From 1c31d87035ddc423b83689181f1f75a0cbcc95d8 Mon Sep 17 00:00:00 2001 From: Goetz Lindenmaier Date: Wed, 22 Jun 2022 11:55:31 +0000 Subject: [PATCH 1/2] 8266881: Enable debug log for SSLEngineExplorerMatchedSNI.java Backport-of: 266702451db57c4f006f22601288174cc0613339 --- .../javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java index b9854dd3e94..21f652b50c1 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -71,7 +71,7 @@ public class SSLEngineExplorerMatchedSNI extends SSLEngineService { /* * Turn on SSL debugging? */ - static boolean debug = false; + static boolean debug = true; /* * Define the server side of the test. From dab832aa694c942e85951df0bb2f40531e9ee0ca Mon Sep 17 00:00:00 2001 From: Goetz Lindenmaier Date: Sun, 16 Oct 2022 18:06:50 +0000 Subject: [PATCH 2/2] Backpoer 8138382780b16f4184ad5bbfe07ab2468afe71a8 --- .../javax/net/ssl/SSLEngine/LargePacket.java | 9 ++-- .../net/ssl/SSLEngine/SSLEngineService.java | 42 +++++++++---------- .../net/ssl/ServerName/SSLEngineExplorer.java | 8 ++-- .../SSLEngineExplorerMatchedSNI.java | 8 ++-- .../SSLEngineExplorerUnmatchedSNI.java | 8 ++-- .../ServerName/SSLEngineExplorerWithCli.java | 8 ++-- .../ServerName/SSLEngineExplorerWithSrv.java | 8 ++-- 7 files changed, 46 insertions(+), 45 deletions(-) diff --git a/jdk/test/javax/net/ssl/SSLEngine/LargePacket.java b/jdk/test/javax/net/ssl/SSLEngine/LargePacket.java index 33f2c4f49ba..c04eaf92cb0 100644 --- a/jdk/test/javax/net/ssl/SSLEngine/LargePacket.java +++ b/jdk/test/javax/net/ssl/SSLEngine/LargePacket.java @@ -38,6 +38,7 @@ */ import javax.net.ssl.*; +import java.nio.ByteBuffer; import java.nio.channels.*; import java.net.*; @@ -93,10 +94,10 @@ void doServerSide() throws Exception { } // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -136,13 +137,13 @@ void doClientSide() throws Exception { } // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // close the socket channel. sc.close(); diff --git a/jdk/test/javax/net/ssl/SSLEngine/SSLEngineService.java b/jdk/test/javax/net/ssl/SSLEngine/SSLEngineService.java index d3ee14666c5..5b7d0c4e688 100644 --- a/jdk/test/javax/net/ssl/SSLEngine/SSLEngineService.java +++ b/jdk/test/javax/net/ssl/SSLEngine/SSLEngineService.java @@ -70,7 +70,7 @@ private void init(String pathToStores) { protected static void deliver(SSLEngine ssle, SocketChannel sc) throws Exception { - // create buufer. + // create buffer. int appBufferMax = ssle.getSession().getApplicationBufferSize(); int netBufferMax = ssle.getSession().getPacketBufferSize(); int length = appBufferMax * (Integer.SIZE / 8); @@ -128,7 +128,7 @@ protected static void deliver(SSLEngine ssle, SocketChannel sc) // maybe need to enlarge the local network packet buffer. int size = ssle.getSession().getPacketBufferSize(); if (size > localNetData.capacity()) { - System.out.println("resize destination buffer upto " + + System.out.println("send: resize destination buffer upto " + size + " bytes for BUFFER_OVERFLOW"); localNetData = enlargeBuffer(localNetData, size); } @@ -143,16 +143,14 @@ protected static void deliver(SSLEngine ssle, SocketChannel sc) // receive peer application data. - protected static void receive(SSLEngine ssle, SocketChannel sc) - throws Exception { + protected static void receive(SSLEngine ssle, SocketChannel sc, + ByteBuffer peerNetData) throws Exception { - // create buufers. + // create buffer. int appBufferMax = ssle.getSession().getApplicationBufferSize(); - int netBufferMax = ssle.getSession().getPacketBufferSize(); - // allocate less in order to check BUFFER_OVERFLOW/BUFFER_UNDERFLOW + // allocate less in order to check BUFFER_OVERFLOW ByteBuffer peerAppData = ByteBuffer.allocate(appBufferMax/2); - ByteBuffer peerNetData = ByteBuffer.allocate(netBufferMax/2); int received = -1; boolean needToReadMore = true; @@ -189,8 +187,8 @@ protected static void receive(SSLEngine ssle, SocketChannel sc) System.out.println("received " + peerAppData.position() + " bytes client application data"); - System.out.println("\tcomsumed " + res.bytesConsumed() + - " byes network data"); + System.out.println("\tconsumed " + res.bytesConsumed() + + " bytes network data"); peerAppData.clear(); received -= res.bytesProduced(); @@ -209,7 +207,7 @@ protected static void receive(SSLEngine ssle, SocketChannel sc) // maybe need to enlarge the peer application data buffer. int size = ssle.getSession().getApplicationBufferSize(); if (size > peerAppData.capacity()) { - System.out.println("resize destination buffer upto " + + System.out.println("recv: resize destination buffer upto " + size + " bytes for BUFFER_OVERFLOW"); peerAppData = enlargeBuffer(peerAppData, size); } @@ -219,8 +217,8 @@ protected static void receive(SSLEngine ssle, SocketChannel sc) // maybe need to enlarge the peer network packet data buffer. size = ssle.getSession().getPacketBufferSize(); if (size > peerNetData.capacity()) { - System.out.println("resize source buffer upto " + size + - " bytes for BUFFER_UNDERFLOW"); + System.out.println("recv: resize source buffer upto " + + size + " bytes for BUFFER_UNDERFLOW"); peerNetData = enlargeBuffer(peerNetData, size); } @@ -234,15 +232,16 @@ protected static void receive(SSLEngine ssle, SocketChannel sc) } } - protected static void handshaking(SSLEngine ssle, SocketChannel sc, + protected static ByteBuffer handshaking(SSLEngine ssle, SocketChannel sc, ByteBuffer additional) throws Exception { int appBufferMax = ssle.getSession().getApplicationBufferSize(); int netBufferMax = ssle.getSession().getPacketBufferSize(); + // zero-byte app buffers - we do not want to exchange app data here + ByteBuffer localAppData = ByteBuffer.allocate(0); + ByteBuffer peerAppData = ByteBuffer.allocate(0); // allocate less in order to