db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r547230 - in /db/derby/code/trunk/java: drda/org/apache/derby/drda/NetworkServerControl.java testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
Date Thu, 14 Jun 2007 12:29:50 GMT
Author: rhillegas
Date: Thu Jun 14 05:29:50 2007
New Revision: 547230

URL: http://svn.apache.org/viewvc?view=rev&rev=547230
Log:
DERBY-2811: Handle special 0.0.0.0 wildcard as host parameter when installing the server's
security manager.

Modified:
    db/derby/code/trunk/java/drda/org/apache/derby/drda/NetworkServerControl.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java

Modified: db/derby/code/trunk/java/drda/org/apache/derby/drda/NetworkServerControl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/drda/org/apache/derby/drda/NetworkServerControl.java?view=diff&rev=547230&r1=547229&r2=547230
==============================================================================
--- db/derby/code/trunk/java/drda/org/apache/derby/drda/NetworkServerControl.java (original)
+++ db/derby/code/trunk/java/drda/org/apache/derby/drda/NetworkServerControl.java Thu Jun
14 05:29:50 2007
@@ -177,6 +177,8 @@
 	private final static String DERBYNET_JAR = "derbynet.jar";
 	private final static String POLICY_FILENAME = "server.policy";
 	private final static String POLICY_FILE_PROPERTY = "java.security.policy";
+	private final static String DERBY_HOSTNAME_WILDCARD = "0.0.0.0";
+	private final static String SOCKET_PERMISSION_HOSTNAME_WILDCARD = "*";
 
     private NetworkServerControlImpl serverImpl;
 
@@ -581,8 +583,14 @@
         if ( PropertyUtil.getSystemProperty( Property.SYSTEM_HOME_PROPERTY ) == null )
         { System.setProperty( Property.SYSTEM_HOME_PROPERTY, PropertyUtil.getSystemProperty(
"user.dir" ) ); }
 
-        if ( PropertyUtil.getSystemProperty( Property.DRDA_PROP_HOSTNAME ) == null )
-        { System.setProperty( Property.DRDA_PROP_HOSTNAME, server.getHost() ); }
+        //
+        // Forcibly set the following property so that it will be correctly
+        // substituted into the default policy file. It is ok to force this
+        // property at this time because it has already been read
+        // (and if necessary overridden) by server.getPropertyInfo()
+        // followed by server.parseArgs().
+        //
+        System.setProperty( Property.DRDA_PROP_HOSTNAME, getHostNameForSocketPermission(
server ) );
 
         //
         // Forcibly set the following property. This is the parameter in
@@ -613,6 +621,27 @@
         server.consoleMessage( successMessage );
     }
 
+    /**
+     * Get the hostname as a value suitable for substituting into the
+     * default server policy file. The special
+     * wildcard value "0.0.0.0" is forced to be "*" since that is the wildcard
+     * hostname understood by SocketPermission. SocketPermission does
+     * not understand the "0.0.0.0" wildcard.
+     */
+    private static String  getHostNameForSocketPermission( NetworkServerControlImpl server
)
+        throws Exception
+    {
+        //
+        // By now, server.getPropertyInfo() has been called, followed by
+        // server.parseArgs(). So the server knows its hostname.
+        //
+        String  hostname = server.getHost();
+        
+        if ( DERBY_HOSTNAME_WILDCARD.equals( hostname ) ) { hostname = SOCKET_PERMISSION_HOSTNAME_WILDCARD;
}
+
+        return hostname;
+    }
+    
     /**
      *<p>
      * Find the url of the library directory which holds derby.jar and

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java?view=diff&rev=547230&r1=547229&r2=547230
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java
Thu Jun 14 05:29:50 2007
@@ -25,6 +25,8 @@
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.net.URL;
+import java.sql.Connection;
+import java.sql.DriverManager;
 import java.util.ArrayList;
 import java.util.Properties;
 
@@ -32,6 +34,7 @@
 import junit.framework.Test;
 import junit.framework.TestSuite;
 import org.apache.derbyTesting.junit.BaseTestCase;
+import org.apache.derbyTesting.junit.BaseJDBCTestCase;
 import org.apache.derbyTesting.junit.Derby;
 import org.apache.derbyTesting.junit.NetworkServerTestSetup;
 import org.apache.derbyTesting.junit.SecurityManagerSetup;
@@ -47,14 +50,22 @@
  * manager as expected.
  */
 
