archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 23:04:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8209031: SSLSocket should throw an exception when configuring DTLS

Browse source 
Reviewed-by: xuelei
This commit is contained in:
Anthony Scarpino 2018-09-17 14:04:46 -07:00
parent 7069bb6a72
commit b27f471bdd
6 changed files with 70 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/java.base/share/classes/javax/net/ssl/SSLServerSocketFactory.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -112,7 +112,7 @@ public abstract class SSLServerSocketFactory extends ServerSocketFactory
try { try {
return SSLContext.getDefault().getServerSocketFactory(); return SSLContext.getDefault().getServerSocketFactory();
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException | UnsupportedOperationException e) {
return new DefaultSSLServerSocketFactory(e); return new DefaultSSLServerSocketFactory(e);
} }
} }

4
src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -121,7 +121,7 @@ public abstract class SSLSocketFactory extends SocketFactory
try { try {
return SSLContext.getDefault().getSocketFactory(); return SSLContext.getDefault().getSocketFactory();
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException | UnsupportedOperationException e) {
return new DefaultSSLSocketFactory(e); return new DefaultSSLSocketFactory(e);
} }
} }

23
src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
View file

@ -207,6 +207,10 @@ public abstract class SSLContextImpl extends SSLContextSpi {
if (!isInitialized) { if (!isInitialized) {
throw new IllegalStateException("SSLContext is not initialized"); throw new IllegalStateException("SSLContext is not initialized");
} }
if (isDTLS()) {
throw new UnsupportedOperationException(
"DTLS not supported with SSLSocket");
}
return new SSLSocketFactoryImpl(this); return new SSLSocketFactoryImpl(this);
} }
@ -215,6 +219,10 @@ public abstract class SSLContextImpl extends SSLContextSpi {
if (!isInitialized) { if (!isInitialized) {
throw new IllegalStateException("SSLContext is not initialized"); throw new IllegalStateException("SSLContext is not initialized");
} }
if (isDTLS()) {
throw new UnsupportedOperationException(
"DTLS not supported with SSLServerSocket");
}
return new SSLServerSocketFactoryImpl(this); return new SSLServerSocketFactoryImpl(this);
} }
@ -1261,6 +1269,21 @@ public abstract class SSLContextImpl extends SSLContextSpi {
serverDefaultProtocols, false); serverDefaultProtocols, false);
} }
@Override
protected SSLParameters engineGetDefaultSSLParameters() {
SSLEngine engine = createSSLEngineImpl();
return engine.getSSLParameters();
}
@Override
protected SSLParameters engineGetSupportedSSLParameters() {
SSLEngine engine = createSSLEngineImpl();
SSLParameters params = new SSLParameters();
params.setCipherSuites(engine.getSupportedCipherSuites());
params.setProtocols(engine.getSupportedProtocols());
return params;
}
@Override @Override
List<ProtocolVersion> getSupportedProtocolVersions() { List<ProtocolVersion> getSupportedProtocolVersions() {
return supportedProtocols; return supportedProtocols;

68
test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSDefaultProtocols.java
View file

@ -191,33 +191,13 @@ public class CustomizedDTLSDefaultProtocols {
// Check SSLParameters of SSLSocket // Check SSLParameters of SSLSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLSocket of this SSLContext"); System.out.println("\tChecking SSLSocket of this SSLContext");
System.out.println("\tChecking SSLSocket.getSSLParameters()"); try {
SocketFactory fac = context.getSocketFactory(); context.getSocketFactory();
SSLSocket socket = (SSLSocket)fac.createSocket(); failed = true;
parameters = socket.getSSLParameters(); System.out.println("SSLSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.enabledProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
protocols = socket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.enabledProtocols);
System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
ciphers = socket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
protocols = socket.getSupportedProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println(
"\tChecking SSLEngine.getSupportedCipherSuites()");
ciphers = socket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
// //
// Check SSLServerSocket // Check SSLServerSocket
@ -225,33 +205,13 @@ public class CustomizedDTLSDefaultProtocols {
// Check SSLParameters of SSLServerSocket // Check SSLParameters of SSLServerSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLServerSocket of this SSLContext"); System.out.println("\tChecking SSLServerSocket of this SSLContext");
System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); try {
SSLServerSocketFactory sf = context.getServerSocketFactory(); context.getServerSocketFactory();
SSLServerSocket ssocket = (SSLServerSocket)sf.createServerSocket(); failed = true;
parameters = ssocket.getSSLParameters(); System.out.println("SSLServerSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.supportedProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
protocols = ssocket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
ciphers = ssocket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
protocols = ssocket.getSupportedProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println(
"\tChecking SSLEngine.getSupportedCipherSuites()");
ciphers = ssocket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
} }
if (failed) { if (failed) {

69
test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSServerDefaultProtocols.java
View file

