ANSI colors and SSL conditional algorithm disable (#327)

azagniotov · Nov 10, 2021 · dbee74e · dbee74e
1 parent 8b6218e
commit dbee74e
Show file tree

Hide file tree

Showing 10 changed files with 49 additions and 39 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -15,6 +15,13 @@ base_environment: &base_environment
   environment:
     # Customize the JVM maximum heap limit
     JVM_OPTS: -Xmx3200m
+
+    # For JDK 8 for the specific JDK vendor used by stubby4j on CircleCI
+    OPENJ9_JAVA_OPTIONS: -DoverrideDisabledAlgorithms=true
+
+    # As of JDK 9 (incl.) respected by all JDK vendors
+    JDK_JAVA_OPTIONS: -DoverrideDisabledAlgorithms=true
+
     TERM: dumb
 
 

diff --git a/docker/jdk11/Dockerfile b/docker/jdk11/Dockerfile
@@ -75,7 +75,7 @@ VOLUME "$STUBBY4J_USER_HOME/data"
 
 # Expose the three stubby4j ports and run the JAR
 EXPOSE $ADMIN_PORT $STUBS_PORT $STUBS_TLS_PORT
-ENTRYPOINT java -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
+ENTRYPOINT java -DoverrideDisabledAlgorithms=true -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
       --location ${LOCATION} \
       --admin ${ADMIN_PORT} \
       --stubs ${STUBS_PORT} \

diff --git a/docker/jdk16/Dockerfile b/docker/jdk16/Dockerfile
@@ -75,7 +75,7 @@ VOLUME "$STUBBY4J_USER_HOME/data"
 
 # Expose the three stubby4j ports and run the JAR
 EXPOSE $ADMIN_PORT $STUBS_PORT $STUBS_TLS_PORT
-ENTRYPOINT java -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
+ENTRYPOINT java -DoverrideDisabledAlgorithms=true -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
       --location ${LOCATION} \
       --admin ${ADMIN_PORT} \
       --stubs ${STUBS_PORT} \

diff --git a/docker/jdk8/Dockerfile b/docker/jdk8/Dockerfile
@@ -75,7 +75,7 @@ VOLUME "$STUBBY4J_USER_HOME/data"
 
 # Expose the three stubby4j ports and run the JAR
 EXPOSE $ADMIN_PORT $STUBS_PORT $STUBS_TLS_PORT
-ENTRYPOINT java -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
+ENTRYPOINT java -DoverrideDisabledAlgorithms=true -Dlog4j2.configurationFile=log4j2.xml -jar stubby4j.jar \
       --location ${LOCATION} \
       --admin ${ADMIN_PORT} \
       --stubs ${STUBS_PORT} \

diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -6,8 +6,7 @@
 * PR [#286](https://github.com/azagniotov/stubby4j/pull/286) - Upgraded jetty to `9.4.43.v20210629` and SnakeYAML to `v1.29` (https://github.com/azagniotov)
 * PR [#295](https://github.com/azagniotov/stubby4j/pull/295) - When matching stubs, the log output is now clearer what has been matched (https://github.com/azagniotov)
 * PR [#315](https://github.com/azagniotov/stubby4j/pull/315) - Calling `setIncludeProtocols` on `SslContextFactory.Server` (https://github.com/azagniotov)
-* PR [#316](https://github.com/azagniotov/stubby4j/pull/316) - Revisited stubby SSL configuration (https://github.com/azagniotov)
-* PR [#317](https://github.com/azagniotov/stubby4j/pull/317) - Setting SSL ciphers for TLS versions `TLSv1.0`, `TLSv1.1`, `TLSv1.2` and `TLSv1.3` (https://github.com/azagniotov)
+* PR [#316](https://github.com/azagniotov/stubby4j/pull/316), [#317](https://github.com/azagniotov/stubby4j/pull/317), [#318](https://github.com/azagniotov/stubby4j/pull/318), [#320](https://github.com/azagniotov/stubby4j/pull/320), [#324](https://github.com/azagniotov/stubby4j/pull/324) - Revisited stubby SSL configuration to enable support for `TLSv1.0`, `TLSv1.1`, `TLSv1.2` and `TLSv1.3` (https://github.com/azagniotov)
 
