You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jmeter.apache.org by pm...@apache.org on 2021/11/20 20:11:51 UTC
[jmeter] branch master updated: Align ssl props / Enable setting cipher suite (#677)
This is an automated email from the ASF dual-hosted git repository.
pmouawad pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git
The following commit(s) were added to refs/heads/master by this push:
new c98be3f Align ssl props / Enable setting cipher suite (#677)
c98be3f is described below
commit c98be3f40009caffb8b66aded702356d975bb4d7
Author: Philippe M <pm...@users.noreply.github.com>
AuthorDate: Sat Nov 20 21:11:45 2021 +0100
Align ssl props / Enable setting cipher suite (#677)
* Switch in LazyLayeredConnectionSocketFactory https.socket.ciphers to https.cipherSuites as the latter is documented
* Use https.cipherSuites, https.socket.protocols in Proxy (HTTP(S) Test Script Recorder)
* Introduce JMeterUtils.getArrayPropDefault
Rename based on Vladimir proposals
This resolves https://bz.apache.org/bugzilla/show_bug.cgi?id=65692
---
.../java/org/apache/jmeter/util/JMeterUtils.java | 23 ++++++++++++++++++++++
.../org/apache/jmeter/util/TestJMeterUtils.java | 18 +++++++++++++++++
.../apache/jmeter/protocol/http/proxy/Proxy.java | 12 +++++++++++
.../hc/LazyLayeredConnectionSocketFactory.java | 20 ++++++++-----------
xdocs/changes.xml | 1 +
5 files changed, 62 insertions(+), 12 deletions(-)
diff --git a/src/core/src/main/java/org/apache/jmeter/util/JMeterUtils.java b/src/core/src/main/java/org/apache/jmeter/util/JMeterUtils.java
index 05980b3..a6b40c6 100644
--- a/src/core/src/main/java/org/apache/jmeter/util/JMeterUtils.java
+++ b/src/core/src/main/java/org/apache/jmeter/util/JMeterUtils.java
@@ -52,6 +52,7 @@ import javax.swing.JTable;
import javax.swing.JTextArea;
import javax.swing.SwingUtilities;
+import org.apache.commons.lang3.StringUtils;
import org.apache.jmeter.gui.GuiPackage;
import org.apache.jmeter.threads.JMeterContextService;
import org.apache.jorphan.gui.JFactory;
@@ -714,6 +715,28 @@ public class JMeterUtils implements UnitTestManager {
}
/**
+ * Get an array of String if present and not empty, defaultValue if not present.
+ *
+ * @param propName
+ * the name of the property.
+ * @param defaultVal
+ * the default value.
+ * @return The PropDefault value
+ */
+ public static String[] getArrayPropDefault(String propName, String[] defaultVal) {
+ try {
+ String strVal = appProperties.getProperty(propName);
+ if (StringUtils.isNotBlank(strVal)) {
+ return strVal.trim().split("\\s+");
+ }
+ } catch (Exception e) {
+ log.warn("Exception '{}' occurred when fetching Array property:'{}', defaulting to: {}",
+ e.getMessage(), propName, defaultVal != null ? Arrays.toString(defaultVal) : null);
+ }
+ return defaultVal;
+ }
+
+ /**
* Get a long value with default if not present.
*
* @param propName
diff --git a/src/core/src/test/java/org/apache/jmeter/util/TestJMeterUtils.java b/src/core/src/test/java/org/apache/jmeter/util/TestJMeterUtils.java
index 3642fd9..80f3cda 100644
--- a/src/core/src/test/java/org/apache/jmeter/util/TestJMeterUtils.java
+++ b/src/core/src/test/java/org/apache/jmeter/util/TestJMeterUtils.java
@@ -19,6 +19,10 @@ package org.apache.jmeter.util;
import static org.junit.Assert.assertEquals;
+import java.nio.file.Files;
+import java.nio.file.Path;
+
+import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
public class TestJMeterUtils {
@@ -38,4 +42,18 @@ public class TestJMeterUtils {
public void testGesResStringDefaultWithNonExistantKey() throws Exception {
assertEquals("[res_key=noValidKey]", JMeterUtils.getResString("noValidKey"));
}
+
+ @Test
+ public void testGetArrayPropDefault() throws Exception {
+ Path props = Files.createTempFile("testGetArrayPropDefault", ".properties");
+ JMeterUtils.loadJMeterProperties(props.toString());
+ JMeterUtils.getJMeterProperties().setProperty("testGetArrayPropDefaultEmpty", " ");
+ JMeterUtils.getJMeterProperties().setProperty("testGetArrayPropDefault", " Tolstoi Dostoievski Pouchkine Gorki ");
+ Assertions.assertArrayEquals(new String[]{"Tolstoi", "Dostoievski", "Pouchkine", "Gorki"},
+ JMeterUtils.getArrayPropDefault("testGetArrayPropDefault", null));
+ Assertions.assertArrayEquals(new String[]{"Gilels", "Richter"},
+ JMeterUtils.getArrayPropDefault("testGetArrayPropDefaultMissing", new String[]{"Gilels", "Richter"}));
+ Assertions.assertArrayEquals(null,
+ JMeterUtils.getArrayPropDefault("testGetArrayPropDefaultEmpty", null));
