL + */ + private static void startClient(final CountDownLatch counter) throws Exception { + NioSocketConnector connector = new NioSocketConnector(); + + DefaultIoFilterChainBuilder filters = connector.getFilterChain(); + SslFilter sslFilter = new SslFilter(createSSLContext("TLSv1.1")); + sslFilter.setEnabledProtocols(new String[] { "TLSv1.1" }); + sslFilter.setUseClientMode(true); + //sslFilter.setEnabledCipherSuites(getClientCipherSuites()); + filters.addLast("sslFilter", sslFilter); + connector.setHandler(new IoHandlerAdapter() { + @Override + public void sessionCreated(IoSession session) throws Exception { + session.setAttribute(SslFilter.USE_NOTIFICATION, Boolean.TRUE); + } + + @Override + public void messageReceived(IoSession session, Object message) throws Exception { + if (message == SslFilter.SESSION_SECURED) { + counter.countDown(); + } + } + + + }); + connector.connect(new InetSocketAddress("localhost", port)); + } + + private static SSLContext createSSLContext(String protocol) throws IOException, GeneralSecurityException { + char[] passphrase = "password".toCharArray(); + + SSLContext ctx = SSLContext.getInstance(protocol); + KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM); + TrustManagerFactory tmf = TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM); + + KeyStore ks = KeyStore.getInstance("JKS"); + KeyStore ts = KeyStore.getInstance("JKS"); + + ks.load(SslDIRMINA937Test.class.getResourceAsStream("keystore.sslTest"), passphrase); + ts.load(SslDIRMINA937Test.class.getResourceAsStream("truststore.sslTest"), passphrase); + + kmf.init(ks, passphrase); + tmf.init(ts); + ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); + + return ctx; + } + + /** + * Test is ignore as it will cause the build to fail + */ + @Test + @Ignore + public void testDIRMINA937() throws Exception { + startServer(); + + final CountDownLatch counter = new CountDownLatch(1); + startClient(counter); + assertTrue(counter.await(10, TimeUnit.SECONDS)); + } +}
