diff --git a/modules/clients/pom.xml b/modules/clients/pom.xml
index 851c763fd3228..bff5c9b8d86f9 100644
--- a/modules/clients/pom.xml
+++ b/modules/clients/pom.xml
@@ -50,7 +50,7 @@
redis.clients
jedis
- 2.9.0
+ 7.2.1
test
diff --git a/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisCommonAbstractTest.java b/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisCommonAbstractTest.java
index 6f0b0f615acf5..54fb9e7fd76f4 100644
--- a/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisCommonAbstractTest.java
+++ b/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisCommonAbstractTest.java
@@ -22,6 +22,9 @@
import org.apache.ignite.configuration.ConnectorConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
+import redis.clients.jedis.ClientSetInfoConfig;
+import redis.clients.jedis.DefaultJedisClientConfig;
+import redis.clients.jedis.HostAndPort;
import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig;
@@ -59,7 +62,13 @@ public class RedisCommonAbstractTest extends GridCommonAbstractTest {
jedisPoolCfg.setTestWhileIdle(true);
jedisPoolCfg.setTimeBetweenEvictionRunsMillis(30000);
- pool = new JedisPool(jedisPoolCfg, HOST, PORT, 10000);
+ DefaultJedisClientConfig clientCfg = DefaultJedisClientConfig.builder()
+ .connectionTimeoutMillis(10000)
+ .socketTimeoutMillis(10000)
+ .clientSetInfoConfig(ClientSetInfoConfig.DISABLED)
+ .build();
+
+ pool = new JedisPool(jedisPoolCfg, new HostAndPort(HOST, PORT), clientCfg);
}
/** {@inheritDoc} */
diff --git a/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisProtocolStringSelfTest.java b/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisProtocolStringSelfTest.java
index c1d5e08416fa6..0ee98cdf419e5 100644
--- a/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisProtocolStringSelfTest.java
+++ b/modules/clients/src/test/java/org/apache/ignite/internal/processors/rest/protocols/tcp/redis/RedisProtocolStringSelfTest.java
@@ -26,6 +26,7 @@
import org.junit.Test;
import redis.clients.jedis.Jedis;
import redis.clients.jedis.exceptions.JedisDataException;
+import redis.clients.jedis.params.SetParams;
/**
* Tests for String commands of Redis protocol.
@@ -188,14 +189,14 @@ public void testSet() throws Exception {
Assert.assertEquals("b0", jcache().get("setKey2"));
// test options.
- jedis.set("setKey1", "2", "nx");
- jedis.set("setKey3", "3", "nx", "px", EXPIRE_MS);
+ jedis.set("setKey1", "2", SetParams.setParams().nx());
+ jedis.set("setKey3", "3", SetParams.setParams().nx().px(EXPIRE_MS));
Assert.assertEquals("1", jcache().get("setKey1"));
Assert.assertEquals("3", jcache().get("setKey3"));
- jedis.set("setKey1", "2", "xx", "ex", EXPIRE_SEC);
- jedis.set("setKey4", "4", "xx");
+ jedis.set("setKey1", "2", SetParams.setParams().xx().ex(EXPIRE_SEC));
+ jedis.set("setKey4", "4", SetParams.setParams().xx());
Assert.assertEquals("2", jcache().get("setKey1"));
Assert.assertNull(jcache().get("setKey4"));
diff --git a/modules/clients/src/test/java/org/apache/ignite/jdbc/thin/JdbcThinConnectionSSLTest.java b/modules/clients/src/test/java/org/apache/ignite/jdbc/thin/JdbcThinConnectionSSLTest.java
index 3e2bb1d41b22f..3c219bdb725f6 100644
--- a/modules/clients/src/test/java/org/apache/ignite/jdbc/thin/JdbcThinConnectionSSLTest.java
+++ b/modules/clients/src/test/java/org/apache/ignite/jdbc/thin/JdbcThinConnectionSSLTest.java
@@ -23,6 +23,9 @@
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
+import java.util.Arrays;
+import java.util.LinkedHashSet;
+import java.util.Set;
import java.util.concurrent.Callable;
import javax.cache.configuration.Factory;
import javax.net.ssl.SSLContext;
@@ -33,6 +36,7 @@
import org.apache.ignite.internal.util.typedef.internal.U;
import org.apache.ignite.ssl.SslContextFactory;
import org.apache.ignite.testframework.GridTestUtils;
+import org.junit.Assume;
import org.junit.Test;
/**
@@ -52,6 +56,9 @@ public class JdbcThinConnectionSSLTest extends JdbcThinAbstractSelfTest {
private static final String TRUST_KEY_STORE_PATH = U.getIgniteHome() +
"/modules/clients/src/test/keystore/trust-one.jks";
+ /** Unsupported cipher. */
+ private static final String UNSUPPORTED_CIPHER = "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA";
+
/** SSL context factory. */
private static Factory sslCtxFactory;
@@ -96,6 +103,59 @@ public class JdbcThinConnectionSSLTest extends JdbcThinAbstractSelfTest {
return cfg;
}
+ /**
+ * @return One of default cipher suites for the current JDK.