 #### 7.3.3
 

diff --git a/src/integration-test/java/io/github/azagniotov/stubby4j/utils/ConsoleUtilsTest.java b/src/integration-test/java/io/github/azagniotov/stubby4j/utils/ConsoleUtilsTest.java
@@ -42,7 +42,6 @@ public void beforeEach() throws Exception {
         final boolean NO_AUTO_FLUSH = false;
         System.setOut(new PrintStream(consoleCaptor, NO_AUTO_FLUSH, StringUtils.UTF_8));
 
-        when(mockHttpServletRequest.getScheme()).thenReturn(HttpScheme.HTTP.asString());
         when(mockHttpServletRequest.getRequestURI()).thenReturn(URI);
     }
 
@@ -55,7 +54,7 @@ public void afterEach() throws Exception {
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_500() throws Exception {
 
         final int expectedStatus = 500;
-        final String expectedConsoleOutput = String.format("<= %s Server Error\u001B[0m", expectedStatus);
+        final String expectedConsoleOutput = String.format("<= %s Server Error\n\u001B[0m", expectedStatus);
         final String expectedConsoleColor = "[31m";
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
@@ -71,7 +70,7 @@ public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_500() throws E
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_301() throws Exception {
 
         final int expectedStatus = 301;
-        final String expectedConsoleOutput = String.format("<= %s Moved Permanently\u001B[0m", expectedStatus);
+        final String expectedConsoleOutput = String.format("<= %s Moved Permanently\n\u001B[0m", expectedStatus);
         final String expectedConsoleColor = "[33m";
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
@@ -87,7 +86,7 @@ public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_301() throws E
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_201() throws Exception {
 
         final int expectedStatus = 201;
-        final String expectedConsoleOutput = String.format("<= %s Created\u001B[0m", expectedStatus);
+        final String expectedConsoleOutput = String.format("<= %s Created\n\u001B[0m", expectedStatus);
         final String expectedConsoleColor = "[32m";
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
@@ -103,7 +102,7 @@ public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_201() throws E
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_200() throws Exception {
 
         final int expectedStatus = 200;
-        final String expectedConsoleOutput = String.format("<= %s OK\u001B[0m", expectedStatus);
+        final String expectedConsoleOutput = String.format("<= %s OK\n\u001B[0m", expectedStatus);
         final String expectedConsoleColor = "[32m";
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
@@ -119,8 +118,8 @@ public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_200() throws E
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_100() throws Exception {
 
         final int expectedStatus = 100;
-        final String expectedConsoleOutput = String.format("<= %s Continue\u001B[0m", expectedStatus);
-        final String expectedConsoleColor = "[34m";
+        final String expectedConsoleOutput = String.format("<= %s Continue\n\u001B[0m", expectedStatus);
+        final String expectedConsoleColor = "[34;1m";
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
 
@@ -135,7 +134,7 @@ public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_100() throws E
     public void shouldPrintToConsoleExpectedErrorWithColor_WhenStatus_LessThan100() throws Exception {
 
         final int expectedStatus = 99;
-        final String expectedConsoleOutput = String.format("<= %s 99\u001B[0m", expectedStatus);
+        final String expectedConsoleOutput = String.format("<= %s 99\n\u001B[0m", expectedStatus);
 
         when(mockHttpServletResponse.getStatus()).thenReturn(expectedStatus);
 

