Google Git
Sign in
android / toolchain / jdk / jdk9_jdk / 2283b9d1d8f03fea8fa192c248b58726a66a6eaf / . / test / sun / management / jmxremote / bootstrap / SSLConfigFilePermissionTest.sh
blob: 46927ec83357424582434217a96fa88a19923647 [file] [log] [blame]
#!/bin/sh
#
# Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 6557093
# @summary Check SSL config file permission for out-of-the-box management
#
# @run shell SSLConfigFilePermissionTest.sh
createJavaFile()
{
cat << EOF > $1/$2.java
class $2 {
public static void main(String[] args) {
System.out.println("Inside main method...");
}
}
EOF
}
createManagementConfigFile() {
cat << EOF > $1
# management.properties
com.sun.management.jmxremote.authenticate=false
com.sun.management.jmxremote.ssl.config.file=$2
EOF
}
createSSLConfigFile() {
if [ -f "$1" ] ; then
rm -f $1 || echo WARNING: $1 already exists - unable to remove old copy
fi
cat << EOF > $1
javax.net.ssl.keyStore=$2
javax.net.ssl.keyStorePassword=password
EOF
}
# Check we are run from jtreg
if [ -z "${TESTCLASSES}" ]; then
echo "Test is designed to be run from jtreg only"
exit 0
fi
# Test not suitable for Windows as chmod may not be able to
# security the password file.
os=`uname -s`
if [ "$os" != "Linux" -a "$os" != "SunOS" ]; then
echo "Test not designed to run on this operating system, skipping..."
exit 0
fi
# Create management and SSL configuration files
LIBDIR=${TESTCLASSES}/lib
MGMT=${LIBDIR}/management.properties
SSL=${LIBDIR}/jmxremote.ssl.config
rm -f ${MGMT}
rm -f ${SSL}
mkdir ${LIBDIR} 2>&1
createJavaFile ${TESTCLASSES} Dummy
createManagementConfigFile ${MGMT} ${SSL}
createSSLConfigFile ${SSL} ${TESTSRC}/ssl/keystore
# Compile test
${TESTJAVA}/bin/javac -d ${TESTCLASSES} ${TESTCLASSES}/Dummy.java
JAVA=${TESTJAVA}/bin/java
CLASSPATH=${TESTCLASSES}
export CLASSPATH
failures=0
mp=-Dcom.sun.management.config.file=${MGMT}
pp=-Dcom.sun.management.jmxremote.port=4999
go() {
echo ''
sh -xc "$JAVA $1 $2 $3 $4 $5 $6 $7 $8" 2>&1
if [ $? != 0 ]; then failures=`expr $failures + 1`; fi
}
# Test 1 - SSL config file is secure - VM should start
chmod 700 ${SSL}
sh -xc "$JAVA $mp $pp Dummy" 2>&1
if [ $? != 0 ]; then failures=`expr $failures + 1`; fi
# Test 2 - SSL config file is not secure - VM should fail to start
chmod o+rx ${SSL}
sh -xc "$JAVA $mp $pp Dummy" 2>&1
if [ $? = 0 ]; then failures=`expr $failures + 1`; fi
# Reset the file permissions on the generated SSL config file
chmod 777 ${SSL}
#
# Results
#
echo ''
if [ $failures -gt 0 ];
then echo "$failures test(s) failed";
else echo "All test(s) passed"; fi
exit $failures