check BUFFER_OVERFLOW/BUFFER_UNDERFLOW - ByteBuffer localAppData = ByteBuffer.allocate(appBufferMax/10); - ByteBuffer peerAppData = ByteBuffer.allocate(appBufferMax/10); ByteBuffer localNetData = ByteBuffer.allocate(netBufferMax/10); ByteBuffer peerNetData = ByteBuffer.allocate(netBufferMax/10); @@ -272,7 +271,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, } else { if (sc.read(peerNetData) < 0) { ssle.closeInbound(); - return; + throw new EOFException(); } } } @@ -280,7 +279,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, if (underflow) { if (sc.read(peerNetData) < 0) { ssle.closeInbound(); - return; + throw new EOFException(); } underflow = false; @@ -298,7 +297,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, // maybe need to enlarge the peer network packet buffer. int size = ssle.getSession().getPacketBufferSize(); if (size > peerNetData.capacity()) { - System.out.println("resize source buffer upto " + + System.out.println("hs recv: resize source buffer upto " + size + " bytes for BUFFER_UNDERFLOW"); peerNetData = enlargeBuffer(peerNetData, size); } @@ -309,7 +308,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, // maybe need to enlarge the peer application data buffer. size = ssle.getSession().getApplicationBufferSize(); if (size > peerAppData.capacity()) { - System.out.println("resize destination buffer upto " + + System.out.println("hs recv: resize destination buffer upto " + size + " bytes for BUFFER_OVERFLOW"); peerAppData = enlargeBuffer(peerAppData, size); } @@ -346,7 +345,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, // maybe need to enlarge the local network packet buffer. int size = ssle.getSession().getPacketBufferSize(); if (size > localNetData.capacity()) { - System.out.println("resize destination buffer upto " + + System.out.println("hs send: resize destination buffer upto " + size + " bytes for BUFFER_OVERFLOW"); localNetData = enlargeBuffer(localNetData, size); } @@ -371,6 +370,7 @@ protected static void handshaking(SSLEngine ssle, SocketChannel sc, } } while (hs != SSLEngineResult.HandshakeStatus.FINISHED && hs != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING); + return peerNetData; } private static ByteBuffer enlargeBuffer(ByteBuffer buffer, int size) { diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorer.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorer.java index 6cd103caebe..b1ad5b6a761 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorer.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorer.java @@ -142,10 +142,10 @@ void doServerSide() throws Exception { } // handshaking - handshaking(ssle, sc, buffer); + ByteBuffer peerNetData = handshaking(ssle, sc, buffer); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -192,13 +192,13 @@ void doClientSide() throws Exception { ssle.setEnabledProtocols(supportedProtocols); // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // close the socket channel. sc.close(); diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java index 21f652b50c1..a42134abdb1 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java @@ -154,10 +154,10 @@ void doServerSide() throws Exception { ssle.setSSLParameters(params); // handshaking - handshaking(ssle, sc, buffer); + ByteBuffer peerNetData = handshaking(ssle, sc, buffer); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -209,13 +209,13 @@ void doClientSide() throws Exception { ssle.setSSLParameters(params); // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // check server name indication ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession(); diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java index ff8678ba6a8..218fb3aa88d 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java @@ -148,10 +148,10 @@ void doServerSide() throws Exception { try { // handshaking - handshaking(ssle, sc, buffer); + ByteBuffer peerNetData = handshaking(ssle, sc, buffer); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -213,13 +213,13 @@ void doClientSide() throws Exception { try { // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // check server name indication ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession(); diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java index f9888839929..8e6c29fd0ce 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java @@ -136,10 +136,10 @@ void doServerSide() throws Exception { } // handshaking - handshaking(ssle, sc, buffer); + ByteBuffer peerNetData = handshaking(ssle, sc, buffer); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -190,13 +190,13 @@ void doClientSide() throws Exception { ssle.setSSLParameters(params); // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // check server name indication ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession(); diff --git a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java index 0517a7750aa..80e5bba4f5c 100644 --- a/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java +++ b/jdk/test/javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java @@ -145,10 +145,10 @@ void doServerSide() throws Exception { ssle.setSSLParameters(params); // handshaking - handshaking(ssle, sc, buffer); + ByteBuffer peerNetData = handshaking(ssle, sc, buffer); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // send out application data deliver(ssle, sc); @@ -193,13 +193,13 @@ void doClientSide() throws Exception { } // handshaking - handshaking(ssle, sc, null); + ByteBuffer peerNetData = handshaking(ssle, sc, null); // send out application data deliver(ssle, sc); // receive application data - receive(ssle, sc); + receive(ssle, sc, peerNetData); // check server name indication ExtendedSSLSession session = (ExtendedSSLSession)ssle.getSession();