You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/10/03 16:16:09 UTC
[cxf] 01/03: Replace RC4 CipherSuite tests as it's not supported
from Java >= 8 upwards
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit a1fece64750c025c2dbc37663f1f34297ca83388
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Oct 3 12:12:47 2018 +0100
Replace RC4 CipherSuite tests as it's not supported from Java >= 8 upwards
(cherry picked from commit 05b8db050b158d82aad57081a0dbb5e7c92cc3b1)
# Conflicts:
# systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
# systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
---
.../https/ciphersuites/CipherSuitesTest.java | 46 ++++++++--------------
.../https/ciphersuites/ciphersuites-client.xml | 2 +-
...-rc4-client.xml => ciphersuites-dhe-client.xml} | 3 +-
.../https/ciphersuites/ciphersuites-server.xml | 9 +++--
4 files changed, 23 insertions(+), 37 deletions(-)
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
index d55f5f6..a6ea425 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
@@ -176,11 +176,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes RC4, server only includes AES
+ // Client only includes DHE, server excludes it
@org.junit.Test
- public void testClientRC4ServerAESIncluded() throws Exception {
+ public void testClientDHEServerExcludesIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -205,11 +205,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes RC4, server only includes AES
+ // Client only includes DHE, server excludes it
@org.junit.Test
- public void testClientRC4ServerAESIncludedAsync() throws Exception {
+ public void testClientDHEServerExcludesIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -237,18 +237,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Both client + server include RC4
+ // Both client + server include DHE
@org.junit.Test
- public void testRC4Included() throws Exception {
- String version = System.getProperty("java.version");
- if (JavaUtils.isJava9Compatible()
- || version.length() > 1 && 1.8D <= Double.parseDouble(version.substring(0, 3))
- ) {
- // RC4 not supported since JDK8
- return;
- }
+ public void testDHEIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -268,18 +261,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Both client + server include RC4
+ // Both client + server include DHE
@org.junit.Test
- public void testRC4IncludedAsync() throws Exception {
- String version = System.getProperty("java.version");
- if (JavaUtils.isJava9Compatible()
- || version.length() > 1 && 1.8D <= Double.parseDouble(version.substring(0, 3))
- ) {
- // RC4 not supported since JDK8
- return;
- }
+ public void testDHEIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -302,9 +288,9 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes AES, server only includes RC4
+ // Client only includes ECDHE, server only includes DHE
@org.junit.Test
- public void testClientAESServerRC4Included() throws Exception {
+ public void testClientECDHEServerDHEIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client.xml");
@@ -331,9 +317,9 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes AES, server only includes RC4
+ // Client only includes ECDHE, server only includes DHE
@org.junit.Test
- public void testClientAESServerRC4IncludedAsync() throws Exception {
+ public void testClientECDHEServerDHEIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client.xml");
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
index f509336..1e28bd6 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
@@ -30,7 +30,7 @@
<sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_AES_.*</sec:include>
+ <sec:include>TLS_ECDHE_.*</sec:include>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
similarity index 95%
rename from systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml
rename to systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
index 4c8323d..a5c84b5 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
@@ -30,8 +30,7 @@
<sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_RC4_.*</sec:include>
- <sec:exclude>.*_WITH_AES_.*</sec:exclude>
+ <sec:include>.*_DHE_.*</sec:include>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
index 49b1027..a1745ce 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
@@ -35,6 +35,7 @@
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_AES_.*</sec:include>
<sec:exclude>SSL_RSA_WITH_DES_CBC_SHA</sec:exclude>
+ <sec:exclude>.*_DHE_.*</sec:exclude>
</sec:cipherSuitesFilter>
</httpj:tlsServerParameters>
</httpj:engine>
@@ -54,7 +55,7 @@
</jaxws:inInterceptors>
</jaxws:endpoint>
- <httpj:engine-factory id="rc4-tls-settings">
+ <httpj:engine-factory id="dhe-tls-settings">
<httpj:engine port="${testutil.ports.CipherSuitesServer.2}">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="password">
@@ -62,8 +63,8 @@
</sec:keyManagers>
<sec:clientAuthentication want="false" required="false"/>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_RC4_.*</sec:include>
- <sec:exclude>.*_WITH_AES_.*</sec:exclude>
+ <sec:include>.*_DHE_.*</sec:include>
+ <sec:exclude>TLS_ECDHE_.*</sec:exclude>
</sec:cipherSuitesFilter>
</httpj:tlsServerParameters>
</httpj:engine>
@@ -75,7 +76,7 @@
implementor="org.apache.cxf.systest.http.GreeterImpl"
address="https://localhost:${testutil.ports.CipherSuitesServer.2}/SoapContext/HttpsPort"
serviceName="s:SOAPService"
- endpointName="e:HttpsPort" depends-on="rc4-tls-settings"/>
+ endpointName="e:HttpsPort" depends-on="dhe-tls-settings"/>
<httpj:engine-factory id="null-tls-settings">
<httpj:engine port="${testutil.ports.CipherSuitesServer.3}">