This is an automated email from the ASF dual-hosted git repository.
johnnyv pushed a commit to branch 2.2.X
in repository https://gitbox.apache.org/repos/asf/mina.git
commit a7ceb0817ce1c2b1f12cfdb30ecfc37e130be180
Author: Jonathan Valliere <john...@apache.org>
AuthorDate: Thu Sep 9 14:01:35 2021 -0400
Fix size == 0 check; removes unused tests
---
.../org/apache/mina/filter/ssl/SSLHandlerG0.java | 6 +-
.../apache/mina/filter/ssl/SSLDIRMINA937Test.java | 167 --------
.../org/apache/mina/filter/ssl/SSLEngineTest.java | 465 ---------------------
.../apache/mina/filter/ssl/emptykeystore.sslTest | Bin 32 -> 0 bytes
.../apache/mina/filter/{ssl2 => ssl}/keystore.jks | Bin
.../org/apache/mina/filter/ssl/keystore.sslTest | Bin 1368 -> 0 bytes
.../mina/filter/{ssl2 => ssl}/truststore.jks | Bin
.../org/apache/mina/filter/ssl/truststore.sslTest | Bin 654 -> 0 bytes
8 files changed, 3 insertions(+), 635 deletions(-)
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
index de99b7f..4cf3e17 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SSLHandlerG0.java
@@ -257,7 +257,7 @@ public class SSLHandlerG0 extends SSLHandler {
}
if (this.mEncodeQueue.isEmpty()) {
- if (qwrite(next, request) == false) {
+ if (this.qwrite(next, request) == false) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("{} write() - unable to
write right now, saving request for later", toString(),
request);
@@ -511,7 +511,7 @@ public class SSLHandlerG0 extends SSLHandler {
return;
}
- if (this.mEncodeQueue.size() != 0) {
+ if (this.mEncodeQueue.size() == 0) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("{} flush() - no saved messages",
toString());
}
@@ -523,7 +523,7 @@ public class SSLHandlerG0 extends SSLHandler {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("{} flush() - {}", toString(),
current);
}
- if (qwrite(next, current) == false) {
+ if (this.qwrite(next, current) == false) {
this.mEncodeQueue.addFirst(current);
break;
}
diff --git
a/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLDIRMINA937Test.java
b/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLDIRMINA937Test.java
deleted file mode 100644
index da3f66e..0000000
--- a/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLDIRMINA937Test.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.mina.filter.ssl;
-
-import static org.junit.Assert.*;
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.Security;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.TimeUnit;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManagerFactory;
-
-import org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder;
-import org.apache.mina.core.service.IoHandlerAdapter;
-import org.apache.mina.core.session.IoSession;
-import org.apache.mina.filter.FilterEvent;
-import org.apache.mina.filter.codec.ProtocolCodecFilter;
-import org.apache.mina.filter.codec.textline.TextLineCodecFactory;
-import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
-import org.apache.mina.transport.socket.nio.NioSocketConnector;
-import org.apache.mina.util.AvailablePortFinder;
-import org.junit.Ignore;
-import org.junit.Test;
-
-/**
- * Test an SSL session where the connection cannot be established with the
server due to
- * incompatible protocols (Test for DIRMINA-937)
- *
- * @author <a href="http://mina.apache.org";>Apache MINA Project</a>
- */
-public class SSLDIRMINA937Test {
- /** A static port used for his test, chosen to avoid collisions */
- private static final int port = AvailablePortFinder.getNextAvailable(5555);
-
- /** A JVM independant KEY_MANAGER_FACTORY algorithm */
- private static final String KEY_MANAGER_FACTORY_ALGORITHM;
-
- static {
- String algorithm =
Security.getProperty("ssl.KeyManagerFactory.algorithm");
- if (algorithm == null) {
- algorithm = KeyManagerFactory.getDefaultAlgorithm();
- }
-
- KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
- }
-
- private static class TestHandler extends IoHandlerAdapter {
- public void messageReceived(IoSession session, Object message) throws
Exception {
- String line = (String) message;
-
- if (line.startsWith("hello")) {
- //System.out.println("Server got: 'hello', waiting for
'send'");
- Thread.sleep(1500);
- } else if (line.startsWith("send")) {
- //System.out.println("Server got: 'send', sending 'data'");
- session.write("data");
- }
- }
- }
-
- /**
- * Starts a Server with the SSL Filter and a simple text line
- * protocol codec filter
- */
- private static void startServer() throws Exception {
