qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rob...@apache.org
Subject [2/4] qpid-jms git commit: add test using a different trust store, verify connection to server using regular key fails
Date Fri, 13 Mar 2015 18:51:15 GMT
add test using a different trust store, verify connection to server using regular key fails


Project: http://git-wip-us.apache.org/repos/asf/qpid-jms/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-jms/commit/18d3ec6c
Tree: http://git-wip-us.apache.org/repos/asf/qpid-jms/tree/18d3ec6c
Diff: http://git-wip-us.apache.org/repos/asf/qpid-jms/diff/18d3ec6c

Branch: refs/heads/master
Commit: 18d3ec6cba580eeebf52fa4adb22221dca53cfae
Parents: cd8ac4f
Author: Robert Gemmell <robbie@apache.org>
Authored: Fri Mar 13 18:27:30 2015 +0000
Committer: Robert Gemmell <robbie@apache.org>
Committed: Fri Mar 13 18:47:51 2015 +0000

----------------------------------------------------------------------
 .../jms/transports/netty/NettyEchoServer.java   |  2 +-
 .../transports/netty/NettySslTransportTest.java | 31 ++++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/18d3ec6c/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettyEchoServer.java
----------------------------------------------------------------------
diff --git a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettyEchoServer.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettyEchoServer.java
index ae064a4..fff2323 100644
--- a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettyEchoServer.java
+++ b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettyEchoServer.java
@@ -153,7 +153,7 @@ public class NettyEchoServer implements AutoCloseable {
                 handler.handshakeFuture().addListener(new GenericFutureListener<Future<Channel>>()
{
                     @Override
                     public void operationComplete(Future<Channel> future) throws Exception
{
-                        LOG.info("SSL handshake completed successfully");
+                        LOG.info("SSL handshake completed. Succeeded: " + future.isSuccess());
                     }
                 });
             }

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/18d3ec6c/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
----------------------------------------------------------------------
diff --git a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
index 8b25e5f..e43a499 100644
--- a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
+++ b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
@@ -42,6 +42,8 @@ public class NettySslTransportTest extends NettyTcpTransportTest {
     public static final String SERVER_KEYSTORE = "src/test/resources/broker-jks.keystore";
     public static final String SERVER_WRONG_HOST_KEYSTORE = "src/test/resources/broker-wrong-host-jks.keystore";
     public static final String CLIENT_TRUSTSTORE = "src/test/resources/client-jks.truststore";
+    public static final String OTHER_CA_TRUSTSTORE = "src/test/resources/other-ca-jks.truststore";
+
     public static final String KEYSTORE_TYPE = "jks";
 
     @Override
@@ -79,6 +81,35 @@ public class NettySslTransportTest extends NettyTcpTransportTest {
     }
 
     @Test(timeout = 60 * 1000)
+    public void testConnectToServerUsingUntrustedKeyFails() throws Exception {
+        try (NettyEchoServer server = new NettyEchoServer(createServerOptions())) {
+            server.start();
+
+            int port = server.getServerPort();
+            URI serverLocation = new URI("tcp://localhost:" + port);
+
+            TransportSslOptions options = TransportSslOptions.INSTANCE.clone();
+
+            options.setTrustStoreLocation(OTHER_CA_TRUSTSTORE);
+            options.setTrustStorePassword(PASSWORD);
+            options.setStoreType(KEYSTORE_TYPE);
+            options.setVerifyHost(false);
+
+            Transport transport = createTransport(serverLocation, testListener, options);
+            try {
+                transport.connect();
+                fail("Should not have connected to the server");
+            } catch (Exception e) {
+                LOG.info("Connection failed to untrusted test server.");
+            }
+
+            assertFalse(transport.isConnected());
+
+            transport.close();
+        }
+    }
+
+    @Test(timeout = 60 * 1000)
     public void testConnectToServerClientTrustsAll() throws Exception {
         try (NettyEchoServer server = new NettyEchoServer(createServerOptions())) {
             server.start();


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message