This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 1a4d7e2f0a Refactor to avoid always skipping tests
1a4d7e2f0a is described below
commit 1a4d7e2f0ac2cbe5b4256b2195e3347f992d1d39
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Jan 13 19:07:44 2026 +0000
Refactor to avoid always skipping tests
Skipping tests normally indicates an optional component (e.g. OpenSSL)
was not present. It should be possible to run the tests without skipping
any tests.
---
.../apache/tomcat/util/net/ocsp/OcspBaseTest.java | 4 +-
.../tomcat/util/net/ocsp/TestOcspEnabled.java | 189 +++++++--------------
2 files changed, 66 insertions(+), 127 deletions(-)
diff --git a/test/org/apache/tomcat/util/net/ocsp/OcspBaseTest.java
b/test/org/apache/tomcat/util/net/ocsp/OcspBaseTest.java
index 7a9c133021..e25347030a 100644
--- a/test/org/apache/tomcat/util/net/ocsp/OcspBaseTest.java
+++ b/test/org/apache/tomcat/util/net/ocsp/OcspBaseTest.java
@@ -30,8 +30,8 @@ import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.BeforeClass;
-import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
import org.apache.catalina.Context;
import org.apache.catalina.startup.Tomcat;
@@ -62,7 +62,7 @@ public class OcspBaseTest extends TomcatBaseTest {
}
- @Parameterized.Parameters(name = "{0} with OpenSSL trust {2}")
+ @Parameters(name = "{0} with OpenSSL trust {2}")
public static Collection<Object[]> parameters() {
List<Object[]> parameterSets = new ArrayList<>();
parameterSets.add(new Object[] { "JSSE", Boolean.FALSE, Boolean.FALSE,
diff --git a/test/org/apache/tomcat/util/net/ocsp/TestOcspEnabled.java
b/test/org/apache/tomcat/util/net/ocsp/TestOcspEnabled.java
index 13e0898e9a..ffc367e2da 100644
--- a/test/org/apache/tomcat/util/net/ocsp/TestOcspEnabled.java
+++ b/test/org/apache/tomcat/util/net/ocsp/TestOcspEnabled.java
@@ -17,14 +17,20 @@
package org.apache.tomcat.util.net.ocsp;
import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
import javax.net.ssl.SSLHandshakeException;
import org.junit.AfterClass;
+import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
@RunWith(Parameterized.class)
public class TestOcspEnabled extends OcspBaseTest {
@@ -45,130 +51,63 @@ public class TestOcspEnabled extends OcspBaseTest {
}
- @Test
- public void testRevokedClientRevokedServerVerifyNone() throws Exception {
- doTest(false, false, ClientCertificateVerification.DISABLED, false);
- }
-
- @Test
- public void testRevokedClientRevokedServerVerifyClientDefault() throws
Exception {
- doTest(false, false, ClientCertificateVerification.DEFAULT, false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testRevokedClientRevokedServerVerifyServer() throws Exception {
- doTest(false, false, ClientCertificateVerification.DISABLED, true);
- }
-
- @Test
- public void testRevokedClientRevokedServerVerifyClientOptional() throws
Exception {
- doTest(false, false, ClientCertificateVerification.OPTIONAL_NO_CA,
false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void
testRevokedClientRevokedServerVerifyClientOpionalVerifyServer() throws
Exception {
- // Same as false, false, false, true since server certificate is
verified before client certificate
- doTest(false, false, ClientCertificateVerification.OPTIONAL_NO_CA,
true);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testRevokedClientRevokedServerVerifyClient() throws Exception {
- doTest(false, false, ClientCertificateVerification.ENABLED, false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testRevokedClientRevokedServerVerifyBoth() throws Exception {
- // Same as false, false, false, true since server certificate is
verified before client certificate
- doTest(false, false, ClientCertificateVerification.ENABLED, true);
- }
-
- @Test
- public void testRevokedClientValidServerVerifyNone() throws Exception {
- doTest(false, true, ClientCertificateVerification.DISABLED, false);
- }
-
- @Test
- public void testRevokedClientValidServerVerifyServer() throws Exception {
- doTest(false, true, ClientCertificateVerification.DISABLED, true);
- }
-
- @Test
- public void testRevokedClientValidServerVerifyClientOptional() throws
Exception {
- doTest(false, true, ClientCertificateVerification.OPTIONAL_NO_CA,
false);
- }
-
- @Test
- public void testRevokedClientValidServerVerifyClientOptionalVerifyServer()
throws Exception {
- doTest(false, true, ClientCertificateVerification.OPTIONAL_NO_CA,
