J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | import sun.management.jmxremote.ConnectorBootstrap; |
| 24 | |
| 25 | import java.io.File; |
| 26 | import java.io.FileInputStream; |
| 27 | import java.io.InputStream; |
| 28 | import java.io.FilenameFilter; |
| 29 | import java.io.IOException; |
| 30 | |
| 31 | import java.security.GeneralSecurityException; |
| 32 | import java.security.KeyStore; |
| 33 | |
| 34 | import java.util.Properties; |
| 35 | import java.util.Iterator; |
| 36 | import java.util.Set; |
| 37 | import java.util.Arrays; |
| 38 | import java.util.ArrayList; |
| 39 | import java.util.HashMap; |
| 40 | import java.util.Map; |
| 41 | import java.util.Enumeration; |
| 42 | |
| 43 | import javax.management.remote.*; |
| 44 | import javax.management.*; |
| 45 | |
| 46 | import sun.management.AgentConfigurationError; |
| 47 | |
| 48 | import util.TestLogger; |
| 49 | |
| 50 | /** |
| 51 | * <p>This class implements unit test for RMI Bootstrap. |
| 52 | * When called with no arguments main() looks in the directory indicated |
| 53 | * by the "test.src" system property for files called management*ok.properties |
| 54 | * or management*ko.properties. The *ok.properties files are assumed to be |
| 55 | * valid Java M&M config files for which the bootstrap should succeed. |
| 56 | * The *ko.properties files are assumed to be configurations for which the |
| 57 | * bootstrap & connection test will fail.</p> |
| 58 | * |
| 59 | * <p>The rmi port number can be specified with the "rmi.port" system property. |
| 60 | * If not, this test will use 12424</p> |
| 61 | * |
| 62 | * <p>When called with some argument, the main() will interprete its args to |
| 63 | * be Java M&M configuration file names. The filenames are expected to end |
| 64 | * with ok.properties or ko.properties - and are interpreted as above.</p> |
| 65 | * |
| 66 | * <p>Note that a limitation of the RMI registry (bug 4267864) prevent |
| 67 | * this test from succeeding if more than 1 configuration is used. |
| 68 | * As long as 4267864 isn't fix, this test must be called as many times |
| 69 | * as needed but with a single argument (no arguments, or several arguments |
| 70 | * will fail).</p> |
| 71 | * |
| 72 | * <p>Debug traces are logged in "sun.management.test"</p> |
| 73 | **/ |
| 74 | public class RmiSslNoKeyStoreTest { |
| 75 | |
| 76 | static TestLogger log = |
| 77 | new TestLogger("RmiSslNoKeyStoreTest"); |
| 78 | |
| 79 | /** |
| 80 | * When launching several registries, we increment the port number |
| 81 | * to avoid falling into "port number already in use" problems. |
| 82 | **/ |
| 83 | static int testPort = 0; |
| 84 | |
| 85 | /** |
| 86 | * Default values for RMI configuration properties. |
| 87 | **/ |
| 88 | public static interface DefaultValues { |
| 89 | public static final String PORT="0"; |
| 90 | public static final String CONFIG_FILE_NAME="management.properties"; |
| 91 | public static final String USE_SSL="true"; |
| 92 | public static final String USE_AUTHENTICATION="true"; |
| 93 | public static final String PASSWORD_FILE_NAME="jmxremote.password"; |
| 94 | public static final String ACCESS_FILE_NAME="jmxremote.access"; |
| 95 | public static final String KEYSTORE="keystore"; |
| 96 | public static final String KEYSTORE_PASSWD="password"; |
| 97 | public static final String TRUSTSTORE="truststore"; |
| 98 | public static final String TRUSTSTORE_PASSWD="trustword"; |
| 99 | } |
| 100 | |
| 101 | /** |
| 102 | * Names of RMI configuration properties. |
| 103 | **/ |
| 104 | public static interface PropertyNames { |
| 105 | public static final String PORT="com.sun.management.jmxremote.port"; |
| 106 | public static final String CONFIG_FILE_NAME= |
| 107 | "com.sun.management.config.file"; |
| 108 | public static final String USE_SSL="com.sun.management.jmxremote.ssl"; |
| 109 | public static final String USE_AUTHENTICATION= |
| 110 | "com.sun.management.jmxremote.authenticate"; |
| 111 | public static final String PASSWORD_FILE_NAME= |
| 112 | "com.sun.management.jmxremote.password.file"; |