diff --git a/src/main/java/io/github/azagniotov/stubby4j/cli/ANSITerminal.java b/src/main/java/io/github/azagniotov/stubby4j/cli/ANSITerminal.java
@@ -15,6 +15,7 @@ public final class ANSITerminal {
     private static final String BLACK = String.format("%s[30m", ESCAPE);
     private static final String BOLD_BLACK = String.format("%s%s", BOLD, BLACK);
     private static final String BOLD_LIGHT_GRAY = String.format("%s%s", BOLD, LIGHT_GRAY);
+    private static final String BRIGHT_BLUE = String.format("%s[34;1m", ESCAPE);
     private static final String BLUE = String.format("%s[34m", ESCAPE);
     private static final String CYAN = String.format("%s[36m", ESCAPE);
     private static final String GREEN = String.format("%s[32m", ESCAPE);
@@ -31,7 +32,7 @@ private static void print(final String color, final String msg) {
         if (mute) {
             return;
         }
-        System.out.println(String.format("%s%s%s", color, msg, RESET));
+        System.out.printf("%s%s%s%n", color, msg, RESET);
     }
 
     public static void log(final String msg) {
@@ -62,7 +63,7 @@ public static void status(final String msg) {
      * @param msg message to to print to the console
      */
     public static void info(final String msg) {
-        print(BLUE, msg);
+        print(BRIGHT_BLUE, msg);
     }
 
     /**

diff --git a/src/main/java/io/github/azagniotov/stubby4j/http/StubbyHttpTransport.java b/src/main/java/io/github/azagniotov/stubby4j/http/StubbyHttpTransport.java
@@ -54,7 +54,7 @@ public StubbyHttpTransport() {
     public StubbyResponse httpRequestFromStub(final StubRequest request, final String recordingSource) throws IOException {
         final String method = request.getMethod().get(0);
         if (!ANSITerminal.isMute()) {
-            final String logMessage = String.format("[%s] -> Making %s HTTP request from stub metadata to: [%s]", ConsoleUtils.getTime(), method, recordingSource);
+            final String logMessage = String.format("[%s] -> Making %s HTTP request from stub metadata to: [%s]", ConsoleUtils.getLocalDateTime(), method, recordingSource);
             ANSITerminal.incoming(logMessage);
         }
         LOGGER.debug("Making {} HTTP request from stub metadata to: [{}].", method, recordingSource);

diff --git a/src/main/java/io/github/azagniotov/stubby4j/server/ssl/SslUtils.java b/src/main/java/io/github/azagniotov/stubby4j/server/ssl/SslUtils.java
@@ -1,6 +1,9 @@
 package io.github.azagniotov.stubby4j.server.ssl;
 
 import io.github.azagniotov.stubby4j.annotations.GeneratedCodeCoverageExclusion;
+import io.github.azagniotov.stubby4j.cli.ANSITerminal;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLContext;
@@ -9,7 +12,6 @@
 import java.security.Security;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.Set;
 
@@ -22,6 +24,8 @@
 @GeneratedCodeCoverageExclusion
 public final class SslUtils {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(SslUtils.class);
+
     public static final String TLS_v1 = "TLSv1";
     public static final String TLS_v1_1 = "TLSv1.1";
     public static final String TLS_v1_2 = "TLSv1.2";
@@ -42,10 +46,17 @@ public final class SslUtils {
 
     static {
 
-        // https://stackoverflow.com/questions/52115699/relaxing-ssl-algorithm-constrains-programmatically
-        // Removed TLSv1, TLSv1.1
-        Security.setProperty("jdk.tls.disabledAlgorithms", "SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL");
-        Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2, MD5, SHA1 jdkCA & usage TLSServer, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224");
+        String overrideDisabledAlgorithms = System.getProperty("overrideDisabledAlgorithms");
+        if (overrideDisabledAlgorithms != null && overrideDisabledAlgorithms.equalsIgnoreCase("true")) {
+            final String overrideRequest = "Removing TLSv1 & TLSv1.1 from the JDK's 'jdk.tls.disabledAlgorithms' property..";
+            ANSITerminal.warn(overrideRequest);
+            LOGGER.warn(overrideRequest);
+
+            // https://stackoverflow.com/questions/52115699/relaxing-ssl-algorithm-constrains-programmatically
+            // Removed TLSv1, TLSv1.1
+            Security.setProperty("jdk.tls.disabledAlgorithms", "SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL");
+            Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2, MD5, SHA1 jdkCA & usage TLSServer, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224");
+        }
 
         try {
             DEFAULT_SSL_CONTEXT = SSLContext.getInstance(TLS_v1_3);
@@ -58,9 +69,6 @@ public final class SslUtils {
             throw new Error("failed to initialize the default SSL context", e);
         }
 