+ }
}
diff --git a/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/proxy/Proxy.java b/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/proxy/Proxy.java
index ad732ef..cff632a 100644
--- a/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/proxy/Proxy.java
+++ b/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/proxy/Proxy.java
@@ -89,6 +89,12 @@ public class Proxy extends Thread {
private static final String SSLCONTEXT_PROTOCOL =
JMeterUtils.getPropDefault("proxy.ssl.protocol", "TLS"); // $NON-NLS-1$ $NON-NLS-2$
+ private static final String[] SOCKET_PROTOCOL_ARRAY =
+ JMeterUtils.getArrayPropDefault("https.socket.protocols", null); // $NON-NLS-1$
+
+ private static final String[] SUPPORTED_CIPHER_ARRAY =
+ JMeterUtils.getArrayPropDefault("https.cipherSuites", null); // $NON-NLS-1$
+
// HashMap to save ssl connection between Jmeter proxy and browser
private static final HashMap<String, SSLSocketFactory> HOST2SSL_SOCK_FAC = new HashMap<>();
@@ -453,6 +459,12 @@ public class Proxy extends Thread {
secureSocket = (SSLSocket) sslFactory.createSocket(sock,
sock.getInetAddress().getHostName(), sock.getPort(), true);
secureSocket.setUseClientMode(false);
+ if (SUPPORTED_CIPHER_ARRAY != null) {
+ secureSocket.setEnabledCipherSuites(SUPPORTED_CIPHER_ARRAY);
+ }
+ if (SOCKET_PROTOCOL_ARRAY != null) {
+ secureSocket.setEnabledProtocols(SOCKET_PROTOCOL_ARRAY);
+ }
if (log.isDebugEnabled()){
log.debug("{} SSL transaction ok with cipher: {}", port, secureSocket.getSession().getCipherSuite());
}
diff --git a/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/sampler/hc/LazyLayeredConnectionSocketFactory.java b/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/sampler/hc/LazyLayeredConnectionSocketFactory.java
index 1d75e5a..bf8794f 100644
--- a/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/sampler/hc/LazyLayeredConnectionSocketFactory.java
+++ b/src/protocol/http/src/main/java/org/apache/jmeter/protocol/http/sampler/hc/LazyLayeredConnectionSocketFactory.java
@@ -39,18 +39,14 @@ import org.slf4j.LoggerFactory;
*/
public final class LazyLayeredConnectionSocketFactory implements LayeredConnectionSocketFactory{
private static final Logger LOG = LoggerFactory.getLogger(LazyLayeredConnectionSocketFactory.class);
- private static final String PROTOCOL_LIST =
- JMeterUtils.getPropDefault("https.socket.protocols", ""); // $NON-NLS-1$ $NON-NLS-2$
+ private static final String[] SOCKET_PROTOCOL_ARRAY =
+ JMeterUtils.getArrayPropDefault("https.socket.protocols", null); // $NON-NLS-1$
- private static final String CIPHER_LIST =
- JMeterUtils.getPropDefault("https.socket.ciphers", ""); // $NON-NLS-1$ $NON-NLS-2$
+ private static final String[] SOCKET_CIPHER_ARRAY =
+ JMeterUtils.getArrayPropDefault("https.socket.ciphers", null); // $NON-NLS-1$
- private static final String[] SUPPORTED_PROTOCOL_LIST =
- PROTOCOL_LIST.isEmpty() ?
- null: PROTOCOL_LIST.split(" "); // $NON-NLS-1$
- private static final String[] SUPPORTED_CIPHER_LIST =
- CIPHER_LIST.isEmpty() ?
- null : CIPHER_LIST.split(" "); // $NON-NLS-1$
+ private static final String[] CIPHER_SUITE_ARRAY =
+ JMeterUtils.getArrayPropDefault("https.cipherSuites", SOCKET_CIPHER_ARRAY); // $NON-NLS-1$
private static class AdapteeHolder { // IODH idiom
private static final LayeredConnectionSocketFactory ADAPTEE = checkAndInit();
@@ -62,8 +58,8 @@ public final class LazyLayeredConnectionSocketFactory implements LayeredConnecti
LOG.info("Setting up HTTPS TrustAll Socket Factory");
return new SSLConnectionSocketFactory(
new HttpSSLProtocolSocketFactory(JsseSSLManager.CPS),
- SUPPORTED_PROTOCOL_LIST,
- SUPPORTED_CIPHER_LIST,
+ SOCKET_PROTOCOL_ARRAY,
+ CIPHER_SUITE_ARRAY,
NoopHostnameVerifier.INSTANCE);
}
diff --git a/xdocs/changes.xml b/xdocs/changes.xml
index 4b98e3c..1d94a6b 100644
--- a/xdocs/changes.xml
+++ b/xdocs/changes.xml
@@ -196,6 +196,7 @@ Summary
<li><bug>65310</bug>Don't let users override <code>multipart/form-data</code> <code>content-type</code>
header in HC4 sampler.</li>
<li><bug>65363</bug><code>NullPointerException</code> in <code>HTTPHC4Impl$ManagedCredentialsProvider.getAuthorizationForAuthScope</code> when <code>401</code> response from remote and <code>httpclient4.auth.preemptive=false</code></li>
+ <li><bug>65692</bug>HTTP(s) Test Script Recorder: Enable setting enabled cipher suite and enabled protocols on SSLContext/ Align ssl properties between Java and HC4 impl</li>
</ul>
<h3>Other Samplers</h3>