diff --git a/mockwebserver-deprecated/src/test/java/okhttp3/mockwebserver/MockWebServerTest.java b/mockwebserver-deprecated/src/test/java/okhttp3/mockwebserver/MockWebServerTest.java index 7672d6426..462f7cfe1 100644 --- a/mockwebserver-deprecated/src/test/java/okhttp3/mockwebserver/MockWebServerTest.java +++ b/mockwebserver-deprecated/src/test/java/okhttp3/mockwebserver/MockWebServerTest.java @@ -50,17 +50,14 @@ import org.junit.jupiter.api.Timeout; import org.junit.jupiter.api.extension.RegisterExtension; import org.junit.runner.Description; import org.junit.runners.model.Statement; - import static java.nio.charset.StandardCharsets.UTF_8; import static java.util.Arrays.asList; import static java.util.concurrent.TimeUnit.MILLISECONDS; import static java.util.concurrent.TimeUnit.NANOSECONDS; import static java.util.concurrent.TimeUnit.SECONDS; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.data.Offset.offset; import static org.junit.jupiter.api.Assertions.fail; -import static org.junit.jupiter.api.Assumptions.assumeFalse; @SuppressWarnings({"ArraysAsListWithZeroOrOneArgument", "deprecation"}) @Timeout(30) @@ -71,7 +68,6 @@ public final class MockWebServerTest { private final MockWebServer server = new MockWebServer(); @BeforeEach public void setUp() throws IOException { - platform.assumeNotBouncyCastle(); server.start(); } @@ -540,7 +536,7 @@ public final class MockWebServerTest { } @Test public void https() throws Exception { - HandshakeCertificates handshakeCertificates = localhost(); + HandshakeCertificates handshakeCertificates = platform.localhostHandshakeCertificates(); server.useHttps(handshakeCertificates.sslSocketFactory(), false); server.enqueue(new MockResponse().setBody("abc")); @@ -566,7 +562,8 @@ public final class MockWebServerTest { } @Test public void httpsWithClientAuth() throws Exception { - assumeFalse(getPlatform().equals("conscrypt")); + platform.assumeNotBouncyCastle(); + platform.assumeNotConscrypt(); HeldCertificate clientCa = new HeldCertificate.Builder() .certificateAuthority(0) diff --git a/mockwebserver/src/test/java/mockwebserver3/MockWebServerTest.kt b/mockwebserver/src/test/java/mockwebserver3/MockWebServerTest.kt index f58c8fc21..39e9ed91a 100644 --- a/mockwebserver/src/test/java/mockwebserver3/MockWebServerTest.kt +++ b/mockwebserver/src/test/java/mockwebserver3/MockWebServerTest.kt @@ -25,7 +25,6 @@ import java.net.ProtocolException import java.net.SocketTimeoutException import java.nio.charset.StandardCharsets.UTF_8 import java.time.Duration -import java.util.Arrays import java.util.concurrent.TimeUnit import javax.net.ssl.HttpsURLConnection import okhttp3.Headers @@ -38,13 +37,11 @@ import okhttp3.TestUtil.assumeNotWindows import okhttp3.testing.PlatformRule import okhttp3.tls.HandshakeCertificates import okhttp3.tls.HeldCertificate -import okhttp3.tls.internal.TlsUtil.localhost import okio.Buffer import org.assertj.core.api.Assertions.assertThat import org.assertj.core.data.Offset import org.junit.jupiter.api.AfterEach import org.junit.jupiter.api.Assertions.fail -import org.junit.jupiter.api.Assumptions import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Disabled import org.junit.jupiter.api.Tag @@ -64,7 +61,6 @@ class MockWebServerTest { @BeforeEach fun setUp(server: MockWebServer) { this.server = server - platform.assumeNotBouncyCastle() server.start() } @@ -564,7 +560,7 @@ class MockWebServerTest { @Test fun https() { - val handshakeCertificates = localhost() + val handshakeCertificates = platform.localhostHandshakeCertificates() server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse.Builder() .body("abc") @@ -589,7 +585,9 @@ class MockWebServerTest { @Test fun httpsWithClientAuth() { - Assumptions.assumeFalse(getPlatform() == "conscrypt") + platform.assumeNotBouncyCastle() + platform.assumeNotConscrypt() + val clientCa = HeldCertificate.Builder() .certificateAuthority(0) .build() diff --git a/okhttp-logging-interceptor/src/test/java/okhttp3/logging/HttpLoggingInterceptorTest.java b/okhttp-logging-interceptor/src/test/java/okhttp3/logging/HttpLoggingInterceptorTest.java index 32e2127fd..367563276 100644 --- a/okhttp-logging-interceptor/src/test/java/okhttp3/logging/HttpLoggingInterceptorTest.java +++ b/okhttp-logging-interceptor/src/test/java/okhttp3/logging/HttpLoggingInterceptorTest.java @@ -45,9 +45,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.RegisterExtension; - import static okhttp3.RequestBody.gzip; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.fail; import static org.junit.jupiter.api.Assumptions.assumeTrue; @@ -59,7 +57,8 @@ public final class HttpLoggingInterceptorTest { @RegisterExtension public final PlatformRule platform = new PlatformRule(); private MockWebServer server; - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private final HostnameVerifier hostnameVerifier = new RecordingHostnameVerifier(); private OkHttpClient client; private String host; @@ -848,8 +847,6 @@ public final class HttpLoggingInterceptorTest { } @Test public void http2() throws Exception { - platform.assumeNotBouncyCastle(); - server.useHttps(handshakeCertificates.sslSocketFactory()); url = server.url("/"); @@ -930,7 +927,6 @@ public final class