diff --git a/driver/src/main/java/org/neo4j/driver/Config.java b/driver/src/main/java/org/neo4j/driver/Config.java index 4f8626643e..f7a414875e 100644 --- a/driver/src/main/java/org/neo4j/driver/Config.java +++ b/driver/src/main/java/org/neo4j/driver/Config.java @@ -772,7 +772,7 @@ public enum Strategy { private final Strategy strategy; private final List certFiles; private boolean hostnameVerificationEnabled = true; - private RevocationStrategy revocationStrategy = RevocationStrategy.NO_CHECKS; + private RevocationCheckingStrategy revocationCheckingStrategy = RevocationCheckingStrategy.NO_CHECKS; private TrustStrategy(Strategy strategy) { this(strategy, Collections.emptyList()); @@ -883,7 +883,31 @@ public static TrustStrategy trustAllCertificates() { * The revocation strategy used for verifying certificates. * @return this {@link TrustStrategy}'s revocation strategy */ + public RevocationCheckingStrategy revocationCheckingStrategy() { + return revocationCheckingStrategy; + } + + /** + * The revocation strategy used for verifying certificates. + * @return this {@link TrustStrategy}'s revocation strategy + * @deprecated superseded by {@link TrustStrategy#revocationCheckingStrategy()} + */ + @Deprecated public RevocationStrategy revocationStrategy() { + RevocationStrategy revocationStrategy; + switch (this.revocationCheckingStrategy) { + case VERIFY_IF_PRESENT: + revocationStrategy = RevocationStrategy.VERIFY_IF_PRESENT; + break; + case STRICT: + revocationStrategy = RevocationStrategy.STRICT; + break; + case NO_CHECKS: + revocationStrategy = RevocationStrategy.NO_CHECKS; + break; + default: + throw new IllegalStateException("Failed to map RevocationCheckingStrategy to RevocationStrategy."); + } return revocationStrategy; } @@ -893,7 +917,7 @@ public RevocationStrategy revocationStrategy() { * @return the current trust strategy */ public TrustStrategy withoutCertificateRevocationChecks() { - this.revocationStrategy = RevocationStrategy.NO_CHECKS; + this.revocationCheckingStrategy = RevocationCheckingStrategy.NO_CHECKS; return this; } @@ -905,7 +929,7 @@ public TrustStrategy withoutCertificateRevocationChecks() { * @return the current trust strategy */ public TrustStrategy withVerifyIfPresentRevocationChecks() { - this.revocationStrategy = RevocationStrategy.VERIFY_IF_PRESENT; + this.revocationCheckingStrategy = RevocationCheckingStrategy.VERIFY_IF_PRESENT; return this; } @@ -919,7 +943,7 @@ public TrustStrategy withVerifyIfPresentRevocationChecks() { * @return the current trust strategy */ public TrustStrategy withStrictRevocationChecks() { - this.revocationStrategy = RevocationStrategy.STRICT; + this.revocationCheckingStrategy = RevocationCheckingStrategy.STRICT; return this; } } diff --git a/driver/src/main/java/org/neo4j/driver/RevocationCheckingStrategy.java b/driver/src/main/java/org/neo4j/driver/RevocationCheckingStrategy.java new file mode 100644 index 0000000000..ffeb751b03 --- /dev/null +++ b/driver/src/main/java/org/neo4j/driver/RevocationCheckingStrategy.java @@ -0,0 +1,35 @@ +/* + * Copyright (c) "Neo4j" + * Neo4j Sweden AB [http://neo4j.com] + * + * This file is part of Neo4j. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.neo4j.driver; + +/** + * Defines strategy for revocation checks. + */ +public enum RevocationCheckingStrategy { + /** Don't do any OCSP revocation checks, regardless whether there are stapled revocation statuses or not. */ + NO_CHECKS, + /** Verify OCSP revocation checks when the revocation status is stapled to the certificate, continue if not. */ + VERIFY_IF_PRESENT, + /** Require stapled revocation status and verify OCSP revocation checks, fail if no revocation status is stapled to the certificate. */ + STRICT; + + public static boolean requiresRevocationChecking(RevocationCheckingStrategy revocationCheckingStrategy) { + return