You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/08/19 08:23:46 UTC
[tomcat] branch 8.5.x updated: Split into two tests in preparation
for improving coverage
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new a727d4f Split into two tests in preparation for improving coverage
a727d4f is described below
commit a727d4f7ce1a29fd79ea95e6cdbafd9d702e00e1
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Aug 19 09:19:38 2021 +0100
Split into two tests in preparation for improving coverage
Need to parameterise tests to cover JSSE and OpenSSL. Need to separate
out the test that uses a custom implementation.
---
test/org/apache/tomcat/util/net/TestCustomSsl.java | 98 ----------------------
...stomSsl.java => TestCustomSslTrustManager.java} | 53 +-----------
2 files changed, 3 insertions(+), 148 deletions(-)
diff --git a/test/org/apache/tomcat/util/net/TestCustomSsl.java b/test/org/apache/tomcat/util/net/TestCustomSsl.java
index efa1b83..e9bb46d 100644
--- a/test/org/apache/tomcat/util/net/TestCustomSsl.java
+++ b/test/org/apache/tomcat/util/net/TestCustomSsl.java
@@ -17,10 +17,6 @@
package org.apache.tomcat.util.net;
import java.io.File;
-import java.net.SocketException;
-
-import javax.net.ssl.SSLException;
-
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;
@@ -29,8 +25,6 @@ import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
-import org.apache.coyote.ProtocolHandler;
-import org.apache.coyote.http11.AbstractHttp11JsseProtocol;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
import org.apache.tomcat.util.net.jsse.TesterBug50640SslImpl;
@@ -43,12 +37,6 @@ import org.apache.tomcat.websocket.server.WsContextListener;
*/
public class TestCustomSsl extends TomcatBaseTest {
- private static enum TrustType {
- ALL,
- CA,
- NONE
- }
-
@Test
public void testCustomSslImplementation() throws Exception {
@@ -90,90 +78,4 @@ public class TestCustomSsl extends TomcatBaseTest {
"/examples/servlets/servlet/HelloWorldExample");
Assert.assertTrue(res.toString().indexOf("<a href=\"../helloworld.html\">") > 0);
}
-
- @Test
- public void testCustomTrustManagerAll() throws Exception {
- doTestCustomTrustManager(TrustType.ALL);
- }
-
- @Test
- public void testCustomTrustManagerCA() throws Exception {
- doTestCustomTrustManager(TrustType.CA);
- }
-
- @Test
- public void testCustomTrustManagerNone() throws Exception {
- doTestCustomTrustManager(TrustType.NONE);
- }
-
- private void doTestCustomTrustManager(TrustType trustType)
- throws Exception {
-
- Tomcat tomcat = getTomcatInstance();
-
- Assume.assumeTrue("SSL renegotiation has to be supported for this test",
- TesterSupport.isRenegotiationSupported(tomcat));
-
- TesterSupport.configureClientCertContext(tomcat);
-
- Connector connector = tomcat.getConnector();
-
- // Override the defaults
- ProtocolHandler handler = connector.getProtocolHandler();
- if (handler instanceof AbstractHttp11JsseProtocol) {
- connector.findSslHostConfigs()[0].setTruststoreFile(null);
- } else {
- // Unexpected
- Assert.fail("Unexpected handler type");
- }
- if (trustType.equals(TrustType.ALL)) {
- connector.findSslHostConfigs()[0].setTrustManagerClassName(
- "org.apache.tomcat.util.net.TesterSupport$TrustAllCerts");
- } else if (trustType.equals(TrustType.CA)) {
- connector.findSslHostConfigs()[0].setTrustManagerClassName(
- "org.apache.tomcat.util.net.TesterSupport$SequentialTrustManager");
- }
-
- // Start Tomcat
- tomcat.start();
-
- TesterSupport.configureClientSsl();
-
- // Unprotected resource
- ByteChunk res = getUrl("https://localhost:" + getPort() + "/unprotected");
- Assert.assertEquals("OK", res.toString());
-
- // Protected resource
- res.recycle();
- int rc = -1;
- try {
- rc = getUrl("https://localhost:" + getPort() + "/protected", res, null, null);
- } catch (SocketException | SSLException e) {
- if (!trustType.equals(TrustType.NONE)) {
- Assert.fail(e.getMessage());
- e.printStackTrace();
- }
- }
-
- if (trustType.equals(TrustType.CA)) {
- if (log.isDebugEnabled()) {
- int count = TesterSupport.getLastClientAuthRequestedIssuerCount();
- log.debug("Last client KeyManager usage: " + TesterSupport.getLastClientAuthKeyManagerUsage() +
- ", " + count + " requested Issuers, first one: " +