-public class SecureServerTest extends BaseTestCase
+public class SecureServerTest extends BaseJDBCTestCase
 {
     ///////////////////////////////////////////////////////////////////////////////////
     //
     // CONSTANTS
     //
     ///////////////////////////////////////////////////////////////////////////////////
+
+    // basic properties file which tests that properties are picked up from derby.properties
+    private static  final   String  BASIC = "functionTests/tests/derbynet/SecureServerTest.derby.properties";
+
+    private static  final   String  SST_USER_NAME="MARY";
+    private static  final   String  SST_PASSWORD = "marypwd";
     
+    private static  final   String  DERBY_HOSTNAME_WILDCARD = "0.0.0.0";
+
     ///////////////////////////////////////////////////////////////////////////////////
     //
     // INNER CLASSES
@@ -100,7 +111,8 @@
     // startup state
     private boolean _unsecureSet;
     private boolean _authenticationRequired;
-    private boolean _useCustomDerbyProperties;
+    private String   _customDerbyProperties;
+    private boolean _useWildCardHost;
 
     // expected outcomes
     private Outcome _outcome;
@@ -119,7 +131,8 @@
         (
          boolean unsecureSet,
          boolean authenticationRequired,
-         boolean useCustomDerbyProperties,
+         String     customDerbyProperties,
+         boolean    useWildCardHost,
 
          Outcome    outcome
         )
@@ -128,7 +141,8 @@
 
          _unsecureSet =  unsecureSet;
          _authenticationRequired =  authenticationRequired;
-         _useCustomDerbyProperties = useCustomDerbyProperties;
+         _customDerbyProperties = customDerbyProperties;
+         _useWildCardHost = useWildCardHost;
 
          _outcome = outcome;
 
@@ -159,16 +173,18 @@
 
         // O = Overriden
         // A = Authenticated
-        // C = using Custom properties
+        // C = Custom properties
+        // W = Use wildcard host
         //
-        //      .addTest( decorateTest( O,        A,       C,    Outcome ) );
+        //      .addTest( decorateTest( O,        A,       C,    W,    Outcome ) );
         //
 
-        suite.addTest( decorateTest( false,  false, false, RUNNING_SECURITY_BOOTED ) );
-        suite.addTest( decorateTest( false,  false, true, RUNNING_SECURITY_BOOTED ) );
-        suite.addTest( decorateTest( false,  true, false, RUNNING_SECURITY_BOOTED ) );
-        suite.addTest( decorateTest( true,  false, false, RUNNING_SECURITY_NOT_BOOTED ) );
-        suite.addTest( decorateTest( true,  true, false, RUNNING_SECURITY_NOT_BOOTED ) );
+        suite.addTest( decorateTest( false,  false, null, false, RUNNING_SECURITY_BOOTED
) );
+        suite.addTest( decorateTest( false,  false, BASIC, false, RUNNING_SECURITY_BOOTED
) );
+        suite.addTest( decorateTest( false,  true, null, false, RUNNING_SECURITY_BOOTED )
);
+        suite.addTest( decorateTest( false,  true, null, true, RUNNING_SECURITY_BOOTED )
);
+        suite.addTest( decorateTest( true,  false, null, false, RUNNING_SECURITY_NOT_BOOTED
) );
+        suite.addTest( decorateTest( true,  true, null, false, RUNNING_SECURITY_NOT_BOOTED
) );
         
         return suite;
     }
@@ -198,7 +214,8 @@
         (
          boolean unsecureSet,
          boolean authenticationRequired,
-         boolean useCustomDerbyProperties,
+         String customDerbyProperties,
+         boolean    useWildCardHost,
          
          Outcome outcome
         )
@@ -207,13 +224,14 @@
             (
              unsecureSet,
              authenticationRequired,
-             useCustomDerbyProperties,
+             customDerbyProperties,
+             useWildCardHost,
 
              outcome
             );
 
-        String[]        startupProperties = getStartupProperties( authenticationRequired,
useCustomDerbyProperties );
-        String[]        startupArgs = getStartupArgs( unsecureSet );
+        String[]        startupProperties = getStartupProperties( authenticationRequired,
customDerbyProperties );
+        String[]        startupArgs = getStartupArgs( unsecureSet, useWildCardHost );
 
         NetworkServerTestSetup networkServerTestSetup =
                 new NetworkServerTestSetup
@@ -232,7 +250,7 @@
             SecurityManagerSetup.noSecurityManager(networkServerTestSetup);
 
         // if using the custom derby.properties, copy the custom properties to a visible
place
-        if ( useCustomDerbyProperties )
+        if ( customDerbyProperties != null )
         {
             testSetup = new SupportFilesSetup
                 (
@@ -251,10 +269,10 @@
 
