diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientRedirectTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientRedirectTest.java index 50e6add2cf62..770fe64dbceb 100644 --- a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientRedirectTest.java +++ b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientRedirectTest.java @@ -20,6 +20,7 @@ import java.io.IOException; import java.net.URLDecoder; +import java.net.UnknownHostException; import java.nio.ByteBuffer; import java.nio.channels.UnresolvedAddressException; import java.nio.charset.StandardCharsets; @@ -43,7 +44,6 @@ import org.eclipse.jetty.server.Request; import org.eclipse.jetty.toolchain.test.IO; import org.hamcrest.Matchers; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ArgumentsSource; @@ -292,24 +292,21 @@ protected void service(String target, Request jettyRequest, HttpServletRequest r @ParameterizedTest @ArgumentsSource(ScenarioProvider.class) - @Disabled public void testRedirectFailed(Scenario scenario) throws Exception { - // TODO this test is failing with timout after an ISP upgrade?? DNS dependent? start(scenario, new RedirectHandler()); - try - { - client.newRequest("localhost", connector.getLocalPort()) + ExecutionException e = assertThrows(ExecutionException.class, + () -> client.newRequest("localhost", connector.getLocalPort()) .scheme(scenario.getScheme()) .path("/303/doesNotExist/done") .timeout(5, TimeUnit.SECONDS) - .send(); - } - catch (ExecutionException x) - { - assertThat(x.getCause(), Matchers.instanceOf(UnresolvedAddressException.class)); - } + .send()); + + assertThat("Cause", e.getCause(), Matchers.anyOf( + Matchers.instanceOf(UnresolvedAddressException.class), + Matchers.instanceOf(UnknownHostException.class)) + ); } @ParameterizedTest diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientTLSTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientTLSTest.java index c202c9f860b9..56b38dd11508 100644 --- a/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientTLSTest.java +++ b/jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientTLSTest.java @@ -69,7 +69,6 @@ import org.eclipse.jetty.util.thread.QueuedThreadPool; import org.hamcrest.Matchers; import org.junit.jupiter.api.AfterEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.condition.EnabledOnJre; import org.junit.jupiter.api.condition.JRE; @@ -265,51 +264,6 @@ public void handshakeFailed(Event event, Throwable failure) assertTrue(clientLatch.await(1, TimeUnit.SECONDS)); } - // In JDK 11+, a mismatch on the client does not generate any bytes towards - // the server, while in previous JDKs the client sends to the server the close_notify. - // @EnabledOnJre({JRE.JAVA_8, JRE.JAVA_9, JRE.JAVA_10}) - @Disabled("No longer viable, TLS protocol behavior changed in 8u272") - public void testMismatchBetweenTLSProtocolAndTLSCiphersOnClient() throws Exception - { - SslContextFactory serverTLSFactory = createServerSslContextFactory(); - startServer(serverTLSFactory, new EmptyServerHandler()); - - CountDownLatch serverLatch = new CountDownLatch(1); - connector.addBean(new SslHandshakeListener() - { - @Override - public void handshakeFailed(Event event, Throwable failure) - { - serverLatch.countDown(); - } - }); - - SslContextFactory clientTLSFactory = createClientSslContextFactory(); - // TLS 1.1 protocol, but only TLS 1.2 ciphers. - clientTLSFactory.setIncludeProtocols("TLSv1.1"); - clientTLSFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"); - startClient(clientTLSFactory); - - CountDownLatch clientLatch = new CountDownLatch(1); - client.addBean(new SslHandshakeListener() - { - @Override - public void handshakeFailed(Event event, Throwable failure) - { - clientLatch.countDown(); - } - }); - - assertThrows(ExecutionException.class, () -> - client.newRequest("localhost", connector.getLocalPort()) - .scheme(HttpScheme.HTTPS.asString()) - .timeout(5, TimeUnit.SECONDS) - .send()); - - assertTrue(serverLatch.await(1, TimeUnit.SECONDS)); - assertTrue(clientLatch.await(1, TimeUnit.SECONDS)); - } - @Test public void testHandshakeSucceeded() throws Exception { diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/ssl/SslBytesClientTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/ssl/SslBytesClientTest.java deleted file mode 100644 index cc98088eb99b..000000000000 --- a/jetty-client/src/test/java/org/eclipse/jetty/client/ssl/SslBytesClientTest.java +++ /dev/null @@ -1,358 +0,0 @@ -// -// ======================================================================== -// Copyright (c) 1995-2021 Mort Bay Consulting Pty Ltd and others. -// ------------------------------------------------------------------------ -// All rights reserved. This program and the accompanying materials -// are made available under the terms of the Eclipse Public License v1.0 -// and Apache License v2.0 which accompanies this distribution. -// -// The Eclipse Public License is available at -// http://www.eclipse.org/legal/epl-v10.html -// -// The Apache License v2.0 is available at -// http://www.opensource.org/licenses/apache2.0.php -// -// You may elect to redistribute this code under either of these licenses. -// ======================================================================== -// - -package org.eclipse.jetty.client.ssl; - -import java.io.BufferedReader; -import java.io.File; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.OutputStream; -import java.net.SocketTimeoutException; -import java.nio.charset.StandardCharsets; -import java.util.Arrays; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; -import java.util.concurrent.Future; -import java.util.concurrent.TimeUnit; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLServerSocket; -import javax.net.ssl.SSLSocket; - -import org.eclipse.jetty.client.HttpClient; -import org.eclipse.jetty.client.api.ContentResponse; -import org.eclipse.jetty.client.api.Request; -import org.eclipse.jetty.client.util.FutureResponseListener; -import org.eclipse.jetty.http.HttpScheme; -import org.eclipse.jetty.http.HttpStatus; -import org.eclipse.jetty.toolchain.test.MavenTestingUtils; -import org.eclipse.jetty.util.ssl.SslContextFactory; -import org.junit.jupiter.api.AfterEach; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; -import org.junit.jupiter.api.Test; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; - -// This whole test is very specific to how TLS < 1.3 works. -// Starting in Java 11, TLS/1.3 is now enabled by default. -@Disabled("Since 8u272 this is no longer valid") -public class SslBytesClientTest extends SslBytesTest -{ - private ExecutorService threadPool; - private HttpClient client; - private SslContextFactory sslContextFactory; - private SSLServerSocket acceptor; - private SimpleProxy proxy; - - @BeforeEach - public void init() throws Exception - { - threadPool = Executors.newCachedThreadPool(); - - sslContextFactory = new SslContextFactory.Client(true); - client = new HttpClient(sslContextFactory); - client.setMaxConnectionsPerDestination(1); - File keyStore = MavenTestingUtils.getTestResourceFile("keystore.p12"); - sslContextFactory.setKeyStorePath(keyStore.getAbsolutePath()); - sslContextFactory.setKeyStorePassword("storepwd"); - client.start(); - - SSLContext sslContext = this.sslContextFactory.getSslContext(); - acceptor = (SSLServerSocket)sslContext.getServerSocketFactory().createServerSocket(0); - - int serverPort = acceptor.getLocalPort(); - - proxy = new SimpleProxy(threadPool, "localhost", serverPort); - proxy.start(); - logger.info(":{} <==> :{}", proxy.getPort(), serverPort); - } - - @AfterEach - public void destroy() throws Exception - { - if (acceptor != null) - acceptor.close(); - if (proxy != null) - proxy.stop(); - if (client != null) - client.stop(); - if (threadPool != null) - threadPool.shutdownNow(); - } - - @Test - public void testHandshake() throws Exception - { - Request request = client.newRequest("localhost", proxy.getPort()); - FutureResponseListener listener = new FutureResponseListener(request); - request.scheme(HttpScheme.HTTPS.asString()).send(listener); - - assertTrue(proxy.awaitClient(5, TimeUnit.SECONDS)); - - try (SSLSocket server = (SSLSocket)acceptor.accept()) - { - server.setUseClientMode(false); - - Future handshake = threadPool.submit(() -> - { - server.startHandshake(); - return null; - }); - - // Client Hello - TLSRecord record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToServer(record); - - // Server Hello + Certificate + Server Done - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - // Client Key Exchange - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToServer(record); - - // Change Cipher Spec - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType()); - proxy.flushToServer(record); - - // Client Done - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToServer(record); - - // Change Cipher Spec - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType()); - proxy.flushToClient(record); - - // Server Done - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - assertNull(handshake.get(5, TimeUnit.SECONDS)); - - SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow(); - // Read request - BufferedReader reader = new BufferedReader(new InputStreamReader(server.getInputStream(), StandardCharsets.UTF_8)); - String line = reader.readLine(); - assertTrue(line.startsWith("GET")); - while (line.length() > 0) - { - line = reader.readLine(); - } - - // Write response - OutputStream output = server.getOutputStream(); - output.write(("HTTP/1.1 200 OK\r\n" + - "Content-Length: 0\r\n" + - "\r\n").getBytes(StandardCharsets.UTF_8)); - output.flush(); - assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS)); - - ContentResponse response = listener.get(5, TimeUnit.SECONDS); - assertEquals(HttpStatus.OK_200, response.getStatus()); - } - } - - @Test - public void testServerRenegotiation() throws Exception - { - Request request = client.newRequest("localhost", proxy.getPort()); - FutureResponseListener listener = new FutureResponseListener(request); - request.scheme(HttpScheme.HTTPS.asString()).send(listener); - - assertTrue(proxy.awaitClient(5, TimeUnit.SECONDS)); - - try (SSLSocket server = (SSLSocket)acceptor.accept()) - { - server.setUseClientMode(false); - - Future handshake = threadPool.submit(() -> - { - server.startHandshake(); - return null; - }); - - SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow(); - assertNull(handshake.get(5, TimeUnit.SECONDS)); - - // Read request - InputStream serverInput = server.getInputStream(); - BufferedReader reader = new BufferedReader(new InputStreamReader(serverInput, StandardCharsets.UTF_8)); - String line = reader.readLine(); - assertTrue(line.startsWith("GET")); - while (line.length() > 0) - { - line = reader.readLine(); - } - - OutputStream serverOutput = server.getOutputStream(); - byte[] data1 = new byte[1024]; - Arrays.fill(data1, (byte)'X'); - String content1 = new String(data1, StandardCharsets.UTF_8); - byte[] data2 = new byte[1024]; - Arrays.fill(data2, (byte)'Y'); - final String content2 = new String(data2, StandardCharsets.UTF_8); - // Write first part of the response - serverOutput.write(("HTTP/1.1 200 OK\r\n" + - "Content-Type: text/plain\r\n" + - "Content-Length: " + (content1.length() + content2.length()) + "\r\n" + - "\r\n" + - content1).getBytes(StandardCharsets.UTF_8)); - serverOutput.flush(); - assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS)); - - // Renegotiate - Future renegotiation = threadPool.submit(() -> - { - server.startHandshake(); - return null; - }); - - // Renegotiation Handshake - TLSRecord record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - // Renegotiation Handshake - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToServer(record); - - // Trigger a read to have the server write the final renegotiation steps - server.setSoTimeout(100); - assertThrows(SocketTimeoutException.class, () -> serverInput.read()); - - // Renegotiation Handshake - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - // Renegotiation Change Cipher - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType()); - proxy.flushToClient(record); - - // Renegotiation Handshake - record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - // Renegotiation Change Cipher - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.CHANGE_CIPHER_SPEC, record.getType()); - proxy.flushToServer(record); - - // Renegotiation Handshake - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToServer(record); - - assertNull(renegotiation.get(5, TimeUnit.SECONDS)); - - // Complete the response - automaticProxyFlow = proxy.startAutomaticFlow(); - serverOutput.write(data2); - serverOutput.flush(); - assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS)); - - ContentResponse response = listener.get(5, TimeUnit.SECONDS); - assertEquals(HttpStatus.OK_200, response.getStatus()); - assertEquals(data1.length + data2.length, response.getContent().length); - } - } - - @Test - public void testServerRenegotiationWhenRenegotiationIsForbidden() throws Exception - { - sslContextFactory.setRenegotiationAllowed(false); - - Request request = client.newRequest("localhost", proxy.getPort()); - FutureResponseListener listener = new FutureResponseListener(request); - request.scheme(HttpScheme.HTTPS.asString()).send(listener); - - assertTrue(proxy.awaitClient(5, TimeUnit.SECONDS)); - - try (SSLSocket server = (SSLSocket)acceptor.accept()) - { - server.setUseClientMode(false); - - Future handshake = threadPool.submit(() -> - { - server.startHandshake(); - return null; - }); - - SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow(); - assertNull(handshake.get(5, TimeUnit.SECONDS)); - - // Read request - InputStream serverInput = server.getInputStream(); - BufferedReader reader = new BufferedReader(new InputStreamReader(serverInput, StandardCharsets.UTF_8)); - String line = reader.readLine(); - assertTrue(line.startsWith("GET")); - while (line.length() > 0) - { - line = reader.readLine(); - } - - OutputStream serverOutput = server.getOutputStream(); - byte[] data1 = new byte[1024]; - Arrays.fill(data1, (byte)'X'); - String content1 = new String(data1, StandardCharsets.UTF_8); - byte[] data2 = new byte[1024]; - Arrays.fill(data2, (byte)'Y'); - final String content2 = new String(data2, StandardCharsets.UTF_8); - // Write first part of the response - serverOutput.write(("HTTP/1.1 200 OK\r\n" + - "Content-Type: text/plain\r\n" + - "Content-Length: " + (content1.length() + content2.length()) + "\r\n" + - "\r\n" + - content1).getBytes(StandardCharsets.UTF_8)); - serverOutput.flush(); - assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS)); - - // Renegotiate - threadPool.submit(() -> - { - server.startHandshake(); - return null; - }); - - // Renegotiation Handshake - TLSRecord record = proxy.readFromServer(); - assertEquals(TLSRecord.Type.HANDSHAKE, record.getType()); - proxy.flushToClient(record); - - // Client sends close alert. - record = proxy.readFromClient(); - assertEquals(TLSRecord.Type.ALERT, record.getType()); - record = proxy.readFromClient(); - assertNull(record); - } - } -} diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java index f33bbceaffe7..be2b6313e4ac 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java @@ -1616,78 +1616,6 @@ public boolean check(HttpServletRequest request, HttpServletResponse response) t assertEquals("value", cookies.get(0).getValue()); } - @Disabled("No longer relevant") - @Test - public void testCookieLeak() throws Exception - { - final String[] cookie = new String[10]; - - _handler._checker = new RequestTester() - { - @Override - public boolean check(HttpServletRequest request, HttpServletResponse response) - { - for (int i = 0; i < cookie.length; i++) - { - cookie[i] = null; - } - - Cookie[] cookies = request.getCookies(); - for (int i = 0; cookies != null && i < cookies.length; i++) - { - cookie[i] = cookies[i].getValue(); - } - return true; - } - }; - - String request = "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: other=cookie\r\n" + - "\r\n" + - "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: name=value\r\n" + - "Connection: close\r\n" + - "\r\n"; - - _connector.getResponse(request); - - assertEquals("value", cookie[0]); - assertEquals(null, cookie[1]); - - request = "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: name=value\r\n" + - "\r\n" + - "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: \r\n" + - "Connection: close\r\n" + - "\r\n"; - - _connector.getResponse(request); - assertEquals(null, cookie[0]); - assertEquals(null, cookie[1]); - - request = "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: name=value\r\n" + - "Cookie: other=cookie\r\n" + - "\r\n" + - "POST / HTTP/1.1\r\n" + - "Host: whatever\r\n" + - "Cookie: name=value\r\n" + - "Cookie:\r\n" + - "Connection: close\r\n" + - "\r\n"; - - _connector.getResponse(request); - - assertEquals("value", cookie[0]); - assertEquals(null, cookie[1]); - } - @Test public void testHashDOSKeys() throws Exception { diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SelectChannelServerSslTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/ServerConnectorSslServerTest.java similarity index 95% rename from jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SelectChannelServerSslTest.java rename to jetty-server/src/test/java/org/eclipse/jetty/server/ssl/ServerConnectorSslServerTest.java index bdf73a5dd600..800eee2293d6 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SelectChannelServerSslTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/ServerConnectorSslServerTest.java @@ -53,8 +53,8 @@ import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.hamcrest.Matchers; +import org.junit.jupiter.api.Assumptions; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.condition.DisabledOnOs; @@ -67,13 +67,13 @@ import static org.junit.jupiter.api.condition.OS.WINDOWS; /** - * HttpServer Tester. + * HttpServer Tester for SSL based ServerConnector */ -public class SelectChannelServerSslTest extends HttpServerTestBase +public class ServerConnectorSslServerTest extends HttpServerTestBase { private SSLContext _sslContext; - public SelectChannelServerSslTest() + public ServerConnectorSslServerTest() { _scheme = "https"; } @@ -234,16 +234,15 @@ public void testRequest2FixedFragments() throws Exception @Override @Test - @Disabled("Override and ignore this test as SSLSocket.shutdownOutput() is not supported, " + - "but shutdownOutput() is needed by the test.") public void testInterruptedRequest() { + Assumptions.assumeFalse(_serverURI.getScheme().equals("https"), "SSLSocket.shutdownOutput() is not supported, but shutdownOutput() is needed by the test"); } @Override - @Disabled - public void testAvailable() throws Exception + public void testAvailable() { + Assumptions.assumeFalse(_serverURI.getScheme().equals("https"), "SSLSocket available() is not supported"); } @Test