- NioSocketAcceptor acceptor = new NioSocketAcceptor();
-
- acceptor.setReuseAddress(true);
- DefaultIoFilterChainBuilder filters = acceptor.getFilterChain();
-
- // Inject the SSL filter
- SSLContext context = createSSLContext("TLSv1");
- SSLFilter sslFilter = new SSLFilter(context);
- sslFilter.setEnabledProtocols(new String[] { "TLSv1" });
-
//sslFilter.setEnabledCipherSuites(getServerCipherSuites(context.getDefaultSSLParameters().getCipherSuites()));
- filters.addLast("sslFilter", sslFilter);
-
- // Inject the TestLine codec filter
- filters.addLast("text", new ProtocolCodecFilter(new
TextLineCodecFactory()));
-
- acceptor.setHandler(new TestHandler());
- acceptor.bind(new InetSocketAddress(port));
- }
-
- /**
- * Starts a client which will connect twice using SSL
- */
- private static void startClient(final CountDownLatch counter) throws
Exception {
- NioSocketConnector connector = new NioSocketConnector();
-
- DefaultIoFilterChainBuilder filters = connector.getFilterChain();
- SSLFilter sslFilter = new SSLFilter(createSSLContext("TLSv1.1"));
- sslFilter.setEnabledProtocols(new String[] { "TLSv1.1" });
- //sslFilter.setEnabledCipherSuites(getClientCipherSuites());
- filters.addLast("sslFilter", sslFilter);
- connector.setHandler(new IoHandlerAdapter() {
- @Override
- public void messageReceived(IoSession session, Object message)
throws Exception {
- }
-
- @Override
- public void event(IoSession session, FilterEvent event) throws
Exception {
- if (event == SSLEvent.UNSECURED ) {
- counter.countDown();
- }
- }
- });
- connector.connect(new InetSocketAddress("localhost", port));
- }
-
- private static SSLContext createSSLContext(String protocol) throws
IOException, GeneralSecurityException {
- char[] passphrase = "password".toCharArray();
-
- SSLContext ctx = SSLContext.getInstance(protocol);
- KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
- TrustManagerFactory tmf =
TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
-
- KeyStore ks = KeyStore.getInstance("JKS");
- KeyStore ts = KeyStore.getInstance("JKS");
-
-
ks.load(SSLDIRMINA937Test.class.getResourceAsStream("keystore.sslTest"),
passphrase);
-
ts.load(SSLDIRMINA937Test.class.getResourceAsStream("truststore.sslTest"),
passphrase);
-
- kmf.init(ks, passphrase);
- tmf.init(ts);
- ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
-
- return ctx;
- }
-
- /**
- * Test is ignore as it will cause the build to fail
- *
- * @throws Exception If the test failed
- */
- @Test
- @Ignore("This test is not yet fully functionnal, it servers as the basis
for validating DIRMINA-937")
- public void testDIRMINA937() throws Exception {
- startServer();
-
- final CountDownLatch counter = new CountDownLatch(1);
- startClient(counter);
- assertTrue(counter.await(10, TimeUnit.SECONDS));
- }
-}
diff --git
a/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLEngineTest.java
b/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLEngineTest.java
deleted file mode 100644
index 54937d8..0000000
--- a/mina-core/src/test/java/org/apache/mina/filter/ssl/SSLEngineTest.java
+++ /dev/null
@@ -1,465 +0,0 @@
-package org.apache.mina.filter.ssl;
-
-import static org.junit.Assert.fail;
-
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.Security;
-import java.util.Deque;
-import java.util.concurrent.BlockingDeque;
-import java.util.concurrent.LinkedBlockingDeque;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLEngineResult.HandshakeStatus;
-import javax.net.ssl.SSLEngineResult.Status;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.TrustManagerFactory;
-
-import org.apache.mina.core.buffer.IoBuffer;
-import org.junit.Ignore;
-import org.junit.Test;
-
-public class SSLEngineTest {
- private BlockingDeque<ByteBuffer> clientQueue = new
LinkedBlockingDeque<>();
- private BlockingDeque<ByteBuffer> serverQueue = new
LinkedBlockingDeque<>();
-
- private class Handshaker implements Runnable {
- private SSLEngine sslEngine;
- private ByteBuffer workBuffer;
- private ByteBuffer emptyBuffer = ByteBuffer.allocate(0);
-
- private void push(Deque<ByteBuffer> queue, ByteBuffer buffer) {
- ByteBuffer result =
ByteBuffer.allocate(buffer.capacity());
- result.put(buffer);
- queue.addFirst(result);
- }
-
- public void run() {
- HandshakeStatus handshakeStatus =
sslEngine.getHandshakeStatus();
- SSLEngineResult result;
-
- try {
- while (handshakeStatus !=
HandshakeStatus.FINISHED) {
- switch (handshakeStatus) {
- case NEED_TASK:
- break;
-
- case NEED_UNWRAP:
- // The SSLEngine waits
for some input.
