ShouldClearSslSessionsPredicateTest.java

/*
 * Copyright (c) 2016. Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 * http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */

package com.amazonaws.http.conn.ssl;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

import javax.net.ssl.SSLException;

import org.junit.Test;

import com.amazonaws.util.JavaVersionParser.JavaVersion;

public class ShouldClearSslSessionsPredicateTest {

    private static final JavaVersion AFFECTED_JAVA_8_VERSION = jv(1, 8, 0, 10);
    private static final JavaVersion AFFECTED_JAVA_7_VERSION = jv(1, 7, 0, 10);
    private static final JavaVersion AFFECTED_JAVA_6_VERSION = jv(1, 6, 0, 10);

    private static final JavaVersion AFFECTED_JVM = AFFECTED_JAVA_6_VERSION;
    private static final JavaVersion NON_AFFECTED_JVM = jv(1, 9, 0, 0);

    private static final SSLException NON_AFFECTED_SSL_EXCEPTION = new SSLException(
            "This message should not clear the session cache");
    private static final SSLException AFFECTED_SSL_EXCEPTION = new SSLException(
            "server certificate change is restricted blah");

    @Test
    public void exceptionContainsWhitelistedMessage_JvmIsAffected_ReturnsTrue() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JVM);
        assertTrue(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionDoesNotContainWhitelistedMessage_JvmIsAffected_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JVM);
        assertFalse(predicate.test(NON_AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_JvmIsNotAffected_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(NON_AFFECTED_JVM);
        assertFalse(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionDoesNotContainWhitelistedMessage_JvmIsNotAffected_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(NON_AFFECTED_JVM);
        assertFalse(predicate.test(NON_AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void noExceptionMessage_JvmIsAffected_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JVM);
        assertFalse(predicate.test(new SSLException((String) null)));
    }

    @Test
    public void noExceptionMessage_JvmIsNotAffected_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(NON_AFFECTED_JVM);
        assertFalse(predicate.test(new SSLException((String) null)));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_WithJava6AffectedJvm_ReturnsTrue() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JAVA_6_VERSION);
        assertTrue(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_WithJava7AffectedJvm_ReturnsTrue() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JAVA_7_VERSION);
        assertTrue(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_WithJava8AffectedJvm_ReturnsTrue() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(AFFECTED_JAVA_8_VERSION);
        assertTrue(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_WithFixedJava7AffectedJvm_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(
                ShouldClearSslSessionPredicate.FIXED_JAVA_7);
        assertFalse(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    @Test
    public void exceptionContainsWhitelistedMessage_WithFixedJava8AffectedJvm_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(
                ShouldClearSslSessionPredicate.FIXED_JAVA_8);
        assertFalse(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    /**
     * Java9 is not affected in any version
     */
    @Test
    public void exceptionContainsWhitelistedMessage_WithJava9_ReturnsFalse() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(jv(1, 9, 0, 10));
        assertFalse(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    /**
     * If we can't determine the Java version we err on the side of caution and apply the workaround
     */
    @Test
    public void exceptionContainsWhitelistedMessage_WithUnknownJavaVersion_ReturnsTrue() {
        ShouldClearSslSessionPredicate predicate = new ShouldClearSslSessionPredicate(JavaVersion.UNKNOWN);
        assertTrue(predicate.test(AFFECTED_SSL_EXCEPTION));
    }

    /**
     * Convenience factory method for a {@link JavaVersion}
     */
    private static JavaVersion jv(int majorVersionFamily, int majorVersion, int maintenanceNumber, int updateNumber) {
        return new JavaVersion(majorVersionFamily, majorVersion, maintenanceNumber, updateNumber);
    }
}