From a081535cb61a3c535c63c110d3161c30f20c6fd9 Mon Sep 17 00:00:00 2001 From: Jan Stourac Date: Wed, 2 Sep 2020 11:36:45 +0200 Subject: [PATCH] Add support for `cipher-suite-names` of `*-ssl-context` element. --- .../elytron/CreateServerSSLContext.java | 13 ++++++ .../elytron/tls/AbstractAddSSLContext.java | 8 ++++ .../elytron/tls/AddClientSSLContext.java | 10 +++++ .../elytron/tls/AddServerSSLContext.java | 10 +++++ .../elytron/tls/AddClientSSLContext.groovy | 1 + .../elytron/tls/AddServerSSLContext.groovy | 1 + .../CreateServerSSLContextOnlineTest.java | 28 +++++++++--- .../tls/AddClientSSLContextOfflineTest.java | 44 +++++++++++-------- .../tls/AddClientSSLContextOnlineTest.java | 22 +++++++--- .../tls/AddServerSSLContextOfflineTest.java | 44 +++++++++++-------- .../tls/AddServerSSLContextOnlineTest.java | 20 +++++++-- 11 files changed, 149 insertions(+), 52 deletions(-) diff --git a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext.java b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext.java index c6d25477..2b35b7f4 100644 --- a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext.java +++ b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext.java @@ -32,6 +32,7 @@ public final class CreateServerSSLContext implements OnlineCommand { private final String name; protected final List protocols; private final String cipherSuiteFilter; + private final String cipherSuiteNames; private final Boolean needClientAuth; private final Boolean wantClientAuth; private final Boolean authenticationOptional; @@ -62,6 +63,10 @@ public final class CreateServerSSLContext implements OnlineCommand { // Multiple usage private final String algorithm; // keystore manager, truststore manager + // Default set of cipher suites for TLSv1.3 to be set in 'cipher-suite-names' attribute. + public static final String TLS13_CIPHER_SUITE_NAMES = + "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"; + private CreateServerSSLContext(Builder builder) { this.name = builder.name; @@ -74,6 +79,7 @@ private CreateServerSSLContext(Builder builder) { this.trustStorePassword = builder.trustStorePassword; this.protocols = builder.protocols; this.cipherSuiteFilter = builder.cipherSuiteFilter; + this.cipherSuiteNames = builder.cipherSuiteNames; this.needClientAuth = builder.needClientAuth; this.wantClientAuth = builder.wantClientAuth; this.authenticationOptional = builder.authenticationOptional; @@ -145,6 +151,7 @@ public void apply(OnlineCommandContext ctx) throws Exception { AddServerSSLContext.Builder sslServerContextBuilder = new AddServerSSLContext.Builder(name) .protocols((protocols == null) ? null : protocols.toArray(new String[protocols.size()])) .cipherSuiteFilter(cipherSuiteFilter) + .cipherSuiteNames(cipherSuiteNames) .needClientAuth(needClientAuth) .sessionTimeout(sessionTimeout) .maximumSessionCacheSize(maximumSessionCacheSize) @@ -239,6 +246,7 @@ public static final class Builder { private String name; private List protocols; private String cipherSuiteFilter; + private String cipherSuiteNames; private Boolean needClientAuth; private Boolean wantClientAuth; private Boolean authenticationOptional; @@ -325,6 +333,11 @@ public Builder cipherSuiteFilter(String cipherSuiteFilter) { return this; } + public Builder cipherSuiteNames(String cipherSuiteNames) { + this.cipherSuiteNames = cipherSuiteNames; + return this; + } + public Builder needClientAuth(Boolean needClientAuth) { this.needClientAuth = needClientAuth; return this; diff --git a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AbstractAddSSLContext.java b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AbstractAddSSLContext.java index 4e5d6fff..d0f9bcb8 100644 --- a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AbstractAddSSLContext.java +++ b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AbstractAddSSLContext.java @@ -10,6 +10,7 @@ abstract class AbstractAddSSLContext implements OnlineCommand, OfflineCommand { protected final String name; protected final String cipherSuiteFilter; + protected final String cipherSuiteNames; protected final List protocols; protected final String keyManager; protected final String trustManager; @@ -20,6 +21,7 @@ abstract class AbstractAddSSLContext implements OnlineCommand, OfflineCommand { protected AbstractAddSSLContext(Builder