Mercurial > hg > monetdb-java
comparison tests/TLSTester.java @ 803:1671f2eb130b monetdbs
Send NUL bytes on non-TLS connect
This avoids a hang if we accidentally make a non-TLS connection to a
TLS server.
The hang occurs because in that situation, the MAPI client ends up
waiting for the server to send a MAPI challenge, while the TLS server
ends up waiting for the client to send a TLS Client Hello message.
The NUL bytes are illegal as a Client Hello and a no-op as a MAPI
message.
| author | Joeri van Ruth <joeri.van.ruth@monetdbsolutions.com> |
|---|---|
| date | Mon, 11 Dec 2023 14:47:41 +0100 (17 months ago) |
| parents | 5d04490bc58b |
| children | 361441253305 |
comparison
equal
deleted
inserted
replaced
| 802:5d04490bc58b | 803:1671f2eb130b |
|---|---|
| 129 test_refuse_tlsv12(); | 129 test_refuse_tlsv12(); |
| 130 test_refuse_expired(); | 130 test_refuse_expired(); |
| 131 // test_connect_client_auth1(); | 131 // test_connect_client_auth1(); |
| 132 // test_connect_client_auth2(); | 132 // test_connect_client_auth2(); |
| 133 test_fail_tls_to_plain(); | 133 test_fail_tls_to_plain(); |
| 134 // test_fail_plain_to_tls(); | 134 test_fail_plain_to_tls(); |
| 135 // test_connect_server_name(); | 135 // test_connect_server_name(); |
| 136 // test_connect_alpn_mapi9(); | 136 // test_connect_alpn_mapi9(); |
| 137 test_connect_trusted(); | 137 test_connect_trusted(); |
| 138 test_refuse_trusted_wrong_host(); | 138 test_refuse_trusted_wrong_host(); |
| 139 } | 139 } |
| 191 attempt.withFile(Parameter.CERT, "/ca1.crt").expectFailure(""); | 191 attempt.withFile(Parameter.CERT, "/ca1.crt").expectFailure(""); |
| 192 | 192 |
| 193 } | 193 } |
| 194 | 194 |
| 195 private void test_fail_plain_to_tls() throws IOException, SQLException { | 195 private void test_fail_plain_to_tls() throws IOException, SQLException { |
| 196 attempt("fail_plain_to_tls", "server1").with(Parameter.TLS, false).expectFailure("asdf"); | 196 attempt("fail_plain_to_tls", "server1").with(Parameter.TLS, false).expectFailure("Cannot connect"); |
| 197 } | 197 } |
| 198 | 198 |
| 199 private void test_connect_server_name() throws IOException, SQLException { | 199 private void test_connect_server_name() throws IOException, SQLException { |
| 200 Attempt attempt = attempt("connect_server_name", "sni"); | 200 Attempt attempt = attempt("connect_server_name", "sni"); |
| 201 attempt.withFile(Parameter.CERT, "/ca1.crt").expectSuccess(); | 201 attempt.withFile(Parameter.CERT, "/ca1.crt").expectSuccess(); |