Skip to content

Commit

Permalink
[TEST] Allow to run in FIPS JVM (#32607)
Browse files Browse the repository at this point in the history 
* Do not attempt to run cases with ssl.verification_mode NONE in
SessionFactoryTests so that the tests can run in a FIPS 140 JVM
  • Loading branch information
@jkakavas @albertzaharovits
jkakavas authored and albertzaharovits committed Aug 6, 2018
1 parent e5a1dac commit 8d2dbfa
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions ...rc/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,10 +93,13 @@ public void testConnectionFactoryReturnsCorrectLDAPConnectionOptions() throws Ex
options = SessionFactory.connectionOptions(realmConfig, sslService.apply(settings), logger);
assertThat(options.getSSLSocketVerifier(), is(instanceOf(TrustAllSSLSocketVerifier.class)));

settings = Settings.builder().put("ssl.verification_mode", VerificationMode.NONE).build();
realmConfig = new RealmConfig(realmName, settings, environment.settings(), environment, threadContext);
options = SessionFactory.connectionOptions(realmConfig, sslService.apply(settings), logger);
assertThat(options.getSSLSocketVerifier(), is(instanceOf(TrustAllSSLSocketVerifier.class)));
// Can't run in FIPS with verification_mode none, disable this check instead of duplicating the test case
if (inFipsJvm() == false) {
settings = Settings.builder().put("ssl.verification_mode", VerificationMode.NONE).build();
realmConfig = new RealmConfig(realmName, settings, environment.settings(), environment, threadContext);
options = SessionFactory.connectionOptions(realmConfig, sslService.apply(settings), logger);
assertThat(options.getSSLSocketVerifier(), is(instanceOf(TrustAllSSLSocketVerifier.class)));
}

settings = Settings.builder().put("ssl.verification_mode", VerificationMode.FULL).build();
realmConfig = new RealmConfig(realmName, settings, environment.settings(), environment, threadContext);
Expand Down

0 comments on commit 8d2dbfa

Please sign in to comment.