diff options
author | Pete Bentley <44170157+prbprbprb@users.noreply.github.com> | 2021-11-05 13:14:42 +0000 |
---|---|---|
committer | Pete Bentley <prb@google.com> | 2021-11-08 10:00:40 +0000 |
commit | 3b5ac3e6fbf1ec9cc2d5e22e92553bf5c0be81d8 (patch) | |
tree | 0178f798d019dd7b38abc08bedb759158dcb5932 | |
parent | 4a79359b3ded10cf8273a9fafa102de7ef7c15fb (diff) | |
download | conscrypt-3b5ac3e6fbf1ec9cc2d5e22e92553bf5c0be81d8.tar.gz |
Make SSLSocketTest agnostic about whether TLSv1 is supported.
Cherry-pick note:
CPing from master to to android11-tests-dev to support a non-Mainline partner who is disabling TLSv1. The change has no functional impact on tests other than if TLSv1 is enabled, it will be tested but it will not be used for negotiation tests whether or not it is present.
Change is expected to automerge forward to android12-tests-dev.
Original description:
Cherry-picked from upstream PR #1043
Calculates the set of supported protocols where needed and
for various negotiation tests avoids the use of TLSv1.
Bug: 198181793
Bug: 205169526
Test: Removed TLSv1 from the set of supported protocols and ran all tests.
Change-Id: I6cfc7be57313d3026b0bb68a6cd7c5ff2b7eeb92
Merged-In: I6cfc7be57313d3026b0bb68a6cd7c5ff2b7eeb92
(cherry picked from commit b8b914d76382f46055880e44198244fd713e893b)
-rw-r--r-- | common/src/test/java/org/conscrypt/javax/net/ssl/SSLSocketTest.java | 23 | ||||
-rw-r--r-- | repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLSocketTest.java | 23 |
2 files changed, 26 insertions, 20 deletions
diff --git a/common/src/test/java/org/conscrypt/javax/net/ssl/SSLSocketTest.java b/common/src/test/java/org/conscrypt/javax/net/ssl/SSLSocketTest.java index f5dc10f6..445ed976 100644 --- a/common/src/test/java/org/conscrypt/javax/net/ssl/SSLSocketTest.java +++ b/common/src/test/java/org/conscrypt/javax/net/ssl/SSLSocketTest.java @@ -427,9 +427,9 @@ public class SSLSocketTest { SSLContext clientContext = c.clientContext; SSLSocket client = (SSLSocket) clientContext.getSocketFactory().createSocket(c.host, c.port); - client.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1"}); + client.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.1"}); final SSLSocket server = (SSLSocket) c.serverSocket.accept(); - server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.2", "TLSv1.1"}); ExecutorService executor = Executors.newSingleThreadExecutor(); Future<Void> future = executor.submit(new Callable<Void>() { @Override public Void call() throws Exception { @@ -440,7 +440,7 @@ public class SSLSocketTest { executor.shutdown(); client.startHandshake(); - assertEquals("TLSv1", client.getSession().getProtocol()); + assertEquals("TLSv1.1", client.getSession().getProtocol()); future.get(); client.close(); @@ -458,9 +458,9 @@ public class SSLSocketTest { SSLContext clientContext = c.clientContext; SSLSocket client = (SSLSocket) clientContext.getSocketFactory().createSocket(c.host, c.port); - client.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1"}); + client.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.1"}); final SSLSocket server = (SSLSocket) c.serverSocket.accept(); - server.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1"}); ExecutorService executor = Executors.newSingleThreadExecutor(); Future<Void> future = executor.submit(new Callable<Void>() { @Override public Void call() throws Exception { @@ -471,7 +471,7 @@ public class SSLSocketTest { executor.shutdown(); client.startHandshake(); - assertEquals("TLSv1", client.getSession().getProtocol()); + assertEquals("TLSv1.1", client.getSession().getProtocol()); future.get(); client.close(); @@ -1057,7 +1057,7 @@ public class SSLSocketTest { Future<Void> s = runAsync(new Callable<Void>() { @Override public Void call() throws Exception { - server.