| 113 | public static final String ACCESS_FILE_NAME= |
| 114 | "com.sun.management.jmxremote.access.file"; |
| 115 | public static final String INSTRUMENT_ALL= |
| 116 | "com.sun.management.instrumentall"; |
| 117 | public static final String CREDENTIALS = |
| 118 | "jmx.remote.credentials"; |
| 119 | public static final String KEYSTORE="javax.net.ssl.keyStore"; |
| 120 | public static final String KEYSTORE_PASSWD= |
| 121 | "javax.net.ssl.keyStorePassword"; |
| 122 | public static final String KEYSTORE_TYPE="javax.net.ssl.keyStoreType"; |
| 123 | public static final String TRUSTSTORE="javax.net.ssl.trustStore"; |
| 124 | public static final String TRUSTSTORE_PASSWD= |
| 125 | "javax.net.ssl.trustStorePassword"; |
| 126 | } |
| 127 | |
| 128 | /** |
| 129 | * Compute the full path name for a default file. |
| 130 | * @param basename basename (with extension) of the default file. |
| 131 | * @return ${JRE}/lib/management/${basename} |
| 132 | **/ |
| 133 | private static String getDefaultFileName(String basename) { |
| 134 | final String fileSeparator = File.separator; |
| 135 | final StringBuffer defaultFileName = |
| 136 | new StringBuffer(System.getProperty("java.home")). |
| 137 | append(fileSeparator).append("lib").append(fileSeparator). |
| 138 | append("management").append(fileSeparator). |
| 139 | append(basename); |
| 140 | return defaultFileName.toString(); |
| 141 | } |
| 142 | |
| 143 | /** |
| 144 | * Compute the full path name for a default file. |
| 145 | * @param basename basename (with extension) of the default file. |
| 146 | * @return ${JRE}/lib/management/${basename} |
| 147 | **/ |
| 148 | private static String getDefaultStoreName(String basename) { |
| 149 | final String fileSeparator = File.separator; |
| 150 | final StringBuffer defaultFileName = |
| 151 | new StringBuffer(System.getProperty("test.src")). |
| 152 | append(fileSeparator).append("ssl").append(fileSeparator). |
| 153 | append(basename); |
| 154 | return defaultFileName.toString(); |
| 155 | } |
| 156 | |
| 157 | private static void checkKeystore(Properties props) |
| 158 | throws IOException, GeneralSecurityException { |
| 159 | if (log.isDebugOn()) |
| 160 | log.debug("checkKeystore","Checking Keystore configuration"); |
| 161 | |
| 162 | final String keyStore = |
| 163 | System.getProperty(PropertyNames.KEYSTORE); |
| 164 | if (keyStore == null) |
| 165 | throw new IllegalArgumentException("System property " + |
| 166 | PropertyNames.KEYSTORE + |
| 167 | " not specified"); |
| 168 | |
| 169 | final String keyStorePass = |
| 170 | System.getProperty(PropertyNames.KEYSTORE_PASSWD); |
| 171 | if (keyStorePass == null) { |
| 172 | // We don't have the password, we can only check whether the |
| 173 | // file exists... |
| 174 | // |
| 175 | final File ksf = new File(keyStore); |
| 176 | if (! ksf.canRead()) |
| 177 | throw new IOException(keyStore + ": not readable"); |
| 178 | |
| 179 | if (log.isDebugOn()) |
| 180 | log.debug("checkSSL", "No password."); |
| 181 | throw new IllegalArgumentException("System property " + |
| 182 | PropertyNames.KEYSTORE_PASSWD + |
| 183 | " not specified"); |
| 184 | } |
| 185 | |
| 186 | // Now we're going to load the keyStore - just to check it's |
| 187 | // correct. |
| 188 | // |
| 189 | final String keyStoreType = |
| 190 | System.getProperty(PropertyNames.KEYSTORE_TYPE, |
| 191 | KeyStore.getDefaultType()); |
| 192 | final KeyStore ks = KeyStore.getInstance(keyStoreType); |
| 193 | final FileInputStream fin = new FileInputStream(keyStore); |
| 194 | final char keypassword[] = keyStorePass.toCharArray(); |
| 195 | |
| 196 | try { |
| 197 | ks.load(fin,keypassword); |
| 198 | } finally { |
| 199 | Arrays.fill(keypassword,' '); |
| 200 | fin.close(); |
| 201 | } |
| 202 | |
| 203 | if (log.isDebugOn()) |
| 204 | log.debug("checkSSL","SSL configuration successfully checked"); |
| 205 | } |
| 206 | |
| 207 | private void checkSslConfiguration() throws Exception { |
| 208 | final String defaultConf = |
| 209 | getDefaultFileName(DefaultValues.CONFIG_FILE_NAME); |
