8241372: Several test failures due to javax.net.ssl.SSLException: Connection reset

Reviewed-by: dfuchs, rhalade
2021-02-16 18:54:39 +00:00 · 2021-02-16 18:54:39 +00:00 · 0a50688dec
commit 0a50688dec
parent 61a659f4bf
4 changed files with 51 additions and 16 deletions
--- a/test/jdk/javax/net/ssl/SSLSession/TestEnabledProtocols.java
+++ b/test/jdk/javax/net/ssl/SSLSession/TestEnabledProtocols.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -41,6 +41,8 @@
 import java.io.InputStream;
 import java.io.InterruptedIOException;
 import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.SocketException;
 import java.security.Security;
 import java.util.Arrays;

@ -63,6 +65,7 @@ public class TestEnabledProtocols extends SSLSocketTemplate {
        this.clientProtocols = clientProtocols;
        this.exceptionExpected = exceptionExpected;
        this.selectedProtocol = selectedProtocol;
+        this.serverAddress = InetAddress.getLoopbackAddress();
    }

    @Override
@ -126,25 +129,40 @@ public class TestEnabledProtocols extends SSLSocketTemplate {
            out.write(280);
        } catch (SSLHandshakeException e) {
            if (!exceptionExpected) {
-                System.out.println(
-                        "Client got UNEXPECTED SSLHandshakeException:");
-                e.printStackTrace(System.out);
-                System.out.println("** FAILURE **");
-                throw new RuntimeException(e);
+                failTest(e, "Client got UNEXPECTED SSLHandshakeException:");
            } else {
                System.out.println(
                        "Client got expected SSLHandshakeException:");
                e.printStackTrace(System.out);
                System.out.println("** Success **");
            }
+        } catch (SSLException ssle) {
+            // The server side may have closed the socket.
+            if (isConnectionReset(ssle)) {
+                System.out.println("Client SSLException:");
+                ssle.printStackTrace(System.out);
+            } else {
+                failTest(ssle, "Client got UNEXPECTED SSLException:");
+            }
+
        } catch (Exception e) {
-            System.out.println("Client got UNEXPECTED Exception:");
-            e.printStackTrace(System.out);
-            System.out.println("** FAILURE **");
-            throw new RuntimeException(e);
+            failTest(e, "Client got UNEXPECTED Exception:");
        }
    }

+    private boolean isConnectionReset(SSLException ssle) {
+        Throwable cause = ssle.getCause();
+        return cause instanceof SocketException
+                && "Connection reset".equals(cause.getMessage());
+    }
+
+    private void failTest(Exception e, String message) {
+        System.out.println(message);
+        e.printStackTrace(System.out);
+        System.out.println("** FAILURE **");
+        throw new RuntimeException(e);
+    }
+
    public static void main(String[] args) throws Exception {
        Security.setProperty("jdk.tls.disabledAlgorithms", "");

--- a/test/jdk/javax/net/ssl/TLSCommon/TLSTest.java
+++ b/test/jdk/javax/net/ssl/TLSCommon/TLSTest.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -25,6 +25,8 @@
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
 import java.security.KeyFactory;
 import java.security.KeyStore;
 import java.security.PrivateKey;
@ -206,8 +208,11 @@ public class TLSTest {
                    keyType.getTrustedCert(), keyType.getEndCert(),
                    keyType.getPrivateKey(), keyType.getKeyType());
            SSLServerSocketFactory sslssf = ctx.getServerSocketFactory();
+            InetSocketAddress socketAddress =
+                    new InetSocketAddress(InetAddress.getLoopbackAddress(), port);
            SSLServerSocket sslServerSocket
-                    = (SSLServerSocket) sslssf.createServerSocket(port);
+                    = (SSLServerSocket) sslssf.createServerSocket();
+            sslServerSocket.bind(socketAddress);
            port = sslServerSocket.getLocalPort();
            System.out.println("Server listining on port: " + port);
            // specify the enabled server cipher suites
--- a/test/jdk/sun/security/ssl/CipherSuite/SupportedGroups.java
+++ b/test/jdk/sun/security/ssl/CipherSuite/SupportedGroups.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -37,6 +37,7 @@
  * @run main/othervm SupportedGroups ffdhe6144
  * @run main/othervm SupportedGroups ffdhe8192
 */
+import java.net.InetAddress;
 import java.util.Arrays;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLServerSocket;
@ -51,6 +52,10 @@ public class SupportedGroups extends SSLSocketTemplate {
        {{"TLSv1.2"}, {"TLSv1.2"}}
    };

+    public SupportedGroups() {
+        this.serverAddress = InetAddress.getLoopbackAddress();
+    }
+
    // Servers are configured before clients, increment test case after.
    @Override
    protected void configureClientSocket(SSLSocket socket) {
--- a/test/jdk/sun/security/ssl/SSLSocketImpl/ReverseNameLookup.java
+++ b/test/jdk/sun/security/ssl/SSLSocketImpl/ReverseNameLookup.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -24,13 +24,16 @@
 /*
 * @test
 * @bug 4748292
+ * @library /test/lib
 * @summary Prevent/Disable reverse name lookups with JSSE SSL sockets
- * @run main/othervm ReverseNameLookup
+ * @run main/othervm ReverseNameLookup -Djava.net.preferIPv4Stack
 *
 *     SunJSSE does not support dynamic system properties, no way to re-use
 *     system properties in samevm/agentvm mode.
 */

+import jdk.test.lib.net.IPSupport;
+
 import java.io.*;
 import java.net.*;
 import javax.net.ssl.*;
@ -86,8 +89,11 @@ public class ReverseNameLookup {
    void doServerSide() throws Exception {
        SSLServerSocketFactory sslssf =
            (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
+        InetSocketAddress socketAddress =
+                new InetSocketAddress(InetAddress.getLoopbackAddress(), serverPort);
        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
+            (SSLServerSocket) sslssf.createServerSocket();
+        sslServerSocket.bind(socketAddress);

        serverPort = sslServerSocket.getLocalPort();

@ -152,6 +158,7 @@ public class ReverseNameLookup {
    volatile Exception clientException = null;

    public static void main(String[] args) throws Exception {
+        IPSupport.throwSkippedExceptionIfNonOperational();
        String keyFilename =
            System.getProperty("test.src", "./") + "/" + pathToStores +
                "/" + keyStoreFile;