"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java" between
httpcomponents-client-4.5.7-src.tar.gz and httpcomponents-client-4.5.8-src.tar.gz

About: HttpComponents is an Apache project responsible for creating and maintaining a toolset of low level Java components focused on HTTP and associated protocols. Java sources.

TestSSLSocketFactory.java  (httpcomponents-client-4.5.7-src):TestSSLSocketFactory.java  (httpcomponents-client-4.5.8-src)
skipping to change at line 379 skipping to change at line 379
sslSocket.setSoTimeout(1); sslSocket.setSoTimeout(1);
inputStream.read(); inputStream.read();
Assert.fail("SocketTimeoutException expected"); Assert.fail("SocketTimeoutException expected");
} catch (final SocketTimeoutException ex){ } catch (final SocketTimeoutException ex){
Assert.assertThat(sslSocket.isClosed(), CoreMatchers.equalTo(false)) ; Assert.assertThat(sslSocket.isClosed(), CoreMatchers.equalTo(false)) ;
Assert.assertThat(socket.isClosed(), CoreMatchers.equalTo(false)); Assert.assertThat(socket.isClosed(), CoreMatchers.equalTo(false));
} finally { } finally {
inputStream.close(); inputStream.close();
} }
} }
@Test
public void testStrongCipherSuites() {
final String[] strongCipherSuites = {
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_GCM_SHA384"
};
for (final String cipherSuite : strongCipherSuites) {
Assert.assertFalse(SSLConnectionSocketFactory.isWeakCipherSuite(ciph
erSuite));
}
}
@Test
public void testWeakCiphersDisabledByDefault() {
final String[] weakCiphersSuites = {
"SSL_RSA_WITH_RC4_128_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DH_anon_WITH_AES_128_CBC_SHA",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_RSA_WITH_NULL_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DH_anon_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_NULL_SHA256",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
// "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
"SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
};
for (final String cipherSuite : weakCiphersSuites) {
Assert.assertTrue(SSLConnectionSocketFactory.isWeakCipherSuite(ciphe
rSuite));
try {
testWeakCipherDisabledByDefault(cipherSuite);
Assert.fail("IOException expected");
} catch (final Exception e) {
Assert.assertTrue(e instanceof IOException || e instanceof Illeg
alArgumentException);
}
}
}
private void testWeakCipherDisabledByDefault(final String cipherSuite) throw
s Exception {
// @formatter:off
this.server = ServerBootstrap.bootstrap()
.setServerInfo(LocalServerTestBase.ORIGIN)
.setSslContext(SSLTestContexts.createServerSSLContext())
.setSslSetupHandler(new SSLServerSetupHandler() {
@Override
public void initialize(final SSLServerSocket socket) {
socket.setEnabledCipherSuites(new String[] {cipherSuite}
);
}
})
.create();
// @formatter:on
this.server.start();
final HttpContext context = new BasicHttpContext();
final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocket
Factory(
SSLTestContexts.createClientSSLContext());
final Socket socket = socketFactory.createSocket(context);
try {
final InetSocketAddress remoteAddress = new InetSocketAddress("local
host", this.server.getLocalPort());
final HttpHost target = new HttpHost("localhost", this.server.getLoc
alPort(), "https");
socketFactory.connectSocket(0, socket, target, remoteAddress, null,
context);
} finally {
socket.close();
}
}
} }
 End of changes. 1 change blocks. 
0 lines changed or deleted 84 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)