+ * @throws NoSuchAlgorithmException If failed.
+ */
+ private static String dfltCipher() throws NoSuchAlgorithmException {
+ String[] dflt = SSLContext.getDefault().getSocketFactory().getDefaultCipherSuites();
+
+ assertTrue("No default cipher suites available", dflt.length > 0);
+
+ return dflt[0];
+ }
+
+ /**
+ * @param exclude Cipher to exclude.
+ * @return Another default cipher suite for the current JDK.
+ * @throws NoSuchAlgorithmException If failed.
+ */
+ private static String anotherDfltCipher(String exclude) throws NoSuchAlgorithmException {
+ String[] dflt = SSLContext.getDefault().getSocketFactory().getDefaultCipherSuites();
+
+ for (String cipher : dflt) {
+ if (!cipher.equals(exclude))
+ return cipher;
+ }
+
+ fail("No alternative default cipher suite found");
+
+ return null;
+ }
+
+ /**
+ * @return Supported cipher suite that is not enabled by default, or null if none found.
+ * @throws NoSuchAlgorithmException If failed.
+ */
+ private static String supportedButNonDfltCipherOrNull() throws NoSuchAlgorithmException {
+ SSLSocketFactory factory = SSLContext.getDefault().getSocketFactory();
+
+ Set supported = new LinkedHashSet<>(Arrays.asList(factory.getSupportedCipherSuites()));
+ Set dflt = new LinkedHashSet<>(Arrays.asList(factory.getDefaultCipherSuites()));
+
+ for (String cipher : supported) {
+ if (dflt.contains(cipher))
+ continue;
+
+ if (cipher.contains("_anon_") || cipher.contains("_NULL_"))
+ continue;
+
+ return cipher;
+ }
+
+ return null;
+ }
+
/**
* @throws Exception If failed.
*/
@@ -232,10 +292,13 @@ public void testCustomCiphersOnClient() throws Exception {
setSslCtxFactoryToCli = true;
sslCtxFactory = getTestSslContextFactory();
+ String cipher1 = dfltCipher();
+ String cipher2 = anotherDfltCipher(cipher1);
+
startGrids(1);
try {
- // Default ciphers
+ // Default ciphers.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
@@ -244,9 +307,9 @@ public void testCustomCiphersOnClient() throws Exception {
checkConnection(conn);
}
- // Explicit cipher (one of defaults).
+ // Explicit cipher.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256" +
+ "&sslCipherSuites=" + cipher1 +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
@@ -256,7 +319,7 @@ public void testCustomCiphersOnClient() throws Exception {
// Explicit ciphers.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256" +
+ "&sslCipherSuites=" + cipher2 + "," + cipher1 +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
@@ -275,7 +338,11 @@ public void testCustomCiphersOnClient() throws Exception {
@Test
public void testCustomCiphersOnServer() throws Exception {
setSslCtxFactoryToCli = true;
- supportedCiphers = new String[] {"TLS_RSA_WITH_AES_256_CBC_SHA256" /* Enabled by default */};
+
+ String cipher1 = dfltCipher();
+ String cipher2 = anotherDfltCipher(cipher1);
+
+ supportedCiphers = new String[] {cipher1};
sslCtxFactory = getTestSslContextFactory();
startGrids(1);
@@ -292,7 +359,7 @@ public void testCustomCiphersOnServer() throws Exception {
// Explicit cipher.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA256" +
+ "&sslCipherSuites=" + cipher1 +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
@@ -300,19 +367,19 @@ public void testCustomCiphersOnServer() throws Exception {
checkConnection(conn);
}
- // Disabled by default cipher.
- GridTestUtils.assertThrows(log, () -> {
- return DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_NULL_SHA256" +
+ // Explicit cipher not supported by server.
