cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [cxf] 03/08: Adding wildcard test for hostname verification
Date Wed, 06 Jun 2018 19:30:52 GMT
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit e138a4fb3234490e21e237495d3a9538ee6eaa5f
Author: Colm O hEigeartaigh <coheigea@apache.org>
AuthorDate: Wed Jun 6 11:56:57 2018 +0100

    Adding wildcard test for hostname verification
    
    (cherry picked from commit c92ecbc590cad16315e0fb0c636b681d0abab9f5)
---
 .../HostnameVerificationDeprecatedTest.java        |  30 +++++++++++++++++++++
 .../https/hostname/HostnameVerificationTest.java   |  28 +++++++++++++++++++
 .../https/hostname/hostname-server-deprecated.xml  |  20 ++++++++++++++
 .../cxf/systest/https/hostname/hostname-server.xml |  30 +++++++++++++++++----
 testutils/src/test/resources/keys/subjalt.jks      | Bin 8891 -> 11103 bytes
 5 files changed, 103 insertions(+), 5 deletions(-)

diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationDeprecatedTest.java
b/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationDeprecatedTest.java
index 124a6dc..e5a322b 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationDeprecatedTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationDeprecatedTest.java
@@ -41,6 +41,7 @@ import org.junit.BeforeClass;
 public class HostnameVerificationDeprecatedTest extends AbstractBusClientServerTestBase {
     static final String PORT = allocatePort(HostnameVerificationDeprecatedServer.class);
     static final String PORT2 = allocatePort(HostnameVerificationDeprecatedServer.class,
2);
+    static final String PORT3 = allocatePort(HostnameVerificationDeprecatedServer.class,
3);
 
     @BeforeClass
     public static void startServers() throws Exception {
@@ -142,4 +143,33 @@ public class HostnameVerificationDeprecatedTest extends AbstractBusClientServerT
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
+
+    // No Subject Alternative Name, but the CN wildcard matches
+    @org.junit.Test
+    public void testNoSubjectAlternativeNameCNWildcardMatch() throws Exception {
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = HostnameVerificationTest.class.getResource("hostname-client.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        BusFactory.setDefaultBus(bus);
+        BusFactory.setThreadDefaultBus(bus);
+
+        URL url = SOAPService.WSDL_LOCATION;
+        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+        assertNotNull("Service is null", service);
+        final Greeter port = service.getHttpsPort();
+        assertNotNull("Port is null", port);
+
+        updateAddressPort(port, PORT3);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        // Enable Async
+        ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
 }
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationTest.java
b/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationTest.java
index 05a62e7..6aa8577 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/hostname/HostnameVerificationTest.java
@@ -221,4 +221,32 @@ public class HostnameVerificationTest extends AbstractBusClientServerTestBase
{
         bus.shutdown(true);
     }
 
+    // No Subject Alternative Name, but the CN wildcard matches
+    @org.junit.Test
+    public void testNoSubjectAlternativeNameCNWildcardMatch() throws Exception {
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = HostnameVerificationTest.class.getResource("hostname-client.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        BusFactory.setDefaultBus(bus);
+        BusFactory.setThreadDefaultBus(bus);
+
+        URL url = SOAPService.WSDL_LOCATION;
+        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+        assertNotNull("Service is null", service);
+        final Greeter port = service.getHttpsPort();
+        assertNotNull("Port is null", port);
+
+        updateAddressPort(port, PORT5);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        // Enable Async
+        ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
 }
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server-deprecated.xml
b/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server-deprecated.xml
index fc3a627..a776d09 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server-deprecated.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server-deprecated.xml
@@ -64,4 +64,24 @@
                      address="https://localhost:${testutil.ports.HostnameVerificationDeprecatedServer.2}/SoapContext/HttpsPort"

                      serviceName="s:SOAPService" 
                      endpointName="e:HttpsPort" depends-on="no-subject-alt-cn-match-settings"/>
+                     
+    <httpj:engine-factory id="no-subject-alt-cn-wildcard-match-settings">
+        <httpj:engine port="${testutil.ports.HostnameVerificationDeprecatedServer.3}">
+            <httpj:tlsServerParameters>
+                <sec:keyManagers keyPassword="security">
+                    <sec:keyStore type="jks" password="security" resource="keys/subjalt.jks"/>
+                </sec:keyManagers>
+                <sec:clientAuthentication want="false" required="false"/>
+                <sec:certAlias>nosubjaltcnmatchwildcard</sec:certAlias>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services"
+                     xmlns:s="http://apache.org/hello_world/services"
+                     id="NoSubjectAltCNWildcardMatch"
+                     implementor="org.apache.cxf.systest.http.GreeterImpl"
+                     address="https://localhost:${testutil.ports.HostnameVerificationDeprecatedServer.3}/SoapContext/HttpsPort"
+                     serviceName="s:SOAPService"
+                     endpointName="e:HttpsPort" depends-on="no-subject-alt-cn-wildcard-match-settings"/>
 </beans>
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server.xml
b/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server.xml
index b3137f0..3592ba8 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/hostname/hostname-server.xml
@@ -98,12 +98,32 @@
             </httpj:tlsServerParameters>
         </httpj:engine>
     </httpj:engine-factory>
-    
-    <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services" 
-                     xmlns:s="http://apache.org/hello_world/services" 
-                     id="NoSubjectAltNoCNMatch" 
-                     implementor="org.apache.cxf.systest.http.GreeterImpl" 
+
+    <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services"
+                     xmlns:s="http://apache.org/hello_world/services"
+                     id="NoSubjectAltNoCNMatch"
+                     implementor="org.apache.cxf.systest.http.GreeterImpl"
                      address="https://localhost:${testutil.ports.HostnameVerificationServer.4}/SoapContext/HttpsPort"

                      serviceName="s:SOAPService" 
                      endpointName="e:HttpsPort" depends-on="no-subject-alt-no-cn-match-settings"/>
+
+    <httpj:engine-factory id="no-subject-alt-cn-wildcard-match-settings">
+        <httpj:engine port="${testutil.ports.HostnameVerificationServer.5}">
+            <httpj:tlsServerParameters>
+                <sec:keyManagers keyPassword="security">
+                    <sec:keyStore type="jks" password="security" resource="keys/subjalt.jks"/>
+                </sec:keyManagers>
+                <sec:clientAuthentication want="false" required="false"/>
+                <sec:certAlias>nosubjaltcnmatchwildcard</sec:certAlias>
+            </httpj:tlsServerParameters>
+        </httpj:engine>
+    </httpj:engine-factory>
+
+    <jaxws:endpoint xmlns:e="http://apache.org/hello_world/services"
+                     xmlns:s="http://apache.org/hello_world/services"
+                     id="NoSubjectAltCNWildcardMatch"
+                     implementor="org.apache.cxf.systest.http.GreeterImpl"
+                     address="https://localhost:${testutil.ports.HostnameVerificationServer.5}/SoapContext/HttpsPort"
+                     serviceName="s:SOAPService"
+                     endpointName="e:HttpsPort" depends-on="no-subject-alt-cn-wildcard-match-settings"/>
 </beans>
diff --git a/testutils/src/test/resources/keys/subjalt.jks b/testutils/src/test/resources/keys/subjalt.jks
index fefac18..bd33b38 100644
Binary files a/testutils/src/test/resources/keys/subjalt.jks and b/testutils/src/test/resources/keys/subjalt.jks
differ

-- 
To stop receiving notification emails like this one, please contact
coheigea@apache.org.

Mime
View raw message