0 | |
Description: Don't check the IDEA cipher during the tests since it is disabled in Debian (see #327739)
|
1 | |
Also ignore ARIA which is disabled by default in OpenSSL.
|
2 | |
Author: Emmanuel Bourg <ebourg@apache.org>
|
3 | |
Forwarded: not-needed
|
4 | |
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
|
5 | |
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
|
6 | |
@@ -107,6 +107,23 @@
|
7 | |
unimplemented.add(Cipher.SSL2_RC4_128_EXPORT40_WITH_MD5);
|
8 | |
unimplemented.add(Cipher.SSL2_IDEA_128_CBC_WITH_MD5);
|
9 | |
unimplemented.add(Cipher.SSL2_DES_192_EDE3_CBC_WITH_MD5);
|
10 | |
+ unimplemented.add(Cipher.TLS_RSA_WITH_IDEA_CBC_SHA);
|
11 | |
+ unimplemented.add(Cipher.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256);
|
12 | |
+ unimplemented.add(Cipher.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384);
|
13 | |
+ unimplemented.add(Cipher.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256);
|
14 | |
+ unimplemented.add(Cipher.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384);
|
15 | |
+ unimplemented.add(Cipher.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256);
|
16 | |
+ unimplemented.add(Cipher.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384);
|
17 | |
+ unimplemented.add(Cipher.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256);
|
18 | |
+ unimplemented.add(Cipher.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384);
|
19 | |
+ unimplemented.add(Cipher.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256);
|
20 | |
+ unimplemented.add(Cipher.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384);
|
21 | |
+ unimplemented.add(Cipher.TLS_PSK_WITH_ARIA_128_GCM_SHA256);
|
22 | |
+ unimplemented.add(Cipher.TLS_PSK_WITH_ARIA_256_GCM_SHA384);
|
23 | |
+ unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256);
|
24 | |
+ unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384);
|
25 | |
+ unimplemented.add(Cipher.TLS_RSA_WITH_ARIA_128_GCM_SHA256);
|
26 | |
+ unimplemented.add(Cipher.TLS_RSA_WITH_ARIA_256_GCM_SHA384);
|
27 | |
|
28 | |
// These are TLS v1.3 cipher suites
|
29 | |
// Java does not currently support these so they are excluded from the
|
30 | |
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
|
31 | |
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
|
32 | |
@@ -575,7 +575,7 @@
|
33 | |
|
34 | |
private void testSpecification(String specification) throws Exception {
|
35 | |
// Filter out cipher suites that OpenSSL does not implement
|
36 | |
- String openSSLCipherList = TesterOpenSSL.getOpenSSLCiphersAsExpression(specification);
|
37 | |
+ String openSSLCipherList = TesterOpenSSL.getOpenSSLCiphersAsExpression(specification + ":!ARIA");
|
38 | |
List<String> jsseCipherListFromOpenSSL =
|
39 | |
OpenSSLCipherConfigurationParser.parseExpression(openSSLCipherList);
|
40 | |
List<String> jsseCipherListFromParser =
|
41 | |
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
|
42 | |
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
|
43 | |
@@ -76,7 +76,7 @@
|
44 | |
// OpenSSL does not include ECDH/ECDHE ciphers in all and there is no
|
45 | |
// EC alias. Use aRSA.
|
46 | |
// OpenSSL 1.0.0 onwards does not include eNULL in all.
|
47 | |
- Set<String> availableCipherSuites = TesterOpenSSL.getOpenSSLCiphersAsSet("ALL:eNULL:aRSA");
|
48 | |
+ Set<String> availableCipherSuites = TesterOpenSSL.getOpenSSLCiphersAsSet("ALL:eNULL:aRSA:!ARIA");
|
49 | |
|
50 | |
Set<String> expectedCipherSuites = new HashSet<>();
|
51 | |
for (Cipher cipher : Cipher.values()) {
|