HttpLoggingInterceptorTest { @Test public void duplexRequestsAreNotLogged() throws Exception { platform.assumeHttp2Support(); - platform.assumeNotBouncyCastle(); server.useHttps(handshakeCertificates.sslSocketFactory()); // HTTP/2 url = server.url("/"); diff --git a/okhttp-logging-interceptor/src/test/java/okhttp3/logging/LoggingEventListenerTest.java b/okhttp-logging-interceptor/src/test/java/okhttp3/logging/LoggingEventListenerTest.java index 1d274942b..54e4b5fc4 100644 --- a/okhttp-logging-interceptor/src/test/java/okhttp3/logging/LoggingEventListenerTest.java +++ b/okhttp-logging-interceptor/src/test/java/okhttp3/logging/LoggingEventListenerTest.java @@ -37,11 +37,9 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.RegisterExtension; - import static java.util.Arrays.asList; import static okhttp3.Protocol.HTTP_1_1; import static okhttp3.Protocol.HTTP_2; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.fail; @@ -53,7 +51,8 @@ public final class LoggingEventListenerTest { @RegisterExtension public final OkHttpClientTestRule clientTestRule = new OkHttpClientTestRule(); private MockWebServer server; - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private final LogRecorder logRecorder = new LogRecorder(); private final LoggingEventListener.Factory loggingEventListenerFactory = new LoggingEventListener.Factory(logRecorder); @@ -153,7 +152,6 @@ public final class LoggingEventListenerTest { @Test public void secureGet() throws Exception { TestUtil.assumeNotWindows(); - platform.assumeNotBouncyCastle(); server.useHttps(handshakeCertificates.sslSocketFactory()); url = server.url("/"); @@ -222,7 +220,6 @@ public final class LoggingEventListenerTest { @Test public void connectFail() { TestUtil.assumeNotWindows(); - platform.assumeNotBouncyCastle(); server.useHttps(handshakeCertificates.sslSocketFactory()); server.setProtocols(asList(HTTP_2, HTTP_1_1)); @@ -246,9 +243,9 @@ public final class LoggingEventListenerTest { .assertLogMatch("connectStart: " + url.host() + "/.+ DIRECT") .assertLogMatch("secureConnectStart") .assertLogMatch( - "connectFailed: null javax\\.net\\.ssl\\.(?:SSLProtocolException|SSLHandshakeException): (?:Unexpected handshake message: client_hello|Handshake message sequence violation, 1|Read error|Handshake failed).*") + "connectFailed: null \\S+(?:SSLProtocolException|SSLHandshakeException|TlsFatalAlert): (?:Unexpected handshake message: client_hello|Handshake message sequence violation, 1|Read error|Handshake failed|unexpected_message\\(10\\)).*") .assertLogMatch( - "callFailed: javax\\.net\\.ssl\\.(?:SSLProtocolException|SSLHandshakeException): (?:Unexpected handshake message: client_hello|Handshake message sequence violation, 1|Read error|Handshake failed).*") + "callFailed: \\S+(?:SSLProtocolException|SSLHandshakeException|TlsFatalAlert): (?:Unexpected handshake message: client_hello|Handshake message sequence violation, 1|Read error|Handshake failed|unexpected_message\\(10\\)).*") .assertNoMoreLogs(); } diff --git a/okhttp-testing-support/src/main/kotlin/okhttp3/testing/PlatformRule.kt b/okhttp-testing-support/src/main/kotlin/okhttp3/testing/PlatformRule.kt index 22e696d1a..5b93521eb 100644 --- a/okhttp-testing-support/src/main/kotlin/okhttp3/testing/PlatformRule.kt +++ b/okhttp-testing-support/src/main/kotlin/okhttp3/testing/PlatformRule.kt @@ -18,12 +18,18 @@ package okhttp3.testing import android.os.Build import com.amazon.corretto.crypto.provider.AmazonCorrettoCryptoProvider import com.amazon.corretto.crypto.provider.SelfTestStatus +import java.lang.reflect.Method +import java.net.InetAddress +import java.security.Security import okhttp3.TestUtil import okhttp3.internal.platform.ConscryptPlatform import okhttp3.internal.platform.Jdk8WithJettyBootPlatform import okhttp3.internal.platform.Jdk9Platform import okhttp3.internal.platform.OpenJSSEPlatform import okhttp3.internal.platform.Platform +import okhttp3.tls.HandshakeCertificates +import okhttp3.tls.HeldCertificate +import okhttp3.tls.internal.TlsUtil.localhost import org.bouncycastle.jce.provider.BouncyCastleProvider import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider import org.conscrypt.Conscrypt @@ -43,8 +49,6 @@ import org.junit.jupiter.api.extension.InvocationInterceptor import org.junit.jupiter.api.extension.ReflectiveInvocationContext import org.openjsse.net.ssl.OpenJSSE import org.opentest4j.TestAbortedException -import java.lang.reflect.Method -import java.security.Security /** * Marks a test as Platform aware, before the test runs a consistent Platform will be @@ -323,6 +327,13 @@ open class PlatformRule @JvmOverloads constructor( } } + fun localhostHandshakeCertificates(): HandshakeCertificates { + return when { + isBouncyCastle() -> localhostHandshakeCertificatesWithRsa2048 + else -> localhost() + } + } + val isAndroid: Boolean get() = Platform.Companion.isAndroid @@ -336,6 +347,24 @@ open class PlatformRule @JvmOverloads constructor( const val OPENJSSE_PROPERTY = "openjsse" const val BOUNCYCASTLE_PROPERTY = "bouncycastle" + /** + * For whatever reason our BouncyCastle provider doesn't work with ECDSA keys. Just configure it + * to use RSA-2048 instead. + * + * (We otherwise prefer ECDSA because it's faster.) + */ + private val localhostHandshakeCertificatesWithRsa2048: HandshakeCertificates by lazy { + val heldCertificate = HeldCertificate.Builder() + .commonName("localhost") + .addSubjectAlternativeName(InetAddress.getByName("localhost").canonicalHostName) + .rsa2048() + .build() + return@lazy HandshakeCertificates.Builder() + .heldCertificate(heldCertificate) + .addTrustedCertificate(heldCertificate.certificate) + .build() + } + init { val platformSystemProperty = getPlatformSystemProperty() diff --git a/okhttp-tls/src/test/java/okhttp3/tls/HandshakeCertificatesTest.kt b/okhttp-tls/src/test/java/okhttp3/tls/HandshakeCertificatesTest.kt index 5c31ff7fc..8f9565185 100644 --- a/okhttp-tls/src/test/java/okhttp3/tls/HandshakeCertificatesTest.kt +++ b/okhttp-tls/src/test/java/okhttp3/tls/HandshakeCertificatesTest.kt @@ -56,6 +56,7 @@ class HandshakeCertificatesTest { @Test fun clientAndServer() { platform.assumeNotConscrypt() platform.assumeNotBouncyCastle() + val clientRoot = HeldCertificate.Builder() .certificateAuthority(1) .build() diff --git a/okhttp/src/jvmTest/java/okhttp3/CacheCorruptionTest.kt b/okhttp/src/jvmTest/java/okhttp3/CacheCorruptionTest.kt index 86e619a69..802512e25 100644 --- a/okhttp/src/jvmTest/java/okhttp3/CacheCorruptionTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/CacheCorruptionTest.kt @@ -31,7 +31,6 @@ import okhttp3.Headers.Companion.headersOf import okhttp3.internal.buildCache import okhttp3.okio.LoggingFilesystem import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import okio.Path.Companion.toPath import okio.fakefilesystem.FakeFileSystem import org.assertj.core.api.Assertions.assertThat @@ -51,7 +50,7 @@ class CacheCorruptionTest { @RegisterExtension val platform = PlatformRule() - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private lateinit var client: OkHttpClient private lateinit var cache: Cache private val NULL_HOSTNAME_VERIFIER = HostnameVerifier { _: String?, _: SSLSession? -> true } @@ -63,7 +62,6 @@ class CacheCorruptionTest { this.server = server platform.assumeNotOpenJSSE() - platform.assumeNotBouncyCastle() server.protocolNegotiationEnabled = false val loggingFileSystem = LoggingFilesystem(fileSystem) cache = buildCache("/cache/".toPath(), Int.MAX_VALUE.toLong(), loggingFileSystem) diff --git a/okhttp/src/jvmTest/java/okhttp3/CacheTest.java b/okhttp/src/jvmTest/java/okhttp3/CacheTest.java index 83e299164..c285312fd 100644 --- a/okhttp/src/jvmTest/java/okhttp3/CacheTest.java +++ b/okhttp/src/jvmTest/java/okhttp3/CacheTest.java @@ -58,7 +58,6 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; import static mockwebserver3.SocketPolicy.DISCONNECT_AT_END; import static okhttp3.internal.Internal.cacheGet; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.data.Offset.offset; import static org.junit.jupiter.api.Assertions.fail; @@ -73,7 +72,8 @@ public final class CacheTest { private MockWebServer server; private MockWebServer server2; - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private OkHttpClient client; private Cache cache; private final CookieManager cookieManager = new CookieManager(); @@ -87,7 +87,6 @@ public final class CacheTest { this.server2 = server2; platform.assumeNotOpenJSSE(); - platform.assumeNotBouncyCastle(); server.setProtocolNegotiationEnabled(false); fileSystem.emulateUnix(); diff --git a/okhttp/src/jvmTest/java/okhttp3/CallHandshakeTest.kt b/okhttp/src/jvmTest/java/okhttp3/CallHandshakeTest.kt index 2c06c4fce..77da163fa 100644 --- a/okhttp/src/jvmTest/java/okhttp3/CallHandshakeTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/CallHandshakeTest.kt @@ -31,7 +31,6 @@ import okhttp3.CipherSuite.Companion.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 import okhttp3.internal.effectiveCipherSuites import okhttp3.internal.platform.Platform import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Test @@ -40,7 +39,6 @@ import org.junit.jupiter.api.extension.RegisterExtension class CallHandshakeTest { private lateinit var client: OkHttpClient private lateinit var server: MockWebServer - val handshakeCertificates = localhost() @RegisterExtension @JvmField @@ -50,6 +48,8 @@ class CallHandshakeTest { @JvmField var platform = PlatformRule() + private val handshakeCertificates = platform.localhostHandshakeCertificates() + private lateinit var handshakeEnabledCipherSuites: List private lateinit var defaultEnabledCipherSuites: List private lateinit var defaultSupportedCipherSuites: List @@ -131,9 +131,7 @@ class CallHandshakeTest { @Test fun testDefaultHandshakeCipherSuiteOrderingTls13Modern() { - // handshake_failure(40) - // org.bouncycastle.tls.TlsFatalAlertReceived: handshake_failure(40) - // at app//org.bouncycastle.tls.TlsProtocol.handleAlertMessage(Unknown Source) + // We are avoiding making guarantees on ordering of secondary Platforms. platform.assumeNotBouncyCastle() val client = makeClient(ConnectionSpec.MODERN_TLS, TlsVersion.TLS_1_3) @@ -162,10 +160,6 @@ class CallHandshakeTest { @Test fun testHandshakeCipherSuiteOrderingWhenReversed() { - // handshake_failure(40) - // org.bouncycastle.tls.TlsFatalAlertReceived: handshake_failure(40) - // at app//org.bouncycastle.tls.TlsProtocol.handleAlertMessage(Unknown