-        System.out.println("SSLEngine [server] enabled protocols: ");
-        System.out.println(new HashSet<>(Arrays.asList(SSL_ENGINE.getEnabledProtocols())));
-
         Set<String> supportedCiphers = supportedCiphers();
         SUPPORTED_CIPHERS = new LinkedHashSet<>(supportedCiphers);
         SUPPORTED_CIPHERS.addAll(TLS_v13_CIPHERS);

diff --git a/src/main/java/io/github/azagniotov/stubby4j/utils/ConsoleUtils.java b/src/main/java/io/github/azagniotov/stubby4j/utils/ConsoleUtils.java
@@ -11,10 +11,10 @@
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.Calendar;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
 import java.util.LinkedList;
 import java.util.List;
-import java.util.Locale;
 
 import static io.github.azagniotov.stubby4j.utils.FileUtils.BR;
 import static io.github.azagniotov.stubby4j.utils.StringUtils.isSet;
@@ -29,6 +29,8 @@ public final class ConsoleUtils {
     private static final String DEBUG_INCOMING_RAW_HTTP_REQUEST_DUMP = " ***** [DEBUG INCOMING RAW HTTP REQUEST DUMP] ***** ";
     private static final String DEBUG_INCOMING_RAW_HTTP_REQUEST_DUMP_END = " ***** [/DEBUG INCOMING RAW HTTP REQUEST DUMP] ***** ";
 
+    private static final DateTimeFormatter DATE_TIME_FORMATTER = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
+
     private static boolean debug = false;
 
     private ConsoleUtils() {
@@ -39,7 +41,7 @@ private ConsoleUtils() {
     public static void logIncomingRequestError(final HttpServletRequest request, final String source, final String error) {
 
         final String logMessage = String.format("[%s] -> %s [%s]%s: %s",
-                getTime(),
+                getLocalDateTime(),
                 request.getMethod(),
                 source,
                 request.getRequestURI(),
@@ -63,8 +65,8 @@ private static void logRawIncomingRequest(final HttpServletRequest request) {
 
     public static void logIncomingRequest(final HttpServletRequest request) {
 
-        final String logMessage = String.format("\n[%s] => %s %s on [%s]",
-                getTime(),
+        final String logMessage = String.format("[%s] => %s %s on [%s]",
+                getLocalDateTime(),
                 StringUtils.toUpper(request.getScheme()),
                 request.getMethod(),
                 request.getRequestURI()
@@ -107,8 +109,8 @@ public static void logAssertingRequest(final StubRequest assertingStubRequest) {
     public static void logOutgoingResponse(final String url, final HttpServletResponse response) {
         final int status = response.getStatus();
 
-        final String logMessage = String.format("[%s] <= %s %s",
-                getTime(),
+        final String logMessage = String.format("[%s] <= %s %s\n",
+                getLocalDateTime(),
                 status,
                 HttpStatus.getMessage(status)
         );
@@ -159,14 +161,8 @@ public static void logUnmarshalledStub(final StubHttpLifecycle lifecycle) {
         LOGGER.info(logMessage);
     }
 
-
-    public static String getTime() {
-        final Calendar now = Calendar.getInstance(Locale.US);
-        return String.format("%02d:%02d:%02d",
-                now.get(Calendar.HOUR_OF_DAY),
-                now.get(Calendar.MINUTE),
-                now.get(Calendar.SECOND)
-        );
+    public static String getLocalDateTime() {
+        return DATE_TIME_FORMATTER.format(LocalDateTime.now());
     }
 
     /**