Update to latest Conscrypt release and add workarounds for bugs (#10211)
Motivation: We are far behind with the version of Conscrypt we are using during testing. We should ensure we use the latest. Modifications: - Update conscrypt dependency - Ensure we use conscrypt provider in tests - Add workarounds for conscrypt bugs in testsuite Result: Use latest Conscrypt release
This commit is contained in:
parent
c354fa48e1
commit
83012a038b
@ -80,18 +80,4 @@ public class ConscryptJdkSslEngineInteropTest extends SSLEngineTest {
|
|||||||
// TODO(scott): work around for a JDK issue. The exception should be SSLHandshakeException.
|
// TODO(scott): work around for a JDK issue. The exception should be SSLHandshakeException.
|
||||||
return super.mySetupMutualAuthServerIsValidServerException(cause) || causedBySSLException(cause);
|
return super.mySetupMutualAuthServerIsValidServerException(cause) || causedBySSLException(cause);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Ignore("Ignore due bug in Conscrypt")
|
|
||||||
@Override
|
|
||||||
public void testSessionBindingEvent() throws Exception {
|
|
||||||
// Ignore due bug in Conscrypt where the incorrect SSLSession object is used in the SSLSessionBindingEvent.
|
|
||||||
// See https://github.com/google/conscrypt/issues/593
|
|
||||||
}
|
|
||||||
|
|
||||||
@Ignore("Ignore due bug in Conscrypt")
|
|
||||||
@Override
|
|
||||||
public void testHandshakeSession() throws Exception {
|
|
||||||
// Ignore as Conscrypt does not correctly return the local certificates while the TrustManager is invoked.
|
|
||||||
// See https://github.com/google/conscrypt/issues/634
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -78,18 +78,4 @@ public class ConscryptSslEngineTest extends SSLEngineTest {
|
|||||||
@Override
|
@Override
|
||||||
public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
|
public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Ignore("Ignore due bug in Conscrypt")
|
|
||||||
@Override
|
|
||||||
public void testSessionBindingEvent() throws Exception {
|
|
||||||
// Ignore due bug in Conscrypt where the incorrect SSLSession object is used in the SSLSessionBindingEvent.
|
|
||||||
// See https://github.com/google/conscrypt/issues/593
|
|
||||||
}
|
|
||||||
|
|
||||||
@Ignore("Ignore due bug in Conscrypt")
|
|
||||||
@Override
|
|
||||||
public void testHandshakeSession() throws Exception {
|
|
||||||
// Ignore as Conscrypt does not correctly return the local certificates while the TrustManager is invoked.
|
|
||||||
// See https://github.com/google/conscrypt/issues/634
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -1947,12 +1947,14 @@ public abstract class SSLEngineTest {
|
|||||||
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
||||||
.ciphers(Collections.singletonList(sharedCipher))
|
.ciphers(Collections.singletonList(sharedCipher))
|
||||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.build());
|
.build());
|
||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
serverSslCtx = wrapContext(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
.ciphers(Collections.singletonList(sharedCipher))
|
.ciphers(Collections.singletonList(sharedCipher))
|
||||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.build());
|
.build());
|
||||||
SSLEngine clientEngine = null;
|
SSLEngine clientEngine = null;
|
||||||
@ -1978,12 +1980,14 @@ public abstract class SSLEngineTest {
|
|||||||
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
||||||
.ciphers(Collections.singletonList(sharedCipher), SupportedCipherSuiteFilter.INSTANCE)
|
.ciphers(Collections.singletonList(sharedCipher), SupportedCipherSuiteFilter.INSTANCE)
|
||||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.build());
|
.build());
|
||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
