| commit | d7254e38efa2f20db6cac1a5cb5ac4548edc3d46 | [log] [tgz] |
|---|---|---|
| author | Neil Fuller <nfuller@google.com> | Thu Nov 06 20:51:33 2014 +0000 |
| committer | Neil Fuller <nfuller@google.com> | Thu Nov 20 10:36:09 2014 +0000 |
| tree | 2cc2f18d0a32b5f1069ce82266f6fe8a37ca05c2 | |
| parent | 08d4640fac88f5e18eefec1992745535b26210b6 [diff] |
Improve tests for TLS fallback. This is a small improvement over the changes that were submitted to Android when TLS_FALLBACK_SCSV was introduced. Previously the tests would cripple the server to use a low quality protocol so the TLS_FALLBACK_SCSV check would pass for all connection attempts. Some tests for APIs not used in Android were suppressed. This change modifies that approach. Instead it: 1) Introduces a test client socket factory that ignores any attempt to set the TLS_FALLBACK_SCSV cipher. This means that the server will not attempt to enforce the fallback check. 2) Pulls out some test infrastructure for use across tests. 3) Re-enables / modifies the tests that were suppressed. The ideal solution would be to disable TLS_FALLBACK_SCSV checks in the MockWebServer for the tests that are supposed to simulate servers that do not perform TLS_FALLBACK_SCSV checks. However, we do not currently have a mechanism to do this. This change also adjusts tests that test fallback to explicitly enable SSLv3 for server-side socket factories. The Android default was changed to disable SSLv3 (though it is still supported). An up-coming change should remove the need for this. Change-Id: Ib4a57bc106928c0dd0653376341527fba7a8a00c
An HTTP & SPDY client for Android and Java applications.
For more information please see the website.
Download the latest JAR or grab via Maven:
<dependency> <groupId>com.squareup.okhttp</groupId> <artifactId>okhttp</artifactId> <version>(insert latest version)</version> </dependency>
OkHttp requires Java 7 to build and run tests. Runtime compatibility with Java 6 is enforced as part of the build to ensure compliance with Android and older versions of the JVM.
Run OkHttp tests on the desktop with Maven. Running SPDY tests on the desktop uses Jetty-NPN which requires OpenJDK 7+.
mvn clean test
OkHttp's test suite creates an in-process HTTPS server. Prior to Android 2.3, SSL server sockets were broken, and so HTTPS tests will time out when run on such devices.
Test on a USB-attached Android using Vogar. Unfortunately dx requires that you build with Java 6, otherwise the test class will be silently omitted from the .dex file.
mvn clean
mvn package -DskipTests
vogar \
--classpath ~/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.48/bcprov-jdk15on-1.48.jar \
--classpath mockwebserver/target/mockwebserver-2.0.0-SNAPSHOT.jar \
--classpath okhttp-protocols/target/okhttp-protocols-2.0.0-SNAPSHOT.jar \
--classpath okhttp/target/okhttp-2.0.0-SNAPSHOT.jar \
okhttp/src/test
A library for testing HTTP, HTTPS, HTTP/2.0, and SPDY clients.
MockWebServer coupling with OkHttp is essential for proper testing of SPDY and HTTP/2.0 so that code can be shared.
Download the latest JAR or grab via Maven:
<dependency> <groupId>com.squareup.okhttp</groupId> <artifactId>mockwebserver</artifactId> <version>(insert latest version)</version> <scope>test</scope> </dependency>
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.