You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by rj...@apache.org on 2017/09/08 12:09:33 UTC

svn commit: r1807729 - /tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java

Author: rjung
Date: Fri Sep  8 12:09:33 2017
New Revision: 1807729

URL: http://svn.apache.org/viewvc?rev=1807729&view=rev
Log:
Add unit test for OpenSSLConfCmd.

The test is skipped for Java connectors with
JSSE sslImplementation.

Added:
    tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java   (with props)

Added: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java?rev=1807729&view=auto
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java (added)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java Fri Sep  8 12:09:33 2017
@@ -0,0 +1,85 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.tomcat.util.net.openssl;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Assume;
+import org.junit.Test;
+
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.tomcat.jni.SSLContext;
+import org.apache.tomcat.util.net.SSLHostConfig;
+import org.apache.tomcat.util.net.TesterSupport;
+
+public class TestOpenSSLConf extends TomcatBaseTest {
+
+    private static final String CIPHER = "AES256-SHA256";
+    private static final String PROTOCOL = "-SSLv3,-TLSv1,TLSv1.1,-TLSv1.2";
+    private static final String EXPECTED_PROTOCOLS = "SSLv2Hello,TLSv1.1";
+
+    public SSLHostConfig initOpenSSLConfCmdCipher(String name, String value) throws Exception {
+        Tomcat tomcat = getTomcatInstance();
+
+        TesterSupport.initSsl(tomcat);
+
+        String protocol = tomcat.getConnector().getProtocolHandlerClassName();
+        // The tests are only supported for APR and OpenSSL
+        if (!protocol.contains("Apr")) {
+            String sslImplementation =
+                tomcat.getConnector().getProperty("sslImplementationName").toString();
+            Assume.assumeTrue("This test is only for OpenSSL based SSL connectors",
+                sslImplementation.contains("openssl"));
+        }
+
+        OpenSSLConfCmd cmd = new OpenSSLConfCmd();
+        cmd.setName(name);
+        cmd.setValue(value);
+        OpenSSLConf conf = new OpenSSLConf();
+        conf.addCmd(cmd);
+        SSLHostConfig[] sslHostConfigs = tomcat.getConnector().getProtocolHandler().findSslHostConfigs();
+        assertEquals("Checking SSLHostConfigCount", 1, sslHostConfigs.length);
+        sslHostConfigs[0].setOpenSslConf(conf);
+
+        tomcat.start();
+
+        sslHostConfigs = tomcat.getConnector().getProtocolHandler().findSslHostConfigs();
+        assertEquals("Checking SSLHostConfigCount", 1, sslHostConfigs.length);
+        return sslHostConfigs[0];
+    }
+
+    @Test
+    public void testOpenSSLConfCmdCipher() throws Exception {
+        SSLHostConfig sslHostConfig = initOpenSSLConfCmdCipher("CipherString", CIPHER);
+        String[] ciphers = sslHostConfig.getEnabledCiphers();
+        assertEquals("Checking enabled cipher count", 1, ciphers.length);
+        assertEquals("Checking enabled cipher", CIPHER, ciphers[0]);
+        ciphers = SSLContext.getCiphers(sslHostConfig.getOpenSslContext());
+        assertEquals("Checking context cipher count", 1, ciphers.length);
+        assertEquals("Checking context cipher", CIPHER, ciphers[0]);
+    }
+
+    @Test
+    public void testOpenSSLConfCmdProtocol() throws Exception {
+        SSLHostConfig sslHostConfig = initOpenSSLConfCmdCipher("Protocol", PROTOCOL);
+        String[] protocols = sslHostConfig.getEnabledProtocols();
+        assertEquals("Checking enabled protocol count", 2, protocols.length);
+        assertEquals("Checking enabled protocol", EXPECTED_PROTOCOLS,
+                     protocols[0] + "," + protocols[1]);
+    }
+}

Propchange: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/TestOpenSSLConf.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org