8153829: javax/net/ssl/Stapling/HttpsUrlConnClient.java fails intermittently with NullPointerException

Reviewed-by: xuelei, jnimeh
This commit is contained in:
Rajan Halade 2016-04-12 09:37:46 -07:00
parent f767b8ce19
commit cfb375b438
6 changed files with 159 additions and 32 deletions
jdk/test
java/security/testlibrary
javax/net/ssl/Stapling
sun/security/ssl/StatusStapling/java.base/sun/security/ssl

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -86,6 +86,7 @@ public class SimpleOCSPServer {
private boolean logEnabled = false;
private ExecutorService threadPool;
private volatile boolean started = false;
private volatile boolean serverReady = false;
private volatile boolean receivedShutdown = false;
private long delayMsec = 0;
@ -217,6 +218,9 @@ public class SimpleOCSPServer {
listenPort), 128);
log("Listening on " + servSocket.getLocalSocketAddress());
// Singal ready
serverReady = true;
// Update the listenPort with the new port number. If
// the server is restarted, it will bind to the same
// port rather than picking a new one.
@ -242,11 +246,12 @@ public class SimpleOCSPServer {
threadPool.shutdown();
} catch (IOException ioe) {
err(ioe);
} finally {
// Reset state variables so the server can be restarted
receivedShutdown = false;
started = false;
serverReady = false;
}
// Reset state variables so the server can be restarted
receivedShutdown = false;
started = false;
}
});
}
@ -468,7 +473,7 @@ public class SimpleOCSPServer {
* server has not yet been bound to a port.
*/
public int getPort() {
if (servSocket != null && started) {
if (serverReady) {
InetSocketAddress inetSock =
(InetSocketAddress)servSocket.getLocalSocketAddress();
return inetSock.getPort();
@ -477,6 +482,15 @@ public class SimpleOCSPServer {
}
}
/**
* Use to check if OCSP server is ready to accept connection.
*
* @return true if server ready, false otherwise
*/
public boolean isServerReady() {
return serverReady;
}
/**
* Set a delay between the reception of the request and production of
* the response.

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
/*
* @test
* @bug 8046321
* @bug 8046321 8153829
* @summary OCSP Stapling for TLS
* @library ../../../../java/security/testlibrary
* @build CertificateBuilder SimpleOCSPServer
@ -298,12 +298,13 @@ public class HttpsUrlConnClient {
*/
void doClientSide(ClientParameters cliParams) throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !serverReady); i++) {
Thread.sleep(50);
}
if (!serverReady) {
throw new RuntimeException("Server not ready yet");
}
// Selectively enable or disable the feature
System.setProperty("jdk.tls.client.enableStatusRequestExtension",
@ -532,7 +533,15 @@ public class HttpsUrlConnClient {
rootOcsp.enableLog(debug);
rootOcsp.setNextUpdateInterval(3600);
rootOcsp.start();
Thread.sleep(1000); // Give the server a second to start up
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !rootOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
rootOcspPort = rootOcsp.getPort();
String rootRespURI = "http://localhost:" + rootOcspPort;
log("Root OCSP Responder URI is " + rootRespURI);
@ -577,7 +586,15 @@ public class HttpsUrlConnClient {
intOcsp.enableLog(debug);
intOcsp.setNextUpdateInterval(3600);
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !intOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
intOcspPort = intOcsp.getPort();
String intCaRespURI = "http://localhost:" + intOcspPort;
log("Intermediate CA OCSP Responder URI is " + intCaRespURI);

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
/*
* @test
* @bug 8046321
* @bug 8046321 8153829
* @summary OCSP Stapling for TLS
* @library ../../../../java/security/testlibrary
* @build CertificateBuilder SimpleOCSPServer
@ -487,7 +487,15 @@ public class SSLEngineWithStapling {
rootOcsp.enableLog(logging);
rootOcsp.setNextUpdateInterval(3600);
rootOcsp.start();
Thread.sleep(1000); // Give the server a second to start up
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !rootOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
rootOcspPort = rootOcsp.getPort();
String rootRespURI = "http://localhost:" + rootOcspPort;
log("Root OCSP Responder URI is " + rootRespURI);
@ -532,7 +540,15 @@ public class SSLEngineWithStapling {
intOcsp.enableLog(logging);
intOcsp.setNextUpdateInterval(3600);
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !intOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
intOcspPort = intOcsp.getPort();
String intCaRespURI = "http://localhost:" + intOcspPort;
log("Intermediate CA OCSP Responder URI is " + intCaRespURI);

