Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

jetty-server passing tests

This commit is contained in:
Greg Wilkins 2011-10-27 00:38:05 +11:00
parent 4258b6f385
commit 3dfd8b7698
7 changed files with 109 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
jetty-http/src/main/java/org/eclipse/jetty/http/HttpGenerator.java
View File

@ -790,7 +790,6 @@ public class HttpGenerator extends AbstractGenerator
// end the header.
_header.put(HttpTokens.CRLF);
_state = STATE_CONTENT;
}

3
jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java
View File

@ -1025,7 +1025,8 @@ public class HttpParser implements Parser
try
{
return _endp.fill(_buffer);
int filled = _endp.fill(_buffer);
return filled;
}
catch(IOException e)
{

46
jetty-io/src/main/java/org/eclipse/jetty/io/nio/SslConnection.java
View File

@ -56,6 +56,8 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
private NIOBuffer _unwrapBuf;
private NIOBuffer _outbound;
private AsyncEndPoint _aEndp;
private boolean _allowRenegotiate=true;
private boolean _handshook;
public SslConnection(SSLEngine engine,EndPoint endp)
@ -81,6 +83,30 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
return _connection;
}
/* ------------------------------------------------------------ */
/**
* @return True if SSL re-negotiation is allowed (default false)
*/
public boolean isAllowRenegotiate()
{
return _allowRenegotiate;
}
/* ------------------------------------------------------------ */
/**
* Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered
* a vulnerability in SSL/TLS with re-negotiation. If your JVM
* does not have CVE-2009-3555 fixed, then re-negotiation should
* not be allowed. CVE-2009-3555 was fixed in Sun java 1.6 with a ban
* of renegotiates in u19 and with RFC5746 in u22.
*
* @param allowRenegotiate
* true if re-negotiation is allowed (default false)
*/
public void setAllowRenegotiate(boolean allowRenegotiate)
{
_allowRenegotiate = allowRenegotiate;
}
private void allocateBuffers()
{
synchronized (this)
@ -255,8 +281,9 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
}
// Detect SUN JVM Bug!!!
/* TODO
if(initialStatus==HandshakeStatus.NOT_HANDSHAKING &&
_engine.getHandshakeStatus()==HandshakeStatus.NEED_UNWRAP /* && sent==0 */ )
_engine.getHandshakeStatus()==HandshakeStatus.NEED_UNWRAP && sent==0 )
{
// This should be NEED_WRAP
// The fix simply detects the signature of the bug and then close the connection (fail-fast) so that ff3 will delegate to using SSL instead of TLS.
@ -266,13 +293,16 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
_endp.close();
return false;
}
*/
}
break;
case NEED_WRAP:
{
// The SSL needs to send some handshake data to the other side
if (wrap(toFlush))
if (_handshook && !_allowRenegotiate)
_endp.close();
else if (wrap(toFlush))
progress=true;
}
break;
@ -280,7 +310,9 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
case NEED_UNWRAP:
{
// The SSL needs to receive some handshake data from the other side
if (unwrap(toFill))
if (_handshook && !_allowRenegotiate)
_endp.close();
else if (unwrap(toFill))
progress=true;
}
break;
@ -329,8 +361,8 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
result.bytesConsumed(),
result.bytesProduced());
buffer.skip(result.bytesConsumed());
buffer.compact();
_outbound.setPutIndex(_outbound.putIndex()+result.bytesProduced());
}
catch(SSLException e)
@ -358,6 +390,8 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
break;
case OK:
if (result.getHandshakeStatus()==HandshakeStatus.FINISHED)
_handshook=true;
break;
case CLOSED:
@ -377,7 +411,6 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
if (!_inbound.hasContent())
return false;
buffer.compact();
ByteBuffer bbuf=extractByteBuffer(buffer);
final SSLEngineResult result;
@ -432,6 +465,8 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
break;
case OK:
if (result.getHandshakeStatus()==HandshakeStatus.FINISHED)
_handshook=true;
break;
case CLOSED:
@ -507,6 +542,7 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
{
int size=buffer.length();
process(buffer,null);
int filled=buffer.length()-size;
if (filled==0 && isInputShutdown())

1
jetty-server/src/main/java/org/eclipse/jetty/server/ssl/SslSelectChannelConnector.java
View File

