From 411ad9d5b6a0aed87c5ec98ed20fa89550f3843e Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Mon, 27 Apr 2020 06:27:54 +0200 Subject: [PATCH] Update testsuite / pom.xml to be able to build with Java15 (#10210) Motivation: We need to make some slightly changes to be able to build on Java15 as some previous deprecated methods now throw UnsupportedOperationException Modifications: - Add code to handle UnsupportedOperationException - Revert previous applied workaround for bug that was fixed in Java15 - Add maven profile Result: Be able to build with latest Java15 EA release --- .../java/io/netty/handler/ssl/Conscrypt.java | 7 +- .../io/netty/handler/ssl/SSLEngineTest.java | 78 +++++++++++++------ pom.xml | 20 +++++ 3 files changed, 82 insertions(+), 23 deletions(-) diff --git a/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java b/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java index fe56e6a792..f7ac0269e8 100644 --- a/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java +++ b/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java @@ -15,6 +15,8 @@ */ package io.netty.handler.ssl; +import io.netty.util.internal.PlatformDependent; + import javax.net.ssl.SSLEngine; import java.lang.invoke.MethodHandle; import java.lang.invoke.MethodHandles; @@ -59,7 +61,10 @@ final class Conscrypt { * Indicates whether or not conscrypt is available on the current system. */ static boolean isAvailable() { - return CAN_INSTANCE_PROVIDER && IS_CONSCRYPT_SSLENGINE != null; + return CAN_INSTANCE_PROVIDER && IS_CONSCRYPT_SSLENGINE != null && + // Only works on Java14 and earlier for now + // See https://github.com/google/conscrypt/issues/838 + (PlatformDependent.javaVersion() < 15 || PlatformDependent.isAndroid()); } static boolean isEngineSupported(SSLEngine engine) { diff --git a/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java index 752c2c7551..d8510b5093 100644 --- a/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java +++ b/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java @@ -1015,8 +1015,13 @@ public abstract class SSLEngineTest { assertEquals(1, session.getPeerCertificates().length); assertArrayEquals(certBytes, session.getPeerCertificates()[0].getEncoded()); - assertEquals(1, session.getPeerCertificateChain().length); - assertArrayEquals(certBytes, session.getPeerCertificateChain()[0].getEncoded()); + try { + assertEquals(1, session.getPeerCertificateChain().length); + assertArrayEquals(certBytes, session.getPeerCertificateChain()[0].getEncoded()); + } catch (UnsupportedOperationException e) { + // See https://bugs.openjdk.java.net/browse/JDK-8241039 + assertTrue(PlatformDependent.javaVersion() >= 15); + } assertEquals(1, session.getLocalCertificates().length); assertArrayEquals(certBytes, session.getLocalCertificates()[0].getEncoded()); @@ -1752,20 +1757,36 @@ public abstract class SSLEngineTest { Throwable cause = ((SslHandshakeCompletionEvent) evt).cause(); if (cause == null) { SSLSession session = ((SslHandler) ctx.pipeline().first()).engine().getSession(); - X509Certificate[] peerCertificateChain = session.getPeerCertificateChain(); Certificate[] peerCertificates = session.getPeerCertificates(); - if (peerCertificateChain == null) { - promise.setFailure(new NullPointerException("peerCertificateChain")); - } else if (peerCertificates == null) { + if (peerCertificates == null) { promise.setFailure(new NullPointerException("peerCertificates")); - } else if (peerCertificateChain.length + peerCertificates.length != 4) { - String excTxtFmt = "peerCertificateChain.length:%s, peerCertificates.length:%s"; - promise.setFailure(new IllegalStateException(String.format(excTxtFmt, - peerCertificateChain.length, - peerCertificates.length))); - } else { - for (int i = 0; i < peerCertificateChain.length; i++) { - if (peerCertificateChain[i] == null || peerCertificates[i] == null) { + return; + } + try { + X509Certificate[] peerCertificateChain = session.getPeerCertificateChain(); + if (peerCertificateChain == null) { + promise.setFailure(new NullPointerException("peerCertificateChain")); + } else if (peerCertificateChain.length + peerCertificates.length != 4) { + String excTxtFmt = "peerCertificateChain.length:%s, peerCertificates.length:%s"; + promise.setFailure(new IllegalStateException(String.format(excTxtFmt, + peerCertificateChain.length, + peerCertificates.length))); + } else { + for (int i = 0; i < peerCertificateChain.length; i++) { + if (peerCertificateChain[i] == null || peerCertificates[i] == null) { + promise.setFailure( + new IllegalStateException("Certificate in chain is null")); + return; + } + } + promise.setSuccess(null); + } + } catch (UnsupportedOperationException e) { + // See https://bugs.openjdk.java.net/browse/JDK-8241039 + assertTrue(PlatformDependent.javaVersion() >= 15); + assertEquals(2, peerCertificates.length); + for (int i = 0; i < peerCertificates.length; i++) { + if (peerCertificates[i] == null) { promise.setFailure( new IllegalStateException("Certificate in chain is null")); return; @@ -2993,7 +3014,7 @@ public abstract class SSLEngineTest { // Workaround for JDK 14 regression. // See https://bugs.openjdk.java.net/browse/JDK-8242008 - if (PlatformDependent.javaVersion() < 14) { + if (PlatformDependent.javaVersion() != 14) { assertNotNull(serverSession.getSessionContext()); } @@ -3028,9 +3049,15 @@ public abstract class SSLEngineTest { assertEquals(1, serverPeerCertificates.length); assertArrayEquals(clientLocalCertificates[0].getEncoded(), serverPeerCertificates[0].getEncoded()); - X509Certificate[] serverPeerX509Certificates = serverSession.getPeerCertificateChain(); - assertEquals(1, serverPeerX509Certificates.length); - assertArrayEquals(clientLocalCertificates[0].getEncoded(), serverPeerX509Certificates[0].getEncoded()); + try { + X509Certificate[] serverPeerX509Certificates = serverSession.getPeerCertificateChain(); + assertEquals(1, serverPeerX509Certificates.length); + assertArrayEquals(clientLocalCertificates[0].getEncoded(), + serverPeerX509Certificates[0].getEncoded()); + } catch (UnsupportedOperationException e) { + // See https://bugs.openjdk.java.net/browse/JDK-8241039 + assertTrue(PlatformDependent.javaVersion() >= 15); + } Principal clientLocalPrincipial = clientSession.getLocalPrincipal(); assertNotNull(clientLocalPrincipial); @@ -3053,6 +3080,9 @@ public abstract class SSLEngineTest { fail(); } catch (SSLPeerUnverifiedException expected) { // As we did not use mutual auth this is expected + } catch (UnsupportedOperationException e) { + // See https://bugs.openjdk.java.net/browse/JDK-8241039 + assertTrue(PlatformDependent.javaVersion() >= 15); } try { @@ -3067,10 +3097,14 @@ public abstract class SSLEngineTest { assertEquals(1, clientPeerCertificates.length); assertArrayEquals(serverLocalCertificates[0].getEncoded(), clientPeerCertificates[0].getEncoded()); - X509Certificate[] clientPeerX509Certificates = clientSession.getPeerCertificateChain(); - assertEquals(1, clientPeerX509Certificates.length); - assertArrayEquals(serverLocalCertificates[0].getEncoded(), clientPeerX509Certificates[0].getEncoded()); - + try { + X509Certificate[] clientPeerX509Certificates = clientSession.getPeerCertificateChain(); + assertEquals(1, clientPeerX509Certificates.length); + assertArrayEquals(serverLocalCertificates[0].getEncoded(), clientPeerX509Certificates[0].getEncoded()); + } catch (UnsupportedOperationException e) { + // See https://bugs.openjdk.java.net/browse/JDK-8241039 + assertTrue(PlatformDependent.javaVersion() >= 15); + } Principal clientPeerPrincipal = clientSession.getPeerPrincipal(); assertEquals(serverLocalPrincipal, clientPeerPrincipal); } finally { diff --git a/pom.xml b/pom.xml index 78585f0999..11d947ec32 100644 --- a/pom.xml +++ b/pom.xml @@ -98,6 +98,26 @@ + + java15 + + 15 + + + + + true + + 3.0.0-M3 + + 2.0.5.Final + + 1.7 + 1.7 + + true + + java14