Backport e18e95ed11c1df7eeb162c2303f027564ed6f6aa

duke · duke · commit 01f1230612c0 · 2025-11-24T05:51:39.000Z
diff --git a/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java b/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, 2025, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -22,45 +22,101 @@
  */
 
 /*
- * @test
+ * @test id=0
  * @bug 8191808 8179502
  * @summary check that CRL download is interrupted if it takes too long
  * @modules java.base/sun.security.x509
  *          java.base/sun.security.util
  * @library /test/lib
- * @run main/othervm -Dcom.sun.security.crl.readtimeout=1
+ * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1
  *      CRLReadTimeout 5000 false
- * @run main/othervm -Dcom.sun.security.crl.readtimeout=1s
+ */
+
+/*
+ * @test id=1
+ * @bug 8191808 8179502
+ * @summary check that CRL download is interrupted if it takes too long
+ * @modules java.base/sun.security.x509
+ *          java.base/sun.security.util
+ * @library /test/lib
+ * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1s
  *      CRLReadTimeout 5000 false
- * @run main/othervm -Dcom.sun.security.crl.readtimeout=4
+ */
+
+/*
+ * @test id=2
+ * @bug 8191808 8179502
+ * @summary check that CRL download is interrupted if it takes too long
+ * @modules java.base/sun.security.x509
+ *          java.base/sun.security.util
+ * @library /test/lib
+ * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=200
  *      CRLReadTimeout 1000 true
- * @run main/othervm -Dcom.sun.security.crl.readtimeout=1500ms
+ */
+
+/*
+ * @test id=3
+ * @bug 8191808 8179502
+ * @summary check that CRL download is interrupted if it takes too long
+ * @modules java.base/sun.security.x509
+ *          java.base/sun.security.util
+ * @library /test/lib
+ * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1500ms
  *      CRLReadTimeout 5000 false
- * @run main/othervm -Dcom.sun.security.crl.readtimeout=4500ms
- *      CRLReadTimeout 1000 true
  */
 
-import java.io.*;
+/*
+ * @test id=4
+ * @bug 8191808 8179502
+ * @summary check that CRL download is interrupted if it takes too long
+ * @modules java.base/sun.security.x509
+ *          java.base/sun.security.util
+ * @library /test/lib
+ * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=4500ms
+ *      CRLReadTimeout 100 true
+ */
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
 import java.math.BigInteger;
+import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.SocketTimeoutException;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
 import java.security.PrivateKey;
-import java.security.cert.*;
+import java.security.cert.CRLException;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathValidator;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.PKIXParameters;
+import java.security.cert.PKIXRevocationChecker;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
 import java.util.Date;
 import java.util.EnumSet;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 
-import static java.security.cert.PKIXRevocationChecker.Option.*;
+import static java.security.cert.PKIXRevocationChecker.Option.NO_FALLBACK;
+import static java.security.cert.PKIXRevocationChecker.Option.PREFER_CRLS;
+import static java.security.cert.PKIXRevocationChecker.Option.SOFT_FAIL;
 
 import com.sun.net.httpserver.HttpServer;
 import jdk.test.lib.SecurityTools;
 import jdk.test.lib.process.OutputAnalyzer;
 import sun.security.util.SignatureUtil;
-import sun.security.x509.*;
+import sun.security.x509.AuthorityKeyIdentifierExtension;
+import sun.security.x509.CRLExtensions;
+import sun.security.x509.CRLNumberExtension;
+import sun.security.x509.KeyIdentifier;
+import sun.security.x509.X500Name;
+import sun.security.x509.X509CRLImpl;
 
 public class CRLReadTimeout {
 
@@ -117,9 +173,10 @@ private static void testTimeout(int port, boolean expectedPass)
         // unwrap soft fail exceptions and check for SocketTimeoutException
         List<CertPathValidatorException> softExc = prc.getSoftFailExceptions();
         if (expectedPass) {
-            if (softExc.size() > 0) {
+            if (!softExc.isEmpty()) {
                 throw new RuntimeException("Expected to pass, found " +
-                        softExc.size() + " soft fail exceptions");
+                                           softExc.size() +
+                                           " soft fail exceptions");
             }
         } else {
             boolean foundSockTOExc = false;
@@ -182,7 +239,7 @@ public CrlHttpServer(int timeout) throws IOException {
         }
 
         public void start() throws IOException {
-            server.bind(new InetSocketAddress(0), 0);
+            server.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0), 0);
             server.createContext("/crl", t -> {
                 try (InputStream is = t.getRequestBody()) {
                     is.readAllBytes();