- // We may have received
too few data (TCP fragmentation)
- //
- ByteBuffer data =
serverQueue.takeLast();
- result =
sslEngine.unwrap(data, workBuffer);
-
- while
(result.getStatus() == SSLEngineResult.Status.BUFFER_UNDERFLOW) {
- // We need more
data, until then, wait.
- // ByteBuffer
data = serverQueue.takeLast();
- result =
sslEngine.unwrap(data, workBuffer);
- }
-
- handshakeStatus =
sslEngine.getHandshakeStatus();
- break;
-
- case NEED_WRAP:
- case NOT_HANDSHAKING:
- result =
sslEngine.wrap(emptyBuffer, workBuffer);
-
- workBuffer.flip();
-
- if
(workBuffer.hasRemaining()) {
-
push(clientQueue, workBuffer);
-
workBuffer.clear();
- }
-
- handshakeStatus =
result.getHandshakeStatus();
-
- break;
-
- case FINISHED:
-
- }
- }
- } catch (SSLException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- } catch (InterruptedException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
- public Handshaker(SSLEngine sslEngine) {
- this.sslEngine = sslEngine;
- int packetBufferSize =
sslEngine.getSession().getPacketBufferSize();
- workBuffer = ByteBuffer.allocate(packetBufferSize);
- }
- }
-
- /** A JVM independant KEY_MANAGER_FACTORY algorithm */
- private static final String KEY_MANAGER_FACTORY_ALGORITHM;
-
- static {
- String algorithm =
Security.getProperty("ssl.KeyManagerFactory.algorithm");
- if (algorithm == null) {
- algorithm = KeyManagerFactory.getDefaultAlgorithm();
- }
-
- KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
- }
-
- /** App data buffer for the client SSLEngine */
- private IoBuffer inNetBufferClient;
-
- /** Net data buffer for the client SSLEngine */
- private IoBuffer outNetBufferClient;
-
- /** App data buffer for the server SSLEngine */
- private IoBuffer inNetBufferServer;
-
- /** Net data buffer for the server SSLEngine */
- private IoBuffer outNetBufferServer;
-
- private final IoBuffer emptyBuffer = IoBuffer.allocate(0);
-
- private static SSLContext createSSLContext() throws IOException,
GeneralSecurityException {
- char[] passphrase = "password".toCharArray();
-
- SSLContext ctx = SSLContext.getInstance("TLS");
- KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
- TrustManagerFactory tmf =
TrustManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
-
- KeyStore ks = KeyStore.getInstance("JKS");
- KeyStore ts = KeyStore.getInstance("JKS");
-
-
ks.load(SSLEngineTest.class.getResourceAsStream("keystore.jks"), passphrase);
-
ts.load(SSLEngineTest.class.getResourceAsStream("truststore.jks"), passphrase);
-
- kmf.init(ks, passphrase);
- tmf.init(ts);
- ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
-
- return ctx;
- }
-
- /**
- * Decrypt the incoming buffer and move the decrypted data to an
application
- * buffer.
- */
- private SSLEngineResult unwrap(SSLEngine sslEngine, IoBuffer inBuffer,
IoBuffer outBuffer) throws SSLException {
- // We first have to create the application buffer if it does
not exist
- if (outBuffer == null) {
- outBuffer = IoBuffer.allocate(inBuffer.remaining());
- } else {
- // We already have one, just add the new data into it
- outBuffer.expand(inBuffer.remaining());
- }
-
- SSLEngineResult res;
- Status status;
- HandshakeStatus localHandshakeStatus;
-
- do {
- // Decode the incoming data
- res = sslEngine.unwrap(inBuffer.buf(), outBuffer.buf());
- status = res.getStatus();
-
- // We can be processing the Handshake
- localHandshakeStatus = res.getHandshakeStatus();
-
- if (status == SSLEngineResult.Status.BUFFER_OVERFLOW) {
- // We have to grow the target buffer, it's too
small.