@ -558,6 +558,7 @@ public class SslSelectChannelConnector extends SelectChannelConnector implements
AsyncConnection delegate = super.newConnection(channel,connection.getSslEndPoint());
connection.setConnection(delegate);
connection.setAllowRenegotiate(_sslContextFactory.isAllowRenegotiate());
return connection;
}
catch(IOException e)

12
jetty-server/src/test/java/org/eclipse/jetty/server/HttpServerTestBase.java
View File

@ -65,12 +65,12 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
private static final String FRAGMENT3=REQUEST1.substring(34);
/** Second test request. */
private static final String REQUEST2_HEADER=
protected static final String REQUEST2_HEADER=
"POST / HTTP/1.0\n"+
"Host: localhost\n"+
"Content-Type: text/xml;charset=ISO-8859-1\n"+
"Content-Length: ";
private static final String REQUEST2_CONTENT=
protected static final String REQUEST2_CONTENT=
"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n"+
"<nimbus xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n"+
" xsi:noNamespaceSchemaLocation=\"nimbus.xsd\" version=\"1.0\">\n"+
@ -80,10 +80,10 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
" </getJobDetails>\n"+
" </request>\n"+
"</nimbus>";
private static final String REQUEST2=REQUEST2_HEADER+REQUEST2_CONTENT.getBytes().length+"\n\n"+REQUEST2_CONTENT;
protected static final String REQUEST2=REQUEST2_HEADER+REQUEST2_CONTENT.getBytes().length+"\n\n"+REQUEST2_CONTENT;
/** The second expected response. */
private static final String RESPONSE2_CONTENT=
protected static final String RESPONSE2_CONTENT=
"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n"+
"<nimbus xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n"+
" xsi:noNamespaceSchemaLocation=\"nimbus.xsd\" version=\"1.0\">\n"+
@ -93,7 +93,7 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
" </getJobDetails>\n"+
" </request>\n"
+"</nimbus>\n";
private static final String RESPONSE2=
protected static final String RESPONSE2=
"HTTP/1.1 200 OK\n"+
"Content-Type: text/xml;charset=ISO-8859-1\n"+
"Content-Length: "+RESPONSE2_CONTENT.getBytes().length+"\n"+
@ -1141,7 +1141,7 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
* @return The response string.
* @throws IOException in case of I/O problems
*/
private static String readResponse(Socket client) throws IOException
protected static String readResponse(Socket client) throws IOException
{
BufferedReader br=null;

2
jetty-server/src/test/java/org/eclipse/jetty/server/HttpServerTestFixture.java
View File

@ -26,7 +26,7 @@ import org.junit.AfterClass;
public class HttpServerTestFixture
{ // Useful constants
protected static final long PAUSE=10L;
protected static final int LOOPS=Stress.isEnabled()?250:25;
protected static final int LOOPS=Stress.isEnabled()?250:50;
protected static final String HOST="localhost";
protected static Server _server;

58
jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SelectChannelServerSslTest.java
View File

@ -12,9 +12,14 @@
// ========================================================================
package org.eclipse.jetty.server.ssl;
import static org.junit.Assert.assertEquals;
import java.io.FileInputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.Random;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
@ -77,5 +82,58 @@ public class SelectChannelServerSslTest extends HttpServerTestBase
e.printStackTrace();
throw new RuntimeException(e);
}
}
public void testRequest2Fragments() throws Exception
{
super.testRequest2Fragments();
}
@Test
public void testRequest2FixedFragments() throws Exception
{
configureServer(new EchoHandler());
byte[] bytes=REQUEST2.getBytes();
int[] points=new int[]{74,325};
// Sort the list
Arrays.sort(points);
Socket client=newSocket(HOST,_connector.getLocalPort());
try
{
OutputStream os=client.getOutputStream();
int last=0;
// Write out the fragments
for (int j=0; j<points.length; ++j)
{
int point=points[j];
os.write(bytes,last,point-last);
last=point;
os.flush();
Thread.sleep(PAUSE);
}
// Write the last fragment
os.write(bytes,last,bytes.length-last);
os.flush();
Thread.sleep(PAUSE);
// Read the response
String response=readResponse(client);
// Check the response
assertEquals(RESPONSE2,response);
}
finally
{
client.close();
}
}
}