You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/10/03 16:14:43 UTC
[cxf] 02/07: Replace RC4 CipherSuite tests as it's not supported
from Java >= 8 upwards
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 05b8db050b158d82aad57081a0dbb5e7c92cc3b1
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Oct 3 12:12:47 2018 +0100
Replace RC4 CipherSuite tests as it's not supported from Java >= 8 upwards
---
.../https/ciphersuites/CipherSuitesTest.java | 46 ++++++++--------------
.../https/ciphersuites/ciphersuites-client.xml | 2 +-
...-rc4-client.xml => ciphersuites-dhe-client.xml} | 3 +-
.../https/ciphersuites/ciphersuites-server.xml | 9 +++--
4 files changed, 23 insertions(+), 37 deletions(-)
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
index d3d1945..d4f5acb 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
@@ -177,11 +177,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes RC4, server only includes AES
+ // Client only includes DHE, server excludes it
@org.junit.Test
- public void testClientRC4ServerAESIncluded() throws Exception {
+ public void testClientDHEServerExcludesIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -206,11 +206,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes RC4, server only includes AES
+ // Client only includes DHE, server excludes it
@org.junit.Test
- public void testClientRC4ServerAESIncludedAsync() throws Exception {
+ public void testClientDHEServerExcludesIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -238,18 +238,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Both client + server include RC4
+ // Both client + server include DHE
@org.junit.Test
- public void testRC4Included() throws Exception {
- String version = System.getProperty("java.version");
- if (JavaUtils.isJava9Compatible()
- || version.length() > 1 && 1.8D <= Double.parseDouble(version.substring(0, 3))
- ) {
- // RC4 not supported since JDK8
- return;
- }
+ public void testDHEIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -269,18 +262,11 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Both client + server include RC4
+ // Both client + server include DHE
@org.junit.Test
- public void testRC4IncludedAsync() throws Exception {
- String version = System.getProperty("java.version");
- if (JavaUtils.isJava9Compatible()
- || version.length() > 1 && 1.8D <= Double.parseDouble(version.substring(0, 3))
- ) {
- // RC4 not supported since JDK8
- return;
- }
+ public void testDHEIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
- URL busFile = CipherSuitesTest.class.getResource("ciphersuites-rc4-client.xml");
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-dhe-client.xml");
Bus bus = bf.createBus(busFile.toString());
BusFactory.setDefaultBus(bus);
@@ -303,9 +289,9 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes AES, server only includes RC4
+ // Client only includes ECDHE, server only includes DHE
@org.junit.Test
- public void testClientAESServerRC4Included() throws Exception {
+ public void testClientECDHEServerDHEIncluded() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client.xml");
@@ -332,9 +318,9 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
- // Client only includes AES, server only includes RC4
+ // Client only includes ECDHE, server only includes DHE
@org.junit.Test
- public void testClientAESServerRC4IncludedAsync() throws Exception {
+ public void testClientECDHEServerDHEIncludedAsync() throws Exception {
SpringBusFactory bf = new SpringBusFactory();
URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client.xml");
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
index f509336..1e28bd6 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client.xml
@@ -30,7 +30,7 @@
<sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_AES_.*</sec:include>
+ <sec:include>TLS_ECDHE_.*</sec:include>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
similarity index 95%
rename from systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml
rename to systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
index 4c8323d..a5c84b5 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-rc4-client.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-dhe-client.xml
@@ -30,8 +30,7 @@
<sec:keyStore type="jks" password="password" resource="keys/Truststore.jks"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_RC4_.*</sec:include>
- <sec:exclude>.*_WITH_AES_.*</sec:exclude>
+ <sec:include>.*_DHE_.*</sec:include>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
index 09545ff..041a8cc 100644
--- a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
+++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-server.xml
@@ -35,6 +35,7 @@
<sec:cipherSuitesFilter>
<sec:include>.*_AES_.*</sec:include>
<sec:exclude>SSL_RSA_WITH_DES_CBC_SHA</sec:exclude>
+ <sec:exclude>.*_DHE_.*</sec:exclude>
</sec:cipherSuitesFilter>
</httpj:tlsServerParameters>
</httpj:engine>
@@ -54,7 +55,7 @@
</jaxws:inInterceptors>
</jaxws:endpoint>
- <httpj:engine-factory id="rc4-tls-settings">
+ <httpj:engine-factory id="dhe-tls-settings">
<httpj:engine port="${testutil.ports.CipherSuitesServer.2}">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="password">
@@ -62,8 +63,8 @@
</sec:keyManagers>
<sec:clientAuthentication want="false" required="false"/>
<sec:cipherSuitesFilter>
- <sec:include>.*_WITH_RC4_.*</sec:include>
- <sec:exclude>.*_AES_.*</sec:exclude>
+ <sec:include>.*_DHE_.*</sec:include>
+ <sec:exclude>TLS_ECDHE_.*</sec:exclude>
</sec:cipherSuitesFilter>
</httpj:tlsServerParameters>
</httpj:engine>
@@ -75,7 +76,7 @@
implementor="org.apache.cxf.systest.http.GreeterImpl"
address="https://localhost:${testutil.ports.CipherSuitesServer.2}/SoapContext/HttpsPort"
serviceName="s:SOAPService"
- endpointName="e:HttpsPort" depends-on="rc4-tls-settings"/>
+ endpointName="e:HttpsPort" depends-on="dhe-tls-settings"/>
<httpj:engine-factory id="null-tls-settings">
<httpj:engine port="${testutil.ports.CipherSuitesServer.3}">