diff options
| author | Jose <jose@zeroc.com> | 2019-10-04 17:29:08 +0200 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2019-10-04 17:29:37 +0200 |
| commit | 5578810adbbecf1694fcae3d459a47e2ba1b1070 (patch) | |
| tree | a31ffb344b8ace66e429b50672b59bc900a5f829 /java | |
| parent | Fixes #572 (race condition in test) (diff) | |
| download | ice-5578810adbbecf1694fcae3d459a47e2ba1b1070.tar.bz2 ice-5578810adbbecf1694fcae3d459a47e2ba1b1070.tar.xz ice-5578810adbbecf1694fcae3d459a47e2ba1b1070.zip | |
Fix IceSSL/configuration failures on rhel8 - Close #573
Diffstat (limited to 'java')
| -rw-r--r-- | java/test/src/main/java/test/IceSSL/configuration/AllTests.java | 161 |
1 files changed, 0 insertions, 161 deletions
diff --git a/java/test/src/main/java/test/IceSSL/configuration/AllTests.java b/java/test/src/main/java/test/IceSSL/configuration/AllTests.java index 3bd6f10615a..4a6af2f524b 100644 --- a/java/test/src/main/java/test/IceSSL/configuration/AllTests.java +++ b/java/test/src/main/java/test/IceSSL/configuration/AllTests.java @@ -1369,167 +1369,6 @@ public class AllTests } out.println("ok"); - out.print("testing ciphers... "); - out.flush(); - { - // - // Configure a server with RSA and DSA certificates. - // - // First try a client with a DSA certificate. - // - initData = createClientProps(defaultProperties, "c_dsa_ca1", "cacert1"); - Communicator comm = Util.initialize(args, initData); - ServerFactoryPrx fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, "s_rsa_dsa_ca1", "cacert1"); - d.put("IceSSL.VerifyPeer", "1"); - ServerPrx server = fact.createServer(d); - try - { - server.ice_ping(); - } - catch(com.zeroc.Ice.SecurityException ex) - { - // Expected on systems that disable DSA (EL8) - } - catch(com.zeroc.Ice.LocalException ex) - { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - - // - // Next try a client with an RSA certificate. - // - initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); - comm = Util.initialize(args, initData); - fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, "s_rsa_dsa_ca1", "cacert1"); - d.put("IceSSL.VerifyPeer", "1"); - server = fact.createServer(d); - try - { - server.ice_ping(); - } - catch(com.zeroc.Ice.LocalException ex) - { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } - { - // - // Configure a server with RSA and a client with DSA. This should fail. - // - initData = createClientProps(defaultProperties, "c_dsa_ca1", "cacert1"); - initData.properties.setProperty("IceSSL.Ciphers", "NONE (.*DSS.*)"); - Communicator comm = Util.initialize(args, initData); - ServerFactoryPrx fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, "s_rsa_ca1", "cacert1"); - d.put("IceSSL.VerifyPeer", "2"); - ServerPrx server = fact.createServer(d); - try - { - server.ice_ping(); - test(false); - } - catch(com.zeroc.Ice.SecurityException ex) - { - // Expected. - } - catch(com.zeroc.Ice.ConnectionLostException ex) - { - // Expected for thread pool. - } - catch(com.zeroc.Ice.LocalException ex) - { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } - { - // - // Configure the server with both RSA and DSA certificates, but use the - // Alias property to select the RSA certificate. This should fail. - // - initData = createClientProps(defaultProperties, "c_dsa_ca1", "cacert1"); - initData.properties.setProperty("IceSSL.Ciphers", "NONE (.*DSS.*)"); - Communicator comm = Util.initialize(args, initData); - ServerFactoryPrx fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, "s_rsa_dsa_ca1", "cacert1"); - d.put("IceSSL.Alias", "rsacert"); - d.put("IceSSL.VerifyPeer", "2"); - ServerPrx server = fact.createServer(d); - try - { - server.ice_ping(); - test(false); - } - catch(com.zeroc.Ice.SecurityException ex) - { - // Expected. - } - catch(com.zeroc.Ice.ConnectionLostException ex) - { - // Expected for thread pool. - } - catch(com.zeroc.Ice.LocalException ex) - { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } - { - // - // Configure the server with both RSA and DSA certificates, but use the - // Alias property to select the DSA certificate. This should succeed. - // - initData = createClientProps(defaultProperties, "cacert1", ""); - Communicator comm = Util.initialize(args, initData); - ServerFactoryPrx fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(defaultProperties, "s_rsa_dsa_ca1", "cacert1"); - d.put("IceSSL.Alias", "dsacert"); - d.put("IceSSL.VerifyPeer", "1"); - // TLS 1.3 no longer supports DSA so disable TLS 1.3 for this test. - d.put("IceSSL.Protocols", "ssl3, tls1_0, tls1_1, tls1_2"); - ServerPrx server = fact.createServer(d); - try - { - server.ice_ping(); - // - // RSA is used by default, so we examine the negotiated cipher to determine whether - // DSA was actually used. - // - com.zeroc.IceSSL.ConnectionInfo info = - (com.zeroc.IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.cipher.toLowerCase().contains("dss")); - } - catch(com.zeroc.Ice.ConnectionLostException ex) - { - // Expected on systems that disable DSA (EL8) - } - catch(com.zeroc.Ice.LocalException ex) - { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } - out.println("ok"); - out.print("testing IceSSL.TrustOnly... "); out.flush(); { |