serverSslCtx = wrapContext(SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
.ciphers(Collections.singletonList(sharedCipher), SupportedCipherSuiteFilter.INSTANCE)
|
.ciphers(Collections.singletonList(sharedCipher), SupportedCipherSuiteFilter.INSTANCE)
|
||||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.build());
|
.build());
|
||||||
SSLEngine clientEngine = null;
|
SSLEngine clientEngine = null;
|
||||||
@ -2006,6 +2010,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2014,6 +2019,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2049,6 +2055,7 @@ public abstract class SSLEngineTest {
|
|||||||
public void testSSLEngineUnwrapNoSslRecord() throws Exception {
|
public void testSSLEngineUnwrapNoSslRecord() throws Exception {
|
||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2079,6 +2086,7 @@ public abstract class SSLEngineTest {
|
|||||||
public void testBeginHandshakeAfterEngineClosed() throws SSLException {
|
public void testBeginHandshakeAfterEngineClosed() throws SSLException {
|
||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2093,6 +2101,12 @@ public abstract class SSLEngineTest {
|
|||||||
fail();
|
fail();
|
||||||
} catch (SSLException expected) {
|
} catch (SSLException expected) {
|
||||||
// expected
|
// expected
|
||||||
|
} catch (IllegalStateException e) {
|
||||||
|
if (!Conscrypt.isEngineSupported(client)) {
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
|
// Workaround for conscrypt bug
|
||||||
|
// See https://github.com/google/conscrypt/issues/840
|
||||||
}
|
}
|
||||||
} finally {
|
} finally {
|
||||||
cleanupClientSslEngine(client);
|
cleanupClientSslEngine(client);
|
||||||
@ -2105,6 +2119,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2113,6 +2128,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2156,6 +2172,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2164,6 +2181,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2184,7 +2202,11 @@ public abstract class SSLEngineTest {
|
|||||||
engine.beginHandshake();
|
engine.beginHandshake();
|
||||||
try {
|
try {
|
||||||
engine.closeInbound();
|
engine.closeInbound();
|
||||||
fail();
|
// Workaround for conscrypt bug
|
||||||
|
// See https://github.com/google/conscrypt/issues/839
|
||||||
|
if (!Conscrypt.isEngineSupported(engine)) {
|
||||||
|
fail();
|
||||||
|
}
|
||||||
} catch (SSLException expected) {
|
} catch (SSLException expected) {
|
||||||
// expected
|
// expected
|
||||||
}
|
}
|
||||||
@ -2197,6 +2219,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
// This test only works for non TLSv1.3 for now
|
// This test only works for non TLSv1.3 for now
|
||||||
.protocols(PROTOCOL_TLS_V1_2)
|
.protocols(PROTOCOL_TLS_V1_2)
|
||||||
@ -2205,6 +2228,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
// This test only works for non TLSv1.3 for now
|
// This test only works for non TLSv1.3 for now
|
||||||
.protocols(PROTOCOL_TLS_V1_2)
|
.protocols(PROTOCOL_TLS_V1_2)
|
||||||
@ -2234,7 +2258,8 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
assertEquals(SSLEngineResult.Status.CLOSED, result.getStatus());
|
assertEquals(SSLEngineResult.Status.CLOSED, result.getStatus());
|
||||||
// Need an UNWRAP to read the response of the close_notify
|
// Need an UNWRAP to read the response of the close_notify
|
||||||
if (PlatformDependent.javaVersion() >= 12 && sslClientProvider() == SslProvider.JDK) {
|
if ((PlatformDependent.javaVersion() >= 12 && sslClientProvider() == SslProvider.JDK)
|
||||||
|
|| Conscrypt.isEngineSupported(client)) {
|
||||||
// This is a workaround for a possible JDK12+ bug.
|
// This is a workaround for a possible JDK12+ bug.
|
||||||
//
|
//
|
||||||
// See http://mail.openjdk.java.net/pipermail/security-dev/2019-February/019406.html.
|
// See http://mail.openjdk.java.net/pipermail/security-dev/2019-February/019406.html.