Source) - // We are avoiding making guarantees on ordering of secondary Platforms. platform.assumeNotConscrypt() platform.assumeNotBouncyCastle() @@ -185,11 +179,6 @@ class CallHandshakeTest { @Test fun defaultOrderMaintained() { - // Flaky in CI - // CallHandshakeTest[jvm] > defaultOrderMaintained()[jvm] FAILED - // org.bouncycastle.tls.TlsFatalAlertReceived: handshake_failure(40) - platform.assumeNotBouncyCastle() - val client = makeClient() makeRequest(client) diff --git a/okhttp/src/jvmTest/java/okhttp3/CallKotlinTest.kt b/okhttp/src/jvmTest/java/okhttp3/CallKotlinTest.kt index 668643461..1edd927b3 100644 --- a/okhttp/src/jvmTest/java/okhttp3/CallKotlinTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/CallKotlinTest.kt @@ -32,7 +32,6 @@ import okhttp3.internal.connection.RealConnection.Companion.IDLE_CONNECTION_HEAL import okhttp3.internal.http.RecordingProxySelector import okhttp3.testing.Flaky import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import okio.BufferedSink import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Assertions.assertEquals @@ -52,13 +51,12 @@ class CallKotlinTest { } private var client = clientTestRule.newClient() - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private lateinit var server: MockWebServer @BeforeEach fun setUp(server: MockWebServer) { this.server = server - platform.assumeNotBouncyCastle() } @Test diff --git a/okhttp/src/jvmTest/java/okhttp3/CallTest.kt b/okhttp/src/jvmTest/java/okhttp3/CallTest.kt index be756609b..c662f6bb3 100644 --- a/okhttp/src/jvmTest/java/okhttp3/CallTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/CallTest.kt @@ -75,7 +75,6 @@ import okhttp3.testing.Flaky import okhttp3.testing.PlatformRule import okhttp3.tls.HandshakeCertificates import okhttp3.tls.HeldCertificate -import okhttp3.tls.internal.TlsUtil.localhost import okio.Buffer import okio.BufferedSink import okio.ForwardingSource @@ -88,7 +87,7 @@ import org.assertj.core.data.Offset import org.junit.jupiter.api.AfterEach import org.junit.jupiter.api.Assertions.assertArrayEquals import org.junit.jupiter.api.Assertions.fail -import org.junit.jupiter.api.Assumptions +import org.junit.jupiter.api.Assumptions.assumeFalse import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Disabled import org.junit.jupiter.api.Tag @@ -114,7 +113,7 @@ open class CallTest { private lateinit var server2: MockWebServer private var listener = RecordingEventListener() - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private var client = clientTestRule.newClientBuilder() .eventListenerFactory(clientTestRule.wrap(listener)) .build() @@ -134,7 +133,6 @@ open class CallTest { this.server2 = server2 platform.assumeNotOpenJSSE() - platform.assumeNotBouncyCastle() } @AfterEach @@ -1205,6 +1203,8 @@ open class CallTest { @Test fun tlsHandshakeFailure_noFallbackByDefault() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(body = "response that will never be received")) @@ -1219,6 +1219,8 @@ open class CallTest { @Test fun recoverFromTlsHandshakeFailure() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(body = "abc")) @@ -1271,6 +1273,8 @@ open class CallTest { @Test fun recoverFromTlsHandshakeFailure_Async() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(body = "abc")) @@ -1291,6 +1295,8 @@ open class CallTest { @Test fun noRecoveryFromTlsHandshakeFailureWhenTlsFallbackIsDisabled() { + platform.assumeNotBouncyCastle() + client = client.newBuilder() .connectionSpecs(listOf(ConnectionSpec.MODERN_TLS, ConnectionSpec.CLEARTEXT)) .hostnameVerifier(RecordingHostnameVerifier()) @@ -1319,6 +1325,8 @@ open class CallTest { @Test fun tlsHostnameVerificationFailure() { assumeNotWindows() + platform.assumeNotBouncyCastle() + server.enqueue(MockResponse()) val serverCertificate = HeldCertificate.Builder() .commonName("localhost") // Unusued for hostname verification. @@ -1345,9 +1353,10 @@ open class CallTest { @Test fun anonCipherSuiteUnsupported() { platform.assumeNotConscrypt() + platform.assumeNotBouncyCastle() // The _anon_ suites became unsupported in "1.8.0_201" and "11.0.2". - Assumptions.assumeFalse( + assumeFalse( System.getProperty("java.version", "unknown").matches(Regex("1\\.8\\.0_1\\d\\d")) ) server.enqueue(MockResponse()) @@ -3964,6 +3973,8 @@ open class CallTest { @Test fun httpsWithIpAddress() { + platform.assumeNotBouncyCastle() + val localIpAddress = InetAddress.getLoopbackAddress().hostAddress // Create a certificate with an IP address in the subject alt name. diff --git a/okhttp/src/jvmTest/java/okhttp3/ConnectionReuseTest.kt b/okhttp/src/jvmTest/java/okhttp3/ConnectionReuseTest.kt index 9e51d3a00..4db61c8ac 100644 --- a/okhttp/src/jvmTest/java/okhttp3/ConnectionReuseTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/ConnectionReuseTest.kt @@ -27,8 +27,8 @@ import okhttp3.ResponseBody.Companion.toResponseBody import okhttp3.internal.closeQuietly import okhttp3.testing.PlatformRule import okhttp3.tls.HandshakeCertificates -import okhttp3.tls.internal.TlsUtil.localhost import org.assertj.core.api.Assertions.assertThat +import org.bouncycastle.tls.TlsFatalAlert import org.junit.jupiter.api.Assertions.fail import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Tag @@ -46,7 +46,7 @@ class ConnectionReuseTest { val clientTestRule: OkHttpClientTestRule = OkHttpClientTestRule() private lateinit var server: MockWebServer - private val handshakeCertificates: HandshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private var client: OkHttpClient = clientTestRule.newClient() @BeforeEach @@ -75,7 +75,6 @@ class ConnectionReuseTest { @Test fun connectionsAreReusedWithHttp2() { - platform.assumeNotBouncyCastle() enableHttp2() server.enqueue(MockResponse(body = "a")) server.enqueue(MockResponse(body = "b")) @@ -191,7 +190,6 @@ class ConnectionReuseTest { @Test fun http2ConnectionsAreSharedBeforeResponseIsConsumed() { - platform.assumeNotBouncyCastle() enableHttp2() server.enqueue(MockResponse(body = "a")) server.enqueue(MockResponse(body = "b")) @@ -225,7 +223,6 @@ class ConnectionReuseTest { @Test fun connectionsAreNotReusedIfSslSocketFactoryChanges() { - platform.assumeNotBouncyCastle() enableHttps() server.enqueue(MockResponse()) server.enqueue(MockResponse()) @@ -246,12 +243,12 @@ class ConnectionReuseTest { anotherClient.newCall(request).execute() fail() } catch (expected: SSLException) { + } catch (expected: TlsFatalAlert) { } } @Test fun connectionsAreNotReusedIfHostnameVerifierChanges() { - platform.assumeNotBouncyCastle() enableHttps() server.enqueue(MockResponse()) server.enqueue(MockResponse()) diff --git a/okhttp/src/jvmTest/java/okhttp3/DuplexTest.java b/okhttp/src/jvmTest/java/okhttp3/DuplexTest.java index 82ab6925f..c49a31c39 100644 --- a/okhttp/src/jvmTest/java/okhttp3/DuplexTest.java +++ b/okhttp/src/jvmTest/java/okhttp3/DuplexTest.java @@ -43,7 +43,6 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Timeout; import org.junit.jupiter.api.extension.RegisterExtension; import static java.util.Arrays.asList; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.fail; @@ -56,7 +55,8 @@ public final class DuplexTest { private MockWebServer server; private RecordingEventListener listener = new RecordingEventListener(); - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private OkHttpClient client = clientTestRule.newClientBuilder() .eventListenerFactory(clientTestRule.wrap(listener)) .build(); @@ -67,7 +67,6 @@ public final class DuplexTest { this.server = server; platform.assumeNotOpenJSSE(); platform.assumeHttp2Support(); - platform.assumeNotBouncyCastle(); } @AfterEach public void tearDown() { diff --git a/okhttp/src/jvmTest/java/okhttp3/EventListenerTest.java b/okhttp/src/jvmTest/java/okhttp3/EventListenerTest.java index b586ef64a..78b1174f6 100644 --- a/okhttp/src/jvmTest/java/okhttp3/EventListenerTest.java +++ b/okhttp/src/jvmTest/java/okhttp3/EventListenerTest.java @@ -74,7 +74,6 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Timeout; import org.junit.jupiter.api.extension.RegisterExtension; import static java.util.Arrays.asList; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.hamcrest.CoreMatchers.any; import static org.hamcrest.CoreMatchers.equalTo; @@ -92,7 +91,8 @@ public final class EventListenerTest { private MockWebServer server; private final RecordingEventListener listener = new RecordingEventListener(); - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private OkHttpClient client = clientTestRule.newClientBuilder() .eventListenerFactory(clientTestRule.wrap(listener)) @@ -104,7 +104,6 @@ public final class EventListenerTest { this.server = server; platform.assumeNotOpenJSSE(); - platform.assumeNotBouncyCastle(); listener.forbidLock(RealConnectionPool.Companion.get(client.connectionPool())); listener.forbidLock(client.dispatcher()); diff --git a/okhttp/src/jvmTest/java/okhttp3/InsecureForHostTest.kt b/okhttp/src/jvmTest/java/okhttp3/InsecureForHostTest.kt index 8e5f65932..59a015e39 100644 --- a/okhttp/src/jvmTest/java/okhttp3/InsecureForHostTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/InsecureForHostTest.kt @@ -21,7 +21,6 @@ import mockwebserver3.MockWebServer import okhttp3.testing.PlatformRule import okhttp3.tls.HandshakeCertificates import okhttp3.tls.HeldCertificate -import okhttp3.tls.internal.TlsUtil.localhost import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Test @@ -43,7 +42,7 @@ class InsecureForHostTest { } @Test fun `untrusted host in insecureHosts connects successfully`() { - val serverCertificates = localhost() + val serverCertificates = platform.localhostHandshakeCertificates() server.useHttps(serverCertificates.sslSocketFactory()) server.enqueue(MockResponse()) @@ -95,7 +94,7 @@ class InsecureForHostTest { } @Test fun `untrusted host not in insecureHosts fails with SSLException`() { - val serverCertificates = localhost() + val serverCertificates = platform.localhostHandshakeCertificates() server.useHttps(serverCertificates.sslSocketFactory()) server.enqueue(MockResponse()) diff --git a/okhttp/src/jvmTest/java/okhttp3/JSSETest.kt b/okhttp/src/jvmTest/java/okhttp3/JSSETest.kt index 381cd3015..ff1be19eb 100644 --- a/okhttp/src/jvmTest/java/okhttp3/JSSETest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/JSSETest.kt @@ -15,13 +15,14 @@ */ package okhttp3 +import javax.net.ssl.SSLSocket +import javax.net.ssl.SSLSocketFactory import mockwebserver3.MockResponse import mockwebserver3.MockWebServer import