You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2021/12/09 13:42:17 UTC
[httpcomponents-core] branch master updated: Check if a given protocol is considered secure and is enabled by default.
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/httpcomponents-core.git
The following commit(s) were added to refs/heads/master by this push:
new 9d69aeb Check if a given protocol is considered secure and is enabled by default.
9d69aeb is described below
commit 9d69aeb1ab56ebf7d99d5007404ea534bff8a382
Author: Arturo Bernal <ar...@gmail.com>
AuthorDate: Wed Dec 8 21:34:38 2021 +0100
Check if a given protocol is considered secure and is enabled by default.
---
.../java/org/apache/hc/core5/http/ssl/TLS.java | 15 +++-
.../java/org/apache/hc/core5/http/ssl/TLSTest.java | 89 ++++++++++++++++++++++
2 files changed, 102 insertions(+), 2 deletions(-)
diff --git a/httpcore5/src/main/java/org/apache/hc/core5/http/ssl/TLS.java b/httpcore5/src/main/java/org/apache/hc/core5/http/ssl/TLS.java
index 6836cdf..bf41091 100644
--- a/httpcore5/src/main/java/org/apache/hc/core5/http/ssl/TLS.java
+++ b/httpcore5/src/main/java/org/apache/hc/core5/http/ssl/TLS.java
@@ -83,8 +83,8 @@ public enum TLS {
return null;
}
final List<String> enabledProtocols = new ArrayList<>();
- for (final String protocol: protocols) {
- if (!protocol.startsWith("SSL") && !protocol.equals(V_1_0.id) && !protocol.equals(V_1_1.id)) {
+ for (final String protocol : protocols) {
+ if (isSecure(protocol)) {
enabledProtocols.add(protocol);
}
}
@@ -94,4 +94,15 @@ public enum TLS {
return enabledProtocols.toArray(new String[0]);
}
+ /**
+ * Check if a given protocol is considered secure and is enabled by default.
+ *
+ * @return {@code true} if the given protocol is secure and enabled, otherwise return {@code
+ * false}.
+ * @since 5.2
+ */
+ public static boolean isSecure(final String protocol) {
+ return !protocol.startsWith("SSL") && !protocol.equals(V_1_0.id) && !protocol.equals(V_1_1.id);
+ }
+
}
diff --git a/httpcore5/src/test/java/org/apache/hc/core5/http/ssl/TLSTest.java b/httpcore5/src/test/java/org/apache/hc/core5/http/ssl/TLSTest.java
new file mode 100644
index 0000000..72ebb82
--- /dev/null
+++ b/httpcore5/src/test/java/org/apache/hc/core5/http/ssl/TLSTest.java
@@ -0,0 +1,89 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.hc.core5.http.ssl;
+
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import org.apache.hc.core5.http.ParseException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+class TLSTest {
+
+
+ @Test
+ void isSame() throws ParseException {
+ assertTrue(TLS.V_1_0.isSame(TLS.parse("TLSv1")));
+ }
+
+ @Test
+ void isComparable() throws ParseException {
+ assertTrue(TLS.V_1_0.isComparable(TLS.parse("TLSv1")));
+ }
+
+ @Test
+ void greaterEquals() throws ParseException {
+ assertTrue(TLS.V_1_3.greaterEquals(TLS.parse("TLSv1")));
+ }
+
+ @Test
+ void lessEquals() throws ParseException {
+ assertTrue(TLS.V_1_0.lessEquals(TLS.parse("TLSv1.3")));
+ }
+
+ @Test
+ void parse() throws ParseException {
+ assertTrue(TLS.V_1_0.lessEquals(TLS.parse("TLSv1.3")));
+ }
+
+ @Test
+ void parseNull() throws ParseException {
+ assertNull(TLS.parse(null));
+ }
+
+ @Test
+ void excludeWeakNull() {
+ assertNull((TLS.excludeWeak(null)));
+ }
+
+ @Test
+ void excludeWeak() {
+ final String[] mixProtocol = {
+ "SSL 2.0",
+ "TLS 1.3",
+ "SSL 3.0",
+ "TLS 1.2",
+ "TLS 1.1"
+ };
+ final String[] strongProtocols = TLS.excludeWeak(mixProtocol);
+ for (final String protocol : strongProtocols) {
+ Assertions.assertTrue(TLS.isSecure(protocol));
+ }
+ }
+}