Fix some SSL related deprecation warnings

Original commit: elastic/x-pack-elasticsearch@311e3d626b
2016-07-08 21:19:17 +02:00 · 2016-07-08 21:19:17 +02:00 · f783dc1db8
parent 86d1805d40
commit f783dc1db8
6 changed files with 24 additions and 22 deletions
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiAuthenticationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiAuthenticationTests.java
@ -99,7 +99,7 @@ public class PkiAuthenticationTests extends SecurityIntegTestCase {

    public void testRestAuthenticationViaPki() throws Exception {
        SSLContext context = getRestSSLContext("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testnode.jks", "testnode");
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(context).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(context).build()) {
            HttpPut put = new HttpPut(getNodeUrl() + "foo");
            try (CloseableHttpResponse response = client.execute(put)) {
                String body = EntityUtils.toString(response.getEntity());
@ -110,7 +110,7 @@ public class PkiAuthenticationTests extends SecurityIntegTestCase {

    public void testRestAuthenticationFailure() throws Exception {
        SSLContext context = getRestSSLContext("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testclient.jks", "testclient");
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(context).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(context).build()) {
            HttpPut put = new HttpPut(getNodeUrl() + "foo");
            try (CloseableHttpResponse response = client.execute(put)) {
                assertThat(response.getStatusLine().getStatusCode(), is(401));
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/ssl/ClientSSLServiceTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/ssl/ClientSSLServiceTests.java
@ -41,8 +41,8 @@ import static org.hamcrest.Matchers.sameInstance;

 public class ClientSSLServiceTests extends ESTestCase {

-    Environment env;
-    Path testclientStore;
+    private Environment env;
+    private Path testclientStore;

    @Before
    public void setup() throws Exception {
@ -181,7 +181,7 @@ public class ClientSSLServiceTests extends ESTestCase {
    public void testThatSSLContextWithoutSettingsWorks() throws Exception {
        ClientSSLService sslService = createClientSSLService(Settings.EMPTY);
        SSLContext sslContext = sslService.sslContext();
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(sslContext).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(sslContext).build()) {
            // Execute a GET on a site known to have a valid certificate signed by a trusted public CA
            // This will result in a SSLHandshakeException if the SSLContext does not trust the CA, but the default
            // truststore trusts all common public CAs so the handshake will succeed
@ -196,7 +196,7 @@ public class ClientSSLServiceTests extends ESTestCase {
                .put("xpack.security.ssl.keystore.password", "testclient")
                .build());
        SSLContext sslContext = sslService.sslContext();
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(sslContext).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(sslContext).build()) {
            // Execute a GET on a site known to have a valid certificate signed by a trusted public CA which will succeed because the JDK
            // certs are trusted by default
            client.execute(new HttpGet("https://www.elastic.co/")).close();
@ -208,7 +208,7 @@ public class ClientSSLServiceTests extends ESTestCase {
                .put(Global.INCLUDE_JDK_CERTS_SETTING.getKey(), "false")
                .build());
        sslContext = sslService.sslContext();
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(sslContext).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(sslContext).build()) {
            // Execute a GET on a site known to have a valid certificate signed by a trusted public CA
            // This will result in a SSLHandshakeException because the truststore is the testnodestore, which doesn't
            // trust any public CAs
@ -283,7 +283,7 @@ public class ClientSSLServiceTests extends ESTestCase {
        }
    }

-    ClientSSLService createClientSSLService(Settings settings) {
+    private ClientSSLService createClientSSLService(Settings settings) {
        ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
        clientSSLService.setEnvironment(env);
        return clientSSLService;
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/ssl/ServerSSLServiceTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/ssl/ServerSSLServiceTests.java
@ -35,8 +35,8 @@ import static org.hamcrest.Matchers.sameInstance;

 public class ServerSSLServiceTests extends ESTestCase {

-    Path testnodeStore;
-    Environment env;
+    private Path testnodeStore;
+    private Environment env;

    @Before
    public void setup() throws Exception {
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/TransportFilterTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/TransportFilterTests.java
@ -117,7 +117,7 @@ public class TransportFilterTests extends ESIntegTestCase {
    public static class InternalPlugin extends Plugin {
        @Override
        public Collection<Module> nodeModules() {
-            return Collections.<Module>singletonList(new TestTransportFilterModule());
+            return Collections.singletonList(new TestTransportFilterModule());
        }
    }

