< prev index next >

test/jdk/java/net/httpclient/LargeHandshakeTest.java

Print this page

   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 import com.sun.net.httpserver.HttpServer;
  24 import com.sun.net.httpserver.HttpsConfigurator;
  25 import com.sun.net.httpserver.HttpsServer;
  26 
  27 import javax.net.ssl.KeyManagerFactory;
  28 import javax.net.ssl.SSLContext;
  29 import javax.net.ssl.TrustManagerFactory;
  30 import java.io.ByteArrayInputStream;
  31 import java.io.FileInputStream;
  32 import java.io.IOException;
  33 import java.io.InputStream;
  34 import java.io.OutputStream;
  35 import java.io.UncheckedIOException;
  36 import java.net.InetAddress;
  37 import java.net.InetSocketAddress;
  38 import java.net.Proxy;
  39 import java.net.ProxySelector;
  40 import java.net.SocketAddress;
  41 import java.net.URI;
  42 import java.net.http.HttpClient;
  43 import java.net.http.HttpRequest;
  44 import java.net.http.HttpResponse;
  45 import java.security.KeyManagementException;
  46 import java.security.KeyStore;
  47 import java.security.KeyStoreException;
  48 import java.security.NoSuchAlgorithmException;
  49 import java.security.UnrecoverableKeyException;
  50 import java.security.cert.CertificateException;
  51 import java.time.Duration;
  52 import java.util.Base64;
  53 import java.util.List;
  54 import java.util.Set;
  55 import java.util.concurrent.CompletableFuture;
  56 import java.util.concurrent.CopyOnWriteArrayList;
  57 import java.util.concurrent.CopyOnWriteArraySet;
  58 import java.util.concurrent.ExecutorService;
  59 import java.util.concurrent.LinkedBlockingQueue;
  60 import java.util.concurrent.ThreadPoolExecutor;
  61 import java.util.concurrent.TimeUnit;
  62 import java.util.concurrent.atomic.AtomicLong;
  63 import jdk.httpclient.test.lib.common.HttpServerAdapters;
  64 import jdk.httpclient.test.lib.http2.Http2TestServer;
  65 import static java.net.http.HttpClient.Version.HTTP_1_1;
  66 import static java.net.http.HttpClient.Version.HTTP_2;
  67 
  68 /**
  69  * @test
  70  * @bug 8231449
  71  * @summary This test verifies that the HttpClient works correctly when the server
  72  *          sends a large certificate. This test will not pass without
  73  *          the fix for JDK-8231449. To regenerate the certificate, modify the
  74  *          COMMAND constant as you need, possibly changing the start date
  75  *          and validity of the certificate in the command, then run the test.
  76  *          The test will run with the old certificate, but will print the new command.
  77  *          Copy paste the new command printed by this test into a terminal.
  78  *          Then modify the at run line to pass the file generated by that command
  79  *          as first argument, and copy paste the new values of the COMMAND and
  80  *          BASE64_CERT constant printed by the test into the test.
  81  *          Then restore the original at run line and test again.
  82  * @library /test/lib /test/jdk/java/net/httpclient/lib
  83  * @build jdk.httpclient.test.lib.common.HttpServerAdapters jdk.test.lib.net.SimpleSSLContext
  84  *        DigestEchoServer

  85  * @run main/othervm -Dtest.requiresHost=true
  86  *                   -Djdk.httpclient.HttpClient.log=headers
  87  *                   -Djdk.internal.httpclient.debug=true
  88  *                   -Djdk.tls.maxHandshakeMessageSize=131072
  89  *                   LargeHandshakeTest
  90  *
  91  */
  92 public class LargeHandshakeTest implements HttpServerAdapters {
  93 
  94     // Use this command to regenerate the keystore file whose content is
  95     // base 64 encoded into this file (close your eyes):
  96     private static final String COMMAND =
  97                     "keytool -genkeypair -keyalg RSA -startdate 2019/09/30 -valid" +
  98                     "ity 13000 -keysize 1024 -dname \"C=Duke, ST=CA-State, L=CA-Ci" +
  99                     "ty, O=CA-Org\" -deststoretype PKCS12 -alias server -keystore " +
 100                     "temp0.jks -storepass passphrase -ext san:critical=dns:localh" +
 101                     "ost,ip:127.0.0.1,ip:0:0:0:0:0:0:0:1,uri:http://www.example.c" +
 102                     "om/1.2.3.6.1.4.1.11129.666.666.666.999/041287234567896776987" +
 103                     "654327821000412872345678967769876543278210004128723456789677" +
 104                     "698765432782100041287234567896776987654327821000412872345678" +

