Path: blob/master/test/jdk/sun/security/ssl/SSLSessionImpl/InvalidateSession.java
66645 views
/*1* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 827034426* @library /test/lib /javax/net/ssl/templates27* @summary Session resumption errors28* @run main/othervm InvalidateSession29*/3031import javax.net.*;32import javax.net.ssl.*;33import java.io.*;34import java.net.*;35import java.util.*;3637import jdk.test.lib.security.SecurityUtils;3839public class InvalidateSession implements SSLContextTemplate {4041static ServerSocketFactory serverSsf = null;42static SSLSocketFactory clientSsf = null;4344static Server server;45static SSLSession cacheSession;46static final String[] CLIENT_VERSIONS = {"TLSv1", "TLSv1.1", "TLSv1.2"};4748public static void main(String args[]) throws Exception {49// drop the supported_versions extension to force test to use the legacy50// TLS protocol version field during handshakes51System.setProperty("jdk.tls.client.disableExtensions", "supported_versions");52SecurityUtils.removeFromDisabledTlsAlgs("TLSv1", "TLSv1.1");5354InvalidateSession test = new InvalidateSession();55test.sessionTest();56server.go = false;57}5859/**60* 3 test iterations61* 1) Server configured with TLSv1, client with TLSv1, v1.1, v1.262* - Handshake should succeed63* - Session "A" established64* 2) 2nd iteration, server configured with TLSv1.2 only65* - Connection should succeed but with a new session due to TLS protocol version change66* - Session "A" should be invalidated67* - Session "B" is created68* 3) 3rd iteration, same server/client config69* - Session "B" should continue to be in use70*/71private void sessionTest() throws Exception {72serverSsf = createServerSSLContext().getServerSocketFactory();73clientSsf = createClientSSLContext().getSocketFactory();74server = startServer();75while (!server.started) {76Thread.yield();77}7879for (int i = 1; i <= 3; i++) {80clientConnect(i);81Thread.sleep(1000);82}83}8485public void clientConnect(int testIterationCount) throws Exception {86System.out.printf("Connecting to: localhost: %s, iteration count %d%n",87"localhost:" + server.port, testIterationCount);88SSLSocket sslSocket = (SSLSocket) clientSsf.createSocket("localhost", server.port);89sslSocket.setEnabledProtocols(CLIENT_VERSIONS);90sslSocket.startHandshake();9192System.out.println("Got session: " + sslSocket.getSession());9394if (testIterationCount == 2 && Objects.equals(cacheSession, sslSocket.getSession())) {95throw new RuntimeException("Same session should not have resumed");96}97if (testIterationCount == 3 && !Objects.equals(cacheSession, sslSocket.getSession())) {98throw new RuntimeException("Same session should have resumed");99}100101cacheSession = sslSocket.getSession();102103try (104ObjectOutputStream oos = new ObjectOutputStream(sslSocket.getOutputStream());105ObjectInputStream ois = new ObjectInputStream(sslSocket.getInputStream())) {106oos.writeObject("Hello");107String serverMsg = (String) ois.readObject();108System.out.println("Server message : " + serverMsg);109} catch (Exception ex) {110throw new RuntimeException(ex);111} finally {112sslSocket.close();113}114}115116private static Server startServer() {117Server server = new Server();118new Thread(server).start();119return server;120}121122private static class Server implements Runnable {123public volatile boolean go = true;124public volatile int port = 0;125public volatile boolean started = false;126127@Override128public void run() {129try {130SSLServerSocket ssock = (SSLServerSocket)131serverSsf.createServerSocket(0);132this.port = ssock.getLocalPort();133ssock.setEnabledProtocols(new String[]{"TLSv1"});134started = true;135while (go) {136try {137System.out.println("Waiting for connection");138Socket sock = ssock.accept();139// now flip server to TLSv1.2 mode for successive connections140ssock.setEnabledProtocols(new String[]{"TLSv1.2"});141try (142ObjectInputStream ois = new ObjectInputStream(sock.getInputStream());143ObjectOutputStream oos = new ObjectOutputStream(sock.getOutputStream())) {144String recv = (String) ois.readObject();145oos.writeObject("Received: " + recv);146} catch (SSLHandshakeException she) {147System.out.println("Server caught :" + she);148} finally {149sock.close();150}151} catch (Exception ex) {152throw new RuntimeException(ex);153}154}155} catch (Exception ex) {156throw new RuntimeException(ex);157}158}159}160}161162163164