Skip to content

Commit

Permalink
SSLHandshake No appropriate protocol (protocol is disabled or cipher …
Browse files Browse the repository at this point in the history
…suites are inappropriate) (#5198)

Signed-off-by: Jorge Bescos Gascon <jorge.bescos.gascon@oracle.com>
  • Loading branch information
jbescos authored Dec 1, 2022
1 parent ab8ac91 commit 45f0699
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 4 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2020, 2022 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2020, 2022 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,22 +24,29 @@
import java.net.ServerSocket;
import java.net.SocketException;
import java.nio.ByteBuffer;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;

import javax.net.ServerSocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

import org.glassfish.jersey.SslConfigurator;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ConditionEvaluationResult;
import org.junit.jupiter.api.extension.ExecutionCondition;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.api.extension.ExtensionContext;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertTrue;
Expand All @@ -48,6 +55,7 @@
/**
* @author Petr Janouch
*/
@ExtendWith(SslFilterTest.DeprecatedTLSCondition.class)
public abstract class SslFilterTest {

private static final int PORT = 8321;
Expand Down Expand Up @@ -531,4 +539,32 @@ void rehandshake() throws IOException {
socket.startHandshake();
}
}

public static class DeprecatedTLSCondition implements ExecutionCondition {

@Override
public ConditionEvaluationResult evaluateExecutionCondition(ExtensionContext context) {
Class<?> test = context.getTestClass().get();
String required = null;
if (test == SslFilterTLS1Test.class) {
required = "TLSv1";
} else if (test == SslFilterTLS11Test.class) {
required = "TLSv1.1";
}
if (required != null) {
try {
SSLContext context1 = SSLContext.getInstance("TLS");
context1.init(null, null, null);
List<String> supportedProtocols = Arrays.asList(context1.getDefaultSSLParameters().getProtocols());
if (!supportedProtocols.contains(required)) {
return ConditionEvaluationResult.disabled("JDK does not support " + required);
}
} catch (KeyManagementException | NoSuchAlgorithmException e) {
return ConditionEvaluationResult.disabled("JDK does not support TLS: " + e.getMessage());
}
}
return ConditionEvaluationResult.enabled("JDK is valid to run " + test.getCanonicalName());
}

}
}

0 comments on commit 45f0699

Please sign in to comment.