Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #5531 - Test excluded protocol behavior 

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
This commit is contained in:
Joakim Erdfelt 2020-10-29 13:57:20 -05:00
parent dadd299e47
commit cff4771375
No known key found for this signature in database
GPG Key ID: 2D0E1FB8FE4B68B4
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java
View File

@ -50,6 +50,7 @@ import org.eclipse.jetty.util.resource.Resource;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.arrayContaining;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo;
@ -95,6 +96,39 @@ public class SslContextFactoryTest
}
}
@Test
public void testDumpExcludedProtocols() throws Exception
{
SslContextFactory.Server cf = new SslContextFactory.Server();
cf.setKeyStorePassword("storepwd");
cf.setKeyManagerPassword("keypwd");
cf.setExcludeProtocols("SSL.*", "TLSv1", "TLSv1\\.[01]");
cf.start();
// Confirm behavior in engine
assertThat(cf.newSSLEngine().getEnabledProtocols(), not(arrayContaining("TLSv1.1")));
// Confirm output in dump
List<SslSelectionDump> dumps = cf.selectionDump();
Optional<SslSelectionDump> protocolDumpOpt = dumps.stream()
.filter((dump) -> dump.type.contains("Protocol"))
.findFirst();
assertTrue(protocolDumpOpt.isPresent(), "Protocol dump section should exist");
SslSelectionDump protocolDump = protocolDumpOpt.get();
long countTls11Enabled = protocolDump.enabled.stream().filter((t) -> t.contains("TLSv1.1")).count();
long countTls11Disabled = protocolDump.disabled.stream().filter((t) -> t.contains("TLSv1.1")).count();
assertThat("Enabled Protocols TLSv1.1 count", countTls11Enabled, is(0L));
assertThat("Disabled Protocols TLSv1.1 count", countTls11Disabled, is(1L));
// Uncomment to show in console.
// cf.dump(System.out, "");
}
@Test
public void testDumpIncludeTlsRsa() throws Exception
{