| 210 | final String confname = |
| 211 | System.getProperty(PropertyNames.CONFIG_FILE_NAME,defaultConf); |
| 212 | |
| 213 | final Properties props = new Properties(); |
| 214 | final File conf = new File(confname); |
| 215 | if (conf.exists()) { |
| 216 | FileInputStream fin = new FileInputStream(conf); |
| 217 | try {props.load(fin);} finally {fin.close();} |
| 218 | } |
| 219 | |
| 220 | // Do we use SSL? |
| 221 | final String useSslStr = |
| 222 | props.getProperty(PropertyNames.USE_SSL, |
| 223 | DefaultValues.USE_SSL); |
| 224 | final boolean useSsl = |
| 225 | Boolean.valueOf(useSslStr).booleanValue(); |
| 226 | |
| 227 | log.debug("checkSslConfiguration",PropertyNames.USE_SSL+"="+useSsl); |
| 228 | if (useSsl == false) { |
| 229 | final String msg = |
| 230 | PropertyNames.USE_SSL+"="+useSsl+", can't run test"; |
| 231 | throw new IllegalArgumentException(msg); |
| 232 | } |
| 233 | |
| 234 | try { |
| 235 | checkKeystore(props); |
| 236 | } catch (Exception x) { |
| 237 | // Ok! |
| 238 | log.debug("checkSslConfiguration","Test configuration OK: " + x); |
| 239 | return; |
| 240 | } |
| 241 | |
| 242 | final String msg = "KeyStore properly configured, can't run test"; |
| 243 | throw new IllegalArgumentException(msg); |
| 244 | } |
| 245 | |
| 246 | /** |
| 247 | * Test the configuration indicated by `file'. |
| 248 | * Sets the appropriate System properties for config file and |
| 249 | * port and then calls ConnectorBootstrap.initialize(). |
| 250 | * eventually cleans up by calling ConnectorBootstrap.terminate(). |
| 251 | * @return null if the test succeeds, an error message otherwise. |
| 252 | **/ |
| 253 | private String testConfiguration(File file,int port) { |
| 254 | |
| 255 | final String path = (file==null)?null:file.getAbsolutePath(); |
| 256 | final String config = (path==null)?"Default config file":path; |
| 257 | |
| 258 | try { |
| 259 | System.out.println("***"); |
| 260 | System.out.println("*** Testing configuration (port="+ |
| 261 | port + "): "+ path); |
| 262 | System.out.println("***"); |
| 263 | |
| 264 | System.setProperty("com.sun.management.jmxremote.port", |
| 265 | Integer.toString(port)); |
| 266 | if (path != null) |
| 267 | System.setProperty("com.sun.management.config.file", path); |
| 268 | else |
| 269 | System.getProperties(). |
| 270 | remove("com.sun.management.config.file"); |
| 271 | |
| 272 | log.trace("testConfiguration","com.sun.management.jmxremote.port="+port); |
| 273 | if (path != null && log.isDebugOn()) |
| 274 | log.trace("testConfiguration", |
| 275 | "com.sun.management.config.file="+path); |
| 276 | |
| 277 | checkSslConfiguration(); |
| 278 | |
| 279 | final JMXConnectorServer cs; |
| 280 | try { |
| 281 | cs = ConnectorBootstrap.initialize(); |
| 282 | } catch (AgentConfigurationError x) { |
| 283 | final String err = "Failed to initialize connector:" + |
| 284 | "\n\tcom.sun.management.jmxremote.port=" + port + |
| 285 | ((path!=null)?"\n\tcom.sun.management.config.file="+path: |
| 286 | "\n\t"+config) + |
| 287 | "\n\tError is: " + x; |
| 288 | |
| 289 | log.trace("testConfiguration","Expected failure: " + err); |
| 290 | log.debug("testConfiguration",x); |
| 291 | System.out.println("Got expected failure: " + x); |
| 292 | return null; |
| 293 | } catch (Exception x) { |
| 294 | log.debug("testConfiguration",x); |
| 295 | return x.toString(); |
| 296 | } |
| 297 | try { |
| 298 | JMXConnector cc = |
| 299 | JMXConnectorFactory.connect(cs.getAddress(), null); |
| 300 | cc.close(); |
| 301 | } catch (IOException x) { |
| 302 | final String err = "Failed to initialize connector:" + |
| 303 | "\n\tcom.sun.management.jmxremote.port=" + port + |
| 304 | ((path!=null)?"\n\tcom.sun.management.config.file="+path: |
| 305 | "\n\t"+config) + |
| 306 | "\n\tError is: " + x; |
| 307 | |
| 308 | log.trace("testConfiguration","Expected failure: " + err); |
| 309 | log.debug("testConfiguration",x); |
| 310 | System.out.println("Got expected failure: " + x); |
| 311 | return null; |
