1 /* 2 * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 // 25 // SunJSSE does not support dynamic system properties, no way to re-use 26 // system properties in samevm/agentvm mode. 27 // 28 29 /* 30 * @test 31 * @bug 4403428 8190492 32 * @summary Invalidating JSSE session on server causes SSLProtocolException 33 * @run main/othervm InvalidateServerSessionRenegotiate SSLv3 34 * @run main/othervm InvalidateServerSessionRenegotiate TLSv1 35 * @run main/othervm InvalidateServerSessionRenegotiate TLSv1.1 36 * @run main/othervm InvalidateServerSessionRenegotiate TLSv1.2 37 * @author Brad Wetmore 38 */ 39 40 import java.io.*; 41 import java.net.*; 42 import java.security.Security; 43 import javax.net.ssl.*; 44 45 public class InvalidateServerSessionRenegotiate implements 46 HandshakeCompletedListener { 47 48 static byte handshakesCompleted = 0; 49 50 /* 51 * Define what happens when handshaking is completed 52 */ 53 public void handshakeCompleted(HandshakeCompletedEvent event) { 54 synchronized (this) { 55 handshakesCompleted++; 56 System.out.println("Session: " + event.getSession().toString()); 57 System.out.println("Seen handshake completed #" + 58 handshakesCompleted); 59 } 60 } 61 62 /* 63 * ============================================================= 64 * Set the various variables needed for the tests, then 65 * specify what tests to run on each side. 66 */ 67 68 /* 69 * Should we run the client or server in a separate thread? 70 * Both sides can throw exceptions, but do you have a preference 71 * as to which side should be the main thread. 72 */ 73 static boolean separateServerThread = false; 74 75 /* 76 * Where do we find the keystores? 77 */ 78 static String pathToStores = "../../../../javax/net/ssl/etc"; 79 static String keyStoreFile = "keystore"; 80 static String trustStoreFile = "truststore"; 81 static String passwd = "passphrase"; 82 83 /* 84 * Is the server ready to serve? 85 */ 86 volatile static boolean serverReady = false; 87 88 /* 89 * Turn on SSL debugging? 90 */ 91 static boolean debug = false; 92 93 /* 94 * If the client or server is doing some kind of object creation 95 * that the other side depends on, and that thread prematurely 96 * exits, you may experience a hang. The test harness will 97 * terminate all hung threads after its timeout has expired, 98 * currently 3 minutes by default, but you might try to be 99 * smart about it.... 100 */ 101 102 /* 103 * Define the server side of the test. 104 * 105 * If the server prematurely exits, serverReady will be set to true 106 * to avoid infinite hangs. 107 */ 108 void doServerSide() throws Exception { 109 SSLServerSocketFactory sslssf = 110 (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); 111 SSLServerSocket sslServerSocket = 112 (SSLServerSocket) sslssf.createServerSocket(serverPort); 113 114 serverPort = sslServerSocket.getLocalPort(); 115 116 /* 117 * Signal Client, we're ready for his connect. 118 */ 119 serverReady = true; 120 121 SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); 122 sslSocket.addHandshakeCompletedListener(this); 123 124 // Enable all supported protocols on server side to test SSLv3 125 if ("SSLv3".equals(tlsProtocol)) { 126 sslSocket.setEnabledProtocols(sslSocket.getSupportedProtocols()); 127 } 128 129 InputStream sslIS = sslSocket.getInputStream(); 130 OutputStream sslOS = sslSocket.getOutputStream(); 131 132 for (int i = 0; i < 10; i++) { 133 sslIS.read(); 134 sslOS.write(85); 135 sslOS.flush(); 136 } 137 138 System.out.println("invalidating"); 139 sslSocket.getSession().invalidate(); 140 System.out.println("starting new handshake"); 141 sslSocket.startHandshake(); 142 143 for (int i = 0; i < 10; i++) { 144 System.out.println("sending/receiving data, iteration: " + i); 145 sslIS.read(); 146 sslOS.write(85); 147 sslOS.flush(); 148 } 149 150 sslSocket.close(); 151 } 152 153 /* 154 * Define the client side of the test. 155 * 156 * If the server prematurely exits, serverReady will be set to true 157 * to avoid infinite hangs. 158 */ 159 void doClientSide() throws Exception { 160 161 /* 162 * Wait for server to get started. 