directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From trus...@apache.org
Subject svn commit: r365899 - in /directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server: LdapsTest.java support/ support/BogusSSLContextFactory.java support/BogusTrustManagerFactory.java support/SSLSocketFactory.java
Date Wed, 04 Jan 2006 12:24:39 GMT
Author: trustin
Date: Wed Jan  4 04:24:30 2006
New Revision: 365899

URL: http://svn.apache.org/viewcvs?rev=365899&view=rev
Log:
Successfully implemented LDAPS.


Added:
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java
  (with props)
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java
  (with props)
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java
  (with props)
Modified:
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java

Modified: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java?rev=365899&r1=365898&r2=365899&view=diff
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java
(original)
+++ directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java
Wed Jan  4 04:24:30 2006
@@ -16,8 +16,6 @@
  */
 package org.apache.ldap.server;
 
-
-import java.io.File;
 import java.io.FileOutputStream;
 import java.io.InputStream;
 import java.util.Hashtable;
@@ -30,6 +28,7 @@
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
 
+import org.apache.ldap.server.support.SSLSocketFactory;
 import org.apache.mina.util.AvailablePortFinder;
 
 
@@ -53,8 +52,11 @@
      */
     public void setUp() throws Exception
     {
+        doDelete( configuration.getWorkingDirectory() );
+        
         int ldapsPort = AvailablePortFinder.getNextAvailable( 8192 );
         configuration.setEnableLdaps( true );
+        configuration.setLdapsCertificatePassword( "boguspw" );
         configuration.setLdapsPort( ldapsPort );
 
         // Copy the bogus certificate to the certificates directory.
@@ -69,20 +71,23 @@
         {
             int c = in.read();
             if( c < 0 )
-            {
                 break;
+            {
             }
             out.write( c );
         }
 
         in.close();
         out.close();
-
+        
+        doDelete = false;
         super.setUp();
+        doDelete = true;
 
         Hashtable env = new Hashtable();
         env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
-        env.put( "java.naming.provider.url", "ldaps://localhost:" + ldapsPort + "/ou=system"
);
+        env.put( "java.naming.provider.url", "ldap://localhost:" + ldapsPort + "/ou=system"
);
+        env.put( "java.naming.ldap.factory.socket", SSLSocketFactory.class.getName() );
         env.put( "java.naming.security.principal", "uid=admin,ou=system" );
         env.put( "java.naming.security.credentials", "secret" );
         env.put( "java.naming.security.authentication", "simple" );

Added: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java?rev=365899&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java
Wed Jan  4 04:24:30 2006
@@ -0,0 +1,160 @@
+/*
+ *   @(#) $Id$
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.support;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+
+/**
+ * Factory to create a bougus SSLContext.
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev$, $Date$
+ */
+public class BogusSSLContextFactory
+{
+
+    /**
+     * Protocol to use.
+     */
+    private static final String PROTOCOL = "TLS";
+
+    /**
+     * Bougus Server certificate keystore file name.
+     */
+    private static final String BOGUS_KEYSTORE = "/bogus.cert";
+
+    // NOTE: The keystore was generated using keytool:
+    //   keytool -genkey -alias bogus -keysize 512 -validity 3650
+    //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
+    //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
+    //           -keypass boguspw -storepass boguspw -keystore bogus.cert
+
+    /**
+     * Bougus keystore password.
+     */
+    private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p',
+                                            'w' };
+
+    private static SSLContext serverInstance = null;
+
+    private static SSLContext clientInstance = null;
+
+    /**
+     * Get SSLContext singleton.
+     *
+     * @return SSLContext
+     * @throws java.security.GeneralSecurityException
+     *
+     */
+    public static SSLContext getInstance( boolean server )
+            throws GeneralSecurityException
+    {
+        SSLContext retInstance = null;
+        if( server )
+        {
+            if( serverInstance == null )
+            {
+                synchronized( BogusSSLContextFactory.class )
+                {
+                    if( serverInstance == null )
+                    {
+                        try
+                        {
+                            serverInstance = createBougusServerSSLContext();
+                        }
+                        catch( Exception ioe )
+                        {
+                            throw new GeneralSecurityException(
+                                    "Can't create Server SSLContext:" + ioe );
+                        }
+                    }
+                }
+            }
+            retInstance = serverInstance;
+        }
+        else
+        {
+            if( clientInstance == null )
+            {
+                synchronized( BogusSSLContextFactory.class )
+                {
+                    if( clientInstance == null )
+                    {
+                        clientInstance = createBougusClientSSLContext();
+                    }
+                }
+            }
+            retInstance = clientInstance;
+        }
+        return retInstance;
+    }
+
+    private static SSLContext createBougusServerSSLContext()
+            throws GeneralSecurityException, IOException
+    {
+        // Create keystore
+        KeyStore ks = KeyStore.getInstance( "JKS" );
+        InputStream in = null;
+        try
+        {
+            in = BogusSSLContextFactory.class
+                    .getResourceAsStream( BOGUS_KEYSTORE );
+            ks.load( in, BOGUS_PW );
+        }
+        finally
+        {
+            if( in != null )
+            {
+                try
+                {
+                    in.close();
+                }
+                catch( IOException ignored )
+                {
+                }
+            }
+        }
+
+        // Set up key manager factory to use our key store
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
+        kmf.init( ks, BOGUS_PW );
+
+        // Initialize the SSLContext to work with our key managers.
+        SSLContext sslContext = SSLContext.getInstance( PROTOCOL );
+        sslContext.init( kmf.getKeyManagers(),
+                BogusTrustManagerFactory.X509_MANAGERS, null );
+
+        return sslContext;
+    }
+
+    private static SSLContext createBougusClientSSLContext()
+            throws GeneralSecurityException
+    {
+        SSLContext context = SSLContext.getInstance( PROTOCOL );
+        context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null );
+        return context;
+    }
+
+}