builder) { this.name = builder.name; this.cipherSuiteFilter = builder.cipherSuiteFilter; + this.cipherSuiteNames = builder.cipherSuiteNames; this.protocols = builder.protocols; this.keyManager = builder.keyManager; this.trustManager = builder.trustManager; @@ -44,6 +46,7 @@ abstract static class Builder { protected final String name; protected String cipherSuiteFilter; + protected String cipherSuiteNames; protected List protocols; protected String keyManager; protected String trustManager; @@ -73,6 +76,11 @@ public final THIS cipherSuiteFilter(String cipherSuiteFilter) { return (THIS) this; } + public final THIS cipherSuiteNames(String cipherSuiteNames) { + this.cipherSuiteNames = cipherSuiteNames; + return (THIS) this; + } + public final THIS keyManager(String keyManager) { this.keyManager = keyManager; return (THIS) this; diff --git a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.java b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.java index 5bcb3434..4b177c91 100644 --- a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.java +++ b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.java @@ -22,6 +22,10 @@ public void apply(OnlineCommandContext ctx) throws Exception { throw new AssertionError("Elytron is available since WildFly 11."); } + if (cipherSuiteNames != null && ctx.version.lessThan(ServerVersion.VERSION_12_0_0)) { + throw new AssertionError("cipher-suite-names attribute is available since WildFly 19"); + } + Operations ops = new Operations(ctx.client); Address clientSSLContextAddress = Address.subsystem("elytron").and("client-ssl-context", name); if (replaceExisting) { @@ -31,6 +35,7 @@ public void apply(OnlineCommandContext ctx) throws Exception { ops.add(clientSSLContextAddress, Values.empty() .andOptional("cipher-suite-filter", cipherSuiteFilter) + .andOptional("cipher-suite-names", cipherSuiteNames) .andOptional("key-manager", keyManager) .andOptional("trust-manager", trustManager) .andListOptional(String.class, "protocols", protocols)); @@ -42,10 +47,15 @@ public void apply(OfflineCommandContext ctx) throws Exception { throw new AssertionError("Elytron is available since WildFly 11."); } + if (cipherSuiteNames != null && ctx.version.lessThan(ServerVersion.VERSION_12_0_0)) { + throw new AssertionError("cipher-suite-names attribute is available since WildFly 19"); + } + ctx.client.apply(GroovyXmlTransform.of(AddClientSSLContext.class) .subtree("elytronSubsystem", Subtree.subsystem("elytron")) .parameter("atrName", name) .parameter("atrCipherSuiteFilter", cipherSuiteFilter) + .parameter("atrCipherSuiteNames", cipherSuiteNames) .parameter("atrKeyManager", keyManager) .parameter("atrTrustManager", trustManager) .parameter("atrProtocols", protocols != null ? joinList(protocols) : null) diff --git a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.java b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.java index a304e613..8a1c92cc 100644 --- a/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.java +++ b/commands/src/main/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.java @@ -47,6 +47,10 @@ public void apply(OnlineCommandContext ctx) throws Exception { throw new AssertionError("Elytron is available since WildFly 11."); } + if (cipherSuiteNames != null && ctx.version.lessThan(ServerVersion.VERSION_12_0_0)) { + throw new AssertionError("cipher-suite-names attribute is available since WildFly 19"); + } + Operations ops = new Operations(ctx.client); Address serverSSLContextAddress = Address.subsystem("elytron").and("server-ssl-context", name); if (replaceExisting) { @@ -57,6 +61,7 @@ public void apply(OnlineCommandContext ctx) throws Exception { ops.add(serverSSLContextAddress, Values.empty() .and("key-manager", keyManager) .andOptional("cipher-suite-filter", cipherSuiteFilter) + .andOptional("cipher-suite-names", cipherSuiteNames) .andOptional("maximum-session-cache-size", maximumSessionCacheSize) .andOptional("session-timeout", sessionTimeout) .andOptional("trust-manager", trustManager) @@ -81,10 +86,15 @@ public void apply(OfflineCommandContext ctx) throws Exception { throw new AssertionError("Elytron is available since WildFly 11."); } + if (cipherSuiteNames != null && ctx.version.lessThan(ServerVersion.VERSION_12_0_0)) { + throw new AssertionError("cipher-suite-names