OpenJDK / jdk / jdk
changeset 51771:1f805481d8de
8209031: SSLSocket should throw an exception when configuring DTLS
Reviewed-by: xuelei
| author | ascarpino |
|---|---|
| date | Mon, 17 Sep 2018 14:04:46 -0700 |
| parents | b19734760ed3 |
| children | 5432cebf6627 |
| files | src/java.base/share/classes/javax/net/ssl/SSLServerSocketFactory.java src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSDefaultProtocols.java test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSServerDefaultProtocols.java test/jdk/sun/security/ssl/SSLContextImpl/DefaultDTLSEnabledProtocols.java |
| diffstat | 6 files changed, 70 insertions(+), 166 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.base/share/classes/javax/net/ssl/SSLServerSocketFactory.java Mon Sep 17 13:43:22 2018 -0700 +++ b/src/java.base/share/classes/javax/net/ssl/SSLServerSocketFactory.java Mon Sep 17 14:04:46 2018 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -112,7 +112,7 @@ try { return SSLContext.getDefault().getServerSocketFactory(); - } catch (NoSuchAlgorithmException e) { + } catch (NoSuchAlgorithmException | UnsupportedOperationException e) { return new DefaultSSLServerSocketFactory(e); } }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java Mon Sep 17 13:43:22 2018 -0700 +++ b/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java Mon Sep 17 14:04:46 2018 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -121,7 +121,7 @@ try { return SSLContext.getDefault().getSocketFactory(); - } catch (NoSuchAlgorithmException e) { + } catch (NoSuchAlgorithmException | UnsupportedOperationException e) { return new DefaultSSLSocketFactory(e); } }
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Mon Sep 17 13:43:22 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java Mon Sep 17 14:04:46 2018 -0700 @@ -207,6 +207,10 @@ if (!isInitialized) { throw new IllegalStateException("SSLContext is not initialized"); } + if (isDTLS()) { + throw new UnsupportedOperationException( + "DTLS not supported with SSLSocket"); + } return new SSLSocketFactoryImpl(this); } @@ -215,6 +219,10 @@ if (!isInitialized) { throw new IllegalStateException("SSLContext is not initialized"); } + if (isDTLS()) { + throw new UnsupportedOperationException( + "DTLS not supported with SSLServerSocket"); + } return new SSLServerSocketFactoryImpl(this); } @@ -1262,6 +1270,21 @@ } @Override + protected SSLParameters engineGetDefaultSSLParameters() { + SSLEngine engine = createSSLEngineImpl(); + return engine.getSSLParameters(); + } + + @Override + protected SSLParameters engineGetSupportedSSLParameters() { + SSLEngine engine = createSSLEngineImpl(); + SSLParameters params = new SSLParameters(); + params.setCipherSuites(engine.getSupportedCipherSuites()); + params.setProtocols(engine.getSupportedProtocols()); + return params; + } + + @Override List<ProtocolVersion> getSupportedProtocolVersions() { return supportedProtocols; }
--- a/test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSDefaultProtocols.java Mon Sep 17 13:43:22 2018 -0700 +++ b/test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSDefaultProtocols.java Mon Sep 17 14:04:46 2018 -0700 @@ -191,33 +191,13 @@ // Check SSLParameters of SSLSocket System.out.println(); System.out.println("\tChecking SSLSocket of this SSLContext"); - System.out.println("\tChecking SSLSocket.getSSLParameters()"); - SocketFactory fac = context.getSocketFactory(); - SSLSocket socket = (SSLSocket)fac.createSocket(); - parameters = socket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.enabledProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getEnabledProtocols()"); - protocols = socket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.enabledProtocols); - - System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()"); - ciphers = socket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getSupportedProtocols()"); - protocols = socket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println( - "\tChecking SSLEngine.getSupportedCipherSuites()"); - ciphers = socket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getSocketFactory(); + failed = true; + System.out.println("SSLSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } // // Check SSLServerSocket @@ -225,33 +205,13 @@ // Check SSLParameters of SSLServerSocket System.out.println(); System.out.println("\tChecking SSLServerSocket of this SSLContext"); - System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); - SSLServerSocketFactory sf = context.getServerSocketFactory(); - SSLServerSocket ssocket = (SSLServerSocket)sf.createServerSocket(); - parameters = ssocket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getEnabledProtocols()"); - protocols = ssocket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()"); - ciphers = ssocket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getSupportedProtocols()"); - protocols = ssocket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println( - "\tChecking SSLEngine.getSupportedCipherSuites()"); - ciphers = ssocket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getServerSocketFactory(); + failed = true; + System.out.println("SSLServerSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } } if (failed) {