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1"}); server.setEnabledCipherSuites(serverCipherSuites); try { server.startHandshake(); @@ -1073,7 +1073,7 @@ public class SSLSocketTest { Future<Void> c = runAsync(new Callable<Void>() { @Override public Void call() throws Exception { - client.setEnabledProtocols(new String[]{"TLSv1"}); + client.setEnabledProtocols(new String[]{"TLSv1.1"}); client.setEnabledCipherSuites(clientCipherSuites); try { client.startHandshake(); @@ -1095,8 +1095,11 @@ public class SSLSocketTest { @Test public void test_SSLSocket_tlsFallback_byVersion() throws Exception { - for (final String protocol : new String[] { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" }) { - SSLSocketFactory factory = new DelegatingSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault()) { + String[] supportedProtocols = + SSLContext.getDefault().getDefaultSSLParameters().getProtocols(); + for (final String protocol : supportedProtocols) { + SSLSocketFactory factory = new DelegatingSSLSocketFactory( + (SSLSocketFactory) SSLSocketFactory.getDefault()) { @Override protected SSLSocket configureSocket(SSLSocket socket) { socket.setEnabledProtocols(new String[] {protocol}); String[] enabled = socket.getEnabledCipherSuites(); diff --git a/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLSocketTest.java b/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLSocketTest.java index 0fa1b411..8cabe71e 100644 --- a/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLSocketTest.java +++ b/repackaged/common/src/test/java/com/android/org/conscrypt/javax/net/ssl/SSLSocketTest.java @@ -431,9 +431,9 @@ public class SSLSocketTest { SSLContext clientContext = c.clientContext; SSLSocket client = (SSLSocket) clientContext.getSocketFactory().createSocket(c.host, c.port); - client.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1"}); + client.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.1"}); final SSLSocket server = (SSLSocket) c.serverSocket.accept(); - server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.2", "TLSv1.1"}); ExecutorService executor = Executors.newSingleThreadExecutor(); Future<Void> future = executor.submit(new Callable<Void>() { @Override public Void call() throws Exception { @@ -444,7 +444,7 @@ public class SSLSocketTest { executor.shutdown(); client.startHandshake(); - assertEquals("TLSv1", client.getSession().getProtocol()); + assertEquals("TLSv1.1", client.getSession().getProtocol()); future.get(); client.close(); @@ -462,9 +462,9 @@ public class SSLSocketTest { SSLContext clientContext = c.clientContext; SSLSocket client = (SSLSocket) clientContext.getSocketFactory().createSocket(c.host, c.port); - client.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1"}); + client.setEnabledProtocols(new String[] {"TLSv1.3", "TLSv1.1"}); final SSLSocket server = (SSLSocket) c.serverSocket.accept(); - server.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1"}); ExecutorService executor = Executors.newSingleThreadExecutor(); Future<Void> future = executor.submit(new Callable<Void>() { @Override public Void call() throws Exception { @@ -475,7 +475,7 @@ public class SSLSocketTest { executor.shutdown(); client.startHandshake(); - assertEquals("TLSv1", client.getSession().getProtocol()); + assertEquals("TLSv1.1", client.getSession().getProtocol()); future.get(); client.close(); @@ -1061,7 +1061,7 @@ public class SSLSocketTest { Future<Void> s = runAsync(new Callable<Void>() { @Override public Void call() throws Exception { - server.setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1"}); + server.setEnabledProtocols(new String[] {"TLSv1.2", "TLSv1.1"}); server.setEnabledCipherSuites(serverCipherSuites); try { server.startHandshake(); @@ -1077,7 +1077,7 @@ public class SSLSocketTest { Future<Void> c = runAsync(new Callable<Void>() { @Override public Void call() throws Exception { - client.setEnabledProtocols(new String[]{"TLSv1"}); + client.setEnabledProtocols(new String[] {"TLSv1.1"}); client.setEnabledCipherSuites(clientCipherSuites); try { client.startHandshake(); @@ -1099,8 +1099,11 @@ public class SSLSocketTest { @Test public void test_SSLSocket_tlsFallback_byVersion() throws Exception { - for (final String protocol : new String[] { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" }) { - SSLSocketFactory factory = new DelegatingSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault()) { + String[] supportedProtocols = + SSLContext.getDefault().getDefaultSSLParameters().getProtocols(); + for (final String protocol : supportedProtocols) { + SSLSocketFactory factory = new DelegatingSSLSocketFactory( + (SSLSocketFactory) SSLSocketFactory.getDefault()) { @Override protected SSLSocket configureSocket(SSLSocket socket) { socket.setEnabledProtocols(new String[] {protocol}); String[] enabled = socket.getEnabledCipherSuites(); |