+ GridTestUtils.assertThrows(log, () -> DriverManager.getConnection(
+ "jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
+ "&sslCipherSuites=" + cipher2 +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
- "&sslTrustCertificateKeyStorePassword=123456");
- }, SQLException.class, "Failed to SSL connect to server");
+ "&sslTrustCertificateKeyStorePassword=123456"
+ ), SQLException.class, "Failed to SSL connect to server");
// Explicit ciphers.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256" +
+ "&sslCipherSuites=" + cipher2 + "," + cipher1 +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
@@ -327,21 +394,23 @@ public void testCustomCiphersOnServer() throws Exception {
/**
* @throws Exception If failed.
- *
- * Note: Disabled cipher suite can be enabled via Java Security property "jdk.tls.disabledAlgorithms" or in
- * <JAVA_HOME>/conf/security/java.security file.
*/
@Test
public void testDisabledCustomCipher() throws Exception {
+ String nonDfltCipher = supportedButNonDfltCipherOrNull();
+
+ Assume.assumeNotNull(nonDfltCipher);
+
setSslCtxFactoryToCli = true;
- supportedCiphers = new String[] {"TLS_RSA_WITH_NULL_SHA256" /* Disabled by default */};
+ supportedCiphers = new String[] {nonDfltCipher};
sslCtxFactory = getTestSslContextFactory();
startGrids(1);
+
try {
- // Explicit supported ciphers.
+ // Explicit supported cipher.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_NULL_SHA256" +
+ "&sslCipherSuites=" + nonDfltCipher +
"&sslTrustAll=true" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
@@ -351,13 +420,13 @@ public void testDisabledCustomCipher() throws Exception {
}
// Default ciphers.
- GridTestUtils.assertThrows(log, () -> {
- return DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
+ GridTestUtils.assertThrows(log, () -> DriverManager.getConnection(
+ "jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
- "&sslTrustCertificateKeyStorePassword=123456");
- }, SQLException.class, "Failed to SSL connect to server");
+ "&sslTrustCertificateKeyStorePassword=123456"
+ ), SQLException.class, "Failed to SSL connect to server");
}
finally {
stopAllGrids();
@@ -366,34 +435,34 @@ public void testDisabledCustomCipher() throws Exception {
/**
* @throws Exception If failed.
- *
- * Note: Disabled cipher suite can be enabled via Java Security property "jdk.tls.disabledAlgorithms" or in
- * <JAVA_HOME>/conf/security/java.security file.
*/
@Test
public void testUnsupportedCustomCipher() throws Exception {
+ String nonDfltCipher = supportedButNonDfltCipherOrNull();
+
+ Assume.assumeNotNull(nonDfltCipher);
+
setSslCtxFactoryToCli = true;
- supportedCiphers = new String[] {
- "TLS_RSA_WITH_NULL_SHA256" /* Disabled by default */,
- "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA" /* With disabled protocol*/};
+ supportedCiphers = new String[] {nonDfltCipher, UNSUPPORTED_CIPHER};
sslCtxFactory = getTestSslContextFactory();
startGrids(1);
+
try {
- // Enabled ciphers with unsupported algorithm can't be negotiated.
- GridTestUtils.assertThrows(log, () -> {
- return DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA" +
+ // Unsupported cipher can't be negotiated.
+ GridTestUtils.assertThrows(log, () -> DriverManager.getConnection(
+ "jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
+ "&sslCipherSuites=" + UNSUPPORTED_CIPHER +
"&sslTrustAll=true" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
- "&sslTrustCertificateKeyStorePassword=123456");
- }, SQLException.class, "Failed to SSL connect to server");
+ "&sslTrustCertificateKeyStorePassword=123456"
+ ), SQLException.class, "Failed to SSL connect to server");
// Supported cipher.
try (Connection conn = DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
- "&sslCipherSuites=TLS_RSA_WITH_NULL_SHA256" +
+ "&sslCipherSuites=" + nonDfltCipher +
"&sslTrustAll=true" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
@@ -403,14 +472,13 @@ public void testUnsupportedCustomCipher() throws Exception {
}
// Default ciphers.
- GridTestUtils.assertThrows(log, () -> {
- return DriverManager.getConnection("jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
+ GridTestUtils.assertThrows(log, () -> DriverManager.getConnection(
+ "jdbc:ignite:thin://127.0.0.1/?sslMode=require" +
"&sslClientCertificateKeyStoreUrl=" + CLI_KEY_STORE_PATH +
"&sslClientCertificateKeyStorePassword=123456" +
"&sslTrustCertificateKeyStoreUrl=" + TRUST_KEY_STORE_PATH +
- "&sslTrustCertificateKeyStorePassword=123456");
- }, SQLException.class, "Failed to SSL connect to server");
-
+ "&sslTrustCertificateKeyStorePassword=123456"
+ ), SQLException.class, "Failed to SSL connect to server");
}
finally {
stopAllGrids();