@ -269,7 +269,7 @@ public class TransportFilterTests extends ESIntegTestCase {
        }
    }

-    static void await(CountDownLatch latch) throws Exception {
+    private static void await(CountDownLatch latch) throws Exception {
        if (!latch.await(5, TimeUnit.SECONDS)) {
            fail("waiting too long for request");
        }
@ -298,7 +298,7 @@ public class TransportFilterTests extends ESIntegTestCase {

        @Override
        protected Map<String, ServerTransportFilter> initializeProfileFilters() {
-            return Collections.<String, ServerTransportFilter>singletonMap(TransportSettings.DEFAULT_PROFILE,
+            return Collections.singletonMap(TransportSettings.DEFAULT_PROFILE,
                    mock(ServerTransportFilter.NodeProfile.class));
        }
    }
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslClientAuthTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslClientAuthTests.java
@ -5,11 +5,12 @@
 */
 package org.elasticsearch.xpack.security.transport.ssl;

+import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.conn.ssl.SSLContexts;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
 import org.apache.http.message.BasicHeader;
+import org.apache.http.ssl.SSLContexts;
 import org.apache.http.util.EntityUtils;
 import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.client.Response;
@ -18,22 +19,22 @@ import org.elasticsearch.client.transport.TransportClient;
 import org.elasticsearch.common.network.NetworkModule;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.TransportAddress;
+import org.elasticsearch.test.SecurityIntegTestCase;
+import org.elasticsearch.transport.Transport;
+import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.Security;
 import org.elasticsearch.xpack.security.ssl.ClientSSLService;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 import org.elasticsearch.xpack.security.transport.netty.SecurityNettyHttpServerTransport;
 import org.elasticsearch.xpack.security.transport.netty.SecurityNettyTransport;
-import org.elasticsearch.test.SecurityIntegTestCase;
-import org.elasticsearch.transport.Transport;
-import org.elasticsearch.xpack.XPackPlugin;

 import javax.net.ssl.SSLHandshakeException;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;

-import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
 import static org.elasticsearch.test.SecuritySettingsSource.getSSLSettingsForStore;
+import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.equalTo;

@ -59,7 +60,7 @@ public class SslClientAuthTests extends SecurityIntegTestCase {
    public void testThatHttpFailsWithoutSslClientAuth() throws IOException {
        SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
                SSLContexts.createDefault(),
-                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+                NoopHostnameVerifier.INSTANCE);

        try (RestClient restClient = createRestClient(HttpClients.custom().setSSLSocketFactory(socketFactory).build(), "https")) {
            restClient.performRequest("GET", "/");
@ -77,7 +78,7 @@ public class SslClientAuthTests extends SecurityIntegTestCase {

        SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
                sslService.sslContext(),
-                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+                NoopHostnameVerifier.INSTANCE);

        CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build();

--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslIntegrationTests.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/ssl/SslIntegrationTests.java
@ -10,6 +10,7 @@ import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.CredentialsProvider;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.impl.client.CloseableHttpClient;
@ -103,7 +104,7 @@ public class SslIntegrationTests extends SecurityIntegTestCase {
        CredentialsProvider provider = new BasicCredentialsProvider();
        provider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(nodeClientUsername(),
                new String(nodeClientPassword().internalChars())));
-        try (CloseableHttpClient client = HttpClients.custom().setSslcontext(service.sslContext())
+        try (CloseableHttpClient client = HttpClients.custom().setSSLContext(service.sslContext())
                .setDefaultCredentialsProvider(provider).build();
            CloseableHttpResponse response = client.execute(new HttpGet(getNodeUrl()))) {
            assertThat(response.getStatusLine().getStatusCode(), is(200));
@ -119,7 +120,7 @@ public class SslIntegrationTests extends SecurityIntegTestCase {

        sslContext.init(null, factory.getTrustManagers(), new SecureRandom());
        SSLConnectionSocketFactory sf = new SSLConnectionSocketFactory(sslContext, new String[]{ "SSLv3" }, null,
-                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
+                NoopHostnameVerifier.INSTANCE);
        try (CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(sf).build()) {
            client.execute(new HttpGet(getNodeUrl()));
            fail("Expected a connection error due to SSLv3 not being supported by default");