 994                 .sslContext(context)
 995                 .executor(clientexec)
 996                 .proxy(ps);
 997         return builder.build();
 998     }
 999 
1000     public void setUp() throws Exception {
1001         try {
1002             InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
1003 
1004             // HTTP/1.1
1005             http1Server = HttpTestServer.create(HTTP_1_1, null, executor);
1006             http1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http1/");
1007             http1Server.start();
1008             http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeHandshakeTest/http1/");
1009 
1010 
1011             // HTTPS/1.1
1012             HttpsServer sserver1 = HttpsServer.create(sa, 100);
1013             sserver1.setExecutor(executor);
1014             sserver1.setHttpsConfigurator(new HttpsConfigurator(context));
1015             https1Server = HttpTestServer.of(sserver1);
1016             https1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https1/");
1017             https1Server.start();
1018             https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeHandshakeTest/https1/");
1019 
1020             // HTTP/2.0
1021             http2Server = HttpTestServer.create(HTTP_2);
1022             http2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http2/");
1023             http2Server.start();
1024             http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeHandshakeTest/http2/");
1025 
1026             // HTTPS/2.0
1027             https2Server = HttpTestServer.create(HTTP_2, SSLContext.getDefault());
1028             https2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https2/");
1029             https2Server.start();
1030             https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeHandshakeTest/https2/");
1031 
1032             proxy = DigestEchoServer.createHttpsProxyTunnel(
1033                     DigestEchoServer.HttpAuthSchemeType.NONE);
1034             proxyAddress = proxy.getProxyAddress();