okhttp3.TestUtil.assumeNetwork import okhttp3.internal.connection import okhttp3.testing.PlatformRule import okhttp3.testing.PlatformVersion -import okhttp3.tls.internal.TlsUtil import okio.ByteString.Companion.toByteString import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Assertions.assertEquals @@ -30,14 +31,12 @@ import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Disabled import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.RegisterExtension -import javax.net.ssl.SSLSocket -import javax.net.ssl.SSLSocketFactory class JSSETest { @JvmField @RegisterExtension var platform = PlatformRule() @JvmField @RegisterExtension val clientTestRule = OkHttpClientTestRule() - private val handshakeCertificates = TlsUtil.localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() var client = clientTestRule.newClient() diff --git a/okhttp/src/jvmTest/java/okhttp3/RouteFailureTest.kt b/okhttp/src/jvmTest/java/okhttp3/RouteFailureTest.kt index 61f880e61..c478dd353 100644 --- a/okhttp/src/jvmTest/java/okhttp3/RouteFailureTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/RouteFailureTest.kt @@ -24,7 +24,6 @@ import mockwebserver3.SocketPolicy import mockwebserver3.junit5.internal.MockWebServerInstance import okhttp3.internal.http2.ErrorCode import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Test @@ -45,7 +44,7 @@ class RouteFailureTest { private var listener = RecordingEventListener() - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() val dns = FakeDns() diff --git a/okhttp/src/jvmTest/java/okhttp3/ServerTruncatesRequestTest.kt b/okhttp/src/jvmTest/java/okhttp3/ServerTruncatesRequestTest.kt index 4a38f604d..2e6ec1b1f 100644 --- a/okhttp/src/jvmTest/java/okhttp3/ServerTruncatesRequestTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/ServerTruncatesRequestTest.kt @@ -23,7 +23,6 @@ import okhttp3.Headers.Companion.headersOf import okhttp3.internal.duplex.AsyncRequestBody import okhttp3.internal.http2.ErrorCode import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import okio.BufferedSink import okio.IOException import org.assertj.core.api.Assertions.assertThat @@ -47,7 +46,7 @@ class ServerTruncatesRequestTest { var clientTestRule = OkHttpClientTestRule() private val listener = RecordingEventListener() - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private var client = clientTestRule.newClientBuilder() .eventListenerFactory(clientTestRule.wrap(listener)) @@ -60,7 +59,6 @@ class ServerTruncatesRequestTest { this.server = server platform.assumeNotOpenJSSE() platform.assumeHttp2Support() - platform.assumeNotBouncyCastle() } @Test diff --git a/okhttp/src/jvmTest/java/okhttp3/SessionReuseTest.kt b/okhttp/src/jvmTest/java/okhttp3/SessionReuseTest.kt index fdeca595d..67e2ea478 100644 --- a/okhttp/src/jvmTest/java/okhttp3/SessionReuseTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/SessionReuseTest.kt @@ -15,12 +15,12 @@ */ package okhttp3 +import javax.net.ssl.SSLSocket import mockwebserver3.MockResponse import mockwebserver3.MockWebServer import okhttp3.testing.Flaky import okhttp3.testing.PlatformRule import okhttp3.testing.PlatformVersion -import okhttp3.tls.internal.TlsUtil import okio.ByteString.Companion.toByteString import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Assertions.assertEquals @@ -30,13 +30,12 @@ import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.extension.RegisterExtension import org.junit.jupiter.params.ParameterizedTest import org.junit.jupiter.params.provider.ValueSource -import javax.net.ssl.SSLSocket class SessionReuseTest { @JvmField @RegisterExtension var platform = PlatformRule() @JvmField @RegisterExtension val clientTestRule = OkHttpClientTestRule() - private val handshakeCertificates = TlsUtil.localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() var client = clientTestRule.newClient() @@ -50,9 +49,7 @@ class SessionReuseTest { // System.setProperty("jdk.tls.client.enableSessionTicketExtension", "true") // System.setProperty("jdk.tls.server.enableSessionTicketExtension", "true") - // Session reuse not tested - // org.bouncycastle.tls.TlsFatalAlert: handshake_failure(40); No selectable cipher suite - // at org.bouncycastle.tls.AbstractTlsServer.getSelectedCipherSuite(Unknown Source) + // IllegalStateException: Cannot resume session and session creation is disabled platform.assumeNotBouncyCastle() } diff --git a/okhttp/src/jvmTest/java/okhttp3/SocketChannelTest.kt b/okhttp/src/jvmTest/java/okhttp3/SocketChannelTest.kt index b80ce5adc..51daa885b 100644 --- a/okhttp/src/jvmTest/java/okhttp3/SocketChannelTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/SocketChannelTest.kt @@ -15,6 +15,15 @@ */ package okhttp3 +import java.io.IOException +import java.net.InetAddress +import java.util.concurrent.CompletableFuture +import java.util.concurrent.TimeUnit.SECONDS +import javax.net.ssl.SNIHostName +import javax.net.ssl.SNIMatcher +import javax.net.ssl.SNIServerName +import javax.net.ssl.SSLSocket +import javax.net.ssl.StandardConstants import mockwebserver3.MockResponse import mockwebserver3.MockWebServer import okhttp3.Protocol.HTTP_1_1 @@ -31,21 +40,12 @@ import okhttp3.tls.HeldCertificate import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Assumptions.assumeFalse