jmeter-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject svn commit: r1525234 - in /jmeter/trunk/src: jorphan/org/apache/jorphan/exec/ jorphan/org/apache/jorphan/util/ protocol/http/org/apache/jmeter/protocol/http/proxy/ protocol/http/org/apache/jmeter/protocol/http/proxy/gui/
Date Sat, 21 Sep 2013 13:36:39 GMT
Author: sebb
Date: Sat Sep 21 13:36:39 2013
New Revision: 1525234

URL: http://svn.apache.org/r1525234
Log:
Proxy SSL recording does not handle external embedded resources well
Clarify certificate names
Display details of local certificate that user can check against
Bugzilla Id: 55507

Modified:
    jmeter/trunk/src/jorphan/org/apache/jorphan/exec/KeyToolUtils.java
    jmeter/trunk/src/jorphan/org/apache/jorphan/util/JOrphanUtils.java
    jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java
    jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/gui/ProxyControlGui.java

Modified: jmeter/trunk/src/jorphan/org/apache/jorphan/exec/KeyToolUtils.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/jorphan/org/apache/jorphan/exec/KeyToolUtils.java?rev=1525234&r1=1525233&r2=1525234&view=diff
==============================================================================
--- jmeter/trunk/src/jorphan/org/apache/jorphan/exec/KeyToolUtils.java (original)
+++ jmeter/trunk/src/jorphan/org/apache/jorphan/exec/KeyToolUtils.java Sat Sep 21 13:36:39
2013
@@ -45,8 +45,8 @@ public class KeyToolUtils {
     // N.B. It seems that Opera needs a chain in order to accept server keys signed by the
intermediate CA
     // Opera does not seem to like server keys signed by the root (self-signed) cert.
 
-    private static final String DNAME_ROOT_CA_KEY          = "cn=Apache JMeter Proxy Root
CA (TEMPORARY TRUST ONLY)"; // $NON-NLS-1$
-    private static final String DNAME_INTERMEDIATE_CA_KEY  = "cn=Apache JMeter Proxy Intermediate
CA (TEMPORARY TRUST ONLY)"; // $NON-NLS-1$
+    private static final String DNAME_ROOT_CA_KEY          = "cn=_ DO NOT TRUST unless this
is your certificate (JMeter root CA)"; // $NON-NLS-1$
+    private static final String DNAME_INTERMEDIATE_CA_KEY  = "cn=_ DO NOT INSTALL THIS CERTIFICATE
(JMeter Intermediate CA)"; // $NON-NLS-1$
 
     private static final String ROOT_CACERT_CRT = "ApacheJMeterTemporaryRootCA.crt"; // $NON-NLS-1$
(Firefox and Windows)
     private static final String ROOT_CACERT_USR = "ApacheJMeterTemporaryRootCA.usr"; // $NON-NLS-1$
(Opera)
@@ -247,6 +247,15 @@ public class KeyToolUtils {
     }
 
     /**
+     * Get the root CA alias; needed to check the serial number and fingerprint
+     * 
+     * @return the alias
+     */
+    public static String getRootCAalias() {
+        return ROOTCA_ALIAS;
+    }
+
+    /**
      * Helper method to simplify chaining keytool commands.
      * 
      * @param command the command, not null

Modified: jmeter/trunk/src/jorphan/org/apache/jorphan/util/JOrphanUtils.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/jorphan/org/apache/jorphan/util/JOrphanUtils.java?rev=1525234&r1=1525233&r2=1525234&view=diff
==============================================================================
--- jmeter/trunk/src/jorphan/org/apache/jorphan/util/JOrphanUtils.java (original)
+++ jmeter/trunk/src/jorphan/org/apache/jorphan/util/JOrphanUtils.java Sat Sep 21 13:36:39
2013
@@ -430,6 +430,28 @@ public final class JOrphanUtils {
      * Convert binary byte array to hex string.
      *
      * @param ba input binary byte array
+     * @param separator the separator to be added between pairs of hex digits
+     * @return hex representation of binary input
+     */
+    public static String baToHexString(byte ba[], char separator) {
+        StringBuilder sb = new StringBuilder(ba.length*2);
+        for (int i = 0; i < ba.length; i++) {
+            if (i > 0 && separator != 0) {
+                sb.append(separator);
+            }
+            int j = ba[i] & 0xff;
+            if (j < 16) {
+                sb.append("0"); // $NON-NLS-1$ add zero padding
+            }
+            sb.append(Integer.toHexString(j));
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Convert binary byte array to hex string.
+     *
+     * @param ba input binary byte array
      * @return hex representation of binary input
      */
     public static byte[] baToHexBytes(byte ba[]) {

Modified: jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java?rev=1525234&r1=1525233&r2=1525234&view=diff
==============================================================================
--- jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java
(original)
+++ jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java
Sat Sep 21 13:36:39 2013
@@ -38,6 +38,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.prefs.Preferences;
 
+import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.time.DateUtils;
@@ -81,6 +82,7 @@ import org.apache.jmeter.timers.Timer;
 import org.apache.jmeter.util.JMeterUtils;
 import org.apache.jorphan.exec.KeyToolUtils;
 import org.apache.jorphan.logging.LoggingManager;
+import org.apache.jorphan.util.JOrphanUtils;
 import org.apache.log.Logger;
 import org.apache.oro.text.MalformedCachePatternException;
 import org.apache.oro.text.regex.Pattern;
@@ -556,6 +558,26 @@ public class ProxyControl extends Generi
         }
     }
 
+    public String[] getCertificateSerialAndFingerPrint() {
+        if (isDynamicMode()) {
+            try {
+                X509Certificate caCert = (X509Certificate) keyStore.getCertificate(KeyToolUtils.getRootCAalias());
+                if (caCert == null) {
+                    return new String[]{"Could not find certificate"};
+                }
+                return new String[]
+                        {
+                        caCert.getSubjectX500Principal().toString(),
+                        "Fingerprint(SHA1):",
+                        JOrphanUtils.baToHexString(DigestUtils.sha1(caCert.getEncoded()),
' ')
+                        };
+            } catch (GeneralSecurityException e) {
+                log.error("Problem reading root CA from keystore", e);
+                return new String[]{"Could not read certificate"};
+            }
+        }
+        return null; // should not happen
+    }
     // Package protected to allow test case access
     boolean filterUrl(HTTPSamplerBase sampler) {
         String domain = sampler.getDomain();

Modified: jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/gui/ProxyControlGui.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/gui/ProxyControlGui.java?rev=1525234&r1=1525233&r2=1525234&view=diff
==============================================================================
--- jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/gui/ProxyControlGui.java
(original)
+++ jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/gui/ProxyControlGui.java
Sat Sep 21 13:36:39 2013
@@ -477,6 +477,17 @@ public class ProxyControlGui extends Log
             start.setEnabled(false);
             stop.setEnabled(true);
             restart.setEnabled(false);
+            if (ProxyControl.isDynamicMode()) {
+                String details[] = model.getCertificateSerialAndFingerPrint();
+                StringBuilder sb = new StringBuilder();
+                for(String detail : details) {
+                    sb.append(detail).append("\n");
+                }
+                JOptionPane.showMessageDialog(this,
+                    sb.toString(),
+                    "Please check the certificate before installing it:",
+                    JOptionPane.INFORMATION_MESSAGE);
+            }
         } catch (InvalidVariableException e) {
             JOptionPane.showMessageDialog(this,
                     JMeterUtils.getResString("invalid_variables"), // $NON-NLS-1$



Mime
View raw message