[Git][java-team/httpcomponents-client][master] 3 commits: Ignore the TestSSLSocketFactory.testTLSOnly test
Markus Koschany
gitlab at salsa.debian.org
Wed Apr 14 23:41:10 BST 2021
Markus Koschany pushed to branch master at Debian Java Maintainers / httpcomponents-client
Commits:
9b67af58 by Markus Koschany at 2021-04-15T00:30:31+02:00
Ignore the TestSSLSocketFactory.testTLSOnly test
because because it deliberately sets the protocol version to TLSv1 which is
disabled by default via the java.security policy in OpenJDK 11. TLSv1 is
considered to be no longer safe and rejecting the handshake is actually the
correct behavior.
Closes: #986528
- - - - -
c886c30c by Markus Koschany at 2021-04-15T00:31:43+02:00
Update changelog
- - - - -
a3812ea8 by Markus Koschany at 2021-04-15T00:34:59+02:00
Add the missing import
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/ignore-TestSSLSocketFactory.testTLSOnly.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,14 @@
+httpcomponents-client (4.5.13-2) unstable; urgency=medium
+
+ * Team upload.
+ * Ignore the TestSSLSocketFactory.testTLSOnly test
+ because it deliberately sets the protocol version to TLSv1 which is
+ disabled by default via the java.security policy in OpenJDK 11. TLSv1 is
+ considered to be no longer safe and rejecting the handshake is actually the
+ correct behavior. (Closes: #986528)
+
+ -- Markus Koschany <apo at debian.org> Thu, 15 Apr 2021 00:31:08 +0200
+
httpcomponents-client (4.5.13-1) unstable; urgency=medium
* Team upload.
=====================================
debian/patches/ignore-TestSSLSocketFactory.testTLSOnly.patch
=====================================
@@ -0,0 +1,34 @@
+From: Markus Koschany <apo at debian.org>
+Date: Thu, 15 Apr 2021 00:26:17 +0200
+Subject: ignore TestSSLSocketFactory.testTLSOnly
+
+Ignore the failing testTLSOnly test because it deliberately sets the protocol
+version to TLSv1 which is disabled by default via the java.security policy in
+OpenJDK 11. TLSv1 is considered to be no longer safe and rejecting the
+handshake is actually the correct behavior.
+
+Forwarded: no
+---
+ .../src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
+index 3865f16..725a5d9 100644
+--- a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
++++ b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
+@@ -58,6 +58,7 @@ import org.apache.http.ssl.SSLContexts;
+ import org.hamcrest.CoreMatchers;
+ import org.junit.After;
+ import org.junit.Assert;
++import org.junit.Ignore;
+ import org.junit.Test;
+
+ /**
+@@ -290,6 +291,7 @@ public class TestSSLSocketFactory {
+ sslSocket.close();
+ }
+
++ @Ignore
+ @Test
+ public void testTLSOnly() throws Exception {
+ // @formatter:off
=====================================
debian/patches/series
=====================================
@@ -1,3 +1,4 @@
01-generate_osgi_metadata.patch
02-include-suffix-list.patch
03-skip-failing-tests.patch
+ignore-TestSSLSocketFactory.testTLSOnly.patch
View it on GitLab: https://salsa.debian.org/java-team/httpcomponents-client/-/compare/47569016f4978594eb150192355d10609a0988e2...a3812ea8ab6092b862ba6c534aceebb367f3712c
--
View it on GitLab: https://salsa.debian.org/java-team/httpcomponents-client/-/compare/47569016f4978594eb150192355d10609a0988e2...a3812ea8ab6092b862ba6c534aceebb367f3712c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20210414/0c8a8df4/attachment.htm>
More information about the pkg-java-commits
mailing list