import org.junit.jupiter.api.Assumptions.assumeTrue +import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Tag import org.junit.jupiter.api.Timeout import org.junit.jupiter.api.extension.RegisterExtension import org.junit.jupiter.params.ParameterizedTest import org.junit.jupiter.params.provider.MethodSource -import java.io.IOException -import java.net.InetAddress -import java.util.concurrent.CompletableFuture -import java.util.concurrent.TimeUnit.SECONDS -import javax.net.ssl.SNIHostName -import javax.net.ssl.SNIMatcher -import javax.net.ssl.SNIServerName -import javax.net.ssl.SSLSocket -import javax.net.ssl.StandardConstants -import org.junit.jupiter.api.BeforeEach @Suppress("UsePropertyAccessSyntax") @Timeout(6) diff --git a/okhttp/src/jvmTest/java/okhttp3/URLConnectionTest.kt b/okhttp/src/jvmTest/java/okhttp3/URLConnectionTest.kt index 578e90ca7..a89ade7e2 100644 --- a/okhttp/src/jvmTest/java/okhttp3/URLConnectionTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/URLConnectionTest.kt @@ -71,13 +71,13 @@ import okhttp3.internal.platform.Platform.Companion.get import okhttp3.internal.userAgent import okhttp3.testing.Flaky import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil.localhost import okio.Buffer import okio.BufferedSink import okio.GzipSink import okio.buffer import okio.utf8Size import org.assertj.core.api.Assertions.assertThat +import org.bouncycastle.tls.TlsFatalAlert import org.junit.jupiter.api.AfterEach import org.junit.jupiter.api.Assertions.fail import org.junit.jupiter.api.BeforeEach @@ -102,7 +102,7 @@ class URLConnectionTest { private lateinit var server: MockWebServer private lateinit var server2: MockWebServer - private val handshakeCertificates = localhost() + private val handshakeCertificates = platform.localhostHandshakeCertificates() private var client = clientTestRule.newClient() private var cache: Cache? = null @@ -110,7 +110,6 @@ class URLConnectionTest { fun setUp(server: MockWebServer, @MockWebServerInstance("server2") server2: MockWebServer) { this.server = server this.server2 = server2 - platform.assumeNotBouncyCastle() server.protocolNegotiationEnabled = false } @@ -571,12 +570,15 @@ class URLConnectionTest { "without an SSL socket factory, the connection should fail" ) } catch (expected: SSLException) { + } catch (expected: TlsFatalAlert) { } } // TODO(jwilson): tests below this marker need to be migrated to OkHttp's request/response API. @Test fun connectViaHttpsWithSSLFallback() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(body = "this response comes via SSL")) @@ -600,6 +602,8 @@ class URLConnectionTest { @Test fun connectViaHttpsWithSSLFallbackFailuresRecorded() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) @@ -679,6 +683,7 @@ class URLConnectionTest { CertificateException::class.java ) } + } catch (expected: TlsFatalAlert) { } assertThat(server.requestCount).isEqualTo(0) } @@ -3749,6 +3754,8 @@ class URLConnectionTest { @Test fun testNoSslFallback() { + platform.assumeNotBouncyCastle() + server.useHttps(handshakeCertificates.sslSocketFactory()) server.enqueue(MockResponse(socketPolicy = SocketPolicy.FAIL_HANDSHAKE)) server.enqueue(MockResponse(body = "Response that would have needed fallbacks")) diff --git a/okhttp/src/jvmTest/java/okhttp3/internal/http/CancelTest.kt b/okhttp/src/jvmTest/java/okhttp3/internal/http/CancelTest.kt index 0b6fe4221..6174bbee1 100644 --- a/okhttp/src/jvmTest/java/okhttp3/internal/http/CancelTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/internal/http/CancelTest.kt @@ -15,6 +15,13 @@ */ package okhttp3.internal.http +import java.io.IOException +import java.net.ServerSocket +import java.net.Socket +import java.util.concurrent.CountDownLatch +import java.util.concurrent.TimeUnit.MILLISECONDS +import javax.net.ServerSocketFactory +import javax.net.SocketFactory import mockwebserver3.MockResponse import mockwebserver3.MockWebServer import okhttp3.Call @@ -44,7 +51,6 @@ import okhttp3.internal.http.CancelTest.ConnectionType.H2 import okhttp3.internal.http.CancelTest.ConnectionType.HTTP import okhttp3.internal.http.CancelTest.ConnectionType.HTTPS import okhttp3.testing.PlatformRule -import okhttp3.tls.internal.TlsUtil import okio.Buffer import okio.BufferedSink import org.assertj.core.api.Assertions.assertThat @@ -55,13 +61,6 @@ import org.junit.jupiter.api.extension.RegisterExtension import org.junit.jupiter.api.fail import org.junit.jupiter.params.ParameterizedTest import org.junit.jupiter.params.provider.ArgumentsSource -import java.io.IOException -import java.net.ServerSocket -import java.net.Socket -import java.util.concurrent.CountDownLatch -import java.util.concurrent.TimeUnit.MILLISECONDS -import javax.net.ServerSocketFactory -import javax.net.SocketFactory @Timeout(30) @Tag("Slow") @@ -85,7 +84,8 @@ class CancelTest { } @JvmField @RegisterExtension val clientTestRule = OkHttpClientTestRule() - val handshakeCertificates = TlsUtil.localhost() + + val handshakeCertificates = platform.localhostHandshakeCertificates() private lateinit var server: MockWebServer private lateinit var client: OkHttpClient @@ -100,8 +100,6 @@ class CancelTest { platform.assumeHttp2Support() } - platform.assumeNotBouncyCastle() - // Sockets