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
/*
* @test
* @bug 8046321
* @bug 8046321 8153829
* @summary OCSP Stapling for TLS
* @library ../../../../java/security/testlibrary
* @build CertificateBuilder SimpleOCSPServer
@ -318,6 +318,14 @@ public class SSLSocketWithStapling {
// Start the OCSP responders up again
intOcsp.start();
rootOcsp.start();
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
}
/**
@ -367,6 +375,14 @@ public class SSLSocketWithStapling {
// Start the OCSP responders up again
intOcsp.start();
rootOcsp.start();
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
}
/**
@ -394,7 +410,14 @@ public class SSLSocketWithStapling {
rootOcsp.setDelay(3000);
rootOcsp.start();
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
System.out.println("========================================");
System.out.println("Stapling enbled in client. Server does");
@ -442,6 +465,14 @@ public class SSLSocketWithStapling {
rootOcsp.setDelay(0);
rootOcsp.start();
intOcsp.start();
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
}
/*
@ -509,12 +540,13 @@ public class SSLSocketWithStapling {
*/
void doClientSide(ClientParameters cliParams) throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !serverReady); i++) {
Thread.sleep(50);
}
if (!serverReady) {
throw new RuntimeException("Server not ready yet");
}
// Selectively enable or disable the feature
System.setProperty("jdk.tls.client.enableStatusRequestExtension",
@ -732,7 +764,15 @@ public class SSLSocketWithStapling {
rootOcsp.enableLog(debug);
rootOcsp.setNextUpdateInterval(3600);
rootOcsp.start();
Thread.sleep(1000); // Give the server a second to start up
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !rootOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
rootOcspPort = rootOcsp.getPort();
String rootRespURI = "http://localhost:" + rootOcspPort;
log("Root OCSP Responder URI is " + rootRespURI);
@ -777,7 +817,15 @@ public class SSLSocketWithStapling {
intOcsp.enableLog(debug);
intOcsp.setNextUpdateInterval(3600);
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !intOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
intOcspPort = intOcsp.getPort();
String intCaRespURI = "http://localhost:" + intOcspPort;
log("Intermediate CA OCSP Responder URI is " + intCaRespURI);

@ -26,7 +26,7 @@
/*
* @test
* @bug 8145854
* @bug 8145854 8153829
* @summary SSLContextImpl.statusResponseManager should be generated if required
* @library ../../../../java/security/testlibrary
* @build CertificateBuilder SimpleOCSPServer
@ -588,7 +588,15 @@ public class StapleEnableProps {
rootOcsp.enableLog(logging);
rootOcsp.setNextUpdateInterval(3600);
rootOcsp.start();
Thread.sleep(1000); // Give the server a second to start up
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !rootOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
rootOcspPort = rootOcsp.getPort();
String rootRespURI = "http://localhost:" + rootOcspPort;
log("Root OCSP Responder URI is " + rootRespURI);
@ -633,7 +641,15 @@ public class StapleEnableProps {
intOcsp.enableLog(logging);
intOcsp.setNextUpdateInterval(3600);
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !intOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
intOcspPort = intOcsp.getPort();
String intCaRespURI = "http://localhost:" + intOcspPort;
log("Intermediate CA OCSP Responder URI is " + intCaRespURI);

@ -300,7 +300,15 @@ public class StatusResponseManagerTests {
rootOcsp.enableLog(ocspDebug);
rootOcsp.setNextUpdateInterval(3600);
rootOcsp.start();
Thread.sleep(1000); // Give the server a second to start up
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !rootOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!rootOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
rootOcspPort = rootOcsp.getPort();
String rootRespURI = "http://localhost:" + rootOcspPort;
log("Root OCSP Responder URI is " + rootRespURI);
@ -345,7 +353,15 @@ public class StatusResponseManagerTests {
intOcsp.enableLog(ocspDebug);
intOcsp.setNextUpdateInterval(3600);
intOcsp.start();
Thread.sleep(1000);
// Wait 5 seconds for server ready
for (int i = 0; (i < 100 && !intOcsp.isServerReady()); i++) {
Thread.sleep(50);
}
if (!intOcsp.isServerReady()) {
throw new RuntimeException("Server not ready yet");
}
intOcspPort = intOcsp.getPort();
String intCaRespURI = "http://localhost:" + intOcspPort;
log("Intermediate CA OCSP Responder URI is " + intCaRespURI);