8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error
Reviewed-by: xuelei, jnimeh
This commit is contained in:
Artem Smotrakov
parent
d928f3fae8
commit
aacb739bbd
@ -64,6 +64,8 @@ public class SimpleOCSPServer {
|
||||
private static final SimpleDateFormat utcDateFmt =
|
||||
new SimpleDateFormat("MMM dd yyyy, HH:mm:ss z");
|
||||
|
||||
static final int FREE_PORT = 0;
|
||||
|
||||
// CertStatus values
|
||||
public static enum CertStatus {
|
||||
CERT_STATUS_GOOD,
|
||||
@ -88,7 +90,8 @@ public class SimpleOCSPServer {
|
||||
private volatile boolean started = false;
|
||||
private volatile boolean serverReady = false;
|
||||
private volatile boolean receivedShutdown = false;
|
||||
private long delayMsec = 0;
|
||||
private volatile boolean acceptConnections = true;
|
||||
private volatile long delayMsec = 0;
|
||||
|
||||
// Fields used in the generation of responses
|
||||
private long nextUpdateInterval = -1;
|
||||
@ -116,7 +119,7 @@ public class SimpleOCSPServer {
|
||||
*/
|
||||
public SimpleOCSPServer(KeyStore ks, String password, String issuerAlias,
|
||||
String signerAlias) throws GeneralSecurityException, IOException {
|
||||
this(null, 0, ks, password, issuerAlias, signerAlias);
|
||||
this(null, FREE_PORT, ks, password, issuerAlias, signerAlias);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -230,6 +233,15 @@ public class SimpleOCSPServer {
|
||||
while (!receivedShutdown) {
|
||||
try {
|
||||
Socket newConnection = servSocket.accept();
|
||||
if (!acceptConnections) {
|
||||
try {
|
||||
log("Reject connection");
|
||||
newConnection.close();
|
||||
} catch (IOException e) {
|
||||
// ignore
|
||||
}
|
||||
continue;
|
||||
}
|
||||
threadPool.submit(new OcspHandler(newConnection));
|
||||
} catch (SocketTimeoutException timeout) {
|
||||
// Nothing to do here. If receivedShutdown
|
||||
@ -256,6 +268,23 @@ public class SimpleOCSPServer {
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Make the OCSP server reject incoming connections.
|
||||
*/
|
||||
public synchronized void rejectConnections() {
|
||||
log("Reject OCSP connections");
|
||||
acceptConnections = false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Make the OCSP server accept incoming connections.
|
||||
*/
|
||||
public synchronized void acceptConnections() {
|
||||
log("Accept OCSP connections");
|
||||
acceptConnections = true;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Stop the OCSP server.
|
||||
*/
|
||||
@ -499,13 +528,11 @@ public class SimpleOCSPServer {
|
||||
* on the incoming request.
|
||||
*/
|
||||
public void setDelay(long delayMillis) {
|
||||
if (!started) {
|
||||
delayMsec = delayMillis > 0 ? delayMillis : 0;
|
||||
if (delayMsec > 0) {
|
||||
log("OCSP latency set to " + delayMsec + " milliseconds.");
|
||||
} else {
|
||||
log("OCSP latency disabled");
|
||||
}
|
||||
delayMsec = delayMillis > 0 ? delayMillis : 0;
|
||||
if (delayMsec > 0) {
|
||||
log("OCSP latency set to " + delayMsec + " milliseconds.");
|
||||
} else {
|
||||
log("OCSP latency disabled");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -119,20 +119,22 @@ public class SSLSocketWithStapling {
|
||||
System.setProperty("javax.net.debug", "ssl");
|
||||
}
|
||||
|
||||
// Create the PKI we will use for the test and start the OCSP servers
|
||||
createPKI();
|
||||
try {
|
||||
// Create the PKI we will use for the test and start the OCSP servers
|
||||
createPKI();
|
||||
|
||||
testAllDefault();
|
||||
testPKIXParametersRevEnabled();
|
||||
testRevokedCertificate();
|
||||
testHardFailFallback();
|
||||
testSoftFailFallback();
|
||||
testLatencyNoStaple(false);
|
||||
testLatencyNoStaple(true);
|
||||
|
||||
// shut down the OCSP responders before finishing the test
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
testAllDefault();
|
||||
testPKIXParametersRevEnabled();
|
||||
testRevokedCertificate();
|
||||
testHardFailFallback();
|
||||
testSoftFailFallback();
|
||||
testLatencyNoStaple(false);
|
||||
testLatencyNoStaple(true);
|
||||
} finally {
|
||||
// shut down the OCSP responders before finishing the test
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -281,11 +283,9 @@ public class SSLSocketWithStapling {
|
||||
ServerParameters servParams = new ServerParameters();
|
||||
serverReady = false;
|
||||
|
||||
// Stop the OCSP responders and give a 1 second delay before
|
||||
// running the test.