true);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testRevokedClientValidServerVerifyClient() throws Exception {
- doTest(false, true, ClientCertificateVerification.ENABLED, false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testRevokedClientValidServerVerifyBoth() throws Exception {
- doTest(false, true, ClientCertificateVerification.ENABLED, true);
- }
-
- @Test
- public void testValidClientRevokedServerVerifyNone() throws Exception {
- doTest(true, false, ClientCertificateVerification.DISABLED, false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testValidClientRevokedServerVerifyServer() throws Exception {
- doTest(true, false, ClientCertificateVerification.DISABLED, true);
- }
-
- @Test
- public void testValidClientRevokedServerVerifyClientOptional() throws
Exception {
- doTest(true, false, ClientCertificateVerification.OPTIONAL_NO_CA,
false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testValidClientRevokedServerVerifyClientOptionalVerifyServer()
throws Exception {
- doTest(true, false, ClientCertificateVerification.OPTIONAL_NO_CA,
true);
- }
-
- @Test
- public void testValidClientRevokedServerVerifyClient() throws Exception {
- doTest(true, false, ClientCertificateVerification.ENABLED, false);
- }
-
- @Test(expected = SSLHandshakeException.class)
- public void testValidClientRevokedServerVerifyBoth() throws Exception {
- doTest(true, false, ClientCertificateVerification.ENABLED, true);
- }
-
- @Test
- public void testValidClientValidServerVerifyNone() throws Exception {
- doTest(true, true, ClientCertificateVerification.DISABLED, false);
- }
-
- @Test
- public void testValidClientValidServerVerifyServer() throws Exception {
- doTest(true, true, ClientCertificateVerification.DISABLED, true);
- }
-
- @Test
- public void testValidClientValidServerVerifyClientOptional() throws
Exception {
- doTest(true, true, ClientCertificateVerification.OPTIONAL_NO_CA,
false);
- }
-
- @Test
- public void testValidClientValidServerVerifyClientOptionalVerifyServer()
throws Exception {
- doTest(true, true, ClientCertificateVerification.OPTIONAL_NO_CA, true);
- }
-
- @Test
- public void testValidClientValidServerVerifyClient() throws Exception {
- doTest(true, true, ClientCertificateVerification.ENABLED, false);
- }
-
- @Test
- public void testValidClientValidServerVerifyBoth() throws Exception {
- doTest(true, true, ClientCertificateVerification.ENABLED, true);
+ @Parameters(name = "{0} with OpenSSL trust {2}: clientOk {4}, serverOk
{5}, verifyClient {6}, verifyServer {7}")
+ public static Collection<Object[]> parameters() {
+ List<Object[]> parameterSets = new ArrayList<>();
+ Collection<Object[]> baseData = OcspBaseTest.parameters();
+
+ for (Object[] base : baseData) {
+ for (Boolean clientCertValid : booleans) {
+ for (Boolean serverCertValid : booleans) {
+ for (ClientCertificateVerification verifyClientCert :
ClientCertificateVerification.values()) {
+ boolean useOpenSSLTrust = ((Boolean)
base[2]).booleanValue();
+ if (verifyClientCert ==
ClientCertificateVerification.OPTIONAL_NO_CA && !useOpenSSLTrust ||
+ verifyClientCert ==
ClientCertificateVerification.ENABLED && !clientCertValid.booleanValue()) {
+ continue;
+ }
+ for (Boolean verifyServerCert : booleans) {
+ Boolean handshakeFailureExpected;
+ if (!serverCertValid.booleanValue() &&
verifyServerCert.booleanValue()) {
+ handshakeFailureExpected = Boolean.TRUE;
+ } else {
+ handshakeFailureExpected = Boolean.FALSE;
+ }
+ parameterSets.add(new Object[] { base[0], base[1],
base[2], base[3], clientCertValid,
+ serverCertValid, verifyClientCert,
verifyServerCert, handshakeFailureExpected});
+ }
+ }
+ }
+ }
+ }
+ return parameterSets;
+ }
+
+ @Parameter(4)
+ public boolean clientCertValid;
+
+ @Parameter(5)
+ public boolean serverCertValid;
+
+ @Parameter(6)
+ public ClientCertificateVerification verifyClientCert;
+
+ @Parameter(7)
+ public boolean verifyServerCert;
+
+ @Parameter(8)
+ public boolean handshakeFailureExpected;
+
+ @Test
+ public void test() throws Exception {
+ try {
+ doTest(clientCertValid, serverCertValid, verifyClientCert,
verifyServerCert);
+ if (handshakeFailureExpected) {
+ Assert.fail("Handshake did not fail when expected to do so.");
+ }
+ } catch (SSLHandshakeException e) {
+ if (!handshakeFailureExpected) {
+ Assert.fail("Handshake failed when not expected to do so.");
+ }
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
