Search in sources :

Example 1 with TlsVersion

use of okhttp3.TlsVersion in project okhttp by square.

the class ConnectionSpecSelectorTest method someFallbacksSupported.

@Test
public void someFallbacksSupported() throws Exception {
    ConnectionSpec sslV3 = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(TlsVersion.SSL_3_0).build();
    ConnectionSpecSelector connectionSpecSelector = createConnectionSpecSelector(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, sslV3);
    TlsVersion[] enabledSocketTlsVersions = { TlsVersion.TLS_1_1, TlsVersion.TLS_1_0 };
    SSLSocket socket = createSocketWithEnabledProtocols(enabledSocketTlsVersions);
    // MODERN_TLS is used here.
    connectionSpecSelector.configureSecureSocket(socket);
    assertEnabledProtocols(socket, TlsVersion.TLS_1_1, TlsVersion.TLS_1_0);
    boolean retry = connectionSpecSelector.connectionFailed(RETRYABLE_EXCEPTION);
    assertTrue(retry);
    socket.close();
    // COMPATIBLE_TLS is used here.
    socket = createSocketWithEnabledProtocols(enabledSocketTlsVersions);
    connectionSpecSelector.configureSecureSocket(socket);
    assertEnabledProtocols(socket, TlsVersion.TLS_1_0);
    retry = connectionSpecSelector.connectionFailed(RETRYABLE_EXCEPTION);
    assertFalse(retry);
    socket.close();
// sslV3 is not used because SSLv3 is not enabled on the socket.
}
Also used : TlsVersion(okhttp3.TlsVersion) ConnectionSpec(okhttp3.ConnectionSpec) SSLSocket(javax.net.ssl.SSLSocket) Test(org.junit.Test)

Example 2 with TlsVersion

use of okhttp3.TlsVersion in project okhttp by square.

the class URLConnectionTest method sslFallbackNotUsedWhenRecycledConnectionFails.

/**
   * When a pooled connection fails, don't blame the route. Otherwise pooled connection failures can
   * cause unnecessary SSL fallbacks.
   *
   * https://github.com/square/okhttp/issues/515
   */
@Test
public void sslFallbackNotUsedWhenRecycledConnectionFails() throws Exception {
    server.useHttps(sslClient.socketFactory, false);
    server.enqueue(new MockResponse().setBody("abc").setSocketPolicy(DISCONNECT_AT_END));
    server.enqueue(new MockResponse().setBody("def"));
    urlFactory.setClient(urlFactory.client().newBuilder().hostnameVerifier(new RecordingHostnameVerifier()).sslSocketFactory(suppressTlsFallbackClientSocketFactory(), sslClient.trustManager).build());
    assertContent("abc", urlFactory.open(server.url("/").url()));
    // Give the server time to disconnect.
    Thread.sleep(500);
    assertContent("def", urlFactory.open(server.url("/").url()));
    Set<TlsVersion> tlsVersions = // v1.2 on OpenJDK 8.
    EnumSet.of(TlsVersion.TLS_1_0, TlsVersion.TLS_1_2);
    RecordedRequest request1 = server.takeRequest();
    assertTrue(tlsVersions.contains(request1.getTlsVersion()));
    RecordedRequest request2 = server.takeRequest();
    assertTrue(tlsVersions.contains(request2.getTlsVersion()));
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) MockResponse(okhttp3.mockwebserver.MockResponse) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)2 SSLSocket (javax.net.ssl.SSLSocket)1 ConnectionSpec (okhttp3.ConnectionSpec)1 TlsVersion (okhttp3.TlsVersion)1 MockResponse (okhttp3.mockwebserver.MockResponse)1 RecordedRequest (okhttp3.mockwebserver.RecordedRequest)1