- // Then we can call the unwrap method again
- int newCapacity =
sslEngine.getSession().getApplicationBufferSize();
-
- if (inBuffer.remaining() >= newCapacity) {
- // The buffer is already larger than
the max buffer size suggested by the SSL
- // engine.
- // Raising it any more will not make
sense and it will end up in an endless
- // loop. Throwing an error is safer
- throw new SSLException("SSL buffer
overflow");
- }
-
- inBuffer.expand(newCapacity);
- continue;
- }
- } while (((status == SSLEngineResult.Status.OK) || (status ==
SSLEngineResult.Status.BUFFER_OVERFLOW))
- && ((localHandshakeStatus ==
SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING)
- || (localHandshakeStatus ==
SSLEngineResult.HandshakeStatus.NEED_UNWRAP)));
-
- return res;
- }
-
- private SSLEngineResult.Status unwrapHandshake(SSLEngine sslEngine,
IoBuffer appBuffer, IoBuffer netBuffer)
- throws SSLException {
- // Prepare the net data for reading.
- if ((appBuffer == null) || !appBuffer.hasRemaining()) {
- // Need more data.
- return SSLEngineResult.Status.BUFFER_UNDERFLOW;
- }
-
- SSLEngineResult res = unwrap(sslEngine, appBuffer, netBuffer);
- HandshakeStatus handshakeStatus = res.getHandshakeStatus();
-
- // checkStatus(res);
-
- // If handshake finished, no data was produced, and the status
is still
- // ok, try to unwrap more
- if ((handshakeStatus ==
SSLEngineResult.HandshakeStatus.FINISHED)
- && (res.getStatus() ==
SSLEngineResult.Status.OK) && appBuffer.hasRemaining()) {
- res = unwrap(sslEngine, appBuffer, netBuffer);
-
- // prepare to be written again
- if (appBuffer.hasRemaining()) {
- appBuffer.compact();
- } else {
- appBuffer.free();
- appBuffer = null;
- }
- } else {
- // prepare to be written again
- if (appBuffer.hasRemaining()) {
- appBuffer.compact();
- } else {
- appBuffer.free();
- appBuffer = null;
- }
- }
-
- return res.getStatus();
- }
-
- /* no qualifier */boolean isInboundDone(SSLEngine sslEngine) {
- return sslEngine == null || sslEngine.isInboundDone();
- }
-
- /* no qualifier */boolean isOutboundDone(SSLEngine sslEngine) {
- return sslEngine == null || sslEngine.isOutboundDone();
- }
-
- /**
- * Perform any handshaking processing.
- */
- /* no qualifier */HandshakeStatus handshake(SSLEngine sslEngine,
IoBuffer appBuffer, IoBuffer netBuffer)
- throws SSLException {
- SSLEngineResult result;
- HandshakeStatus handshakeStatus =
sslEngine.getHandshakeStatus();
-
- for (;;) {
- switch (handshakeStatus) {
- case FINISHED:
- // handshakeComplete = true;
- return handshakeStatus;
-
- case NEED_TASK:
- // handshakeStatus = doTasks();
- break;
-
- case NEED_UNWRAP:
- // we need more data read
- SSLEngineResult.Status status =
unwrapHandshake(sslEngine, appBuffer, netBuffer);
- handshakeStatus =
sslEngine.getHandshakeStatus();
-
- return handshakeStatus;
-
- case NEED_WRAP:
- result =
sslEngine.wrap(emptyBuffer.buf(), netBuffer.buf());
-
- while (result.getStatus() ==
SSLEngineResult.Status.BUFFER_OVERFLOW) {
-
netBuffer.capacity(netBuffer.capacity() << 1);
-
netBuffer.limit(netBuffer.capacity());
-
- result =
sslEngine.wrap(emptyBuffer.buf(), netBuffer.buf());
- }
-
- netBuffer.flip();
- return result.getHandshakeStatus();
-
- case NOT_HANDSHAKING:
- result =
sslEngine.wrap(emptyBuffer.buf(), netBuffer.buf());
-
- while (result.getStatus() ==
SSLEngineResult.Status.BUFFER_OVERFLOW) {
-
netBuffer.capacity(netBuffer.capacity() << 1);
-
netBuffer.limit(netBuffer.capacity());
-
- result =
sslEngine.wrap(emptyBuffer.buf(), netBuffer.buf());
- }
-
- netBuffer.flip();
- handshakeStatus =
result.getHandshakeStatus();
- return handshakeStatus;
-
- default:
- throw new
IllegalStateException("error");
- }
- }
- }
-
- /**
- * Do all the outstanding handshake tasks in the current Thread.
