[Git][java-team/httpcomponents-client][master] 3 commits: Ignore the TestSSLSocketFactory.testTLSOnly test

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Java Maintainers / httpcomponents-client


Commits:
9b67af58 by Markus Koschany at 2021-04-15T00:30:31+02:00
Ignore the TestSSLSocketFactory.testTLSOnly test

because because it deliberately sets the protocol version to TLSv1 which is
disabled by default via the java.security policy in OpenJDK 11. TLSv1 is
considered to be no longer safe and rejecting the handshake is actually the
correct behavior.

Closes: #986528

- - - - -
c886c30c by Markus Koschany at 2021-04-15T00:31:43+02:00
Update changelog

- - - - -
a3812ea8 by Markus Koschany at 2021-04-15T00:34:59+02:00
Add the missing import

- - - - -


3 changed files:

- debian/changelog
- + debian/patches/ignore-TestSSLSocketFactory.testTLSOnly.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,14 @@
+httpcomponents-client (4.5.13-2) unstable; urgency=medium
+
+  * Team upload.
+  * Ignore the TestSSLSocketFactory.testTLSOnly test
+    because it deliberately sets the protocol version to TLSv1 which is
+    disabled by default via the java.security policy in OpenJDK 11. TLSv1 is
+    considered to be no longer safe and rejecting the handshake is actually the
+    correct behavior. (Closes: #986528)
+
+ -- Markus Koschany <apo at debian.org>  Thu, 15 Apr 2021 00:31:08 +0200
+
 httpcomponents-client (4.5.13-1) unstable; urgency=medium
 
   * Team upload.


=====================================
debian/patches/ignore-TestSSLSocketFactory.testTLSOnly.patch
=====================================
@@ -0,0 +1,34 @@
+From: Markus Koschany <apo at debian.org>
+Date: Thu, 15 Apr 2021 00:26:17 +0200
+Subject: ignore TestSSLSocketFactory.testTLSOnly
+
+Ignore the failing testTLSOnly test because it deliberately sets the protocol
+version to TLSv1 which is disabled by default via the java.security policy in
+OpenJDK 11. TLSv1 is considered to be no longer safe and rejecting the
+handshake is actually the correct behavior.
+
+Forwarded: no
+---
+ .../src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java    | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
+index 3865f16..725a5d9 100644
+--- a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
++++ b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
+@@ -58,6 +58,7 @@ import org.apache.http.ssl.SSLContexts;
+ import org.hamcrest.CoreMatchers;
+ import org.junit.After;
+ import org.junit.Assert;
++import org.junit.Ignore;
+ import org.junit.Test;
+ 
+ /**
+@@ -290,6 +291,7 @@ public class TestSSLSocketFactory {
+         sslSocket.close();
+     }
+ 
++    @Ignore
+     @Test
+     public void testTLSOnly() throws Exception {
+         // @formatter:off


=====================================
debian/patches/series
=====================================
@@ -1,3 +1,4 @@
 01-generate_osgi_metadata.patch
 02-include-suffix-list.patch
 03-skip-failing-tests.patch
+ignore-TestSSLSocketFactory.testTLSOnly.patch



View it on GitLab: https://salsa.debian.org/java-team/httpcomponents-client/-/compare/47569016f4978594eb150192355d10609a0988e2...a3812ea8ab6092b862ba6c534aceebb367f3712c

-- 
View it on GitLab: https://salsa.debian.org/java-team/httpcomponents-client/-/compare/47569016f4978594eb150192355d10609a0988e2...a3812ea8ab6092b862ba6c534aceebb367f3712c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20210414/0c8a8df4/attachment.htm>