attribute is available since WildFly 19"); + } + ctx.client.apply(GroovyXmlTransform.of(AddServerSSLContext.class) .subtree("elytronSubsystem", Subtree.subsystem("elytron")) .parameter("atrName", name) .parameter("atrCipherSuiteFilter", cipherSuiteFilter) + .parameter("atrCipherSuiteNames", cipherSuiteNames) .parameter("atrMaximumSessionCacheSize", maximumSessionCacheSize) .parameter("atrSessionTimeout", sessionTimeout) .parameter("atrKeyManager", keyManager) diff --git a/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.groovy b/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.groovy index 6438f4fe..67afc719 100644 --- a/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.groovy +++ b/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContext.groovy @@ -1,5 +1,6 @@ sslContextAttrs = ['name': atrName] if (atrCipherSuiteFilter != null) sslContextAttrs['cipher-suite-filter'] = atrCipherSuiteFilter +if (atrCipherSuiteNames != null) sslContextAttrs['cipher-suite-names'] = atrCipherSuiteNames if (atrKeyManager != null) sslContextAttrs['key-manager'] = atrKeyManager if (atrTrustManager != null) sslContextAttrs['trust-manager'] = atrTrustManager if (atrProtocols != null) sslContextAttrs['protocols'] = atrProtocols diff --git a/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.groovy b/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.groovy index 9fe56d9a..0f5cba92 100644 --- a/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.groovy +++ b/commands/src/main/resources/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContext.groovy @@ -1,5 +1,6 @@ sslContextAttrs = ['name': atrName] if (atrCipherSuiteFilter != null) sslContextAttrs['cipher-suite-filter'] = atrCipherSuiteFilter +if (atrCipherSuiteNames != null) sslContextAttrs['cipher-suite-names'] = atrCipherSuiteNames if (atrMaximumSessionCacheSize != null) sslContextAttrs['maximum-session-cache-size'] = atrMaximumSessionCacheSize if (atrSessionTimeout != null) sslContextAttrs['session-timeout'] = atrSessionTimeout if (atrKeyManager != null) sslContextAttrs['key-manager'] = atrKeyManager diff --git a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContextOnlineTest.java b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContextOnlineTest.java index 520e0a39..6926e3b4 100644 --- a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContextOnlineTest.java +++ b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContextOnlineTest.java @@ -3,17 +3,21 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import static org.wildfly.extras.creaper.commands.elytron.CreateServerSSLContext.TLS13_CIPHER_SUITE_NAMES; import java.util.Arrays; import org.jboss.arquillian.junit.Arquillian; -import org.junit.After; -import org.junit.Test; -import org.junit.runner.RunWith; + import org.wildfly.extras.creaper.commands.elytron.tls.AbstractAddSSLContextOnlineTest; import org.wildfly.extras.creaper.core.CommandFailedException; +import org.wildfly.extras.creaper.core.ServerVersion; import org.wildfly.extras.creaper.core.online.operations.Address; +import org.junit.After; +import org.junit.Test; +import org.junit.runner.RunWith; + @RunWith(Arquillian.class) public class CreateServerSSLContextOnlineTest extends AbstractAddSSLContextOnlineTest { @@ -103,7 +107,8 @@ public void addDuplicateServerSSLContextNotAllowed() throws Exception { @Test public void addFullServerSSLContext() throws Exception { - CreateServerSSLContext createServerSSLContext = new CreateServerSSLContext.Builder(SERVER_SSL_CONTEXT_NAME) + CreateServerSSLContext.Builder createServerSSLContextBuilder = + new CreateServerSSLContext.Builder(SERVER_SSL_CONTEXT_NAME) .keyStorePassword(PASSWORD) .keyPassword(PASSWORD) .cipherSuiteFilter("ALL") @@ -124,12 +129,21 @@ public void addFullServerSSLContext() throws Exception { .trustStorePassword(PASSWORD) .trustStorePath("/path") .trustStoreRelativeTo("jboss.server.config.dir") - .trustStoreRequired(false) - .build(); - client.apply(createServerSSLContext); + .trustStoreRequired(false); + + if (client.version().greaterThanOrEqualTo(ServerVersion.VERSION_12_0_0)) { + // This attribute has been added in WildFly 19. + createServerSSLContextBuilder.cipherSuiteNames(TLS13_CIPHER_SUITE_NAMES); + } + + client.apply(createServerSSLContextBuilder.build()); assertTrue("The