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
Thread.sleep(1000);
|
||||
// make OCSP responders reject connections
|
||||
intOcsp.rejectConnections();
|
||||
rootOcsp.rejectConnections();
|
||||
|
||||
System.out.println("=======================================");
|
||||
System.out.println("Stapling enbled in client and server,");
|
||||
@ -315,9 +315,9 @@ public class SSLSocketWithStapling {
|
||||
System.out.println(" PASS");
|
||||
System.out.println("=======================================\n");
|
||||
|
||||
// Start the OCSP responders up again
|
||||
intOcsp.start();
|
||||
rootOcsp.start();
|
||||
// Make OCSP responders accept connections
|
||||
intOcsp.acceptConnections();
|
||||
rootOcsp.acceptConnections();
|
||||
|
||||
// Wait 5 seconds for server ready
|
||||
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
|
||||
@ -338,11 +338,9 @@ public class SSLSocketWithStapling {
|
||||
ServerParameters servParams = new ServerParameters();
|
||||
serverReady = false;
|
||||
|
||||
// Stop the OCSP responders and give a 1 second delay before
|
||||
// running the test.
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
Thread.sleep(1000);
|
||||
// make OCSP responders reject connections
|
||||
intOcsp.rejectConnections();
|
||||
rootOcsp.rejectConnections();
|
||||
|
||||
System.out.println("=======================================");
|
||||
System.out.println("Stapling enbled in client and server,");
|
||||
@ -372,9 +370,9 @@ public class SSLSocketWithStapling {
|
||||
System.out.println(" PASS");
|
||||
System.out.println("=======================================\n");
|
||||
|
||||
// Start the OCSP responders up again
|
||||
intOcsp.start();
|
||||
rootOcsp.start();
|
||||
// Make OCSP responders accept connections
|
||||
intOcsp.acceptConnections();
|
||||
rootOcsp.acceptConnections();
|
||||
|
||||
// Wait 5 seconds for server ready
|
||||
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
|
||||
@ -401,15 +399,10 @@ public class SSLSocketWithStapling {
|
||||
ServerParameters servParams = new ServerParameters();
|
||||
serverReady = false;
|
||||
|
||||
// Stop the OCSP responders and give a 1 second delay before
|
||||
// running the test.
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
Thread.sleep(1000);
|
||||
// Give a 1 second delay before running the test.
|
||||
intOcsp.setDelay(3000);
|
||||
rootOcsp.setDelay(3000);
|
||||
rootOcsp.start();
|
||||
intOcsp.start();
|
||||
Thread.sleep(1000);
|
||||
|
||||
// Wait 5 seconds for server ready
|
||||
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
|
||||
@ -458,13 +451,9 @@ public class SSLSocketWithStapling {
|
||||
System.out.println("========================================\n");
|
||||
|
||||
// Remove the OCSP responder latency
|
||||
intOcsp.stop();
|
||||
rootOcsp.stop();
|
||||
Thread.sleep(1000);
|
||||
intOcsp.setDelay(0);
|
||||
rootOcsp.setDelay(0);
|
||||
rootOcsp.start();
|
||||
intOcsp.start();
|
||||
Thread.sleep(1000);
|
||||
|
||||
// Wait 5 seconds for server ready
|
||||
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
|
||||
@ -676,6 +665,7 @@ public class SSLSocketWithStapling {
|
||||
* Release the client, if not active already...
|
||||
*/
|
||||
System.err.println("Server died...");
|
||||
e.printStackTrace(System.err);
|
||||
serverReady = true;
|
||||
serverException = e;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user