This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 1d4f22078010aee28f097a588c2146bd2b09f7b4
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Nov 1 19:34:45 2023 +0000
Add test based on BZ 67628
---
.../ciphers/TestOpenSSLCipherConfigurationParser.java | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git
a/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
b/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
index 5f301b5cae..1c2b94644e 100644
---
a/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
+++
b/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
@@ -556,6 +556,21 @@ public class TestOpenSSLCipherConfigurationParser {
testSpecification("EECDH+aRSA+SHA384:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS");
}
+
+ /*
+ * Cipher string extracted from
https://bz.apache.org/bugzilla/show_bug.cgi?id=67628
+ */
+ @Test
+ public void testSpecification04() throws Exception {
+ if (TesterOpenSSL.VERSION < 30200) {
+ // OpenSSL 3.2.x moved the CCM8 ciphers from high to medium
+
testSpecification("HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!DSS:!SHA1:!SHA256:!SHA384:!AESCCM8");
+ } else {
+
testSpecification("HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!DSS:!SHA1:!SHA256:!SHA384:");
+ }
+ }
+
+
private void testSpecification(String specification) throws Exception {
// Filter out cipher suites that OpenSSL does not implement
String openSSLCipherList =
TesterOpenSSL.getOpenSSLCiphersAsExpression(specification);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