server ssl context should be created", ops.exists(SERVER_SSL_CONTEXT_ADDRESS)); checkAttribute(SERVER_SSL_CONTEXT_ADDRESS, "cipher-suite-filter", "ALL"); + if (client.version().greaterThanOrEqualTo(ServerVersion.VERSION_12_0_0)) { + // This attribute has been added in WildFly 19. + checkAttribute(SERVER_SSL_CONTEXT_ADDRESS, "cipher-suite-names", TLS13_CIPHER_SUITE_NAMES); + } checkAttribute(SERVER_SSL_CONTEXT_ADDRESS, "maximum-session-cache-size", "0"); checkAttribute(SERVER_SSL_CONTEXT_ADDRESS, "session-timeout", "0"); checkAttribute(SERVER_SSL_CONTEXT_ADDRESS, "protocols", Arrays.asList(SERVER_SSL_CONTEXT_PROTOCOL)); diff --git a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOfflineTest.java b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOfflineTest.java index 86a2125e..2de47587 100644 --- a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOfflineTest.java +++ b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOfflineTest.java @@ -2,6 +2,7 @@ import static org.junit.Assert.fail; import static org.wildfly.extras.creaper.XmlAssert.assertXmlIdentical; +import static org.wildfly.extras.creaper.commands.elytron.CreateServerSSLContext.TLS13_CIPHER_SUITE_NAMES; import java.io.File; @@ -12,6 +13,7 @@ import org.junit.rules.TemporaryFolder; import org.wildfly.extras.creaper.core.CommandFailedException; import org.wildfly.extras.creaper.core.ManagementClient; +import org.wildfly.extras.creaper.core.ServerVersion; import org.wildfly.extras.creaper.core.offline.OfflineManagementClient; import org.wildfly.extras.creaper.core.offline.OfflineOptions; @@ -21,17 +23,17 @@ public class AddClientSSLContextOfflineTest { private static final String SUBSYSTEM_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + ""; private static final String SUBSYSTEM_TLS_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -39,9 +41,9 @@ public class AddClientSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_CLIENT_SSL_CONTEXTS_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -51,9 +53,9 @@ public class AddClientSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_SIMPLE = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -64,9 +66,9 @@ public class AddClientSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_EXPECTED_REPLACE = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -77,9 +79,9 @@ public class AddClientSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_SECOND_CLIENT_SSL_CONTEXT = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -91,12 +93,13 @@ public class AddClientSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_FULL = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" + " \n" @@ -234,17 +237,22 @@ public void addFullToEmpty() throws Exception { OfflineManagementClient client = ManagementClient.offline( OfflineOptions.standalone().configurationFile(cfg).build()); - AddClientSSLContext addClientSslContext = new AddClientSSLContext.Builder("clientSslContext") + AddClientSSLContext.Builder addClientSslContextBuilder = + new AddClientSSLContext.Builder("clientSslContext") .cipherSuiteFilter("ALL") .keyManager("keyManager") .trustManager("trustManager") .protocols("TLSv1.2", "TLSv1.1") .providerName("ksProvider") - .providers("ksProviderLoader") - .build(); + .providers("ksProviderLoader"); + + if (client.version().greaterThanOrEqualTo(ServerVersion.VERSION_12_0_0)) { + // This attribute has been added in WildFly 19. + addClientSslContextBuilder.cipherSuiteNames(TLS13_CIPHER_SUITE_NAMES); + } assertXmlIdentical(SUBSYSTEM_EMPTY, Files.toString(cfg, Charsets.UTF_8)); - client.apply(addClientSslContext); + client.apply(addClientSslContextBuilder.build()); assertXmlIdentical(SUBSYSTEM_FULL, Files.toString(cfg, Charsets.UTF_8)); } } diff --git a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOnlineTest.java b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOnlineTest.java index ada5097b..fe339e02 100644 --- a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOnlineTest.java +++ b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddClientSSLContextOnlineTest.java @@ -3,6 +3,7 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import static org.wildfly.extras.creaper.commands.elytron.CreateServerSSLContext.TLS13_CIPHER_SUITE_NAMES; import java.io.IOException; import