     /**
      * <p>
-     * Return n array of startup args suitable for booting a server.
+     * Return an array of startup args suitable for booting a server.
      * </p>
      */
-    private static  String[]    getStartupArgs( boolean setUnsecureOption )
+    private static  String[]    getStartupArgs( boolean setUnsecureOption, boolean useWildCardHost
)
     {
         ArrayList       list = new ArrayList();
 
@@ -263,6 +281,12 @@
             list.add( "-noSecurityManager" );
         }
         
+        if ( useWildCardHost )
+        {
+            list.add( NetworkServerTestSetup.HOST_OPTION );
+            list.add( DERBY_HOSTNAME_WILDCARD );
+        }
+        
         String[]    result = new String[ list.size() ];
 
         list.toArray( result );
@@ -275,16 +299,18 @@
      * Return a set of startup properties suitable for SystemPropertyTestSetup.
      * </p>
      */
-    private static  String[]  getStartupProperties( boolean authenticationRequired, boolean
useCustomDerbyProperties )
+    private static  String[]  getStartupProperties( boolean authenticationRequired, String
customDerbyProperties )
     {
         ArrayList       list = new ArrayList();
 
         if ( authenticationRequired )
         {
             list.add( "derby.connection.requireAuthentication=true" );
+            list.add( "derby.authentication.provider=BUILTIN" );
+            list.add( "derby.user." + SST_USER_NAME + "=" + SST_PASSWORD );
         }
 
-        if ( useCustomDerbyProperties )
+        if ( customDerbyProperties != null )
         {
             list.add( "derby.system.home=extinout" );
         }
@@ -316,6 +342,31 @@
         assertEquals( myName + ": serverCameUp = " + serverCameUp, _outcome.serverShouldComeUp(),
serverCameUp );
         
         assertTrue( myName + "\nExpected: " + _outcome.expectedServerOutput() + "\nBut saw:
" + serverOutput , outputOK );
+
+        //
+        // make sure that the default policy lets us connect to the server if the hostname
was
+        // wildcarded (DERBY-2811)
+        //
+        if ( _authenticationRequired && _useWildCardHost ) { connectToServer(); }
+    }
+
+    private void    connectToServer()
+        throws Exception
+    {
+        String  url =
+            "jdbc:derby://localhost:" + getTestConfiguration().getPort() + "/" + "wombat;create=true"
+
+            ";user=" + SST_USER_NAME + ";password=" + SST_PASSWORD;
+
+        println( "XXX in connectToServer(). url = " + url );
+
+        // just try to get a connection
+        Class.forName( "org.apache.derby.jdbc.ClientDriver" );
+        
+        Connection  conn = DriverManager.getConnection(  url );
+
+        assertNotNull( "Connection should not be null...", conn );
+
+        conn.close();
     }
 
     ///////////////////////////////////////////////////////////////////////////////////
@@ -331,7 +382,8 @@
         buffer.append( "SecureServerTest( " );
         buffer.append( "Opened = " ); buffer.append( _unsecureSet);
         buffer.append( ", Authenticated= " ); buffer.append( _authenticationRequired );
-        buffer.append( ", CustomDerbyProperties= " ); buffer.append( _useCustomDerbyProperties
);
+        buffer.append( ", CustomDerbyProperties= " ); buffer.append( _customDerbyProperties
);
+        buffer.append( ", UsingWildCardHost= " ); buffer.append( _useWildCardHost );
         buffer.append( " )" );
 
         return buffer.toString();

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java?view=diff&rev=547230&r1=547229&r2=547230
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java
Thu Jun 14 05:29:50 2007
@@ -28,6 +28,7 @@
 import java.io.PrintWriter;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.util.ArrayList;
 import junit.extensions.TestSetup;
 import junit.framework.Test;
 import org.apache.derby.drda.NetworkServerControl;
@@ -57,6 +58,8 @@
     /** Sleep for 500 ms before pinging the network server (again) */
     private static final int SLEEP_TIME = 500;
 
+    public static final String HOST_OPTION = "-h";
+
     private static  long    waitTime = WAIT_TIME;
     
     private FileOutputStream serverOutput;
@@ -157,7 +160,7 @@
         new Runnable() {
             public void run() {
 
