TestOpenSSLCipherConfigurationParser.java

markt Fri, 01 Aug 2014 12:36:24 -0700

Author: markt
Date: Fri Aug  1 19:35:49 2014
New Revision: 1615209

URL: http://svn.apache.org/r1615209
Log:
Fix COMPLEMENTOFDEFAULT alias


Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
    
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1615209&r1=1615208&r2=1615209&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 Fri Aug  1 19:35:49 2014
@@ -457,8 +457,10 @@ public class OpenSSLCipherConfigurationP
         initialized = true;
         // Despite what the OpenSSL docs say, DEFAULT also excludes SSLv2
         addListAlias(DEFAULT, parse("ALL:!eNULL:!aNULL:!SSLv2"));
-        LinkedHashSet<Cipher> complementOfDefault = new LinkedHashSet<>(all);
-        complementOfDefault.removeAll(aliases.get(DEFAULT));
+        // COMPLEMENTOFDEFAULT is also not exactly as defined by the docs
+        Set<Cipher> complementOfDefault = filterByKeyExchange(all, new 
HashSet<>(Arrays.asList(KeyExchange.EDH,KeyExchange.EECDH)));
+        complementOfDefault = filterByAuthentication(complementOfDefault, 
Collections.singleton(Authentication.aNULL));
+        complementOfDefault.removeAll(aliases.get(eNULL));
         addListAlias(COMPLEMENTOFDEFAULT, complementOfDefault);
     }
 

Modified: 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java?rev=1615209&r1=1615208&r2=1615209&view=diff
==============================================================================
--- 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
 Fri Aug  1 19:35:49 2014
@@ -38,9 +38,7 @@ public class TestOpenSSLCipherConfigurat
     }
 
 
-    // TODO
     @Test
-    @Ignore("Currently fails - needs investigation")
     public void testCOMPLEMENTOFDEFAULT() throws Exception {
         testSpecification("COMPLEMENTOFDEFAULT");
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1615209 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java

Reply via email to