java.util.Arrays; @@ -13,6 +14,7 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.wildfly.extras.creaper.core.CommandFailedException; +import org.wildfly.extras.creaper.core.ServerVersion; import org.wildfly.extras.creaper.core.online.operations.Address; @RunWith(Arquillian.class) @@ -87,23 +89,33 @@ public void addDuplicateClientSSLContexAllowed() throws Exception { assertTrue("The client ssl context should be created", ops.exists(CLIENT_SSL_CONTEXT_ADDRESS)); client.apply(addClientSSLContext2); - assertTrue("The cleint ssl context should be created", ops.exists(CLIENT_SSL_CONTEXT_ADDRESS)); + assertTrue("The client ssl context should be created", ops.exists(CLIENT_SSL_CONTEXT_ADDRESS)); // check whether it was really rewritten checkAttribute(CLIENT_SSL_CONTEXT_ADDRESS, "protocols", Arrays.asList("TLSv1.1")); } @Test public void addFullClientSSLContext() throws Exception { - AddClientSSLContext addClientSSLContext = new AddClientSSLContext.Builder(CLIENT_SSL_CONTEXT_NAME) + AddClientSSLContext.Builder addClientSSLContextBuilder = + new AddClientSSLContext.Builder(CLIENT_SSL_CONTEXT_NAME) .cipherSuiteFilter("ALL") .keyManager(TEST_KEY_MNGR_NAME) .trustManager(TRUST_MNGR_NAME) - .protocols(CLIENT_SSL_CONTEXT_PROTOCOL) - .build(); - client.apply(addClientSSLContext); + .protocols(CLIENT_SSL_CONTEXT_PROTOCOL); + + if (client.version().greaterThanOrEqualTo(ServerVersion.VERSION_12_0_0)) { + // This attribute has been added in WildFly 19. + addClientSSLContextBuilder.cipherSuiteNames(TLS13_CIPHER_SUITE_NAMES); + } + + client.apply(addClientSSLContextBuilder.build()); assertTrue("The client ssl context should be created", ops.exists(CLIENT_SSL_CONTEXT_ADDRESS)); checkAttribute("cipher-suite-filter", "ALL"); + if (client.version().greaterThanOrEqualTo(ServerVersion.VERSION_12_0_0)) { + // This attribute has been added in WildFly 19. + checkAttribute("cipher-suite-names", TLS13_CIPHER_SUITE_NAMES); + } checkAttribute("key-manager", TEST_KEY_MNGR_NAME); checkAttribute("trust-manager", TRUST_MNGR_NAME); checkAttribute("protocols", Arrays.asList(CLIENT_SSL_CONTEXT_PROTOCOL)); diff --git a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContextOfflineTest.java b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContextOfflineTest.java index 5bdd6102..c300778e 100644 --- a/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContextOfflineTest.java +++ b/testsuite/standalone/src/test/java/org/wildfly/extras/creaper/commands/elytron/tls/AddServerSSLContextOfflineTest.java @@ -2,6 +2,7 @@ import static org.junit.Assert.fail; import static org.wildfly.extras.creaper.XmlAssert.assertXmlIdentical; +import static org.wildfly.extras.creaper.commands.elytron.CreateServerSSLContext.TLS13_CIPHER_SUITE_NAMES; import com.google.common.base.Charsets; import com.google.common.io.Files; @@ -13,23 +14,24 @@ import org.junit.rules.TemporaryFolder; import org.wildfly.extras.creaper.core.CommandFailedException; import org.wildfly.extras.creaper.core.ManagementClient; +import org.wildfly.extras.creaper.core.ServerVersion; import org.wildfly.extras.creaper.core.offline.OfflineManagementClient; import org.wildfly.extras.creaper.core.offline.OfflineOptions; public class AddServerSSLContextOfflineTest { private static final String SUBSYSTEM_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + ""; private static final String SUBSYSTEM_TLS_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -37,9 +39,9 @@ public class AddServerSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_SERVER_SSL_CONTEXTS_EMPTY = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -49,9 +51,9 @@ public class AddServerSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_SIMPLE = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -62,9 +64,9 @@ public class AddServerSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_EXPECTED_REPLACE = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -75,9 +77,9 @@ public class AddServerSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_SECOND_SERVER_SSL_CONTEXT = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + " \n" @@ -89,12 +91,13 @@ public class AddServerSSLContextOfflineTest { + ""; private static final String SUBSYSTEM_FULL = "" - + "\n" + + "\n" + " \n" - + " \n" + + " \n" + " \n" + " \n" + "