revocationCheckingStrategy.equals(STRICT) || revocationCheckingStrategy.equals(VERIFY_IF_PRESENT); + } +} diff --git a/driver/src/main/java/org/neo4j/driver/internal/RevocationStrategy.java b/driver/src/main/java/org/neo4j/driver/internal/RevocationStrategy.java index d98204a853..276311a735 100644 --- a/driver/src/main/java/org/neo4j/driver/internal/RevocationStrategy.java +++ b/driver/src/main/java/org/neo4j/driver/internal/RevocationStrategy.java @@ -18,6 +18,14 @@ */ package org.neo4j.driver.internal; +import org.neo4j.driver.RevocationCheckingStrategy; + +/** + * Defines strategy for revocation checks. + * + * @deprecated superseded by {@link RevocationCheckingStrategy} + */ +@Deprecated public enum RevocationStrategy { /** Don't do any OCSP revocation checks, regardless whether there are stapled revocation statuses or not. */ NO_CHECKS, diff --git a/driver/src/main/java/org/neo4j/driver/internal/SecuritySettings.java b/driver/src/main/java/org/neo4j/driver/internal/SecuritySettings.java index 27e68d2ae0..8f747d5ce5 100644 --- a/driver/src/main/java/org/neo4j/driver/internal/SecuritySettings.java +++ b/driver/src/main/java/org/neo4j/driver/internal/SecuritySettings.java @@ -26,6 +26,7 @@ import java.io.Serializable; import java.security.GeneralSecurityException; import org.neo4j.driver.Config; +import org.neo4j.driver.RevocationCheckingStrategy; import org.neo4j.driver.exceptions.ClientException; import org.neo4j.driver.internal.security.SecurityPlan; import org.neo4j.driver.internal.security.SecurityPlanImpl; @@ -56,6 +57,7 @@ private boolean isCustomized() { return !(DEFAULT.encrypted() == this.encrypted() && DEFAULT.hasEqualTrustStrategy(this)); } + @SuppressWarnings("deprecation") private boolean hasEqualTrustStrategy(SecuritySettings other) { Config.TrustStrategy t1 = this.trustStrategy; Config.TrustStrategy t2 = other.trustStrategy; @@ -66,6 +68,7 @@ private boolean hasEqualTrustStrategy(SecuritySettings other) { return t1.isHostnameVerificationEnabled() == t2.isHostnameVerificationEnabled() && t1.strategy() == t2.strategy() && t1.certFiles().equals(t2.certFiles()) + && t1.revocationCheckingStrategy() == t2.revocationCheckingStrategy() && t1.revocationStrategy() == t2.revocationStrategy(); } @@ -92,9 +95,9 @@ private void assertSecuritySettingsNotUserConfigured(String uriScheme) { private SecurityPlan createSecurityPlanFromScheme(String scheme) throws GeneralSecurityException, IOException { if (isHighTrustScheme(scheme)) { - return SecurityPlanImpl.forSystemCASignedCertificates(true, RevocationStrategy.NO_CHECKS); + return SecurityPlanImpl.forSystemCASignedCertificates(true, RevocationCheckingStrategy.NO_CHECKS); } else { - return SecurityPlanImpl.forAllCertificates(false, RevocationStrategy.NO_CHECKS); + return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS); } } @@ -106,16 +109,16 @@ private static SecurityPlan createSecurityPlanImpl(boolean encrypted, Config.Tru throws GeneralSecurityException, IOException { if (encrypted) { boolean hostnameVerificationEnabled = trustStrategy.isHostnameVerificationEnabled(); - RevocationStrategy revocationStrategy = trustStrategy.revocationStrategy(); + RevocationCheckingStrategy revocationCheckingStrategy = trustStrategy.revocationCheckingStrategy(); switch (trustStrategy.strategy()) { case TRUST_CUSTOM_CA_SIGNED_CERTIFICATES: return SecurityPlanImpl.forCustomCASignedCertificates( - trustStrategy.certFiles(), hostnameVerificationEnabled, revocationStrategy); + trustStrategy.certFiles(), hostnameVerificationEnabled, revocationCheckingStrategy); case TRUST_SYSTEM_CA_SIGNED_CERTIFICATES: return SecurityPlanImpl.forSystemCASignedCertificates( - hostnameVerificationEnabled, revocationStrategy); + hostnameVerificationEnabled, revocationCheckingStrategy); case TRUST_ALL_CERTIFICATES: - return SecurityPlanImpl.forAllCertificates(hostnameVerificationEnabled, revocationStrategy); + return SecurityPlanImpl.forAllCertificates(hostnameVerificationEnabled, revocationCheckingStrategy); default: throw new ClientException("Unknown TLS authentication strategy: " + trustStrategy.strategy().name()); diff --git a/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlan.java b/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlan.java index 0bef2dbd82..2a823cac4b 100644 --- a/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlan.java +++ b/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlan.java @@ -19,7 +19,7 @@ package org.neo4j.driver.internal.security; import javax.net.ssl.SSLContext; -import org.neo4j.driver.internal.RevocationStrategy; +import org.neo4j.driver.RevocationCheckingStrategy; /** * A SecurityPlan consists of encryption and trust details. @@ -31,5 +31,5 @@ public interface SecurityPlan { boolean requiresHostnameVerification(); - RevocationStrategy revocationStrategy(); + RevocationCheckingStrategy revocationCheckingStrategy(); } diff --git a/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlanImpl.java b/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlanImpl.java index ab95babf67..492ebf3557 100644 --- a/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlanImpl.java +++ b/driver/src/main/java/org/neo4j/driver/internal/security/SecurityPlanImpl.java @@ -18,8 +18,8 @@ */ package org.neo4j.driver.internal.security; -import static org.neo4j.driver.internal.RevocationStrategy.VERIFY_IF_PRESENT; -import static org.neo4j.driver.internal.RevocationStrategy.requiresRevocationChecking; +import static org.neo4j.driver.RevocationCheckingStrategy.VERIFY_IF_PRESENT; +import static org.neo4j.driver.RevocationCheckingStrategy.requiresRevocationChecking; import static org.neo4j.driver.internal.util.CertificateTool.loadX509Cert; import java.io.File; @@ -41,36 +41,39 @@ import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; -import org.neo4j.driver.internal.RevocationStrategy; +import org.neo4j.driver.RevocationCheckingStrategy; /** * A SecurityPlan consists of encryption and trust details. */ public class SecurityPlanImpl implements SecurityPlan { public static SecurityPlan forAllCertificates( - boolean requiresHostnameVerification, RevocationStrategy revocationStrategy) + boolean requiresHostnameVerification, RevocationCheckingStrategy revocationCheckingStrategy) throws GeneralSecurityException { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[0], new TrustManager[] {new TrustAllTrustManager()}, null); - return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy); + return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy); } public static SecurityPlan forCustomCASignedCertificates( - List certFiles, boolean requiresHostnameVerification, RevocationStrategy revocationStrategy) + List certFiles, + boolean requiresHostnameVerification, + RevocationCheckingStrategy revocationCheckingStrategy) throws GeneralSecurityException, IOException { - SSLContext sslContext = configureSSLContext(certFiles, revocationStrategy); - return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy); + SSLContext sslContext = configureSSLContext(certFiles, revocationCheckingStrategy); + return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy); } public static SecurityPlan forSystemCASignedCertificates( - boolean requiresHostnameVerification, RevocationStrategy revocationStrategy) + boolean requiresHostnameVerification, RevocationCheckingStrategy revocationCheckingStrategy) throws GeneralSecurityException, IOException { - SSLContext sslContext = configureSSLContext(Collections.emptyList(), revocationStrategy); - return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationStrategy); + SSLContext sslContext = configureSSLContext(Collections.emptyList(), revocationCheckingStrategy); + return new SecurityPlanImpl(true, sslContext, requiresHostnameVerification, revocationCheckingStrategy); } - private static SSLContext configureSSLContext(List customCertFiles, RevocationStrategy revocationStrategy) + private static SSLContext configureSSLContext( + List customCertFiles, RevocationCheckingStrategy revocationCheckingStrategy) throws GeneralSecurityException, IOException { KeyStore trustedKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustedKeyStore.load(null, null); @@ -83,7 +86,7 @@ private static SSLContext configureSSLContext(List customCertFiles, Revoca } PKIXBuilderParameters pkixBuilderParameters = - configurePKIXBuilderParameters(trustedKeyStore, revocationStrategy); + configurePKIXBuilderParameters(trustedKeyStore, revocationCheckingStrategy); SSLContext sslContext = SSLContext.getInstance("TLS"); TrustManagerFactory trustManagerFactory = @@ -101,11 +104,11 @@ private static SSLContext configureSSLContext(List customCertFiles, Revoca } private static PKIXBuilderParameters configurePKIXBuilderParameters( - KeyStore trustedKeyStore, RevocationStrategy revocationStrategy) + KeyStore trustedKeyStore, RevocationCheckingStrategy revocationCheckingStrategy) throws InvalidAlgorithmParameterException, KeyStoreException { PKIXBuilderParameters pkixBuilderParameters = null; - if (requiresRevocationChecking(revocationStrategy)) { + if (requiresRevocationChecking(revocationCheckingStrategy)) { // Configure certificate revocation checking (X509CertSelector() selects all certificates) pkixBuilderParameters = new PKIXBuilderParameters(trustedKeyStore, new X509CertSelector()); @@ -115,7 +118,7 @@ private static PKIXBuilderParameters configurePKIXBuilderParameters( // enables status_request extension in client hello System.setProperty("jdk.tls.client.enableStatusRequestExtension", "true"); - if (revocationStrategy.equals(VERIFY_IF_PRESENT)) { + if (revocationCheckingStrategy.equals(VERIFY_IF_PRESENT)) { // enables soft-fail behaviour if no stapled response found. Security.setProperty("ocsp.enable", "true"); } @@ -146,23 +149,23 @@ private static void loadSystemCertificates(KeyStore trustedKeyStore) throws Gene } public static SecurityPlan insecure() { - return new SecurityPlanImpl(false, null, false, RevocationStrategy.NO_CHECKS); + return new SecurityPlanImpl(false, null, false, RevocationCheckingStrategy.NO_CHECKS); } private final boolean requiresEncryption; private final SSLContext sslContext; private final boolean requiresHostnameVerification; - private final RevocationStrategy revocationStrategy; + private final RevocationCheckingStrategy revocationCheckingStrategy; private SecurityPlanImpl( boolean requiresEncryption, SSLContext sslContext, boolean requiresHostnameVerification, - RevocationStrategy revocationStrategy) { + RevocationCheckingStrategy revocationCheckingStrategy) { this.requiresEncryption = requiresEncryption; this.sslContext = sslContext; this.requiresHostnameVerification = requiresHostnameVerification; - this.revocationStrategy = revocationStrategy; + this.revocationCheckingStrategy = revocationCheckingStrategy; } @Override @@ -181,8 +184,8 @@ public boolean requiresHostnameVerification() { } @Override - public RevocationStrategy revocationStrategy() { - return revocationStrategy; + public RevocationCheckingStrategy revocationCheckingStrategy() { + return revocationCheckingStrategy; } private static class TrustAllTrustManager implements X509TrustManager { diff --git a/driver/src/test/java/org/neo4j/driver/ConfigTest.java b/driver/src/test/java/org/neo4j/driver/ConfigTest.java index b983d1f67f..0d26ee0bc2 100644 --- a/driver/src/test/java/org/neo4j/driver/ConfigTest.java +++ b/driver/src/test/java/org/neo4j/driver/ConfigTest.java @@ -26,9 +26,6 @@ import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.Mockito.mock; -import static org.neo4j.driver.internal.RevocationStrategy.NO_CHECKS; -import static org.neo4j.driver.internal.RevocationStrategy.STRICT; -import static org.neo4j.driver.internal.RevocationStrategy.VERIFY_IF_PRESENT; import static org.neo4j.driver.internal.handlers.pulln.FetchSizeUtil.DEFAULT_FETCH_SIZE; import java.io.File; @@ -44,6 +41,7 @@ import org.junit.jupiter.params.provider.ValueSource; import org.junit.platform.commons.support.HierarchyTraversalMode; import org.junit.platform.commons.support.ReflectionSupport; +import org.neo4j.driver.internal.RevocationStrategy; import org.neo4j.driver.internal.logging.ConsoleLogging; import org.neo4j.driver.internal.logging.DevNullLogging; import org.neo4j.driver.internal.logging.JULogging; @@ -279,19 +277,24 @@ void shouldEnableAndDisableHostnameVerificationOnTrustStrategy() { assertFalse(trustStrategy.isHostnameVerificationEnabled()); } + @SuppressWarnings("deprecation") @Test void shouldEnableAndDisableCertificateRevocationChecksOnTestStrategy() { Config.TrustStrategy trustStrategy = Config.TrustStrategy.trustSystemCertificates(); - assertEquals(NO_CHECKS, trustStrategy.revocationStrategy()); + assertEquals(RevocationCheckingStrategy.NO_CHECKS, trustStrategy.revocationCheckingStrategy()); + assertEquals(RevocationStrategy.NO_CHECKS, trustStrategy.revocationStrategy()); assertSame(trustStrategy, trustStrategy.withoutCertificateRevocationChecks()); - assertEquals(NO_CHECKS, trustStrategy.revocationStrategy()); + assertEquals(RevocationCheckingStrategy.NO_CHECKS, trustStrategy.revocationCheckingStrategy()); + assertEquals(RevocationStrategy.NO_CHECKS, trustStrategy.revocationStrategy()); assertSame(trustStrategy, trustStrategy.withStrictRevocationChecks()); - assertEquals(STRICT, trustStrategy.revocationStrategy()); + assertEquals(RevocationCheckingStrategy.STRICT, trustStrategy.revocationCheckingStrategy()); + assertEquals(RevocationStrategy.STRICT, trustStrategy.revocationStrategy()); assertSame(trustStrategy, trustStrategy.withVerifyIfPresentRevocationChecks()); - assertEquals(VERIFY_IF_PRESENT, trustStrategy.revocationStrategy()); + assertEquals(RevocationCheckingStrategy.VERIFY_IF_PRESENT, trustStrategy.revocationCheckingStrategy()); + assertEquals(RevocationStrategy.VERIFY_IF_PRESENT, trustStrategy.revocationStrategy()); } @Test diff --git a/driver/src/test/java/org/neo4j/driver/integration/ChannelConnectorImplIT.java b/driver/src/test/java/org/neo4j/driver/integration/ChannelConnectorImplIT.java index 1f2a1d6e9d..1bf87f0d82 100644 --- a/driver/src/test/java/org/neo4j/driver/integration/ChannelConnectorImplIT.java +++ b/driver/src/test/java/org/neo4j/driver/integration/ChannelConnectorImplIT.java @@ -49,12 +49,12 @@ import org.junit.jupiter.api.extension.RegisterExtension; import org.neo4j.driver.AuthToken; import org.neo4j.driver.AuthTokens; +import org.neo4j.driver.RevocationCheckingStrategy; import org.neo4j.driver.exceptions.AuthenticationException; import org.neo4j.driver.exceptions.ServiceUnavailableException; import org.neo4j.driver.internal.BoltServerAddress; import org.neo4j.driver.internal.ConnectionSettings; import org.neo4j.driver.internal.DefaultDomainNameResolver; -import org.neo4j.driver.internal.RevocationStrategy; import org.neo4j.driver.internal.async.connection.BootstrapFactory; import org.neo4j.driver.internal.async.connection.ChannelConnector; import org.neo4j.driver.internal.async.connection.ChannelConnectorImpl; @@ -222,6 +222,6 @@ private ChannelConnectorImpl newConnector( } private static SecurityPlan trustAllCertificates() throws GeneralSecurityException { - return SecurityPlanImpl.forAllCertificates(false, RevocationStrategy.NO_CHECKS); + return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS); } } diff --git a/driver/src/test/java/org/neo4j/driver/internal/SecuritySettingsTest.java b/driver/src/test/java/org/neo4j/driver/internal/SecuritySettingsTest.java index 3ae24dc61f..e0e260c782 100644 --- a/driver/src/test/java/org/neo4j/driver/internal/SecuritySettingsTest.java +++ b/driver/src/test/java/org/neo4j/driver/internal/SecuritySettingsTest.java @@ -22,9 +22,9 @@ import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.neo4j.driver.internal.RevocationStrategy.NO_CHECKS; -import static org.neo4j.driver.internal.RevocationStrategy.STRICT; -import static org.neo4j.driver.internal.RevocationStrategy.VERIFY_IF_PRESENT; +import static org.neo4j.driver.RevocationCheckingStrategy.NO_CHECKS; +import static org.neo4j.driver.RevocationCheckingStrategy.STRICT; +import static org.neo4j.driver.RevocationCheckingStrategy.VERIFY_IF_PRESENT; import java.io.File; import java.io.IOException; @@ -77,7 +77,7 @@ void testSystemCertCompatibleConfiguration(String scheme) throws Exception { assertTrue(securityPlan.requiresEncryption()); assertTrue(securityPlan.requiresHostnameVerification()); - assertEquals(NO_CHECKS, securityPlan.revocationStrategy()); + assertEquals(NO_CHECKS, securityPlan.revocationCheckingStrategy()); } @ParameterizedTest @@ -178,7 +178,7 @@ void testConfigureStrictRevocationChecking(String scheme) { SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme); - assertEquals(STRICT, securityPlan.revocationStrategy()); + assertEquals(STRICT, securityPlan.revocationCheckingStrategy()); } @ParameterizedTest @@ -192,7 +192,7 @@ void testConfigureVerifyIfPresentRevocationChecking(String scheme) { SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme); - assertEquals(VERIFY_IF_PRESENT, securityPlan.revocationStrategy()); + assertEquals(VERIFY_IF_PRESENT, securityPlan.revocationCheckingStrategy()); } @ParameterizedTest @@ -205,7 +205,7 @@ void testRevocationCheckingDisabledByDefault(String scheme) { SecurityPlan securityPlan = securitySettings.createSecurityPlan(scheme); - assertEquals(NO_CHECKS, securityPlan.revocationStrategy()); + assertEquals(NO_CHECKS, securityPlan.revocationCheckingStrategy()); } @Nested diff --git a/driver/src/test/java/org/neo4j/driver/internal/async/connection/NettyChannelInitializerTest.java b/driver/src/test/java/org/neo4j/driver/internal/async/connection/NettyChannelInitializerTest.java index 4ca4ee2ab7..d00e967dbc 100644 --- a/driver/src/test/java/org/neo4j/driver/internal/async/connection/NettyChannelInitializerTest.java +++ b/driver/src/test/java/org/neo4j/driver/internal/async/connection/NettyChannelInitializerTest.java @@ -43,8 +43,8 @@ import javax.net.ssl.SSLParameters; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Test; +import org.neo4j.driver.RevocationCheckingStrategy; import org.neo4j.driver.internal.BoltServerAddress; -import org.neo4j.driver.internal.RevocationStrategy; import org.neo4j.driver.internal.security.SecurityPlan; import org.neo4j.driver.internal.security.SecurityPlanImpl; import org.neo4j.driver.internal.util.Clock; @@ -134,7 +134,7 @@ void shouldNotEnableHostnameVerificationWhenNotConfigured() throws Exception { private void testHostnameVerificationSetting(boolean enabled, String expectedValue) throws Exception { NettyChannelInitializer initializer = - newInitializer(SecurityPlanImpl.forAllCertificates(enabled, RevocationStrategy.NO_CHECKS)); + newInitializer(SecurityPlanImpl.forAllCertificates(enabled, RevocationCheckingStrategy.NO_CHECKS)); initializer.initChannel(channel); @@ -158,6 +158,6 @@ private static NettyChannelInitializer newInitializer( } private static SecurityPlan trustAllCertificates() throws GeneralSecurityException { - return SecurityPlanImpl.forAllCertificates(false, RevocationStrategy.NO_CHECKS); + return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS); } }