root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Add subject alt to JKS store and re-enable OkHttp SSL tests 

Closes gh-35106
This commit is contained in:
Moritz Halbritter 2023-05-05 10:53:49 +02:00
parent 03c838dccc
commit e356a483b6
4 changed files with 2 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/client/ClientHttpRequestFactoriesOkHttp3Tests.java
View File

@ -19,7 +19,6 @@ package org.springframework.boot.web.client;
import java.io.File; import java.io.File;
import okhttp3.OkHttpClient; import okhttp3.OkHttpClient;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.springframework.boot.testsupport.classpath.ClassPathExclusions; import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
@ -67,9 +66,4 @@ class ClientHttpRequestFactoriesOkHttp3Tests
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis(); return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
} }
@Override
@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
void connectWithSslBundle() throws Exception {
}
} }

6
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/client/ClientHttpRequestFactoriesOkHttp4Tests.java
View File

@ -19,7 +19,6 @@ package org.springframework.boot.web.client;
import java.io.File; import java.io.File;
import okhttp3.OkHttpClient; import okhttp3.OkHttpClient;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.springframework.boot.testsupport.classpath.ClassPathExclusions; import org.springframework.boot.testsupport.classpath.ClassPathExclusions;
@ -65,9 +64,4 @@ class ClientHttpRequestFactoriesOkHttp4Tests
return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis(); return ((OkHttpClient) ReflectionTestUtils.getField(requestFactory, "client")).readTimeoutMillis();
} }
@Override
@Disabled("OkHostnameVerifier fails because the JSK doesn't have a type 2 SubjectAltName")
void connectWithSslBundle() throws Exception {
}
} }

4
spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java
View File

@ -458,7 +458,7 @@ public abstract class AbstractServletWebServerFactoryTests {
new ExampleServlet(true, false), "/hello"); new ExampleServlet(true, false), "/hello");
this.webServer = factory.getWebServer(registration); this.webServer = factory.getWebServer(registration);
this.webServer.start(); this.webServer.start();
TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("3a3aaec8"); TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy("6454C1DC");
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build(); SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create() PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
.setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext)) .setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext))
@ -1628,7 +1628,7 @@ public abstract class AbstractServletWebServerFactoryTests {
@Override @Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
String hexSerialNumber = chain[0].getSerialNumber().toString(16); String hexSerialNumber = chain[0].getSerialNumber().toString(16);
boolean isMatch = hexSerialNumber.equals(this.serialNumber); boolean isMatch = hexSerialNumber.equalsIgnoreCase(this.serialNumber);
return super.isTrusted(chain, authType) && isMatch; return super.isTrusted(chain, authType) && isMatch;
} }

BIN
spring-boot-project/spring-boot/src/test/resources/test.jks
View File

Binary file not shown.