You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2019/09/29 22:18:33 UTC
[qpid-broker-j] 03/12: QPID-8354: [Broker-J] Address review
comments from Oleksandr Rudyy
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
commit 6af60795102ff97404da21c23c9ff810396dafcc
Author: Tomas Vavricka <to...@deutsche-boerse.com>
AuthorDate: Fri Sep 20 13:51:28 2019 +0200
QPID-8354: [Broker-J] Address review comments from Oleksandr Rudyy
This closes #37
(cherry picked from commit d4a3e0cab5fbf3be0760afd6999d23f088f064c4)
---
.../server/transport/TCPandSSLTransportTest.java | 62 ++++++++++++++++++----
1 file changed, 53 insertions(+), 9 deletions(-)
diff --git a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
index c3ce9f3..e7726c0 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
@@ -110,7 +110,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
assumeThat("The IBM JDK has different TLS defaults", getJvmVendor(), is(not(equalTo(IBM))));
try
{
- checkSSLExcluded("SSLv3", Transport.SSL);
+ checkHandshakeWithTlsProtocol("SSLv3", Transport.SSL);
fail("Should not be able to connect using SSLv3");
}
catch(SSLHandshakeException e)
@@ -125,7 +125,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
assumeThat("The IBM JDK has different TLS defaults", getJvmVendor(), is(not(equalTo(IBM))));
try
{
- checkSSLExcluded("SSLv3", Transport.TCP, Transport.SSL);
+ checkHandshakeWithTlsProtocol("SSLv3", Transport.TCP, Transport.SSL);
fail("Should not be able to connect using SSLv3");
}
catch(SSLHandshakeException e)
@@ -139,7 +139,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1", Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1", Transport.SSL);
fail("Should not be able to connect using TLSv1");
}
catch(SSLHandshakeException e)
@@ -153,7 +153,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1", Transport.TCP, Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1", Transport.TCP, Transport.SSL);
fail("Should not be able to connect using TLSv1");
}
catch(SSLHandshakeException e)
@@ -167,7 +167,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1.1", Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1.1", Transport.SSL);
fail("Should not be able to connect using TLSv1.1");
}
catch(SSLHandshakeException e)
@@ -181,7 +181,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1.1", Transport.TCP, Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1.1", Transport.TCP, Transport.SSL);
fail("Should not be able to connect using TLSv1.1");
}
catch(SSLHandshakeException e)
@@ -195,7 +195,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1.2", Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1.2", Transport.SSL);
}
catch(SSLHandshakeException e)
{
@@ -209,7 +209,7 @@ public class TCPandSSLTransportTest extends UnitTestBase
{
try
{
- checkSSLExcluded("TLSv1.2", Transport.TCP, Transport.SSL);
+ checkHandshakeWithTlsProtocol("TLSv1.2", Transport.TCP, Transport.SSL);
}
catch(SSLHandshakeException e)
{
@@ -218,8 +218,38 @@ public class TCPandSSLTransportTest extends UnitTestBase
}
}
+ @Test
+ public void testTLSv1_3SupportOnSSLOnlyPort() throws Exception
+ {
+ assumeThat("Java 11 or above is required", isJava11OrAbove(), is(true));
+ try
+ {
+ checkHandshakeWithTlsProtocol("TLSv1.3", Transport.SSL);
+ }
+ catch(SSLHandshakeException e)
+ {
+ LOGGER.error("Should be able to connect using TLSv1.3", e);
+ fail("Should be able to connect using TLSv1.3");
+ }
+ }
+
+ @Test
+ public void testTLSv1_3SupportOnSharedPort() throws Exception
+ {
+ assumeThat("Java 11 or above is required", isJava11OrAbove(), is(true));
+ try
+ {
+ checkHandshakeWithTlsProtocol("TLSv1.3", Transport.TCP, Transport.SSL);
+ }
+ catch(SSLHandshakeException e)
+ {
+ LOGGER.error("Should be able to connect using TLSv1.3", e);
+ fail("Should be able to connect using TLSv1.3");
+ }
+ }
+
- private void checkSSLExcluded(String clientProtocol, final Transport... transports) throws Exception
+ private void checkHandshakeWithTlsProtocol(String clientProtocol, final Transport... transports) throws Exception
{
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new ByteArrayInputStream(Base64.getDecoder().decode(KEYSTORE_STRING)), "password".toCharArray());
@@ -279,4 +309,18 @@ public class TCPandSSLTransportTest extends UnitTestBase
transport.close();
}
}
+
+ private boolean isJava11OrAbove()
+ {
+ try
+ {
+ // introduced in java 11
+ Class.forName("java.net.http.HttpClient");
+ return true;
+ }
+ catch (ClassNotFoundException e)
+ {
+ return false;
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org