test: filter out unsupported ciphers when checking default socket factory

Closes elastic/elasticsearch#2 Original commit: elastic/x-pack-elasticsearch@6510f65dc4
2016-02-09 08:14:05 -05:00 · 2016-02-09 08:14:05 -05:00 · 50452e403f
parent e8ad8cbb36
commit 50452e403f
2 changed files with 6 additions and 7 deletions
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ssl/ClientSSLServiceTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ssl/ClientSSLServiceTests.java
@ -251,17 +251,17 @@ public class ClientSSLServiceTests extends ESTestCase {
        }
    }

-    @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/2")
    public void testThatSSLSocketFactoryHasProperCiphersAndProtocols() throws Exception {
        ClientSSLService sslService = createClientSSLService(settingsBuilder()
                .put("shield.ssl.keystore.path", testclientStore)
                .put("shield.ssl.keystore.password", "testclient")
                .build());
        SSLSocketFactory factory = sslService.sslSocketFactory();
-        assertThat(factory.getDefaultCipherSuites(), is(sslService.ciphers()));
+        final String[] ciphers = sslService.supportedCiphers(factory.getSupportedCipherSuites(), sslService.ciphers());
+        assertThat(factory.getDefaultCipherSuites(), is(ciphers));

        try (SSLSocket socket = (SSLSocket) factory.createSocket()) {
-            assertThat(socket.getEnabledCipherSuites(), is(sslService.ciphers()));
+            assertThat(socket.getEnabledCipherSuites(), is(ciphers));
            assertThat(socket.getEnabledProtocols(), is(sslService.supportedProtocols()));
        }
    }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ssl/ServerSSLServiceTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ssl/ServerSSLServiceTests.java
@ -32,7 +32,6 @@ import static org.hamcrest.Matchers.not;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
 import static org.hamcrest.Matchers.sameInstance;
-import static org.mockito.Mockito.mock;

 public class ServerSSLServiceTests extends ESTestCase {
    Path testnodeStore;
@ -223,17 +222,17 @@ public class ServerSSLServiceTests extends ESTestCase {
        }
    }

-    @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/2")
    public void testThatSSLSocketFactoryHasProperCiphersAndProtocols() throws Exception {
        ServerSSLService sslService = new ServerSSLService(settingsBuilder()
                .put("shield.ssl.keystore.path", testnodeStore)
                .put("shield.ssl.keystore.password", "testnode")
                .build(), env);
        SSLSocketFactory factory = sslService.sslSocketFactory();
-        assertThat(factory.getDefaultCipherSuites(), is(sslService.ciphers()));
+        final String[] ciphers = sslService.supportedCiphers(factory.getSupportedCipherSuites(), sslService.ciphers());
+        assertThat(factory.getDefaultCipherSuites(), is(ciphers));

        try (SSLSocket socket = (SSLSocket) factory.createSocket()) {
-            assertThat(socket.getEnabledCipherSuites(), is(sslService.ciphers()));
+            assertThat(socket.getEnabledCipherSuites(), is(ciphers));
            assertThat(socket.getEnabledProtocols(), is(sslService.supportedProtocols()));
        }
    }