   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */


  23 import com.sun.net.httpserver.HttpsServer;
  24 
  25 import javax.net.ssl.KeyManagerFactory;
  26 import javax.net.ssl.SSLContext;
  27 import javax.net.ssl.TrustManagerFactory;
  28 import java.io.ByteArrayInputStream;
  29 import java.io.FileInputStream;
  30 import java.io.IOException;
  31 import java.io.InputStream;
  32 import java.io.OutputStream;
  33 import java.io.UncheckedIOException;
  34 import java.net.InetAddress;
  35 import java.net.InetSocketAddress;
  36 import java.net.Proxy;
  37 import java.net.ProxySelector;
  38 import java.net.SocketAddress;
  39 import java.net.URI;
  40 import java.net.http.HttpClient;
  41 import java.net.http.HttpRequest;
  42 import java.net.http.HttpResponse;
  43 import java.security.KeyManagementException;
  44 import java.security.KeyStore;
  45 import java.security.KeyStoreException;
  46 import java.security.NoSuchAlgorithmException;
  47 import java.security.UnrecoverableKeyException;
  48 import java.security.cert.CertificateException;
  49 import java.time.Duration;
  50 import java.util.Base64;
  51 import java.util.List;
  52 import java.util.Set;
  53 import java.util.concurrent.CompletableFuture;
  54 import java.util.concurrent.CopyOnWriteArrayList;
  55 import java.util.concurrent.CopyOnWriteArraySet;
  56 import java.util.concurrent.ExecutorService;
  57 import java.util.concurrent.LinkedBlockingQueue;
  58 import java.util.concurrent.ThreadPoolExecutor;
  59 import java.util.concurrent.TimeUnit;
  60 import java.util.concurrent.atomic.AtomicLong;
  61 import jdk.httpclient.test.lib.common.HttpServerAdapters;
  62 import jdk.httpclient.test.lib.common.TestServerConfigurator;
  63 import static java.net.http.HttpClient.Version.HTTP_1_1;
  64 import static java.net.http.HttpClient.Version.HTTP_2;
  65 
  66 /**
  67  * @test
  68  * @bug 8231449
  69  * @summary This test verifies that the HttpClient works correctly when the server
  70  *          sends a large certificate. This test will not pass without
  71  *          the fix for JDK-8231449. To regenerate the certificate, modify the
  72  *          COMMAND constant as you need, possibly changing the start date
  73  *          and validity of the certificate in the command, then run the test.
  74  *          The test will run with the old certificate, but will print the new command.
  75  *          Copy paste the new command printed by this test into a terminal.
  76  *          Then modify the at run line to pass the file generated by that command
  77  *          as first argument, and copy paste the new values of the COMMAND and
  78  *          BASE64_CERT constant printed by the test into the test.
  79  *          Then restore the original at run line and test again.
  80  * @library /test/lib /test/jdk/java/net/httpclient/lib
  81  * @build jdk.httpclient.test.lib.common.HttpServerAdapters jdk.test.lib.net.SimpleSSLContext
  82  *        DigestEchoServer
  83  *        jdk.httpclient.test.lib.common.TestServerConfigurator
  84  * @run main/othervm -Dtest.requiresHost=true
  85  *                   -Djdk.httpclient.HttpClient.log=headers
  86  *                   -Djdk.internal.httpclient.debug=true
  87  *                   -Djdk.tls.maxHandshakeMessageSize=131072
  88  *                   LargeHandshakeTest
  89  *
  90  */
  91 public class LargeHandshakeTest implements HttpServerAdapters {
  92 
  93     // Use this command to regenerate the keystore file whose content is
  94     // base 64 encoded into this file (close your eyes):
  95     private static final String COMMAND =
  96                     "keytool -genkeypair -keyalg RSA -startdate 2019/09/30 -valid" +
  97                     "ity 13000 -keysize 1024 -dname \"C=Duke, ST=CA-State, L=CA-Ci" +
  98                     "ty, O=CA-Org\" -deststoretype PKCS12 -alias server -keystore " +
  99                     "temp0.jks -storepass passphrase -ext san:critical=dns:localh" +
 100                     "ost,ip:127.0.0.1,ip:0:0:0:0:0:0:0:1,uri:http://www.example.c" +
 101                     "om/1.2.3.6.1.4.1.11129.666.666.666.999/041287234567896776987" +
 102                     "654327821000412872345678967769876543278210004128723456789677" +
 103                     "698765432782100041287234567896776987654327821000412872345678" +

 993                 .sslContext(context)
 994                 .executor(clientexec)
 995                 .proxy(ps);
 996         return builder.build();
 997     }
 998 
 999     public void setUp() throws Exception {
1000         try {
1001             InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
1002 
1003             // HTTP/1.1
1004             http1Server = HttpTestServer.create(HTTP_1_1, null, executor);
1005             http1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http1/");
1006             http1Server.start();
1007             http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeHandshakeTest/http1/");
1008 
1009 
1010             // HTTPS/1.1
1011             HttpsServer sserver1 = HttpsServer.create(sa, 100);
1012             sserver1.setExecutor(executor);
1013             sserver1.setHttpsConfigurator(new TestServerConfigurator(sa.getAddress(), context));
1014             https1Server = HttpTestServer.of(sserver1);
1015             https1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https1/");
1016             https1Server.start();
1017             https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeHandshakeTest/https1/");
1018 
1019             // HTTP/2.0
1020             http2Server = HttpTestServer.create(HTTP_2);
1021             http2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http2/");
1022             http2Server.start();
1023             http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeHandshakeTest/http2/");
1024 
1025             // HTTPS/2.0
1026             https2Server = HttpTestServer.create(HTTP_2, SSLContext.getDefault());
1027             https2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https2/");
1028             https2Server.start();
1029             https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeHandshakeTest/https2/");
1030 
1031             proxy = DigestEchoServer.createHttpsProxyTunnel(
1032                     DigestEchoServer.HttpAuthSchemeType.NONE);
1033             proxyAddress = proxy.getProxyAddress();
< prev index next >