-                String[]    args = getDefaultStartupArgs();
+                String[]    args = getDefaultStartupArgs( false );
                 
                 org.apache.derby.drda.NetworkServerControl.main( args );
             }
@@ -169,6 +172,7 @@
     {
         StringBuffer    buffer = new StringBuffer();
         String              classpath = BaseTestCase.getSystemProperty( "java.class.path"
);
+        boolean         skipHostName = false;
 
         buffer.append( "java -classpath " );
         buffer.append( classpath );
@@ -183,7 +187,15 @@
 
         buffer.append( " org.apache.derby.drda.NetworkServerControl " );
 
-        String[]    defaultArgs = getDefaultStartupArgs();
+        count = startupArgs.length;
+        for ( int i = 0; i < count; i++ )
+        {
+            // if the special startup args override the hostname, then don't
+            // specify it twice
+            if ( HOST_OPTION.equals( startupArgs[ i ] ) ) { skipHostName = true; }
+        }
+
+        String[]    defaultArgs = getDefaultStartupArgs( skipHostName );
 
         count = defaultArgs.length;
         for ( int i = 0; i < count; i++ )
@@ -201,6 +213,8 @@
 
         final   String  command = buffer.toString();
 
+        //System.out.println( "XXX server startup command = " + command );
+
         Process     serverProcess = (Process) AccessController.doPrivileged
             (
              new PrivilegedAction()
@@ -246,7 +260,14 @@
             }
       
             if (running)
-                networkServerController.shutdown();
+            {
+                try {
+                    networkServerController.shutdown();
+                } catch (Throwable t)
+                {
+                    t.printStackTrace( System.out );
+                }
+            }
  
             if ( serverOutput != null ) { serverOutput.close(); }
             networkServerController = null;
@@ -262,29 +283,31 @@
     /**
      * Get the default command arguments for booting the network server.
      */
-    public  static String[] getDefaultStartupArgs()
+    public  static String[] getDefaultStartupArgs( boolean skipHostName )
     {
         TestConfiguration config = TestConfiguration.getCurrent();
-        
-        if (config.getSsl() == null) {
-            return new String[] {
-                "start",
-                "-h",
-                config.getHostName(),
-                "-p",
-                Integer.toString(config.getPort())
-            };
-        } else {
-            return new String[] {
-                "start",
-                "-h",
-                config.getHostName(),
-                "-p",
-                Integer.toString(config.getPort()),
-                "-ssl",
-                config.getSsl()
-            };
+        ArrayList               argsList = new ArrayList();
+
+        argsList.add( "start" );
+
+        if ( !skipHostName )
+        {
+            argsList.add( HOST_OPTION );
+            argsList.add( config.getHostName() );
+        }
+        argsList.add( "-p" );
+        argsList.add( Integer.toString(config.getPort() ) );
+
+        if (config.getSsl() != null) {
+            argsList.add( "-ssl" );
+            argsList.add( config.getSsl( ) );
         }
+
+        String[]    retval = new String[ argsList.size() ];
+
+        argsList.toArray( retval );
+
+        return retval;
     }
     
     /* Network Server Control */
@@ -364,7 +387,17 @@
             try {
                 networkServerController.ping();
                 return true;
-            } catch (Exception e) {
+            } catch (Throwable e) {
+                if ( !vetPing( e ) )
+                {
+                    e.printStackTrace( System.out );
+
+                    // at this point, we don't have the usual "server not up
+                    // yet" error. get out. at this point, you may have to
+                    // manually kill the server.
+
+                    return false;
+                }
                 if (System.currentTimeMillis() - startTime > waitTime) {
                     return false;
                 }
@@ -381,11 +414,31 @@
                 } catch (IllegalThreadStateException e) {
                     // This exception is thrown by Process.exitValue() if the
                     // process has not terminated. Keep on pinging the server.
+                } catch (Throwable t) {
+                    // something unfortunate happened
+                    t.printStackTrace( System.out );
+                    return false;
                 }
             }
         }
     }
 
+    // return false if ping returns an error other than "server not up yet"
+    private static  boolean vetPing( Throwable t )
+    {
+        if ( !t.getClass().getName().equals( "java.lang.Exception" ) ) { return false; }
+        
+        return ( t.getMessage().startsWith( "DRDA_NoIO.S:Could not connect to Derby Network
Server" ) );
+    }
+    
+    // return true if this is a drda error
+    private static  boolean isDRDAerror( Throwable t )
+    {
+        if ( !t.getClass().getName().equals( "java.lang.Exception" ) ) { return false; }
+        
+        return ( t.getMessage().startsWith( "DRDA" ) );
+    }
+    
     public static boolean pingForServerStart(NetworkServerControl control)
         throws InterruptedException
     {



Mime
View raw message