Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files
8262862: Harden tests sun/security/x509/URICertStore/ExtensionsWithLD…
…AP.java and krb5/canonicalize/Test.java

Reviewed-by: aefimov, michaelm
  • Loading branch information
Fernando Guallini authored and AlekseiEfimov committed Mar 5, 2021
1 parent 2c0507e commit e1cad97049642ab201d53ff608937f7e7ef3ff3e
Showing with 12 additions and 25 deletions.
  1. +5 −10 test/jdk/sun/security/krb5/canonicalize/Test.java
  2. +7 −15 test/jdk/sun/security/x509/URICertStore/ExtensionsWithLDAP.java
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,21 +25,16 @@
* @bug 6682516 8149521
* @summary SPNEGO_HTTP_AUTH/WWW_KRB and SPNEGO_HTTP_AUTH/WWW_SPNEGO failed on all non-windows platforms
* @modules java.security.jgss/sun.security.krb5
* @run main/othervm -Djava.security.krb5.conf=krb5.conf Test
* @run main/othervm -Djdk.net.hosts.file=${test.src}/TestHosts
* -Djava.security.krb5.realm=THIS.REALM
* -Djava.security.krb5.kdc=localhost
* -Djava.security.krb5.conf=krb5.conf Test
*/

import java.net.InetAddress;
import java.net.UnknownHostException;
import sun.security.krb5.PrincipalName;

public class Test {
public static void main(String[] args) throws Exception {
// This config file is generated using Kerberos.app on a Mac
String hostsFileName = System.getProperty("test.src", ".") + "/TestHosts";
System.setProperty("jdk.net.hosts.file", hostsFileName);
System.setProperty("java.security.krb5.realm", "THIS.REALM");
System.setProperty("java.security.krb5.kdc", "localhost");

// add using canonicalized name
check("c1", "c1.this.domain");
check("c1.this", "c1.this.domain");
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -27,18 +27,19 @@
* @test
* @bug 8134708
* @summary Check if LDAP resources from CRLDP and AIA extensions can be loaded
* @run main/othervm ExtensionsWithLDAP CRLDP ldap.host.for.crldp
* @run main/othervm -Djdk.net.hosts.file=${test.src}/CRLDP
* -Dcom.sun.security.enableCRLDP=true
* ExtensionsWithLDAP CRLDP ldap.host.for.crldp
* @modules jdk.security.auth
* @run main/othervm ExtensionsWithLDAP AIA ldap.host.for.aia
* @run main/othervm -Djdk.net.hosts.file=${test.src}/AIA
* -Dcom.sun.security.enableAIAcaIssuers=true
* ExtensionsWithLDAP AIA ldap.host.for.aia
*/

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
@@ -132,15 +133,6 @@ public static void main(String[] args) throws Exception {
String extension = args[0];
String targetHost = args[1];

// enable CRLDP and AIA extensions
System.setProperty("com.sun.security.enableCRLDP", "true");
System.setProperty("com.sun.security.enableAIAcaIssuers", "true");

Path hostsFilePath = Paths.get(System.getProperty("test.src", ".")
+ File.separator + extension);
System.setProperty("jdk.net.hosts.file",
hostsFilePath.toFile().getAbsolutePath());

X509Certificate trustedCert = loadCertificate(CA_CERT);
X509Certificate eeCert = loadCertificate(EE_CERT);

0 comments on commit e1cad97

Please sign in to comment.