Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/jdk17u
 Path: blob/master/test/jdk/com/sun/jndi/ldap/LdapCBPropertiesTest.java
66645 views
1
/*

2
 * Copyright (c) 2020, Azul Systems, Inc. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/**

25
 * @test

26
 * @bug 8245527

27
 * @library lib/ /test/lib

28
 * @modules java.base/sun.security.util

29
 * @run main/othervm LdapCBPropertiesTest true  true  com.sun.jndi.ldap.tls.cbtype tls-server-end-point

30
 * @run main/othervm LdapCBPropertiesTest false false com.sun.jndi.ldap.tls.cbtype tls-server-end-point

31
 * @run main/othervm LdapCBPropertiesTest true  true  com.sun.jndi.ldap.tls.cbtype tls-server-end-point com.sun.jndi.ldap.connect.timeout 2000

32
 * @run main/othervm LdapCBPropertiesTest false false com.sun.jndi.ldap.tls.cbtype tls-server-end-point com.sun.jndi.ldap.connect.timeout 2000

33
 * @run main/othervm LdapCBPropertiesTest false true  com.sun.jndi.ldap.tls.cbtype tls-unknown

34
 * @run main/othervm LdapCBPropertiesTest false true  jdk.internal.sasl.tlschannelbinding value

35
 * @summary test new JNDI property to control the Channel Binding data

36
 */

37


38
import javax.naming.AuthenticationException;

39
import javax.naming.CommunicationException;

40
import javax.naming.Context;

41
import javax.naming.NamingException;

42
import javax.naming.directory.DirContext;

43
import javax.naming.directory.InitialDirContext;

44
import java.net.InetAddress;

45
import java.net.URI;

46
import java.util.Hashtable;

47


48
import org.ietf.jgss.GSSException;

49


50
import javax.net.ssl.SSLException;

51
import javax.net.ssl.SSLServerSocket;

52
import javax.net.ssl.SSLServerSocketFactory;

53
import javax.security.sasl.SaslException;

54


55
import jdk.test.lib.net.URIBuilder;

56


57
import sun.security.util.ChannelBindingException;

58


59
public class LdapCBPropertiesTest {

60
    /*

61
     * Where do we find the keystores?

62
     */

63
    static String pathToStores = "../../../../javax/net/ssl/etc";

64
    static String keyStoreFile = "keystore";

65
    static String trustStoreFile = "truststore";

66
    static String passwd = "passphrase";

67


68
    static boolean debug = false;

69


70
    public static void main(String[] args) throws Exception {

71
        String keyFilename =

72
                System.getProperty("test.src", "./") + "/" + pathToStores +

73
                        "/" + keyStoreFile;

74
        String trustFilename =

75
                System.getProperty("test.src", "./") + "/" + pathToStores +

76
                        "/" + trustStoreFile;

77


78
        System.setProperty("javax.net.ssl.keyStore", keyFilename);

79
        System.setProperty("javax.net.ssl.keyStorePassword", passwd);

80
        System.setProperty("javax.net.ssl.trustStore", trustFilename);

81
        System.setProperty("javax.net.ssl.trustStorePassword", passwd);

82


83
        if (debug)

84
            System.setProperty("javax.net.debug", "all");

85


86
        /*

87
         * Start the tests.

88
         */

89
        new LdapCBPropertiesTest(args);

90
    }

91


92
    /*

93
     * Primary constructor, used to drive remainder of the test.

94
     */

95
    LdapCBPropertiesTest(String[] args) throws Exception {

96
        InetAddress loopback = InetAddress.getLoopbackAddress();

97
        SSLServerSocketFactory sslssf =

98
                (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();

99
        SSLServerSocket sslServerSocket =

100
                (SSLServerSocket) sslssf.createServerSocket(0, 0, loopback);

101
        int serverPort = sslServerSocket.getLocalPort();

102


103
        try (var ignore = new BaseLdapServer(sslServerSocket).start()) {

104
            doClientSide(serverPort, args);

105
        }

106
    }

107


108
    /*

109
     * Define the client side of the test.

110
     *

111
     * The server should start at this time already

112
     */

113
    void doClientSide(int serverPort, String[] args) throws Exception {

114
        boolean passed = false;

115
        boolean shouldPass = Boolean.parseBoolean(args[0]);

116
        boolean shouldConnect = Boolean.parseBoolean(args[1]);

117
        // set disableEndpointIdentification to disable hostname verification

118
        if (shouldConnect) {

119
            System.setProperty(

120
                    "com.sun.jndi.ldap.object.disableEndpointIdentification", "true");

121
        }

122


123
        // Set up the environment for creating the initial context

124
        Hashtable env = new Hashtable();

125
        URI uri = URIBuilder.newBuilder()

126
            .scheme("ldaps")

127
            .loopback()

128
            .port(serverPort)

129
            .build();

130
        env.put(Context.PROVIDER_URL, uri.toString());

131
        env.put(Context.INITIAL_CONTEXT_FACTORY,

132
                "com.sun.jndi.ldap.LdapCtxFactory");

133
        env.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");

134


135
        // read properties

136
        for (int i = 2; i < args.length; i += 2) {

137
            env.put(args[i], args[i + 1]);

138
            if (debug)

139
                System.out.println("Env=" + args[i] + "=" + args[i + 1]);

140
        }

141


142
        try {

143
            DirContext ctx = new InitialDirContext(env);

144
            passed = shouldPass;

145
            ctx.close();

146
        } catch (NamingException ne) {

147
            // only NamingException is allowed

148
            if (debug)

149
                System.out.println("Exception=" + ne + " cause=" + ne.getRootCause());

150
            passed = handleNamingException(ne, shouldPass, shouldConnect);

151
        } catch(Exception e) {

152
            System.err.println("Failed: caught an unexpected Exception - " + e);

153
            throw e;

154
        } finally {

155
            // test if internal property accessible to application

156
            if(shouldPass &&

157
                    env.get("jdk.internal.sasl.tlschannelbinding") != null) {

158
                throw new Exception(

159
                        "Test FAILED: jdk.internal.sasl.tlschannelbinding should not be accessible");

160
            }

161
        }

162
        if (!passed) {

163
            throw new Exception(

164
                    "Test FAILED: NamingException exception should be thrown");

165
        }

166
        System.out.println("Test PASSED");

167
    }

168


169
    private static boolean handleNamingException(NamingException ne, boolean shouldPass, boolean shouldConnect)

170
        throws NamingException {

171
        if (ne instanceof AuthenticationException &&

172
            ne.getRootCause() instanceof SaslException) {

173
            SaslException saslEx = (SaslException) ne.getRootCause();

174
            if (shouldConnect && saslEx.getCause() instanceof GSSException) {

175
                // SSL connection successful, expected exception from SaslClient

176
                if (shouldPass)

177
                    return true;

178
            }

179
        }

180
        if (!shouldConnect) {

181
            // SSL handshake fails

182
            Exception ex = ne;

183
            while(ex != null && !(ex instanceof CommunicationException)) {

184
                ex = (Exception)ex.getCause();

185
            }

186
            if (ex != null) {

187
                if (ex.getCause() instanceof SSLException) {

188
                    if (!shouldPass)

189
                        return true;

190
                }

191
            }

192
        }

193
        Throwable rc = ne.getRootCause();

194
        if (!shouldPass && (rc == null || rc instanceof ChannelBindingException)) {

195
            // Expected exception caused by Channel Binding parameter inconsistency

196
            return true;

197
        }

198
        throw ne;

199
    }

200
}

201


202