163 */ 164 while (!serverReady) { 165 Thread.sleep(50); 166 } 167 168 SSLSocketFactory sslsf = 169 (SSLSocketFactory) SSLSocketFactory.getDefault(); 170 SSLSocket sslSocket = (SSLSocket) 171 sslsf.createSocket("localhost", serverPort); 172 sslSocket.setEnabledProtocols(new String[] { tlsProtocol }); 173 174 InputStream sslIS = sslSocket.getInputStream(); 175 OutputStream sslOS = sslSocket.getOutputStream(); 176 177 for (int i = 0; i < 10; i++) { 178 sslOS.write(280); 179 sslOS.flush(); 180 sslIS.read(); 181 } 182 183 for (int i = 0; i < 10; i++) { 184 sslOS.write(280); 185 sslOS.flush(); 186 sslIS.read(); 187 } 188 189 sslSocket.close(); 190 } 191 192 /* 193 * ============================================================= 194 * The remainder is just support stuff 195 */ 196 197 // use any free port by default 198 volatile int serverPort = 0; 199 200 volatile Exception serverException = null; 201 volatile Exception clientException = null; 202 203 // the specified protocol 204 private static String tlsProtocol; 205 206 public static void main(String[] args) throws Exception { 207 String keyFilename = 208 System.getProperty("test.src", "./") + "/" + pathToStores + 209 "/" + keyStoreFile; 210 String trustFilename = 211 System.getProperty("test.src", "./") + "/" + pathToStores + 212 "/" + trustStoreFile; 213 214 System.setProperty("javax.net.ssl.keyStore", keyFilename); 215 System.setProperty("javax.net.ssl.keyStorePassword", passwd); 216 System.setProperty("javax.net.ssl.trustStore", trustFilename); 217 System.setProperty("javax.net.ssl.trustStorePassword", passwd); 218 219 if (debug) { 220 System.setProperty("javax.net.debug", "all"); 221 } 222 223 Security.setProperty("jdk.tls.disabledAlgorithms", ""); 224 225 tlsProtocol = args[0]; 226 227 /* 228 * Start the tests. 229 */ 230 new InvalidateServerSessionRenegotiate(); 231 } 232 233 Thread clientThread = null; 234 Thread serverThread = null; 235 236 /* 237 * Primary constructor, used to drive remainder of the test. 238 * 239 * Fork off the other side, then do your work. 240 */ 241 InvalidateServerSessionRenegotiate() throws Exception { 242 if (separateServerThread) { 243 startServer(true); 244 startClient(false); 245 } else { 246 startClient(true); 247 startServer(false); 248 } 249 250 /* 251 * Wait for other side to close down. 252 */ 253 if (separateServerThread) { 254 serverThread.join(); 255 } else { 256 clientThread.join(); 257 } 258 259 /* 260 * When we get here, the test is pretty much over. 261 * 262 * If the main thread excepted, that propagates back 263 * immediately. If the other thread threw an exception, we 264 * should report back. 265 */ 266 if (serverException != null) { 267 System.out.print("Server Exception:"); 268 throw serverException; 269 } 270 if (clientException != null) { 271 System.out.print("Client Exception:"); 272 throw clientException; 273 } 274 275 /* 276 * Give the Handshaker Thread a chance to run 277 */ 278 Thread.sleep(1000); 279 280 synchronized (this) { 281 if (handshakesCompleted != 2) { 282 throw new Exception("Didn't see 2 handshake completed events."); 283 } 284 } 285 } 286 287 void startServer(boolean newThread) throws Exception { 288 if (newThread) { 289 serverThread = new Thread() { 290 public void run() { 291 try { 292 doServerSide(); 293 } catch (Exception e) { 294 /* 295 * Our server thread just died. 296 * 297 * Release the client, if not active already... 298 */ 299 System.err.println("Server died..."); 300 serverReady = true; 301 serverException = e; 302 } 303 } 304 }; 305 serverThread.start(); 306 } else { 307 doServerSide(); 308 } 309 } 310 311 void startClient(boolean newThread) throws Exception { 312 if (newThread) { 313 clientThread = new Thread() { 314 public void run() { 315 try { 316 doClientSide(); 317 } catch (Exception e) { 318 /* 319 * Our client thread just died. 320 */ 321 System.err.println("Client died..."); 322 clientException = e; 323 } 324 } 325 }; 326 clientThread.start(); 327 } else { 328 doClientSide(); 329 } 330 } 331 }