import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;
import java.security.NoSuchAlgorithmException;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLException;
import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.net.ssl.SSLException;
+import org.cacert.gigi.testUtils.InitTruststore;
+import org.cacert.gigi.testUtils.ManagedTest;
import org.junit.Test;
-public class TestSSL {
+public class TestSSL extends ManagedTest {
private ByteBuffer in;
private ByteBuffer inC;
private ByteBuffer outC;
static {
InitTruststore.run();
}
+
@Test
- public void testClientIntitiatedRenegotiation()
- throws NoSuchAlgorithmException, IOException {
+ public void testClientIntitiatedRenegotiation() throws NoSuchAlgorithmException, IOException {
SSLContext sc = SSLContext.getDefault();
SSLEngine se = sc.createSSLEngine();
- SocketChannel s = SocketChannel.open(new InetSocketAddress("localhost",
- 443));
+ String[] serverParts = getServerName().split(":", 2);
+ SocketChannel s = SocketChannel.open(new InetSocketAddress(serverParts[0], Integer.parseInt(serverParts[1])));
in = ByteBuffer.allocate(se.getSession().getApplicationBufferSize());
inC = ByteBuffer.allocate(se.getSession().getPacketBufferSize());
se.beginHandshake();
try {
work(se, s);
- throw new Error(
- "Client re-negotiation failed (possible DoS vurnability");
+ throw new Error("Client re-negotiation succeded (possible DoS vulnerability");
} catch (EOFException e) {
// Cool, server closed connection
}
}
- private void work(SSLEngine se, SocketChannel s) throws SSLException,
- IOException {
+
+ private void work(SSLEngine se, SocketChannel s) throws SSLException, IOException {
while (se.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING
- && se.getHandshakeStatus() != HandshakeStatus.FINISHED) {
+ && se.getHandshakeStatus() != HandshakeStatus.FINISHED) {
switch (se.getHandshakeStatus()) {
- case NEED_WRAP :
- wrap(se, s);
- break;
- case NEED_UNWRAP :
- unwrap(se, s);
- break;
- case NEED_TASK :
- se.getDelegatedTask().run();
- break;
- default :
- System.out.println(se.getHandshakeStatus());
+ case NEED_WRAP:
+ wrap(se, s);
+ break;
+ case NEED_UNWRAP:
+ unwrap(se, s);
+ break;
+ case NEED_TASK:
+ se.getDelegatedTask().run();
+ break;
+ default:
+ System.out.println(se.getHandshakeStatus());
}
}
}
- private SSLEngineResult unwrap(SSLEngine se, SocketChannel s)
- throws IOException, SSLException {
+
+ private SSLEngineResult unwrap(SSLEngine se, SocketChannel s) throws IOException, SSLException {
if (inC.remaining() == 0) {
inC.clear();
s.read(inC);
}
return result;
}
- private SSLEngineResult wrap(SSLEngine se, SocketChannel s)
- throws SSLException, IOException {
+
+ private SSLEngineResult wrap(SSLEngine se, SocketChannel s) throws SSLException, IOException {
outC.clear();
SSLEngineResult result = se.wrap(out, outC);
outC.flip();
projects / gigi.git / blobdiff