- (count > 0 ? TesterSupport.getLastClientAuthRequestedIssuer(0).getName() : "NONE"));
- log.debug("Expected requested Issuer: " + TesterSupport.getClientAuthExpectedIssuer());
- }
- Assert.assertTrue("Checking requested client issuer against " +
- TesterSupport.getClientAuthExpectedIssuer(),
- TesterSupport.checkLastClientAuthRequestedIssuers());
- }
-
- if (trustType.equals(TrustType.NONE)) {
- Assert.assertTrue(rc != 200);
- Assert.assertEquals("", res.toString());
- } else {
- Assert.assertEquals(200, rc);
- Assert.assertEquals("OK-" + TesterSupport.ROLE, res.toString());
- }
- }
}
diff --git a/test/org/apache/tomcat/util/net/TestCustomSsl.java b/test/org/apache/tomcat/util/net/TestCustomSslTrustManager.java
similarity index 68%
copy from test/org/apache/tomcat/util/net/TestCustomSsl.java
copy to test/org/apache/tomcat/util/net/TestCustomSslTrustManager.java
index efa1b83..f2afd93 100644
--- a/test/org/apache/tomcat/util/net/TestCustomSsl.java
+++ b/test/org/apache/tomcat/util/net/TestCustomSslTrustManager.java
@@ -16,7 +16,6 @@
*/
package org.apache.tomcat.util.net;
-import java.io.File;
import java.net.SocketException;
import javax.net.ssl.SSLException;
@@ -25,73 +24,27 @@ import org.junit.Assert;
import org.junit.Assume;
import org.junit.Test;
-import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.startup.TomcatBaseTest;
import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.http11.AbstractHttp11JsseProtocol;
import org.apache.tomcat.util.buf.ByteChunk;
-import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
-import org.apache.tomcat.util.net.jsse.TesterBug50640SslImpl;
-import org.apache.tomcat.websocket.server.WsContextListener;
/**
* The keys and certificates used in this file are all available in svn and were
* generated using a test CA the files for which are in the Tomcat PMC private
* repository since not all of them are AL2 licensed.
*/
-public class TestCustomSsl extends TomcatBaseTest {
+public class TestCustomSslTrustManager extends TomcatBaseTest {
- private static enum TrustType {
+ private enum TrustType {
ALL,
CA,
NONE
}
@Test
- public void testCustomSslImplementation() throws Exception {
-
- TesterSupport.configureClientSsl();
-
- Tomcat tomcat = getTomcatInstance();
- Connector connector = tomcat.getConnector();
-
- Assume.assumeFalse("This test is only for JSSE based SSL connectors",
- connector.getProtocolHandlerClassName().contains("Apr"));
-
- SSLHostConfig sslHostConfig = new SSLHostConfig();
- SSLHostConfigCertificate certificate = new SSLHostConfigCertificate(sslHostConfig, Type.UNDEFINED);
- sslHostConfig.addCertificate(certificate);
- connector.addSslHostConfig(sslHostConfig);
-
- Assert.assertTrue(connector.setProperty(
- "sslImplementationName", "org.apache.tomcat.util.net.jsse.TesterBug50640SslImpl"));
-
- // This setting will break ssl configuration unless the custom
- // implementation is used.
- sslHostConfig.setProtocols(TesterBug50640SslImpl.PROPERTY_VALUE);
-
- sslHostConfig.setSslProtocol("tls");
-
- File keystoreFile = new File(TesterSupport.LOCALHOST_RSA_JKS);
- certificate.setCertificateKeystoreFile(keystoreFile.getAbsolutePath());
-
- connector.setSecure(true);
- Assert.assertTrue(connector.setProperty("SSLEnabled", "true"));
-
- File appDir = new File(getBuildDirectory(), "webapps/examples");
- Context ctxt = tomcat.addWebapp(
- null, "/examples", appDir.getAbsolutePath());
- ctxt.addApplicationListener(WsContextListener.class.getName());
-
- tomcat.start();
- ByteChunk res = getUrl("https://localhost:" + getPort() +
- "/examples/servlets/servlet/HelloWorldExample");
- Assert.assertTrue(res.toString().indexOf("<a href=\"../helloworld.html\">") > 0);
- }
-
- @Test
public void testCustomTrustManagerAll() throws Exception {
doTestCustomTrustManager(TrustType.ALL);
}
@@ -170,7 +123,7 @@ public class TestCustomSsl extends TomcatBaseTest {
if (trustType.equals(TrustType.NONE)) {
Assert.assertTrue(rc != 200);
- Assert.assertEquals("", res.toString());
+ Assert.assertNull(res.toString());
} else {
Assert.assertEquals(200, rc);
Assert.assertEquals("OK-" + TesterSupport.ROLE, res.toString());
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org