I have an issue similar to the other post related to SSLFilter. However, I
get a timeout exception unlike him. I tried to create a testcase using the
SSLTest unit testcase. The problem is that if you setup a processor after
setting up the SSLFilter, the SSLFilter doesn't get called during handshake.
In my case, I end up getting all the handshake data to the
DecodingFilter.handleRead method and it fails because it can't parse it. Any
clues on how to get the handshake done?
Have a look below:
SSLTest.java
----------------
public static void main(String[] args) throws Exception
{
SSLTest sslTest = new SSLTest();
sslTest.testSimpleSyncSSL();
}
private class CustomProtocolTransport
{
private final DefaultFilterChainFactory factory = new
DefaultFilterChainFactory();
public DefaultFilterChainFactory getDefaultFilterChainFactory()
{
return factory;
}
public class DefaultFilterChainFactory implements
PatternFilterChainFactory
{
private FilterChain defaultFilterChain;
public FilterChain getFilterChainPattern()
{
return defaultFilterChain;
}
public void release(FilterChain chain)
{
// TODO: Nothing yet.
}
public FilterChain create()
{
FilterChain filterChain = new DefaultFilterChain(this);
filterChain.addAll(defaultFilterChain);
return filterChain;
}
public void setFilterChainPattern(FilterChain chain)
{
defaultFilterChain = chain;
}
private DefaultFilterChainFactory()
{
this.defaultFilterChain = new DefaultFilterChain(this);
this.defaultFilterChain.add(new TransportFilter());
this.defaultFilterChain.add(new DecodingFilter());
}
private class DecodingFilter extends FilterAdapter
{
@Override
public NextAction handleRead(FilterChainContext ctx,
NextAction nextAction) throws IOException
{
Connection<?> connection = ctx.getConnection();
StreamReader streamReader = ctx.getStreamReader();
//ERROR: It bypasses the SSL filter and receives the handshake
data.
return nextAction;
}
}
}
}
private class MyFilterAdapter extends FilterAdapter
{
//Accepts a client connection.
@Override
public NextAction handleAccept(
FilterChainContext ctx, NextAction nextAction) throws IOException
{
com.sun.grizzly.Connection connection = ctx.getConnection();
connection.configureBlocking(true);
connection.getStreamReader().setBlocking(true);
connection.getStreamWriter().setBlocking(true);
CustomProtocolTransport transport = new CustomProtocolTransport();
connection.setProcessor(transport
.getDefaultFilterChainFactory().getFilterChainPattern());
return nextAction;
}
}
public void testSimpleSyncSSL() throws Exception {
..
//transport.getFilterChain().add(new EchoFilter());
transport.getFilterChain().add(new MyFilterAdapter());
..
}
The output is:
***
found key for : mykey
chain [0] = [
[
Version: V3
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus:
118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
public exponent: 65537
Validity: [From: Wed Jan 27 22:02:03 CST 2010,
To: Tue Apr 27 23:02:03 CDT 2010]
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
SerialNumber: [ 4b610c3b]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65 23 ...L.)....H...e#
0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.$W..9
0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-h......,
0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.+].&7..=..
0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..2......$n
0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2 mKr"yJ(.........
0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....1*=...g7C.x
0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C 31 ....a...M)..a.,1
]
***
adding as trusted cert:
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Algorithm: RSA; Serial number: 0x4b610c3b
Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03 CDT 2010
***
found key for : mykey
chain [0] = [
[
Version: V3
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus:
118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
public exponent: 65537
Validity: [From: Wed Jan 27 22:02:03 CST 2010,
To: Tue Apr 27 23:02:03 CDT 2010]
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
SerialNumber: [ 4b610c3b]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65 23 ...L.)....H...e#
0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.$W..9
0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-h......,
0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.+].&7..=..
0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..2......$n
0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2 mKr"yJ(.........
0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....1*=...g7C.x
0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C 31 ....a...M)..a.,1
]
***
adding as trusted cert:
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Algorithm: RSA; Serial number: 0x4b610c3b
Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03 CDT 2010
trigger seeding of SecureRandom
done seeding SecureRandom
***
found key for : mykey
chain [0] = [
[
Version: V3
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus:
118567974256410042452991025386174340566769259958133868983714943300016489649763883603890320095455567224646241449363020215946997571751589998888541470052694403418995789267075031195803825604783061926424722475378193630177677062771711456194062379770562505567517207633744031569465470281784505668081144741188883228161
public exponent: 65537
Validity: [From: Wed Jan 27 22:02:03 CST 2010,
To: Tue Apr 27 23:02:03 CDT 2010]
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
SerialNumber: [ 4b610c3b]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 8E 97 AE 4C 91 29 05 C4 EE B5 48 F7 7B 9B 65 23 ...L.)....H...e#
0010: B6 24 D3 1A 09 92 E3 2C FE 3C A0 24 57 C0 FA 39 .$.....,.<.$W..9
0020: 82 6C 18 7F 30 68 56 2D 68 B4 86 96 91 0D FB 2C .l..0hV-h......,
0030: A3 90 6A 75 60 19 2B 5D EF 26 37 C5 0E 3D 9A E0 ..ju`.+].&7..=..
0040: F1 99 E1 C8 22 E2 7F 32 D4 B2 B4 E5 C7 D3 24 6E ...."..2......$n
0050: 6D 4B 72 22 79 4A 28 AC DA E9 B2 E7 A0 B5 E2 B2 mKr"yJ(.........
0060: B3 E0 82 09 B1 31 2A 3D 85 16 E1 67 37 43 9F 78 .....1*=...g7C.x
0070: C9 9E D0 1B 61 18 F1 C5 4D 29 E3 C0 61 17 2C 31 ....a...M)..a.,1
]
***
adding as trusted cert:
Subject: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Issuer: CN=ssl keystore, OU=ssl, O=test, L=IN, ST=Arizona, C=AZ
Algorithm: RSA; Serial number: 0x4b610c3b
Valid from Wed Jan 27 22:02:03 CST 2010 until Tue Apr 27 23:02:03 CDT 2010
trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1264658535 bytes = { 238, 46, 135, 54, 216, 161, 156,
183, 142, 218, 69, 153, 27, 52, 156, 102, 144, 124, 186, 113, 180, 67, 27,
106, 243, 188, 241, 179 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA,
SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 79
main, WRITE: SSLv2 client hello message, length = 107
Exception in thread "main" java.util.concurrent.ExecutionException:
java.util.concurrent.TimeoutException
at com.sun.grizzly.impl.ReadyFutureImpl.get(ReadyFutureImpl.java:138)
at grizzly.SSLTest.testSimpleSyncSSL(SSLTest.java:182)
at grizzly.SSLTest.main(SSLTest.java:47)
Caused by: java.util.concurrent.TimeoutException
at com.sun.grizzly.impl.FutureImpl.get(FutureImpl.java:170)
at
com.sun.grizzly.ssl.BlockingSSLHandshaker.handshake(BlockingSSLHandshaker.java:119)
at grizzly.SSLTest.testSimpleSyncSSL(SSLTest.java:178)
--
View this message in context: http://old.nabble.com/SSL-Handshake-fails-tp27351491p27351491.html
Sent from the Grizzly - Users mailing list archive at Nabble.com.