--- a/test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSServerDefaultProtocols.java Mon Sep 17 13:43:22 2018 -0700 +++ b/test/jdk/sun/security/ssl/SSLContextImpl/CustomizedDTLSServerDefaultProtocols.java Mon Sep 17 14:04:46 2018 -0700 @@ -31,6 +31,7 @@ * CustomizedDTLSServerDefaultProtocols */ +import java.lang.UnsupportedOperationException; import java.security.NoSuchAlgorithmException; import java.security.Security; import java.util.Arrays; @@ -211,33 +212,13 @@ // Check SSLParameters of SSLSocket System.out.println(); System.out.println("\tChecking SSLSocket of this SSLContext"); - System.out.println("\tChecking SSLSocket.getSSLParameters()"); - SocketFactory fac = context.getSocketFactory(); - SSLSocket socket = (SSLSocket) fac.createSocket(); - parameters = socket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.clientEnabledProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLSocket.getEnabledProtocols()"); - protocols = socket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.clientEnabledProtocols); - - System.out.println("\tChecking SSLSocket.getEnabledCipherSuites()"); - ciphers = socket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLSocket.getSupportedProtocols()"); - protocols = socket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, supportedProtocols); - - System.out.println( - "\tChecking SSLSocket.getSupportedCipherSuites()"); - ciphers = socket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getSocketFactory(); + failed = true; + System.out.println("SSLSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } // // Check SSLServerSocket @@ -245,33 +226,13 @@ // Check SSLParameters of SSLServerSocket System.out.println(); System.out.println("\tChecking SSLServerSocket of this SSLContext"); - System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); - SSLServerSocketFactory sf = context.getServerSocketFactory(); - SSLServerSocket ssocket = (SSLServerSocket) sf.createServerSocket(); - parameters = ssocket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.serverEnabledProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getEnabledProtocols()"); - protocols = ssocket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.serverEnabledProtocols); - - System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()"); - ciphers = ssocket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getSupportedProtocols()"); - protocols = ssocket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, supportedProtocols); - - System.out.println( - "\tChecking SSLEngine.getSupportedCipherSuites()"); - ciphers = ssocket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getServerSocketFactory(); + failed = true; + System.out.println("SSLServerSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } if (failed) { throw new Exception("Run into problems, see log for more details");
--- a/test/jdk/sun/security/ssl/SSLContextImpl/DefaultDTLSEnabledProtocols.java Mon Sep 17 13:43:22 2018 -0700 +++ b/test/jdk/sun/security/ssl/SSLContextImpl/DefaultDTLSEnabledProtocols.java Mon Sep 17 14:04:46 2018 -0700 @@ -188,33 +188,13 @@ // Check SSLParameters of SSLSocket System.out.println(); System.out.println("\tChecking SSLSocket of this SSLContext"); - System.out.println("\tChecking SSLSocket.getSSLParameters()"); - SocketFactory fac = context.getSocketFactory(); - SSLSocket socket = (SSLSocket)fac.createSocket(); - parameters = socket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.enabledProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getEnabledProtocols()"); - protocols = socket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.enabledProtocols); - - System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()"); - ciphers = socket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getSupportedProtocols()"); - protocols = socket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println( - "\tChecking SSLEngine.getSupportedCipherSuites()"); - ciphers = socket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getSocketFactory(); + failed = true; + System.out.println("SSLSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } // // Check SSLServerSocket @@ -222,33 +202,13 @@ // Check SSLParameters of SSLServerSocket System.out.println(); System.out.println("\tChecking SSLServerSocket of this SSLContext"); - System.out.println("\tChecking SSLServerSocket.getSSLParameters()"); - SSLServerSocketFactory sf = context.getServerSocketFactory(); - SSLServerSocket ssocket = (SSLServerSocket)sf.createServerSocket(); - parameters = ssocket.getSSLParameters(); - - protocols = parameters.getProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - ciphers = parameters.getCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getEnabledProtocols()"); - protocols = ssocket.getEnabledProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()"); - ciphers = ssocket.getEnabledCipherSuites(); - failed |= !checkCipherSuites(ciphers); - - System.out.println("\tChecking SSLEngine.getSupportedProtocols()"); - protocols = ssocket.getSupportedProtocols(); - failed |= !checkProtocols(protocols, cv.supportedProtocols); - - System.out.println( - "\tChecking SSLEngine.getSupportedCipherSuites()"); - ciphers = ssocket.getSupportedCipherSuites(); - failed |= !checkCipherSuites(ciphers); + try { + context.getServerSocketFactory(); + failed = true; + System.out.println("SSLServerSocket returned a socket for DTLS"); + } catch (UnsupportedOperationException e) { + System.out.println("\t " + e.getMessage()); + } } if (failed) {