on some platforms can have large buffers that mean writes do not block when // required. These socket factories explicitly set the buffer sizes on sockets created. server = MockWebServer() diff --git a/okhttp/src/jvmTest/java/okhttp3/internal/http2/HttpOverHttp2Test.kt b/okhttp/src/jvmTest/java/okhttp3/internal/http2/HttpOverHttp2Test.kt index aab20ff93..2287ffd38 100644 --- a/okhttp/src/jvmTest/java/okhttp3/internal/http2/HttpOverHttp2Test.kt +++ b/okhttp/src/jvmTest/java/okhttp3/internal/http2/HttpOverHttp2Test.kt @@ -70,7 +70,6 @@ import okhttp3.internal.discard import okhttp3.testing.Flaky import okhttp3.testing.PlatformRule import okhttp3.tls.HandshakeCertificates -import okhttp3.tls.internal.TlsUtil.localhost import okio.Buffer import okio.BufferedSink import okio.GzipSink @@ -109,6 +108,11 @@ class HttpOverHttp2Test { @RegisterExtension val testLogHandler: TestLogHandler = TestLogHandler(Http2::class.java) + // Flaky https://github.com/square/okhttp/issues/4632 + // Flaky https://github.com/square/okhttp/issues/4633 + private val handshakeCertificates: HandshakeCertificates = + platform.localhostHandshakeCertificates() + private lateinit var server: MockWebServer private lateinit var protocol: Protocol private lateinit var client: OkHttpClient @@ -125,7 +129,6 @@ class HttpOverHttp2Test { this.server = server this.protocol = protocol platform.assumeNotOpenJSSE() - platform.assumeNotBouncyCastle() if (protocol === Protocol.HTTP_2) { platform.assumeHttp2Support() server.useHttps(handshakeCertificates.sslSocketFactory()) @@ -2050,10 +2053,4 @@ class HttpOverHttp2Test { assertThat(get.requestLine).isEqualTo("GET /foo HTTP/1.1") assertThat(get.headers["Proxy-Authorization"]).isNull() } - - companion object { - // Flaky https://github.com/square/okhttp/issues/4632 - // Flaky https://github.com/square/okhttp/issues/4633 - private val handshakeCertificates: HandshakeCertificates = localhost() - } } diff --git a/okhttp/src/jvmTest/java/okhttp3/internal/tls/HostnameVerifierTest.kt b/okhttp/src/jvmTest/java/okhttp3/internal/tls/HostnameVerifierTest.kt index 2a3c21e0d..84f16b38e 100644 --- a/okhttp/src/jvmTest/java/okhttp3/internal/tls/HostnameVerifierTest.kt +++ b/okhttp/src/jvmTest/java/okhttp3/internal/tls/HostnameVerifierTest.kt @@ -28,7 +28,6 @@ import okhttp3.internal.canParseAsIpAddress import okhttp3.internal.platform.Platform.Companion.isAndroid import okhttp3.testing.PlatformRule import okhttp3.tls.HeldCertificate -import okhttp3.tls.internal.TlsUtil.localhost import org.assertj.core.api.Assertions.assertThat import org.junit.jupiter.api.Test import org.junit.jupiter.api.extension.RegisterExtension @@ -775,7 +774,8 @@ class HostnameVerifierTest { // Since this is public API, okhttp3.internal.tls.OkHostnameVerifier.verify is also assertThat(verifier).isInstanceOf(OkHostnameVerifier::class.java) - val session = localhost().sslContext().createSSLEngine().session + val handshakeCertificates = platform.localhostHandshakeCertificates() + val session = handshakeCertificates.sslContext().createSSLEngine().session assertThat(localVerifier.verify("\uD83D\uDCA9.com", session)).isFalse } diff --git a/okhttp/src/jvmTest/java/okhttp3/internal/ws/WebSocketHttpTest.java b/okhttp/src/jvmTest/java/okhttp3/internal/ws/WebSocketHttpTest.java index ab7811071..3646c6e31 100644 --- a/okhttp/src/jvmTest/java/okhttp3/internal/ws/WebSocketHttpTest.java +++ b/okhttp/src/jvmTest/java/okhttp3/internal/ws/WebSocketHttpTest.java @@ -57,7 +57,6 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; import static java.util.Arrays.asList; import static okhttp3.TestUtil.repeat; -import static okhttp3.tls.internal.TlsUtil.localhost; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.data.Offset.offset; import static org.junit.jupiter.api.Assertions.fail; @@ -73,7 +72,8 @@ public final class WebSocketHttpTest { @RegisterExtension TestLogHandler testLogHandler = new TestLogHandler(OkHttpClient.class); private MockWebServer webServer; - private final HandshakeCertificates handshakeCertificates = localhost(); + private final HandshakeCertificates handshakeCertificates + = platform.localhostHandshakeCertificates(); private final WebSocketRecorder clientListener = new WebSocketRecorder("client"); private final WebSocketRecorder serverListener = new WebSocketRecorder("server"); private final Random random = new Random(0); @@ -98,7 +98,6 @@ public final class WebSocketHttpTest { this.webServer = webServer; platform.assumeNotOpenJSSE(); - platform.assumeNotBouncyCastle(); } @AfterEach public void tearDown() throws InterruptedException { diff --git a/samples/compare/src/test/kotlin/okhttp3/compare/OkHttpClientTest.kt b/samples/compare/src/test/kotlin/okhttp3/compare/OkHttpClientTest.kt index b1dd7587e..c3c66ad53 100644 --- a/samples/compare/src/test/kotlin/okhttp3/compare/OkHttpClientTest.kt +++ b/samples/compare/src/test/kotlin/okhttp3/compare/OkHttpClientTest.kt @@ -33,8 +33,6 @@ class OkHttpClientTest { @JvmField @RegisterExtension val platform = PlatformRule() @Test fun get(server: MockWebServer) { - platform.assumeNotBouncyCastle() - server.enqueue(MockResponse(body = "hello, OkHttp")) val client = OkHttpClient()