- */
- private SSLEngineResult.HandshakeStatus doTasks(SSLEngine sslEngine) {
- /*
- * We could run this in a separate thread, but I don't see the
need for this
- * when used from SSLFilter. Use thread filters in MINA instead?
- */
- Runnable runnable;
- while ((runnable = sslEngine.getDelegatedTask()) != null) {
- // Thread thread = new Thread(runnable);
- // thread.start();
- runnable.run();
- }
- return sslEngine.getHandshakeStatus();
- }
-
- private HandshakeStatus handshake(SSLEngine sslEngine, HandshakeStatus
expected, IoBuffer inBuffer,
- IoBuffer outBuffer, boolean dumpBuffer) throws
SSLException {
- HandshakeStatus handshakeStatus = handshake(sslEngine,
inBuffer, outBuffer);
-
- if (handshakeStatus != expected) {
- fail();
- }
-
- if (dumpBuffer) {
- System.out.println("Message:" + outBuffer);
- }
-
- return handshakeStatus;
- }
-
- @Test
- @Ignore
- public void testSSL() throws Exception {
- // Initialise the client SSLEngine
- SSLContext sslContextClient = createSSLContext();
- SSLEngine sslEngineClient = sslContextClient.createSSLEngine();
- int packetBufferSize =
sslEngineClient.getSession().getPacketBufferSize();
- inNetBufferClient =
IoBuffer.allocate(packetBufferSize).setAutoExpand(true);
- outNetBufferClient =
IoBuffer.allocate(packetBufferSize).setAutoExpand(true);
-
- sslEngineClient.setUseClientMode(true);
-
- // Initialise the Server SSLEngine
- SSLContext sslContextServer = createSSLContext();
- SSLEngine sslEngineServer = sslContextServer.createSSLEngine();
- packetBufferSize =
sslEngineServer.getSession().getPacketBufferSize();
- inNetBufferServer =
IoBuffer.allocate(packetBufferSize).setAutoExpand(true);
- outNetBufferServer =
IoBuffer.allocate(packetBufferSize).setAutoExpand(true);
-
- sslEngineServer.setUseClientMode(false);
-
- Handshaker handshakerClient = new Handshaker(sslEngineClient);
- Handshaker handshakerServer = new Handshaker(sslEngineServer);
-
- handshakerServer.run();
-
- HandshakeStatus handshakeStatusClient =
sslEngineClient.getHandshakeStatus();
- HandshakeStatus handshakeStatusServer =
sslEngineServer.getHandshakeStatus();
-
- // <<< Server
- // Start the server
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_UNWRAP, null, outNetBufferServer,
- false);
-
- // >>> Client
- // Now start the client, which will generate a CLIENT_HELLO,
- // stored into the outNetBufferClient
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_UNWRAP, null, outNetBufferClient, true);
-
- // <<< Server
- // Process the CLIENT_HELLO on the server
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_TASK, outNetBufferClient,
- outNetBufferServer, false);
-
- // Process the tasks on the server, prepare the SERVER_HELLO
message
- handshakeStatusServer = doTasks(sslEngineServer);
-
- // We should be ready to generate the SERVER_HELLO message
- if (handshakeStatusServer != HandshakeStatus.NEED_WRAP) {
- fail();
- }
-
- // Get the SERVER_HELLO message, with all the associated
messages
- // ([Certificate], [ServerKeyExchange], [CertificateRequest],
ServerHelloDone)
- outNetBufferServer.clear();
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_UNWRAP, null, outNetBufferServer, true);
-
- // >>> Client
- // Process the SERVER_HELLO message on the client
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_TASK, outNetBufferServer,
- inNetBufferClient, false);
-
- // Prepare the client response
- handshakeStatusClient = doTasks(sslEngineClient);
-
- // We should get back the Client messages ([Certificate],
- // ClientKeyExchange, [CertificateVerify])
- if (handshakeStatusClient != HandshakeStatus.NEED_WRAP) {
- fail();
- }
-
- // Generate the [Certificate], ClientKeyExchange,
[CertificateVerify] messages
- outNetBufferClient.clear();
