github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-28 17:34:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

[TEST] Updated smoke test JDK's trusted certs (#72594)

Browse source 
The list of trusted CAs in the latest OpenJDK builds has changed:
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8243559
This PR updates the default jdk trust config smoke test.

Closes #71717
This commit is contained in:
Albert Zaharovits 2021-05-04 12:53:29 +03:00 committed by GitHub
parent 8c28ec223e
commit aba322745b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/DefaultJdkTrustConfigTests.java
View file

@ -26,7 +26,6 @@ public class DefaultJdkTrustConfigTests extends ESTestCase {
private static final BiFunction<String, String, String> EMPTY_SYSTEM_PROPERTIES = (key, defaultValue) -> defaultValue; private static final BiFunction<String, String, String> EMPTY_SYSTEM_PROPERTIES = (key, defaultValue) -> defaultValue;
@AwaitsFix(bugUrl = "https://github.com/elastic/elasticsearch/issues/71717")
public void testGetSystemTrustStoreWithNoSystemProperties() throws Exception { public void testGetSystemTrustStoreWithNoSystemProperties() throws Exception {
final DefaultJdkTrustConfig trustConfig = new DefaultJdkTrustConfig((key, defaultValue) -> defaultValue); final DefaultJdkTrustConfig trustConfig = new DefaultJdkTrustConfig((key, defaultValue) -> defaultValue);
assertThat(trustConfig.getDependentFiles(), emptyIterable()); assertThat(trustConfig.getDependentFiles(), emptyIterable());
@ -34,7 +33,6 @@ public class DefaultJdkTrustConfigTests extends ESTestCase {
assertStandardIssuers(trustManager); assertStandardIssuers(trustManager);
} }
@AwaitsFix(bugUrl = "https://github.com/elastic/elasticsearch/issues/71717")
public void testGetNonPKCS11TrustStoreWithPasswordSet() throws Exception { public void testGetNonPKCS11TrustStoreWithPasswordSet() throws Exception {
final DefaultJdkTrustConfig trustConfig = new DefaultJdkTrustConfig(EMPTY_SYSTEM_PROPERTIES, "fakepassword".toCharArray()); final DefaultJdkTrustConfig trustConfig = new DefaultJdkTrustConfig(EMPTY_SYSTEM_PROPERTIES, "fakepassword".toCharArray());
assertThat(trustConfig.getDependentFiles(), emptyIterable()); assertThat(trustConfig.getDependentFiles(), emptyIterable());
@ -46,11 +44,12 @@ public class DefaultJdkTrustConfigTests extends ESTestCase {
assertThat(trustManager.getAcceptedIssuers(), not(emptyArray())); assertThat(trustManager.getAcceptedIssuers(), not(emptyArray()));
// This is a sample of the CAs that we expect on every JRE. // This is a sample of the CAs that we expect on every JRE.
// We can safely change this list if the JRE's issuer list changes, but we want to assert something useful. // We can safely change this list if the JRE's issuer list changes, but we want to assert something useful.
assertHasTrustedIssuer(trustManager, "VeriSign");
assertHasTrustedIssuer(trustManager, "GeoTrust");
assertHasTrustedIssuer(trustManager, "DigiCert"); assertHasTrustedIssuer(trustManager, "DigiCert");
assertHasTrustedIssuer(trustManager, "thawte");
assertHasTrustedIssuer(trustManager, "COMODO"); assertHasTrustedIssuer(trustManager, "COMODO");
assertHasTrustedIssuer(trustManager, "GlobalSign");
assertHasTrustedIssuer(trustManager, "GoDaddy");
assertHasTrustedIssuer(trustManager, "QuoVadis");
assertHasTrustedIssuer(trustManager, "Internet Security Research Group");
} }
private void assertHasTrustedIssuer(X509ExtendedTrustManager trustManager, String name) { private void assertHasTrustedIssuer(X509ExtendedTrustManager trustManager, String name) {