use of okhttp3.TlsVersion in project okhttp by square.
the class ConnectionSpecSelectorTest method someFallbacksSupported.
@Test
public void someFallbacksSupported() throws Exception {
ConnectionSpec sslV3 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.SSL_3_0).build();
ConnectionSpecSelector connectionSpecSelector = createConnectionSpecSelector(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, sslV3);
TlsVersion[] enabledSocketTlsVersions = { TlsVersion.TLS_1_1, TlsVersion.TLS_1_0 };
SSLSocket socket = createSocketWithEnabledProtocols(enabledSocketTlsVersions);
// MODERN_TLS is used here.
connectionSpecSelector.configureSecureSocket(socket);
assertEnabledProtocols(socket, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0);
boolean retry = connectionSpecSelector.connectionFailed(RETRYABLE_EXCEPTION);
assertTrue(retry);
socket.close();
// COMPATIBLE_TLS is used here.
socket = createSocketWithEnabledProtocols(enabledSocketTlsVersions);
connectionSpecSelector.configureSecureSocket(socket);
assertEnabledProtocols(socket, TlsVersion.TLS_1_0);
retry = connectionSpecSelector.connectionFailed(RETRYABLE_EXCEPTION);
assertFalse(retry);
socket.close();
// sslV3 is not used because SSLv3 is not enabled on the socket.
}
use of okhttp3.TlsVersion in project okhttp by square.
the class URLConnectionTest method sslFallbackNotUsedWhenRecycledConnectionFails.
/**
* When a pooled connection fails, don't blame the route. Otherwise pooled connection failures can
* cause unnecessary SSL fallbacks.
*
* https://github.com/square/okhttp/issues/515
*/
@Test
public void sslFallbackNotUsedWhenRecycledConnectionFails() throws Exception {
server.useHttps(sslClient.socketFactory, false);
server.enqueue(new MockResponse().setBody("abc").setSocketPolicy(DISCONNECT_AT_END));
server.enqueue(new MockResponse().setBody("def"));
urlFactory.setClient(urlFactory.client().newBuilder().hostnameVerifier(new RecordingHostnameVerifier()).sslSocketFactory(suppressTlsFallbackClientSocketFactory(), sslClient.trustManager).build());
assertContent("abc", urlFactory.open(server.url("/").url()));
// Give the server time to disconnect.
Thread.sleep(500);
assertContent("def", urlFactory.open(server.url("/").url()));
Set<TlsVersion> tlsVersions = // v1.2 on OpenJDK 8.
EnumSet.of(TlsVersion.TLS_1_0, TlsVersion.TLS_1_2);
RecordedRequest request1 = server.takeRequest();
assertTrue(tlsVersions.contains(request1.getTlsVersion()));
RecordedRequest request2 = server.takeRequest();
assertTrue(tlsVersions.contains(request2.getTlsVersion()));
}
Aggregations