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_WRAP, null, outNetBufferClient, true);
-
- // <<< Server
- // Process the CLIENT_KEY_EXCHANGE on the server
- outNetBufferServer.clear();
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_TASK, outNetBufferClient,
- outNetBufferServer, false);
-
- // Do the controls
- handshakeStatusServer = doTasks(sslEngineServer);
-
- // The server is waiting for more
- if (handshakeStatusServer != HandshakeStatus.NEED_UNWRAP) {
- fail();
- }
-
- // >>> Client
- // The CHANGE_CIPHER_SPEC message generation
- outNetBufferClient.clear();
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_WRAP, null, outNetBufferClient, true);
-
- // <<< Server
- // Process the CHANGE_CIPHER_SPEC on the server
- outNetBufferServer.clear();
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_UNWRAP, outNetBufferClient,
- outNetBufferServer, false);
-
- // >>> Client
- // Generate the FINISHED message on thee client
- outNetBufferClient.clear();
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_UNWRAP, null, outNetBufferClient, true);
-
- // <<< Server
- // Process the client FINISHED message
- outNetBufferServer.clear();
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_WRAP, outNetBufferClient,
- outNetBufferServer, false);
-
- // Generate the CHANGE_CIPHER_SPEC message on the server
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.NEED_WRAP, null, outNetBufferServer, true);
-
- // >>> Client
- // Process the server CHANGE_SCIPHER_SPEC message on the client
- outNetBufferClient.clear();
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NEED_UNWRAP, outNetBufferServer,
- outNetBufferClient, false);
-
- // <<< Server
- // Generate the server FINISHED message
- outNetBufferServer.clear();
- handshakeStatusServer = handshake(sslEngineServer,
HandshakeStatus.FINISHED, null, outNetBufferServer, true);
-
- // >>> Client
- // Process the server FINISHED message on the client
- outNetBufferClient.clear();
- handshakeStatusClient = handshake(sslEngineClient,
HandshakeStatus.NOT_HANDSHAKING, outNetBufferServer,
- outNetBufferClient, false);
- }
-}
diff --git
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/emptykeystore.sslTest
b/mina-core/src/test/resources/org/apache/mina/filter/ssl/emptykeystore.sslTest
deleted file mode 100644
index 65d4b65..0000000
Binary files
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/emptykeystore.sslTest
and /dev/null differ
diff --git
a/mina-core/src/test/resources/org/apache/mina/filter/ssl2/keystore.jks
b/mina-core/src/test/resources/org/apache/mina/filter/ssl/keystore.jks
similarity index 100%
rename from
mina-core/src/test/resources/org/apache/mina/filter/ssl2/keystore.jks
rename to mina-core/src/test/resources/org/apache/mina/filter/ssl/keystore.jks
diff --git
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/keystore.sslTest
b/mina-core/src/test/resources/org/apache/mina/filter/ssl/keystore.sslTest
deleted file mode 100644
index 36190ba..0000000
Binary files
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/keystore.sslTest and
/dev/null differ
diff --git
a/mina-core/src/test/resources/org/apache/mina/filter/ssl2/truststore.jks
b/mina-core/src/test/resources/org/apache/mina/filter/ssl/truststore.jks
similarity index 100%
rename from
mina-core/src/test/resources/org/apache/mina/filter/ssl2/truststore.jks
rename to mina-core/src/test/resources/org/apache/mina/filter/ssl/truststore.jks
diff --git
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/truststore.sslTest
b/mina-core/src/test/resources/org/apache/mina/filter/ssl/truststore.sslTest
deleted file mode 100644
index 48c5963..0000000
Binary files
a/mina-core/src/test/resources/org/apache/mina/filter/ssl/truststore.sslTest
and /dev/null differ
