View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */package org.apache.mina.filter.ssl;
20  
21  import java.io.BufferedReader;
22  import java.io.IOException;
23  import java.io.InputStreamReader;
24  import java.net.InetAddress;
25  import java.net.InetSocketAddress;
26  import java.net.Socket;
27  import java.security.GeneralSecurityException;
28  import java.security.KeyStore;
29  import java.security.Security;
30  
31  import javax.net.ssl.KeyManagerFactory;
32  import javax.net.ssl.SSLContext;
33  import javax.net.ssl.SSLSocketFactory;
34  import javax.net.ssl.TrustManagerFactory;
35  
36  import org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder;
37  import org.apache.mina.core.service.IoHandlerAdapter;
38  import org.apache.mina.core.session.IoSession;
39  import org.apache.mina.filter.codec.ProtocolCodecFilter;
40  import org.apache.mina.filter.codec.textline.TextLineCodecFactory;
41  import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
42  import org.apache.mina.util.AvailablePortFinder;
43  import org.junit.Test;
44  
45  /**
46   * Test a SSL session where the connection is established and closed twice. It should be
47   * processed correctly (Test for DIRMINA-650)
48   *
49   * @author <a href="http://mina.apache.org">Apache MINA Project</a>
50   */
51  public class SslTest {
52      /** A static port used for his test, chosen to avoid collisions */
53      private static final int port = AvailablePortFinder.getNextAvailable(5555);
54  
55      private static Exception clientError = null;
56  
57      private static InetAddress address;
58  
59      private static SSLSocketFactory factory;
60  
61      /** A JVM independant KEY_MANAGER_FACTORY algorithm */
62      private static final String KEY_MANAGER_FACTORY_ALGORITHM;
63  
64      static {
65          String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
66          if (algorithm == null) {
67              algorithm = KeyManagerFactory.getDefaultAlgorithm();
68          }
69  
70          KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
71      }
72  
73      private static class TestHandler extends IoHandlerAdapter {
74          public void messageReceived(IoSession session, Object message) throws Exception {
75              String line = (String) message;
76  
77              if (line.startsWith("hello")) {
78                  //System.out.println("Server got: 'hello', waiting for 'send'");
79                  Thread.sleep(1500);
80              } else if (line.startsWith("send")) {
81                  //System.out.println("Server got: 'send', sending 'data'");
82                  StringBuilder sb = new StringBuilder();
83                  
84                  for ( int i = 0; i < 10000; i++) {
85                      sb.append('A');
86                  }
87                      
88                  session.write(sb.toString());
89                  session.close(true);
90              }
91          }
92      }
93  
94      /**
95       * Starts a Server with the SSL Filter and a simple text line 
96       * protocol codec filter
97       */
98      private static void startServer() throws Exception {
99          NioSocketAcceptor acceptor = new NioSocketAcceptor();
100 
101         acceptor.setReuseAddress(true);
102         DefaultIoFilterChainBuilder filters = acceptor.getFilterChain();
103 
104         // Inject the SSL filter
105         SslFilter sslFilter = new SslFilter(createSSLContext());
106         filters.addLast("sslFilter", sslFilter);
107 
108         // Inject the TestLine codec filter
109         filters.addLast("text", new ProtocolCodecFilter(new TextLineCodecFactory()));
110 
111         acceptor.setHandler(new TestHandler());
112         acceptor.bind(new InetSocketAddress(port));
113     }
114 
115     /**
116      * Starts a client which will connect twice using SSL
117      */
118     private static void startClient() throws Exception {
119         address = InetAddress.getByName("localhost");
120 
121         SSLContext context = createSSLContext();
122         factory = context.getSocketFactory();
123 
124         connectAndSend();
125 
126         // This one will throw a SocketTimeoutException if DIRMINA-650 is not fixed
127         connectAndSend();
128     }
129 
130     private static void connectAndSend() throws Exception {
131         Socket parent = new Socket(address, port);
132         Socket socket = factory.createSocket(parent, address.getCanonicalHostName(), port, false);
133 
134         //System.out.println("Client sending: hello");
135         socket.getOutputStream().write("hello                      \n".getBytes());
136         socket.getOutputStream().flush();
137         socket.setSoTimeout(1000000);
138 
139         //System.out.println("Client sending: send");
140         socket.getOutputStream().write("send\n".getBytes());
141         socket.getOutputStream().flush();
142 
143         BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
144         String line = in.readLine();
145         //System.out.println("Client got: " + line);
146         socket.close();
147 
148     }
149 
150     private static SSLContext createSSLContext() throws IOException, GeneralSecurityException {
151         char[] passphrase = "password".toCharArray();
152 
153         SSLContext ctx = SSLContext.getInstance("TLS");
154         KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
155         TrustManagerFactory tmf = TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
156 
157         KeyStore ks = KeyStore.getInstance("JKS");
158         KeyStore ts = KeyStore.getInstance("JKS");
159 
160         ks.load(SslTest.class.getResourceAsStream("keystore.sslTest"), passphrase);
161         ts.load(SslTest.class.getResourceAsStream("truststore.sslTest"), passphrase);
162 
163         kmf.init(ks, passphrase);
164         tmf.init(ts);
165         ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
166 
167         return ctx;
168     }
169 
170     @Test
171     public void testSSL() throws Exception {
172         startServer();
173 
174         Thread t = new Thread() {
175             public void run() {
176                 try {
177                     startClient();
178                 } catch (Exception e) {
179                     clientError = e;
180                 }
181             }
182         };
183         t.start();
184         t.join();
185         if (clientError != null)
186             throw clientError;
187     }
188 }