| 312 | } catch (Exception x) { |
| 313 | log.debug("testConfiguration",x); |
| 314 | return x.toString(); |
| 315 | } |
| 316 | try { |
| 317 | cs.stop(); |
| 318 | } catch (Exception x) { |
| 319 | final String err = "Failed to terminate: "+x; |
| 320 | log.trace("testConfiguration",err); |
| 321 | log.debug("testConfiguration",x); |
| 322 | } |
| 323 | final String err = "Bootstrap should have failed:" + |
| 324 | "\n\tcom.sun.management.jmxremote.port=" + port + |
| 325 | ((path!=null)?"\n\tcom.sun.management.config.file="+path: |
| 326 | "\n\t"+config); |
| 327 | log.trace("testConfiguration",err); |
| 328 | return err; |
| 329 | } catch (Exception x) { |
| 330 | final String err = "Failed to test bootstrap for:" + |
| 331 | "\n\tcom.sun.management.jmxremote.port=" + port + |
| 332 | ((path!=null)?"\n\tcom.sun.management.config.file="+path: |
| 333 | "\n\t"+config)+ |
| 334 | "\n\tError is: " + x; |
| 335 | |
| 336 | log.trace("testConfiguration",err); |
| 337 | log.debug("testConfiguration",x); |
| 338 | return err; |
| 339 | } |
| 340 | } |
| 341 | |
| 342 | /** |
| 343 | * Test a configuration file. Determines whether the bootstrap |
| 344 | * should succeed or fail depending on the file name: |
| 345 | * *ok.properties: bootstrap should succeed. |
| 346 | * *ko.properties: bootstrap or connection should fail. |
| 347 | * @return null if the test succeeds, an error message otherwise. |
| 348 | **/ |
| 349 | private String testConfigurationFile(String fileName) { |
| 350 | File file = new File(fileName); |
| 351 | final String portStr = System.getProperty("rmi.port","12424"); |
| 352 | final int port = Integer.parseInt(portStr); |
| 353 | |
| 354 | return testConfiguration(file,port+testPort++); |
| 355 | } |
| 356 | |
| 357 | |
| 358 | /** |
| 359 | * Tests the specified configuration files. |
| 360 | * If args[] is not empty, each element in args[] is expected to be |
| 361 | * a filename ending either by ok.properties or ko.properties. |
| 362 | * Otherwise, the configuration files will be automatically determined |
| 363 | * by looking at all *.properties files located in the directory |
| 364 | * indicated by the System property "test.src". |
| 365 | * @throws RuntimeException if the test fails. |
| 366 | **/ |
| 367 | public void run(String args[]) { |
| 368 | final String defaultKeyStore = |
| 369 | getDefaultStoreName(DefaultValues.KEYSTORE); |
| 370 | final String keyStore = |
| 371 | System.getProperty(PropertyNames.KEYSTORE, defaultKeyStore); |
| 372 | |
| 373 | for (int i=0; i<args.length; i++) { |
| 374 | |
| 375 | String errStr =testConfigurationFile(args[i]); |
| 376 | if (errStr != null) { |
| 377 | throw new RuntimeException(errStr); |
| 378 | } |
| 379 | |
| 380 | if ((System.getProperty(PropertyNames.KEYSTORE) == null) && |
| 381 | (System.getProperty(PropertyNames.KEYSTORE_PASSWD) == null)) { |
| 382 | try { |
| 383 | |
| 384 | // Specify the keystore, but don't specify the |
| 385 | // password. |
| 386 | // |
| 387 | System.setProperty(PropertyNames.KEYSTORE,keyStore); |
| 388 | log.trace("run",PropertyNames.KEYSTORE+"="+keyStore); |
| 389 | |
| 390 | errStr =testConfigurationFile(args[i]); |
| 391 | if (errStr != null) { |
| 392 | throw new RuntimeException(errStr); |
| 393 | } |
| 394 | } finally { |
| 395 | System.getProperties().remove(PropertyNames.KEYSTORE); |
| 396 | } |
| 397 | } |
| 398 | } |
| 399 | } |
| 400 | |
| 401 | /** |
| 402 | * Calls run(args[]). |
| 403 | * exit(1) if the test fails. |
| 404 | **/ |
| 405 | public static void main(String args[]) { |
| 406 | RmiSslNoKeyStoreTest manager = new RmiSslNoKeyStoreTest(); |
| 407 | try { |
| 408 | manager.run(args); |
| 409 | } catch (RuntimeException r) { |
| 410 | System.err.println("Test Failed: "+ r.getMessage()); |
| 411 | System.exit(1); |
| 412 | } catch (Throwable t) { |
| 413 | System.err.println("Test Failed: "+ t); |
| 414 | t.printStackTrace(); |
| 415 | System.exit(2); |
| 416 | } |
| 417 | System.out.println("**** Test RmiSslNoKeyStoreTest Passed ****"); |
| 418 | } |
| 419 | |
| 420 | } |