Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #523 - TLS close behaviour breaking session resumption. 

Removed old test, duplicated by newer and better tests.
This commit is contained in:
Simone Bordet 2017-05-17 15:32:18 +02:00
parent d53af5d737
commit b2481d472b
1 changed files with 4 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
jetty-io/src/test/java/org/eclipse/jetty/io/SelectChannelEndPointSslTest.java
View File

@ -18,21 +18,15 @@
package org.eclipse.jetty.io; package org.eclipse.jetty.io;
import static org.hamcrest.Matchers.greaterThan;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.net.Socket; import java.net.Socket;
import java.nio.ByteBuffer; import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel; import java.nio.channels.SocketChannel;
import java.nio.charset.StandardCharsets;
import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLEngineResult.HandshakeStatus; import javax.net.ssl.SSLEngineResult.HandshakeStatus;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
import org.eclipse.jetty.io.ssl.SslConnection; import org.eclipse.jetty.io.ssl.SslConnection;
@ -45,6 +39,10 @@ import org.junit.BeforeClass;
import org.junit.Ignore; import org.junit.Ignore;
import org.junit.Test; import org.junit.Test;
import static org.hamcrest.Matchers.greaterThan;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
{ {
@ -90,146 +88,12 @@ public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
super.testEcho(); super.testEcho();
} }
@Ignore // SSL does not do half closes @Ignore // SSL does not do half closes
@Override @Override
public void testShutdown() throws Exception public void testShutdown() throws Exception
{ {
} }
@Test
public void testTcpClose() throws Exception
{
// This test replaces SSLSocket() with a very manual SSL client
// so we can close TCP underneath SSL.
SocketChannel client = SocketChannel.open(_connector.socket().getLocalSocketAddress());
client.socket().setSoTimeout(500);
SocketChannel server = _connector.accept();
server.configureBlocking(false);
_manager.accept(server);
SSLEngine engine = __sslCtxFactory.newSSLEngine();
engine.setUseClientMode(true);
engine.beginHandshake();
ByteBuffer appOut = ByteBuffer.allocate(engine.getSession().getApplicationBufferSize());
ByteBuffer sslOut = ByteBuffer.allocate(engine.getSession().getPacketBufferSize()*2);
ByteBuffer appIn = ByteBuffer.allocate(engine.getSession().getApplicationBufferSize());
ByteBuffer sslIn = ByteBuffer.allocate(engine.getSession().getPacketBufferSize()*2);
boolean debug=false;
if (debug) System.err.println(engine.getHandshakeStatus());
int loop=20;
while (engine.getHandshakeStatus()!=HandshakeStatus.NOT_HANDSHAKING)
{
if (--loop==0)
throw new IllegalStateException();
if (engine.getHandshakeStatus()==HandshakeStatus.NEED_WRAP)
{
if (debug) System.err.printf("sslOut %d-%d-%d%n",sslOut.position(),sslOut.limit(),sslOut.capacity());
if (debug) System.err.printf("appOut %d-%d-%d%n",appOut.position(),appOut.limit(),appOut.capacity());
SSLEngineResult result =engine.wrap(appOut,sslOut);
if (debug) System.err.println(result);
sslOut.flip();
int flushed=client.write(sslOut);
if (debug) System.err.println("out="+flushed);
sslOut.clear();
}
if (engine.getHandshakeStatus()==HandshakeStatus.NEED_UNWRAP)
{
if (debug) System.err.printf("sslIn %d-%d-%d%n",sslIn.position(),sslIn.limit(),sslIn.capacity());
if (sslIn.position()==0)
{
int filled=client.read(sslIn);
if (debug) System.err.println("in="+filled);
}
sslIn.flip();
if (debug) System.err.printf("sslIn %d-%d-%d%n",sslIn.position(),sslIn.limit(),sslIn.capacity());
SSLEngineResult result =engine.unwrap(sslIn,appIn);
if (debug) System.err.println(result);
if (debug) System.err.printf("sslIn %d-%d-%d%n",sslIn.position(),sslIn.limit(),sslIn.capacity());
if (sslIn.hasRemaining())
sslIn.compact();
else
sslIn.clear();
if (debug) System.err.printf("sslIn %d-%d-%d%n",sslIn.position(),sslIn.limit(),sslIn.capacity());
}
if (engine.getHandshakeStatus()==HandshakeStatus.NEED_TASK)
{
Runnable task;
while ((task=engine.getDelegatedTask())!=null)
task.run();
if (debug) System.err.println(engine.getHandshakeStatus());
}
}
if (debug) System.err.println("\nSay Hello");
// write a message
appOut.put("HelloWorld".getBytes(StandardCharsets.UTF_8));
appOut.flip();
SSLEngineResult result =engine.wrap(appOut,sslOut);
if (debug) System.err.println(result);
sslOut.flip();
int flushed=client.write(sslOut);
if (debug) System.err.println("out="+flushed);
sslOut.clear();
appOut.clear();
// read the response
int filled=client.read(sslIn);
if (debug) System.err.println("in="+filled);
sslIn.flip();
result =engine.unwrap(sslIn,appIn);
if (debug) System.err.println(result);
if (sslIn.hasRemaining())
sslIn.compact();
else
sslIn.clear();
appIn.flip();
String reply= new String(appIn.array(),appIn.arrayOffset(),appIn.remaining());
appIn.clear();
Assert.assertEquals("HelloWorld",reply);
if (debug) System.err.println("Shutting down output");
client.socket().shutdownOutput();
filled=client.read(sslIn);
if (debug) System.err.println("in="+filled);
if (filled>=0)
{
// this is the old behaviour.
