You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by dh...@apache.org on 2014/10/23 07:11:31 UTC
[3/3] git commit: CAMEL-7940: polished unit test, updated testSecureSocketProtocol to enable SSLv3 explicitly

CAMEL-7940: polished unit test, updated testSecureSocketProtocol to enable SSLv3 explicitly


Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/52691e42
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/52691e42
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/52691e42

Branch: refs/heads/camel-2.14.x
Commit: 52691e427321186aaa2391c8ec00265e0826ce7d
Parents: e3d2ebe
Author: Dhiraj Bokde <dh...@yahoo.com>
Authored: Wed Oct 22 11:45:45 2014 -0700
Committer: Dhiraj Bokde <dh...@yahoo.com>
Committed: Wed Oct 22 22:10:03 2014 -0700

----------------------------------------------------------------------
 .../util/jsse/SSLContextParametersTest.java     | 42 ++++++++++++++++++--
 1 file changed, 38 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/camel/blob/52691e42/camel-core/src/test/java/org/apache/camel/util/jsse/SSLContextParametersTest.java
----------------------------------------------------------------------
diff --git a/camel-core/src/test/java/org/apache/camel/util/jsse/SSLContextParametersTest.java b/camel-core/src/test/java/org/apache/camel/util/jsse/SSLContextParametersTest.java
index 0d2258d..a51972e 100644
--- a/camel-core/src/test/java/org/apache/camel/util/jsse/SSLContextParametersTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/jsse/SSLContextParametersTest.java
@@ -21,7 +21,6 @@ import java.util.Collection;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.regex.Pattern;
-
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLServerSocket;
@@ -257,8 +256,8 @@ public class SSLContextParametersTest extends AbstractJsseParametersTest {
         socket = (SSLSocket) context.getSocketFactory().createSocket();
         serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
         
-        assertFalse(Arrays.equals(controlEngine.getEnabledProtocols(), engine.getEnabledProtocols()));
-        assertFalse(Arrays.equals(controlSocket.getEnabledProtocols(), socket.getEnabledProtocols()));
+        assertStartsWith(engine.getEnabledProtocols(), "TLS");
+        assertStartsWith(socket.getEnabledProtocols(), "TLS");
         assertEquals(0, serverSocket.getEnabledProtocols().length);
         
         // Secure socket protocols filter on client params
@@ -752,6 +751,15 @@ public class SSLContextParametersTest extends AbstractJsseParametersTest {
         SSLContext context = scp.createSSLContext();
         
         assertEquals("TLS", context.getProtocol());
+
+        SSLEngine engine = context.createSSLEngine();
+        SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
+        SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
+
+        // default disable the SSL* protocols
+        assertStartsWith(engine.getEnabledProtocols(), "TLS");
+        assertStartsWith(socket.getEnabledProtocols(), "TLS");
+        assertStartsWith(serverSocket.getEnabledProtocols(), "TLS");
     }
     
     public void testSecureSocketProtocol() throws Exception {
@@ -759,8 +767,34 @@ public class SSLContextParametersTest extends AbstractJsseParametersTest {
         scp.setSecureSocketProtocol("SSLv3");
         
         SSLContext context = scp.createSSLContext();
-        
+
         assertEquals("SSLv3", context.getProtocol());
+
+        SSLEngine engine = context.createSSLEngine();
+        SSLSocket socket = (SSLSocket) context.getSocketFactory().createSocket();
+        SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
+
+        // default disable the SSL* protocols
+        assertStartsWith(engine.getEnabledProtocols(), "TLS");
+        assertStartsWith(socket.getEnabledProtocols(), "TLS");
+        assertStartsWith(serverSocket.getEnabledProtocols(), "TLS");
+
+        // allow SSL* protocols by explicitly asking for them
+        final SecureSocketProtocolsParameters protocols = new SecureSocketProtocolsParameters();
+        protocols.getSecureSocketProtocol().add("SSLv3");
+        scp.setSecureSocketProtocols(protocols);
+
+        context = scp.createSSLContext();
+        engine = context.createSSLEngine();
+        socket = (SSLSocket) context.getSocketFactory().createSocket();
+        serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
+
+        assertEquals(engine.getEnabledProtocols().length, 1);
+        assertEquals(engine.getEnabledProtocols()[0], "SSLv3");
+        assertEquals(socket.getEnabledProtocols().length, 1);
+        assertEquals(socket.getEnabledProtocols()[0], "SSLv3");
+        assertEquals(serverSocket.getEnabledProtocols().length, 1);
+        assertEquals(serverSocket.getEnabledProtocols()[0], "SSLv3");
     }
     
     public void testProvider() throws Exception {