예제 #1
0
 /** Prepares the connection specs to attempt. */
 private void resetConnectionSpecs() {
   connectionSpecs = new ArrayList<ConnectionSpec>();
   List<ConnectionSpec> specs = address.getConnectionSpecs();
   for (int i = 0, size = specs.size(); i < size; i++) {
     ConnectionSpec spec = specs.get(i);
     if (request.isHttps() == spec.isTls()) {
       connectionSpecs.add(spec);
     }
   }
   nextSpecIndex = 0;
 }
예제 #2
0
 @Test
 public void tlsBuilder_defaultCiphers() throws Exception {
   ConnectionSpec tlsSpec =
       new ConnectionSpec.Builder(true)
           .tlsVersions(TlsVersion.TLS_1_2)
           .supportsTlsExtensions(true)
           .build();
   assertNull(tlsSpec.cipherSuites());
   assertEquals(Arrays.asList(TlsVersion.TLS_1_2), tlsSpec.tlsVersions());
   assertTrue(tlsSpec.supportsTlsExtensions());
 }
예제 #3
0
 @Test
 public void tlsBuilder_explicitCiphers() throws Exception {
   ConnectionSpec tlsSpec =
       new ConnectionSpec.Builder(true)
           .cipherSuites(CipherSuite.TLS_RSA_WITH_RC4_128_MD5)
           .tlsVersions(TlsVersion.TLS_1_2)
           .supportsTlsExtensions(true)
           .build();
   assertEquals(Arrays.asList(CipherSuite.TLS_RSA_WITH_RC4_128_MD5), tlsSpec.cipherSuites());
   assertEquals(Arrays.asList(TlsVersion.TLS_1_2), tlsSpec.tlsVersions());
   assertTrue(tlsSpec.supportsTlsExtensions());
 }
예제 #4
0
  @Test
  public void tls_defaultCiphers_withFallbackIndicator() throws Exception {
    ConnectionSpec tlsSpec =
        new ConnectionSpec.Builder(true)
            .tlsVersions(TlsVersion.TLS_1_2)
            .supportsTlsExtensions(false)
            .build();

    SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
    socket.setEnabledCipherSuites(
        new String[] {
          CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
          CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName,
        });
    socket.setEnabledProtocols(
        new String[] {
          TlsVersion.TLS_1_2.javaName, TlsVersion.TLS_1_1.javaName,
        });

    Route route =
        new Route(
            HTTPS_ADDRESS,
            PROXY,
            INET_SOCKET_ADDRESS,
            tlsSpec,
            true /* shouldSendTlsFallbackIndicator */);
    tlsSpec.apply(socket, route);

    assertEquals(createSet(TlsVersion.TLS_1_2.javaName), createSet(socket.getEnabledProtocols()));

    Set<String> expectedCipherSet =
        createSet(
            CipherSuite.TLS_RSA_WITH_RC4_128_MD5.javaName,
            CipherSuite.TLS_RSA_WITH_RC4_128_SHA.javaName);
    if (Arrays.asList(socket.getSupportedCipherSuites()).contains("TLS_FALLBACK_SCSV")) {
      expectedCipherSet.add("TLS_FALLBACK_SCSV");
    }
    assertEquals(expectedCipherSet, expectedCipherSet);
  }
예제 #5
0
 private boolean shouldSendTlsFallbackIndicator(ConnectionSpec connectionSpec) {
   return connectionSpec != connectionSpecs.get(0) && connectionSpec.isTls();
 }
예제 #6
0
 @Test
 public void cleartextBuilder() throws Exception {
   ConnectionSpec cleartextSpec = new ConnectionSpec.Builder(false).build();
   assertFalse(cleartextSpec.isTls());
 }