192 lines
5.5 KiB
Java
192 lines
5.5 KiB
Java
/*
|
|
* Copyright (c) 1997, 2001, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
import java.io.*;
|
|
import java.net.Socket;
|
|
import java.net.SocketException;
|
|
|
|
import javax.net.ssl.*;
|
|
|
|
//
|
|
// Base connection handler class -- server and client roles are almost
|
|
// identical, this class holds everything except what's different.
|
|
//
|
|
abstract class Handler extends TestThread
|
|
implements HandshakeCompletedListener
|
|
{
|
|
protected SSLSocket s;
|
|
protected boolean roleIsClient;
|
|
|
|
// generates the stream of test data
|
|
private Traffic traffic;
|
|
|
|
// for optional use in renegotiation
|
|
private String renegotiateSuites [];
|
|
|
|
// Test flag: did we pass this test?
|
|
private boolean pass = false;
|
|
|
|
|
|
Handler (String name)
|
|
{
|
|
super (name);
|
|
}
|
|
|
|
|
|
public void setRenegotiateSuites (String suites [])
|
|
{ renegotiateSuites = suites; }
|
|
|
|
|
|
abstract public void setReverseRole (boolean flag);
|
|
|
|
|
|
// XXX override setVerbosity() and pass that to
|
|
// the traffic generation module
|
|
|
|
|
|
public void run ()
|
|
{
|
|
try {
|
|
traffic = new Traffic (s.getInputStream (), s.getOutputStream ());
|
|
} catch (IOException e) {
|
|
e.printStackTrace ();
|
|
return;
|
|
}
|
|
|
|
if (prng != null)
|
|
traffic.setPRNG (prng);
|
|
|
|
if (listenHandshake || doRenegotiate)
|
|
s.addHandshakeCompletedListener (this);
|
|
|
|
try {
|
|
if (initiateHandshake)
|
|
s.startHandshake ();
|
|
|
|
// XXX if use client auth ...
|
|
|
|
doTraffic (0);
|
|
|
|
if (doRenegotiate)
|
|
s.startHandshake ();
|
|
|
|
doTraffic (iterations);
|
|
|
|
// XXX abortive shutdown should be a test option
|
|
|
|
s.close ();
|
|
|
|
// XXX want a close-this-session-down option
|
|
|
|
} catch (IOException e) {
|
|
String message = e.getMessage ();
|
|
|
|
synchronized (out) {
|
|
if (message.equalsIgnoreCase ("no cipher suites in common")) {
|
|
out.println ("%% " + getName () + " " + message);
|
|
|
|
} else {
|
|
out.println ("%% " + getName ());
|
|
e.printStackTrace (out);
|
|
}
|
|
}
|
|
|
|
} catch (Throwable t) {
|
|
synchronized (out) {
|
|
out.println ("%% " + getName ());
|
|
t.printStackTrace (out);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
public boolean passed ()
|
|
{ return pass; }
|
|
|
|
|
|
private void doTraffic (int n)
|
|
throws IOException
|
|
{
|
|
try {
|
|
if (roleIsClient)
|
|
traffic.initiate (n);
|
|
else
|
|
traffic.respond (n);
|
|
|
|
pass = true;
|
|
|
|
} catch (SSLException e) {
|
|
String m = e.getMessage ();
|
|
|
|
//
|
|
// As of this writing, self-signed certs won't be accepted
|
|
// by the simple trust decider. That rules out testing all
|
|
// of the SSL_DHE_DSS_* flavors for now, and for testers
|
|
// that don't have a Verisign cert, it also rules out testing
|
|
// SSL_RSA_* flavors.
|
|
//
|
|
// XXX need two things to fix this "right": (a) ability to
|
|
// let the 'simple trust decider import arbitrary certs, as
|
|
// exported by a keystore; (b) specialized exceptions, since
|
|
// comparing message strings is bogus.
|
|
//
|
|
if (m.equalsIgnoreCase ("untrusted server cert chain")
|
|
|| m.equalsIgnoreCase (
|
|
"Received fatal alert: certificate_unknown")) {
|
|
System.out.println ("%% " + Thread.currentThread ().getName ()
|
|
+ ", " + m);
|
|
s.close ();
|
|
} else
|
|
throw e;
|
|
|
|
} catch (SocketException e) {
|
|
String m = e.getMessage ();
|
|
|
|
if (m.equalsIgnoreCase ("Socket closed"))
|
|
System.out.println ("%% " + Thread.currentThread ().getName ()
|
|
+ ", " + m);
|
|
else
|
|
throw e;
|
|
|
|
} catch (EOFException e) {
|
|
// ignore
|
|
}
|
|
}
|
|
|
|
|
|
public void handshakeCompleted (HandshakeCompletedEvent event)
|
|
{
|
|
if (verbosity >= 1) {
|
|
Socket sock = (Socket) event.getSource ();
|
|
|
|
out.println ("%% " + getName ()
|
|
+ ", port " + sock.getLocalPort ()
|
|
+ " to " + sock.getInetAddress ().getHostName ()
|
|
+ ":" + sock.getPort ()
|
|
+ ", " + event.getCipherSuite ());
|
|
|
|
// if more verbosity, give cert chain
|
|
}
|
|
}
|
|
}
|