Propchange: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusSSLContextFactory.java
------------------------------------------------------------------------------
    svn:keywords = HeadURL Id LastChangedBy LastChangedDate LastChangedRevision

Added: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java?rev=365899&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java
Wed Jan  4 04:24:30 2006
@@ -0,0 +1,81 @@
+/*
+ *   @(#) $Id$
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.support;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactorySpi;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * Bogus trust manager factory. Creates BogusX509TrustManager
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev$, $Date$
+ */
+class BogusTrustManagerFactory extends TrustManagerFactorySpi
+{
+
+    static final X509TrustManager X509 = new X509TrustManager()
+    {
+        public void checkClientTrusted( X509Certificate[] x509Certificates,
+                                       String s ) throws CertificateException
+        {
+        }
+
+        public void checkServerTrusted( X509Certificate[] x509Certificates,
+                                       String s ) throws CertificateException
+        {
+        }
+
+        public X509Certificate[] getAcceptedIssuers()
+        {
+            return new X509Certificate[ 0 ];
+        }
+    };
+
+    static final TrustManager[] X509_MANAGERS = new TrustManager[] { X509 };
+
+    public BogusTrustManagerFactory()
+    {
+    }
+
+    protected TrustManager[] engineGetTrustManagers()
+    {
+        return X509_MANAGERS;
+    }
+
+    protected void engineInit( KeyStore keystore ) throws KeyStoreException
+    {
+        // noop
+    }
+
+    protected void engineInit(
+                              ManagerFactoryParameters managerFactoryParameters )
+            throws InvalidAlgorithmParameterException
+    {
+        // noop
+    }
+}

Propchange: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/BogusTrustManagerFactory.java
------------------------------------------------------------------------------
    svn:keywords = HeadURL Id LastChangedBy LastChangedDate LastChangedRevision

Added: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java?rev=365899&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java
Wed Jan  4 04:24:30 2006
@@ -0,0 +1,142 @@
+/*
+ *   @(#) $Id$
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.support;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.GeneralSecurityException;
+
+import javax.net.SocketFactory;
+
+/**
+ * Simple Socket factory to create sockets with or without SSL enabled.
+ * If SSL enabled a "bougus" SSL Context is used (suitable for test purposes)
+ * 
+ * @version $Rev$, $Date$
+ */
+public class SSLSocketFactory extends SocketFactory
+{
+    private static boolean sslEnabled = true;
+
+    private static javax.net.ssl.SSLSocketFactory sslFactory = null;
+
+    private static javax.net.SocketFactory factory = null;
+
+    public static SocketFactory getDefault()
+    {
+        return new SSLSocketFactory();
+    }
+
+    public SSLSocketFactory()
+    {
+        super();
+    }
+
+    public Socket createSocket( String arg1, int arg2 ) throws IOException,
+            UnknownHostException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2 );
+        }
+    }
+
+    public Socket createSocket( String arg1, int arg2, InetAddress arg3,
+                               int arg4 ) throws IOException,
+            UnknownHostException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2, arg3, arg4 );
+        }
+    }
+
+    public Socket createSocket( InetAddress arg1, int arg2 )
+            throws IOException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2 );
+        }
+    }
+
+    public Socket createSocket( InetAddress arg1, int arg2, InetAddress arg3,
+                               int arg4 ) throws IOException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2, arg3, arg4 );
+        }
+    }
+
+    public static javax.net.SocketFactory getSocketFactory()
+    {
+        if( factory == null )
+        {
+            factory = new SSLSocketFactory();
+        }
+        return factory;
+    }
+
+    private javax.net.ssl.SSLSocketFactory getSSLFactory()
+    {
+        if( sslFactory == null )
+        {
+            try
+            {
+                sslFactory = BogusSSLContextFactory.getInstance( false )
+                        .getSocketFactory();
+            }
+            catch( GeneralSecurityException e )
+            {
+                throw new RuntimeException( "could not create SSL socket", e );
+            }
+        }
+        return sslFactory;
+    }
+
+    public static boolean isSslEnabled()
+    {
+        return sslEnabled;
+    }
+
+    public static void setSslEnabled( boolean newSslEnabled )
+    {
+        sslEnabled = newSslEnabled;
+    }
+
+}

Propchange: directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/support/SSLSocketFactory.java
------------------------------------------------------------------------------
    svn:keywords = HeadURL Id LastChangedBy LastChangedDate LastChangedRevision



Mime
View raw message