sslIn.flip();
try
{
// Since the client closed abruptly, the server is sending a close alert with a failure
engine.unwrap(sslIn, appIn);
Assert.fail();
}
catch (SSLException x)
{
// Expected
}
}
sslIn.clear();
filled=client.read(sslIn);
Assert.assertEquals(-1,filled);
Thread.sleep(100); // TODO This should not be needed
Assert.assertFalse(server.isOpen());
}
@Test @Test
@Override @Override
public void testWriteBlocked() throws Exception public void testWriteBlocked() throws Exception
@ -296,13 +160,11 @@ public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
netC2S.flip(); netC2S.flip();
assertEquals(netC2S.remaining(),result.bytesProduced()); assertEquals(netC2S.remaining(),result.bytesProduced());
// start the server // start the server
server.setUseClientMode(false); server.setUseClientMode(false);
server.beginHandshake(); server.beginHandshake();
Assert.assertEquals(HandshakeStatus.NEED_UNWRAP,server.getHandshakeStatus()); Assert.assertEquals(HandshakeStatus.NEED_UNWRAP,server.getHandshakeStatus());
// what if we try a needless wrap? // what if we try a needless wrap?
serverOut.put(BufferUtil.toBuffer("Hello World")); serverOut.put(BufferUtil.toBuffer("Hello World"));
serverOut.flip(); serverOut.flip();
@ -313,7 +175,6 @@ public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
assertEquals(0,result.bytesProduced()); assertEquals(0,result.bytesProduced());
assertEquals(HandshakeStatus.NEED_UNWRAP,result.getHandshakeStatus()); assertEquals(HandshakeStatus.NEED_UNWRAP,result.getHandshakeStatus());
// Do the needed unwrap, to an empty buffer // Do the needed unwrap, to an empty buffer
result=server.unwrap(netC2S,BufferUtil.EMPTY_BUFFER); result=server.unwrap(netC2S,BufferUtil.EMPTY_BUFFER);
assertEquals(SSLEngineResult.Status.BUFFER_OVERFLOW,result.getStatus()); assertEquals(SSLEngineResult.Status.BUFFER_OVERFLOW,result.getStatus());
@ -321,7 +182,6 @@ public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
assertEquals(0,result.bytesProduced()); assertEquals(0,result.bytesProduced());
assertEquals(HandshakeStatus.NEED_UNWRAP,result.getHandshakeStatus()); assertEquals(HandshakeStatus.NEED_UNWRAP,result.getHandshakeStatus());
// Do the needed unwrap, to a full buffer // Do the needed unwrap, to a full buffer
serverIn.position(serverIn.limit()); serverIn.position(serverIn.limit());
result=server.unwrap(netC2S,serverIn); result=server.unwrap(netC2S,serverIn);
@ -342,9 +202,5 @@ public class SelectChannelEndPointSslTest extends SelectChannelEndPointTest
server.getDelegatedTask().run(); server.getDelegatedTask().run();
assertEquals(HandshakeStatus.NEED_WRAP,server.getHandshakeStatus()); assertEquals(HandshakeStatus.NEED_WRAP,server.getHandshakeStatus());
} }
} }