diff options
| author | Mark Spruiell <mes@zeroc.com> | 2009-07-14 13:52:16 -0700 |
|---|---|---|
| committer | Mark Spruiell <mes@zeroc.com> | 2009-07-14 13:52:16 -0700 |
| commit | 918eaa7e1ded06da753e0092bfcfdc331364c04b (patch) | |
| tree | 9a01cef714b7bb7d90f2c516ffa4290d6093feab /java/test/IceSSL/configuration/AllTests.java | |
| parent | 4026 - Add config-in-registry support to IceServiceInstall (diff) | |
| download | ice-918eaa7e1ded06da753e0092bfcfdc331364c04b.tar.bz2 ice-918eaa7e1ded06da753e0092bfcfdc331364c04b.tar.xz ice-918eaa7e1ded06da753e0092bfcfdc331364c04b.zip | |
bug 3464: C++ & Java changes for IceSSL.CheckCertName
Diffstat (limited to 'java/test/IceSSL/configuration/AllTests.java')
| -rw-r--r-- | java/test/IceSSL/configuration/AllTests.java | 109 |
1 files changed, 87 insertions, 22 deletions
diff --git a/java/test/IceSSL/configuration/AllTests.java b/java/test/IceSSL/configuration/AllTests.java index ad163e7e284..3711ddffa24 100644 --- a/java/test/IceSSL/configuration/AllTests.java +++ b/java/test/IceSSL/configuration/AllTests.java @@ -434,36 +434,101 @@ public class AllTests comm.destroy(); // - // Test IceSSL.CheckCertName. The test certificate for the server contains "server" - // and "127.0.0.1" in its subjectAltName, so we only perform this test when the - // default host is "127.0.0.1". + // Test IceSSL.CheckCertName. The test certificates for the server contain "127.0.0.1" + // as the common name or as a subject alternative name, so we only perform this test when + // the default host is "127.0.0.1". // if(defaultHost.equals("127.0.0.1")) { - initData = createClientProps(defaultProperties, defaultDir, defaultHost); - initData.properties.setProperty("IceSSL.Keystore", "c_rsa_ca1.jks"); - initData.properties.setProperty("IceSSL.Password", "password"); - initData.properties.setProperty("IceSSL.Truststore", "cacert1.jks"); - initData.properties.setProperty("IceSSL.CheckCertName", "1"); - comm = Ice.Util.initialize(args, initData); + // + // Test subject alternative name. + // + { + initData = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties.setProperty("IceSSL.Keystore", "c_rsa_ca1.jks"); + initData.properties.setProperty("IceSSL.Password", "password"); + initData.properties.setProperty("IceSSL.Truststore", "cacert1.jks"); + initData.properties.setProperty("IceSSL.CheckCertName", "1"); + comm = Ice.Util.initialize(args, initData); - fact = ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, defaultDir, defaultHost); - d.put("IceSSL.Keystore", "s_rsa_ca1.jks"); - d.put("IceSSL.Password", "password"); - d.put("IceSSL.Truststore", "cacert1.jks"); - server = fact.createServer(d); - try + fact = ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); + test(fact != null); + d = createServerProps(defaultProperties, defaultDir, defaultHost); + d.put("IceSSL.Keystore", "s_rsa_ca1.jks"); + d.put("IceSSL.Password", "password"); + d.put("IceSSL.Truststore", "cacert1.jks"); + server = fact.createServer(d); + try + { + server.ice_ping(); + } + catch(Ice.LocalException ex) + { + test(false); + } + fact.destroyServer(server); + comm.destroy(); + } + // + // Test common name. + // { - server.ice_ping(); + initData = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties.setProperty("IceSSL.Keystore", "c_rsa_ca1.jks"); + initData.properties.setProperty("IceSSL.Password", "password"); + initData.properties.setProperty("IceSSL.Truststore", "cacert1.jks"); + initData.properties.setProperty("IceSSL.CheckCertName", "1"); + comm = Ice.Util.initialize(args, initData); + + fact = ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); + test(fact != null); + d = createServerProps(defaultProperties, defaultDir, defaultHost); + d.put("IceSSL.Keystore", "s_rsa_ca1_cn1.jks"); + d.put("IceSSL.Password", "password"); + d.put("IceSSL.Truststore", "cacert1.jks"); + server = fact.createServer(d); + try + { + server.ice_ping(); + } + catch(Ice.LocalException ex) + { + test(false); + } + fact.destroyServer(server); + comm.destroy(); } - catch(Ice.LocalException ex) + // + // Test common name again. The certificate used in this test has "127.0.0.11" as its + // common name, therefore the address "127.0.0.1" must NOT match. + // { - test(false); + initData = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties.setProperty("IceSSL.Keystore", "c_rsa_ca1.jks"); + initData.properties.setProperty("IceSSL.Password", "password"); + initData.properties.setProperty("IceSSL.Truststore", "cacert1.jks"); + initData.properties.setProperty("IceSSL.CheckCertName", "1"); + comm = Ice.Util.initialize(args, initData); + + fact = ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); + test(fact != null); + d = createServerProps(defaultProperties, defaultDir, defaultHost); + d.put("IceSSL.Keystore", "s_rsa_ca1_cn2.jks"); + d.put("IceSSL.Password", "password"); + d.put("IceSSL.Truststore", "cacert1.jks"); + server = fact.createServer(d); + try + { + server.ice_ping(); + test(false); + } + catch(Ice.LocalException ex) + { + // Expected. + } + fact.destroyServer(server); + comm.destroy(); } - fact.destroyServer(server); - comm.destroy(); } } out.println("ok"); |