Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-13 13:25:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix for JSSE and JSS client timeout issue

Browse Source 
Fixed a couple of issues.
[1] Reduced JSS and JSSE server timeout from 2 min to 35 sec
[2] Added try/catch to JSSE client to detect non Sun JCA
[3] Added socket and program timeout for JSS and JSSE clients so that they exit
gracefully
[4] Split TLS and SSLv3 in seperate mothods in JSSE_SSLclient.java
This commit is contained in:
sandeep.konchady%sun.com 2005-04-25 21:28:12 +00:00
parent c1820e50ac
commit 6b0615c933
4 changed files with 214 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

283
security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java
View File

@ -366,7 +366,8 @@ public class JSSE_SSLClient {
*/
String [] Ciphers = {cipherName};
socket.setEnabledCipherSuites(Ciphers);
socket.setSoTimeout(30 * 1000);
// Set socket timeout to 10 sec
socket.setSoTimeout(10 * 1000);
socket.startHandshake();
PrintWriter out = new PrintWriter(
@ -494,6 +495,183 @@ public class JSSE_SSLClient {
/* tunneling Handshake was successful! */
}
/**
* Test communication with SSL server using TLS
*/
public void testTlsClient(String testCipher,
String testHost,
int testPort) {
String javaVersion = System.getProperty("java.version");
String lastCipher = null;
System.out.println("\nUsing java version " + javaVersion + "\n");
System.out.println("Testing TLS Cipher list ...");
JSSE_SSLClient sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("TLS");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") == -1 ) {
// Validate Ciphers supported for TLS
if ( testCipher != null ) {
// This try is for catching non supported cipher exception
try {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
// Put the main thread to sleep. In case we do not get
// any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
sslSock.clearHandshakeCompleted();
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.4.x");
}
} else {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk150.length;i++){
sslSock.setCipherSuite(
Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
// Put the main thread to sleep. In case we do not
// get any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
sslSock.clearHandshakeCompleted();
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.5.x");
}
}
System.out.println("Testing TLS Cipher list complete\n");
}
}
/**
* Test communication with SSL server using SSLv3
*/
public void testSslClient(String testCipher,
String testHost,
int testPort) {
String javaVersion = System.getProperty("java.version");
String lastCipher = null;
// Validate Ciphers supported for SSLv3
System.out.println("Testing SSLv3 Cipher list ...");
JSSE_SSLClient sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("SSLv3");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") != -1 ) {
if ( testCipher != null ) {
// This try is for catching non supported cipher exception
try {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
// Put the main thread to sleep. In case we do not get
// any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
sslSock.clearHandshakeCompleted();
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.4.x");
}
} else {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk142.length;i++){
lastCipher = Constants.sslciphersarray_jdk142[i];
sslSock.setCipherSuite(lastCipher);
sslSock.setEOF(Constants.sslciphersarray_jdk142[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
// Put the main thread to sleep. In case we do not
// get any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
sslSock.clearHandshakeCompleted();
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.4.x");
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
if ( testCipher != null ) {
// This try is for catching non supported cipher exception
try {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.5.x");
}
} else {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk150.length;i++){
lastCipher = Constants.sslciphersarray_jdk150[i];
sslSock.setCipherSuite(
Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
"any supported ciphers for JDK 1.5.x");
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
System.out.println("Testing SSLv3 Cipher list complete\n");
}
/**
* Main method for local unit testing.
*/
@ -511,103 +689,12 @@ public class JSSE_SSLClient {
}
} catch (Exception e) { }
String javaVersion = System.getProperty("java.version");
String lastCipher = null;
System.out.println("\nUsing java version " + javaVersion + "\n");
System.out.println("Testing TLS Cipher list ...");
JSSE_SSLClient sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("TLS");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") == -1 ) {
// Validate Ciphers supported for TLS
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk150.length; i++){
sslSock.setCipherSuite(Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
System.out.println("Testing TLS Cipher list complete\n");
}
// Validate Ciphers supported for SSLv3
System.out.println("Testing SSLv3 Cipher list ...");
sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("SSLv3");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") != -1 ) {
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk142.length; i++){
lastCipher = Constants.sslciphersarray_jdk142[i];
sslSock.setCipherSuite(lastCipher);
sslSock.setEOF(Constants.sslciphersarray_jdk142[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk150.length; i++){
lastCipher = Constants.sslciphersarray_jdk150[i];
sslSock.setCipherSuite(Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
System.out.println("Testing SSLv3 Cipher list complete\n");
// Call TLS client cipher test
sslSock.testTlsClient(testCipher, testHost, testPort);
// Call SSLv3 client cipher test
sslSock.testSslClient(testCipher, testHost, testPort);
}
}

7
security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java
View File

@ -91,7 +91,8 @@ public class JSSE_SSLServer extends ClassServer {
SSLServerSocketFactory ssf =
JSSE_SSLServer.getServerSocketFactory(type);
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port);
ss.setSoTimeout(120 * 1000);
// Set server socket timeout to 15 sec
ss.setSoTimeout(15 * 1000);
// Based on J2SE version, enable appropriate ciphers
if ( (System.getProperty("java.version")).indexOf("1.4") != -1 ) {
@ -114,9 +115,9 @@ public class JSSE_SSLServer extends ClassServer {
}
// Put the main thread to sleep. In case we do not get any
// response within 120 sec (2 min), then we shutdown the server.
// response within 35 sec, then we shutdown the server.
try {
Thread.currentThread().sleep(12000);
Thread.currentThread().sleep(3500);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted, exiting normally ...\n");
System.exit(0);

27
security/jss/org/mozilla/jss/tests/JSS_SSLClient.java
View File

@ -228,7 +228,8 @@ public class JSS_SSLClient {
System.out.println("client connected");
}
sock.setSoTimeout(30 * 1000);
// Set socket timeout to 10 sec
sock.setSoTimeout(10 * 1000);
sock.addHandshakeCompletedListener(
new HandshakeListener("client",this));
@ -355,7 +356,13 @@ public class JSS_SSLClient {
jssTest.setEOF(testCipher);
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
// Put the main thread to sleep. In case we do not
// get any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
jssTest.clearHandshakeCompleted();
} catch (Exception ex) {
@ -365,7 +372,13 @@ public class JSS_SSLClient {
jssTest.setEOF("null");
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
// Put the main thread to sleep. In case we do not
// get any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
jssTest.clearHandshakeCompleted();
} else {
@ -376,7 +389,13 @@ public class JSS_SSLClient {
Constants.jssCipherSuites[i]).toString());
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
// Put the main thread to sleep. In case we do not
// get any response within 10 sec, then we shutdown.
try {
Thread.currentThread().sleep(1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted ...\n");
}
}
jssTest.clearHandshakeCompleted();
} catch (Exception ex) {

4
security/jss/org/mozilla/jss/tests/JSS_SSLServer.java
View File

@ -72,9 +72,9 @@ public class JSS_SSLServer {
} catch (Exception e) {}
// Put the main thread to sleep. In case we do not get any
// response within 120 sec (2 min), then we shutdown the server.
// response within 35 sec, then we shutdown the server.
try {
Thread.currentThread().sleep(12000);
Thread.currentThread().sleep(3500);
sock.close();
serverSock.close();
} catch (InterruptedException e) {