andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Only use KeyManagerFactory in SniClientTest when supported by OpenSSL version. (#8289)

Browse Source 
Motivation:

6ed7c6c75d458047adc37470697f215e9d7436ea added a test which blindly assumed we can use a KeyManagerFactory all the time. This is only true if have OpenSSL 1.0.2 or later, which may not be the case.

Modifications:

Only use KeyManagerFactory in test if the OpenSSL version does support it.

Result:

More robust tests.
This commit is contained in:
Norman Maurer 2018-09-14 19:01:55 +02:00 committed by GitHub
parent 6ed7c6c75d
commit 2b1514ec5a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
handler/src/test/java/io/netty/handler/ssl/SniClientTest.java
View File

@ -91,7 +91,7 @@ public class SniClientTest {
SniClientJava8TestUtil.testSniClient(serverProvider, clientProvider, false); SniClientJava8TestUtil.testSniClient(serverProvider, clientProvider, false);
} }
private static void testSniClient(SslProvider sslClientProvider, SslProvider sslServerProvider) throws Exception { private static void testSniClient(SslProvider sslServerProvider, SslProvider sslClientProvider) throws Exception {
String sniHostName = "sni.netty.io"; String sniHostName = "sni.netty.io";
LocalAddress address = new LocalAddress("test"); LocalAddress address = new LocalAddress("test");
EventLoopGroup group = new DefaultEventLoopGroup(1); EventLoopGroup group = new DefaultEventLoopGroup(1);
@ -100,13 +100,23 @@ public class SniClientTest {
try { try {
SelfSignedCertificate cert = new SelfSignedCertificate(); SelfSignedCertificate cert = new SelfSignedCertificate();
KeyManagerFactory kmf = PlatformDependent.javaVersion() >= 8 ? final SslContext sslServerContext;
SniClientJava8TestUtil.newSniX509KeyManagerFactory(cert, sniHostName) : if ((sslServerProvider == SslProvider.OPENSSL || sslServerProvider == SslProvider.OPENSSL_REFCNT)
SslContext.buildKeyManagerFactory( && !OpenSsl.useKeyManagerFactory()) {
new X509Certificate[] { cert.cert() }, cert.key(), null, null); sslServerContext = SslContextBuilder.forServer(cert.certificate(), cert.privateKey())
.sslProvider(sslServerProvider)
.build();
} else {
// The used OpenSSL version does support a KeyManagerFactory, so use it.
KeyManagerFactory kmf = PlatformDependent.javaVersion() >= 8 ?
SniClientJava8TestUtil.newSniX509KeyManagerFactory(cert, sniHostName) :
SslContext.buildKeyManagerFactory(
new X509Certificate[] { cert.cert() }, cert.key(), null, null);
final SslContext sslServerContext = SslContextBuilder.forServer(kmf) sslServerContext = SslContextBuilder.forServer(kmf)
.sslProvider(sslServerProvider).build(); .sslProvider(sslServerProvider)
.build();
}
final Promise<String> promise = group.next().newPromise(); final Promise<String> promise = group.next().newPromise();
ServerBootstrap sb = new ServerBootstrap(); ServerBootstrap sb = new ServerBootstrap();