|
||||||
@ -2352,6 +2377,7 @@ public abstract class SSLEngineTest {
|
|||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
.build());
|
.build());
|
||||||
@ -2360,6 +2386,7 @@ public abstract class SSLEngineTest {
|
|||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
.build());
|
.build());
|
||||||
@ -2394,6 +2421,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2402,6 +2430,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2473,6 +2502,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2481,6 +2511,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2541,6 +2572,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2549,6 +2581,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2616,6 +2649,7 @@ public abstract class SSLEngineTest {
|
|||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
.trustManager(cert.cert())
|
.trustManager(cert.cert())
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2624,6 +2658,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2672,6 +2707,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
SslContext ctx = wrapContext(SslContextBuilder
|
SslContext ctx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.protocols(protocols())
|
.protocols(protocols())
|
||||||
.ciphers(ciphers())
|
.ciphers(ciphers())
|
||||||
@ -2704,7 +2740,10 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testUsingX509TrustManagerVerifiesHostname() throws Exception {
|
public void testUsingX509TrustManagerVerifiesHostname() throws Exception {
|
||||||
SslProvider clientProvider = sslClientProvider();
|
if (clientSslContextProvider() != null) {
|
||||||
|
// Not supported when using conscrypt
|
||||||
|
return;
|
||||||
|
}
|
||||||
SelfSignedCertificate cert = new SelfSignedCertificate();
|
SelfSignedCertificate cert = new SelfSignedCertificate();
|
||||||
clientSslCtx = wrapContext(SslContextBuilder
|
clientSslCtx = wrapContext(SslContextBuilder
|
||||||
.forClient()
|
.forClient()
|
||||||
@ -2743,6 +2782,7 @@ public abstract class SSLEngineTest {
|
|||||||
}
|
}
|
||||||
}, null, TrustManagerFactory.getDefaultAlgorithm()) {
|
}, null, TrustManagerFactory.getDefaultAlgorithm()) {
|
||||||
})
|
})
|
||||||
|
.sslContextProvider(clientSslContextProvider())
|
||||||
.sslProvider(sslClientProvider())
|
.sslProvider(sslClientProvider())
|
||||||
.build());
|
.build());
|
||||||
|
|
||||||
@ -2753,6 +2793,7 @@ public abstract class SSLEngineTest {
|
|||||||
|
|
||||||
serverSslCtx = wrapContext(SslContextBuilder
|
serverSslCtx = wrapContext(SslContextBuilder
|
||||||
.forServer(cert.certificate(), cert.privateKey())
|
.forServer(cert.certificate(), cert.privateKey())
|
||||||
|
.sslContextProvider(serverSslContextProvider())
|
||||||
.sslProvider(sslServerProvider())
|
.sslProvider(sslServerProvider())
|
||||||
.build());
|
.build());
|
||||||
|
|
||||||
@ -2778,7 +2819,8 @@ public abstract class SSLEngineTest {
|
|||||||
SSLEngine server = null;
|
SSLEngine server = null;
|
||||||
try {
|
try {
|
||||||
serverSslCtx = wrapContext(SslContextBuilder.forServer(cert.key(), cert.cert())
|
serverSslCtx = wrapContext(SslContextBuilder.forServer(cert.key(), cert.cert())
|
||||||
.sslProvider(sslClientProvider())
|
.sslContextProvider(serverSslContextProvider())
|
||||||
|
.sslProvider(sslServerProvider())
|
||||||
.ciphers(cipherList).build());
|
.ciphers(cipherList).build());
|
||||||
server = wrapEngine(serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
|
server = wrapEngine(serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
|
||||||
fail();
|
fail();
|
||||||
|
2
pom.xml
2
pom.xml
@ -359,7 +359,7 @@
|
|||||||
<tcnative.classifier>${os.detected.classifier}</tcnative.classifier>
|
<tcnative.classifier>${os.detected.classifier}</tcnative.classifier>
|
||||||
<conscrypt.groupId>org.conscrypt</conscrypt.groupId>
|
<conscrypt.groupId>org.conscrypt</conscrypt.groupId>
|
||||||
<conscrypt.artifactId>conscrypt-openjdk-uber</conscrypt.artifactId>
|
<conscrypt.artifactId>conscrypt-openjdk-uber</conscrypt.artifactId>
|
||||||
<conscrypt.version>1.3.0</conscrypt.version>
|
<conscrypt.version>2.4.0</conscrypt.version>
|
||||||
<conscrypt.classifier />
|
<conscrypt.classifier />
|
||||||
<jni.classifier>${os.detected.name}-${os.detected.arch}</jni.classifier>
|
<jni.classifier>${os.detected.name}-${os.detected.arch}</jni.classifier>
|
||||||
<logging.config>${project.basedir}/../common/src/test/resources/logback-test.xml</logging.config>
|
<logging.config>${project.basedir}/../common/src/test/resources/logback-test.xml</logging.config>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user