svn commit: r1614658 - /tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java

Wed, 30 Jul 2014 06:28:25 -0700 

Author: markt
Date: Wed Jul 30 13:27:45 2014
New Revision: 1614658

URL: http://svn.apache.org/r1614658
Log:
Check OpenSSL doesn't return any ciphers we don't recognise and fix a couple of 
overly broad exclusions.

Modified:
    tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java

Modified: 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java?rev=1614658&r1=1614657&r2=1614658&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java 
(original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestCipher.java 
Wed Jul 30 13:27:45 2014
@@ -89,12 +89,12 @@ public class TestCipher {
             if (openSSLAlias.contains("GOST")) {
                 continue;
             }
-            // OpenSSL does not implement any DH_DSS or DH_RSA algorithms so
+            // OpenSSL does not implement any DH-DSS or DH-RSA algorithms so
             // exclude them from the expected list
-            if (openSSLAlias.contains("DH-DSS")) {
+            if (openSSLAlias.startsWith("DH-DSS") || 
openSSLAlias.startsWith("EXP-DH-DSS")) {
                 continue;
             }
-            if (openSSLAlias.contains("DH-RSA")) {
+            if (openSSLAlias.startsWith("DH-RSA") || 
openSSLAlias.startsWith("EXP-DH-RSA")) {
                 continue;
             }
             // OpenSSL does not enable the experimental EXP1024 and
@@ -123,6 +123,17 @@ public class TestCipher {
             unavailableList.append(' ');
         }
         Assert.assertEquals(unavailableList.toString(), 0,  
unavailableCipherSuites.size());
+
+        Set<String> unexpectedCipherSuites = new HashSet<>();
+        unexpectedCipherSuites.addAll(availableCipherSuites);
+        unexpectedCipherSuites.removeAll(expectedCipherSuites);
+        StringBuilder unexpectedList = new StringBuilder();
+        for (String cipher : unexpectedCipherSuites) {
+            unexpectedList.append(cipher);
+            unexpectedList.append(' ');
+        }
+        Assert.assertEquals(unexpectedList.toString(), 0,  
unexpectedCipherSuites.size());
+
     }
 
     private static Set<String> getOpenSSLCiphersAsSet(String specification) 
throws Exception {



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to