TS-38828 Rework and adapt test

cqse · May 22, 2024 · fb71676 · fb71676
1 parent 1b3fbf7
commit fb71676
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 9 deletions.
diff --git a/src/main/java/com/teamscale/upload/utils/OkHttpUtils.java b/src/main/java/com/teamscale/upload/utils/OkHttpUtils.java
@@ -67,12 +67,9 @@ public static OkHttpClient createClient(boolean validateSsl, String trustStorePa
 		setTimeouts(builder, timeoutInSeconds);
 		builder.followRedirects(false).followSslRedirects(false);
 
-		if (validateSsl) {
+		if (validateSsl || !disableSslValidation(builder)) {
 			configureTrustStore(builder, trustStorePath, trustStorePassword);
 		}
-		if (!validateSsl) {
-			disableSslValidation(builder);
-		}
 
 		return builder.build();
 	}
@@ -94,7 +91,7 @@ private static void configureTrustStore(OkHttpClient.Builder builder, String tru
 
 			MultiTrustManager multiTrustManager = new MultiTrustManager(trustManagers);
 
-			sslContext.init(null, new TrustManager[]{multiTrustManager}, new SecureRandom());
+			sslContext.init(null, new TrustManager[] {multiTrustManager}, new SecureRandom());
 			builder.sslSocketFactory(sslContext.getSocketFactory(), multiTrustManager);
 		} catch (NoSuchAlgorithmException e) {
 			LogUtils.failWithStackTrace(e, "Failed to instantiate an SSLContext or TrustManagerFactory.");
@@ -222,19 +219,21 @@ private static Collection<X509Certificate> getCustomOsTrustedCertificates() {
 		}
 	}
 
-	private static void disableSslValidation(OkHttpClient.Builder builder) {
+	/** Tries to disable SSL validation. Returns {@code true} if validation was successfully disabled. */
+	private static boolean disableSslValidation(OkHttpClient.Builder builder) {
 		SSLSocketFactory sslSocketFactory;
 		try {
 			SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
 			sslContext.init(null, new TrustManager[] { TrustAllCertificatesManager.INSTANCE }, new SecureRandom());
 			sslSocketFactory = sslContext.getSocketFactory();
 		} catch (GeneralSecurityException e) {
 			LogUtils.warn("Could not disable SSL certificate validation. Leaving it enabled", e);
-			return;
+			return false;
 		}
 
 		builder.sslSocketFactory(sslSocketFactory, TrustAllCertificatesManager.INSTANCE);
 		builder.hostnameVerifier((hostName, session) -> true);
+		return true;
 	}
 
 	private static void setTimeouts(okhttp3.OkHttpClient.Builder builder, long timeoutInSeconds) {
@@ -277,7 +276,6 @@ public X509Certificate[] getAcceptedIssuers() {
 			return trustManagers.stream().flatMap(manager -> Arrays.stream(manager.getAcceptedIssuers())).toArray(X509Certificate[]::new);
 		}
 
-
 		@Override
 		public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
 			checkAll(manager -> manager.checkClientTrusted(chain, authType));

diff --git a/src/test/java/com/teamscale/upload/IntegrationTestBase.java b/src/test/java/com/teamscale/upload/IntegrationTestBase.java
@@ -226,7 +226,6 @@ public void selfSignedCertificateShouldBeAcceptedWithInsecureFlag() {
 					new TeamscaleUploadArguments().withUrl("https://localhost:" + MOCK_TEAMSCALE_PORT).withInsecure());
 			assertThat(result.exitCode).describedAs("Stderr and stdout: " + result.getOutputAndErrorOutput()).isZero();
 			assertThat(server.sessions).hasSize(1);
-			assertThatOSCertificatesWereImported(result);
 		}
 	}