tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1066759 - in /tomcat/trunk/test/org/apache/tomcat/util/net: TestSsl.java TesterSupport.java
Date Thu, 03 Feb 2011 08:44:37 GMT
Author: markt
Date: Thu Feb  3 08:44:37 2011
New Revision: 1066759

URL: http://svn.apache.org/viewvc?rev=1066759&view=rev
Log:
Factor out support code prior to splitting up the TestSsl class

Added:
    tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java   (with props)
Modified:
    tomcat/trunk/test/org/apache/tomcat/util/net/TestSsl.java

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/TestSsl.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/TestSsl.java?rev=1066759&r1=1066758&r2=1066759&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/TestSsl.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/TestSsl.java Thu Feb  3 08:44:37 2011
@@ -20,15 +20,12 @@ import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.security.cert.X509Certificate;
 
 import javax.net.ssl.HandshakeCompletedEvent;
 import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
 
 import org.apache.catalina.startup.Tomcat;
 import org.apache.catalina.startup.TomcatBaseTest;
@@ -41,55 +38,15 @@ import org.apache.tomcat.util.buf.ByteCh
  *  CN: localhost ( for hostname validation )
  */
 public class TestSsl extends TomcatBaseTest {
-    static TrustManager[] trustAllCerts = new TrustManager[] { 
-        new X509TrustManager() { 
-            @Override
-            public X509Certificate[] getAcceptedIssuers() { 
-                return null;
-            }
-            @Override
-            public void checkClientTrusted(X509Certificate[] certs,
-                    String authType) {
-                // NOOP - Trust everything
-            }
-            @Override
-            public void checkServerTrusted(X509Certificate[] certs,
-                    String authType) {
-                // NOOP - Trust everything
-            }
-        }
-    };
-
-    private void initSsl(Tomcat tomcat) {
-        String protocol = tomcat.getConnector().getProtocolHandlerClassName();
-        if (protocol.indexOf("Apr") == -1) {
-            tomcat.getConnector().setProperty("sslProtocol", "tls");
-            File keystoreFile = new File(
-                    "test/org/apache/catalina/startup/test.keystore");
-            tomcat.getConnector().setAttribute("keystoreFile",
-                    keystoreFile.getAbsolutePath());
-        } else {
-            File keystoreFile = new File(
-                    "test/org/apache/catalina/startup/test-cert.pem");
-            tomcat.getConnector().setAttribute("SSLCertificateFile",
-                    keystoreFile.getAbsolutePath());
-            keystoreFile = new File(
-                    "test/org/apache/catalina/startup/test-key.pem");
-            tomcat.getConnector().setAttribute("SSLCertificateKeyFile",
-                    keystoreFile.getAbsolutePath());
-        }
-        tomcat.getConnector().setSecure(true);            
-        tomcat.getConnector().setProperty("SSLEnabled", "true");
 
-    }
-    
     public void testSimpleSsl() throws Exception {
         // Install the all-trusting trust manager so https:// works 
         // with unsigned certs. 
 
         try {
             SSLContext sc = SSLContext.getInstance("SSL");
-            sc.init(null, trustAllCerts, new java.security.SecureRandom());
+            sc.init(null, TesterSupport.TRUST_ALL_CERTS,
+                    new java.security.SecureRandom());
             javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
                     sc.getSocketFactory());
         } catch (Exception e) {
@@ -101,7 +58,7 @@ public class TestSsl extends TomcatBaseT
         File appDir = new File(getBuildDirectory(), "webapps/examples");
         tomcat.addWebapp(null, "/examples", appDir.getAbsolutePath());
         
-        initSsl(tomcat);
+        TesterSupport.initSsl(tomcat);
 
         tomcat.start();
         ByteChunk res = getUrl("https://localhost:" + getPort() +
@@ -118,13 +75,14 @@ public class TestSsl extends TomcatBaseT
         // app dir is relative to server home
         tomcat.addWebapp(null, "/examples", appDir.getAbsolutePath());
 
-        initSsl(tomcat);
+        TesterSupport.initSsl(tomcat);
 
         // Default - MITM attack prevented
         
         tomcat.start();
         SSLContext sslCtx = SSLContext.getInstance("TLS");
-        sslCtx.init(null, trustAllCerts, new java.security.SecureRandom());
+        sslCtx.init(null, TesterSupport.TRUST_ALL_CERTS,
+                new java.security.SecureRandom());
         SSLSocketFactory socketFactory = sslCtx.getSocketFactory();
         SSLSocket socket = (SSLSocket) socketFactory.createSocket("localhost", getPort());
 
@@ -182,7 +140,7 @@ public class TestSsl extends TomcatBaseT
         // app dir is relative to server home
         tomcat.addWebapp(null, "/examples", appDir.getAbsolutePath());
 
-        initSsl(tomcat);
+        TesterSupport.initSsl(tomcat);
         
         // Enable MITM attack
         tomcat.getConnector().setAttribute("allowUnsafeLegacyRenegotiation", "true");
@@ -198,7 +156,7 @@ public class TestSsl extends TomcatBaseT
         }
 
         SSLContext sslCtx = SSLContext.getInstance("TLS");
-        sslCtx.init(null, trustAllCerts, new java.security.SecureRandom());
+        sslCtx.init(null, TesterSupport.TRUST_ALL_CERTS, new java.security.SecureRandom());
         SSLSocketFactory socketFactory = sslCtx.getSocketFactory();
         SSLSocket socket = (SSLSocket) socketFactory.createSocket("localhost", getPort());
 

Added: tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java?rev=1066759&view=auto
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java (added)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java Thu Feb  3 08:44:37 2011
@@ -0,0 +1,68 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.net;
+
+import java.io.File;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.catalina.startup.Tomcat;
+
+public final class TesterSupport {
+    protected static final TrustManager[] TRUST_ALL_CERTS = new TrustManager[] { 
+        new X509TrustManager() { 
+            @Override
+            public X509Certificate[] getAcceptedIssuers() { 
+                return null;
+            }
+            @Override
+            public void checkClientTrusted(X509Certificate[] certs,
+                    String authType) {
+                // NOOP - Trust everything
+            }
+            @Override
+            public void checkServerTrusted(X509Certificate[] certs,
+                    String authType) {
+                // NOOP - Trust everything
+            }
+        }
+    };
+
+    protected static void initSsl(Tomcat tomcat) {
+        String protocol = tomcat.getConnector().getProtocolHandlerClassName();
+        if (protocol.indexOf("Apr") == -1) {
+            tomcat.getConnector().setProperty("sslProtocol", "tls");
+            File keystoreFile = new File(
+                    "test/org/apache/catalina/startup/test.keystore");
+            tomcat.getConnector().setAttribute("keystoreFile",
+                    keystoreFile.getAbsolutePath());
+        } else {
+            File keystoreFile = new File(
+                    "test/org/apache/catalina/startup/test-cert.pem");
+            tomcat.getConnector().setAttribute("SSLCertificateFile",
+                    keystoreFile.getAbsolutePath());
+            keystoreFile = new File(
+                    "test/org/apache/catalina/startup/test-key.pem");
+            tomcat.getConnector().setAttribute("SSLCertificateKeyFile",
+                    keystoreFile.getAbsolutePath());
+        }
+        tomcat.getConnector().setSecure(true);            
+        tomcat.getConnector().setProperty("SSLEnabled", "true");
+    }
+}

Propchange: tomcat/trunk/test/org/apache/tomcat/util/net/TesterSupport.java
------------------------------------------------------------------------------
    svn:eol-style = native



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message