@ -31,6 +31,7 @@
* CustomizedDTLSServerDefaultProtocols * CustomizedDTLSServerDefaultProtocols
*/ */
import java.lang.UnsupportedOperationException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.Security; import java.security.Security;
import java.util.Arrays; import java.util.Arrays;
@ -211,33 +212,13 @@ public class CustomizedDTLSServerDefaultProtocols {
// Check SSLParameters of SSLSocket // Check SSLParameters of SSLSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLSocket of this SSLContext"); System.out.println("\tChecking SSLSocket of this SSLContext");
System.out.println("\tChecking SSLSocket.getSSLParameters()"); try {
SocketFactory fac = context.getSocketFactory(); context.getSocketFactory();
SSLSocket socket = (SSLSocket) fac.createSocket(); failed = true;
parameters = socket.getSSLParameters(); System.out.println("SSLSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.clientEnabledProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLSocket.getEnabledProtocols()");
protocols = socket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);
System.out.println("\tChecking SSLSocket.getEnabledCipherSuites()");
ciphers = socket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLSocket.getSupportedProtocols()");
protocols = socket.getSupportedProtocols();
failed |= !checkProtocols(protocols, supportedProtocols);
System.out.println(
"\tChecking SSLSocket.getSupportedCipherSuites()");
ciphers = socket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
// //
// Check SSLServerSocket // Check SSLServerSocket
@ -245,33 +226,13 @@ public class CustomizedDTLSServerDefaultProtocols {
// Check SSLParameters of SSLServerSocket // Check SSLParameters of SSLServerSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLServerSocket of this SSLContext"); System.out.println("\tChecking SSLServerSocket of this SSLContext");
System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); try {
SSLServerSocketFactory sf = context.getServerSocketFactory(); context.getServerSocketFactory();
SSLServerSocket ssocket = (SSLServerSocket) sf.createServerSocket(); failed = true;
parameters = ssocket.getSSLParameters(); System.out.println("SSLServerSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.serverEnabledProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
protocols = ssocket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.serverEnabledProtocols);
System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
ciphers = ssocket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
protocols = ssocket.getSupportedProtocols();
failed |= !checkProtocols(protocols, supportedProtocols);
System.out.println(
"\tChecking SSLEngine.getSupportedCipherSuites()");
ciphers = ssocket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
if (failed) { if (failed) {
throw new Exception("Run into problems, see log for more details"); throw new Exception("Run into problems, see log for more details");

68
test/jdk/sun/security/ssl/SSLContextImpl/DefaultDTLSEnabledProtocols.java
View file

@ -188,33 +188,13 @@ public class DefaultDTLSEnabledProtocols {
// Check SSLParameters of SSLSocket // Check SSLParameters of SSLSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLSocket of this SSLContext"); System.out.println("\tChecking SSLSocket of this SSLContext");
System.out.println("\tChecking SSLSocket.getSSLParameters()"); try {
SocketFactory fac = context.getSocketFactory(); context.getSocketFactory();
SSLSocket socket = (SSLSocket)fac.createSocket(); failed = true;
parameters = socket.getSSLParameters(); System.out.println("SSLSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.enabledProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
protocols = socket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.enabledProtocols);
System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
ciphers = socket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
protocols = socket.getSupportedProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println(
"\tChecking SSLEngine.getSupportedCipherSuites()");
ciphers = socket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
// //
// Check SSLServerSocket // Check SSLServerSocket
@ -222,33 +202,13 @@ public class DefaultDTLSEnabledProtocols {
// Check SSLParameters of SSLServerSocket // Check SSLParameters of SSLServerSocket
System.out.println(); System.out.println();
System.out.println("\tChecking SSLServerSocket of this SSLContext"); System.out.println("\tChecking SSLServerSocket of this SSLContext");
System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); try {
SSLServerSocketFactory sf = context.getServerSocketFactory(); context.getServerSocketFactory();
SSLServerSocket ssocket = (SSLServerSocket)sf.createServerSocket(); failed = true;
parameters = ssocket.getSSLParameters(); System.out.println("SSLServerSocket returned a socket for DTLS");
} catch (UnsupportedOperationException e) {
protocols = parameters.getProtocols(); System.out.println("\t " + e.getMessage());
failed |= !checkProtocols(protocols, cv.supportedProtocols); }
ciphers = parameters.getCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
protocols = ssocket.getEnabledProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
ciphers = ssocket.getEnabledCipherSuites();
failed |= !checkCipherSuites(ciphers);
System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
protocols = ssocket.getSupportedProtocols();
failed |= !checkProtocols(protocols, cv.supportedProtocols);
System.out.println(
"\tChecking SSLEngine.getSupportedCipherSuites()");
ciphers = ssocket.getSupportedCipherSuites();
failed |= !checkCipherSuites(ciphers);
} }
if (failed) { if (failed) {