GEODE-1792: Amended tests to use comma delimited ciphers and protocols
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/9626269f Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/9626269f Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/9626269f Branch: refs/heads/feature/GEODE-1792 Commit: 9626269f305fbb55d4e7f4a19dd646d407c9c50b Parents: d79a944 Author: Udo Kohlmeyer <[email protected]> Authored: Wed Sep 7 05:01:34 2016 +1000 Committer: Udo Kohlmeyer <[email protected]> Committed: Wed Sep 7 05:01:34 2016 +1000 ---------------------------------------------------------------------- .../internal/DistributionConfigImpl.java | 10 ++--- .../net/SSLConfigurationFactoryTest.java | 42 +++++++++++++++++++- .../net/SocketCreatorFactoryJUnitTest.java | 5 ++- .../ConnectToLocatorSSLDUnitTest.java | 2 +- 4 files changed, 48 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java ---------------------------------------------------------------------- diff --git a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java index b272615..7b6b40d 100644 --- a/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java +++ b/geode-core/src/main/java/com/gemstone/gemfire/distributed/internal/DistributionConfigImpl.java @@ -1470,10 +1470,6 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement continue; } Object propVal = me.getValue(); - if(propName.equals(SSL_CIPHERS) || propName.equals(SSL_PROTOCOLS)) - { - propVal = convertCommaDelimitedToSpaceDelimitedString((String)propVal); - } if (propVal != null && (propVal instanceof String)) { // weed out extraneous non-string properties this.setAttribute(propName, ((String) propVal).trim(), this.sourceMap.get(propName)); } @@ -2603,7 +2599,8 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement @Override public void setSSLProtocols(final String sslProtocols) { - this.sslProtocols = sslProtocols; + //This conversion is required due to backwards compatibility of the existing protocols code + this.sslProtocols = convertCommaDelimitedToSpaceDelimitedString(sslProtocols); } @Override @@ -2613,7 +2610,8 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement @Override public void setSSLCiphers(final String sslCiphers) { - this.sslCiphers = sslCiphers; + //This conversion is required due to backwards compatibility of the existing cipher code + this.sslCiphers = convertCommaDelimitedToSpaceDelimitedString(sslCiphers); } @Override http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java index 3cbe55e..bc142e2 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SSLConfigurationFactoryTest.java @@ -42,6 +42,44 @@ public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase { } @Test + public void getSSLConfigWithCommaDelimitedProtocols() throws Exception { + Properties properties = new Properties(); + properties.setProperty(SSL_ENABLED_COMPONENTS, "all"); + properties.setProperty(SSL_KEYSTORE, "someKeyStore"); + properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword"); + properties.setProperty(SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(SSL_TRUSTSTORE, "someKeyStore"); + properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword"); + properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias"); + properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2"); + properties.setProperty(SSL_PROTOCOLS, "Protocol1,Protocol2"); + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SSLConfigurationFactory.setDistributionConfig(distributionConfig); + for (SecurableComponent securableComponent : SecurableComponent.values()) { + assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig); + } + } + + @Test + public void getSSLConfigWithCommaDelimitedCiphers() throws Exception { + Properties properties = new Properties(); + properties.setProperty(SSL_ENABLED_COMPONENTS, "all"); + properties.setProperty(SSL_KEYSTORE, "someKeyStore"); + properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword"); + properties.setProperty(SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(SSL_TRUSTSTORE, "someKeyStore"); + properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword"); + properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias"); + properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2"); + properties.setProperty(SSL_PROTOCOLS, "any"); + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SSLConfigurationFactory.setDistributionConfig(distributionConfig); + for (SecurableComponent securableComponent : SecurableComponent.values()) { + assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig); + } + } + + @Test public void getSSLConfigForComponentALL() throws Exception { Properties properties = new Properties(); properties.setProperty(SSL_ENABLED_COMPONENTS, "all"); @@ -130,8 +168,8 @@ public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase { assertEquals(properties.getProperty(SSL_KEYSTORE_TYPE), sslConfig.getKeystoreType()); assertEquals(properties.getProperty(SSL_TRUSTSTORE), sslConfig.getTruststore()); assertEquals(properties.getProperty(SSL_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword()); - assertEquals(properties.getProperty(SSL_CIPHERS), sslConfig.getCiphers()); - assertEquals(properties.getProperty(SSL_PROTOCOLS), sslConfig.getProtocols()); + assertEquals(properties.getProperty(SSL_CIPHERS).replace(","," "), sslConfig.getCiphers()); + assertEquals(properties.getProperty(SSL_PROTOCOLS).replace(","," "), sslConfig.getProtocols()); assertEquals(getCorrectAlias(expectedSecurableComponent, properties), sslConfig.getAlias()); assertEquals(requiresAuthentication(properties, expectedSecurableComponent), sslConfig.isRequireAuth()); assertEquals(expectedSecurableComponent, sslConfig.getSecuredComponent()); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java index 06de622..7c2b729 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/net/SocketCreatorFactoryJUnitTest.java @@ -157,7 +157,8 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest { @Test public void testNewSSLConfigSSLComponentCombinations2() { - Properties properties = configureSSLProperties(commaDelimitedString(SecurableComponent.CLUSTER.getConstant(), SecurableComponent.SERVER.getConstant(), SecurableComponent.HTTP_SERVICE.getConstant(), SecurableComponent.JMX.getConstant())); + Properties properties = configureSSLProperties(commaDelimitedString(SecurableComponent.CLUSTER.getConstant(), SecurableComponent.SERVER.getConstant(), SecurableComponent.HTTP_SERVICE + .getConstant(), SecurableComponent.JMX.getConstant())); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); SocketCreatorFactory.setDistributionConfig(distributionConfig); @@ -216,7 +217,7 @@ public class SocketCreatorFactoryJUnitTest extends JSSESocketJUnitTest { properties.setProperty(MCAST_PORT, "0"); properties.setProperty(SSL_REQUIRE_AUTHENTICATION, "true"); - properties.setProperty(SSL_CIPHERS, "MD2withRSA,MD5withRSA,SHA1withRSA,SHA256withRSA,SHA384withRSA,SHA512withRS"); + properties.setProperty(SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); properties.setProperty(SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); properties.setProperty(SSL_KEYSTORE, jks.getCanonicalPath()); properties.setProperty(SSL_KEYSTORE_PASSWORD, "password"); http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9626269f/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java index 75a0e82..048e304 100644 --- a/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java +++ b/geode-core/src/test/java/com/gemstone/gemfire/management/ConnectToLocatorSSLDUnitTest.java @@ -81,7 +81,7 @@ public class ConnectToLocatorSSLDUnitTest extends JUnit4DistributedTestCase { securityProps.setProperty(SSL_KEYSTORE_TYPE, "JKS"); securityProps.setProperty(SSL_TRUSTSTORE, jks.getCanonicalPath()); securityProps.setProperty(SSL_TRUSTSTORE_PASSWORD, "password"); - securityProps.setProperty(SSL_PROTOCOLS, "TLSv1.2 TLSv1.1"); + securityProps.setProperty(SSL_PROTOCOLS, "TLSv1.2,TLSv1.1"); setUpLocatorAndConnect(securityProps); }
