SSLHandshake No appropriate protocol (protocol is disabled or cipher suites are inappropriate) (#5198)

Signed-off-by: Jorge Bescos Gascon <jorge.bescos.gascon@oracle.com>

Author: jbescos

connectors/jdk-connector/src/test/java/org/glassfish/jersey/jdk/connector/internal/SslFilterTLS11Test.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2020, 2022 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at

connectors/jdk-connector/src/test/java/org/glassfish/jersey/jdk/connector/internal/SslFilterTLS1Test.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2020, 2022 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at

connectors/jdk-connector/src/test/java/org/glassfish/jersey/jdk/connector/internal/SslFilterTest.java

@@ -24,22 +24,29 @@
 import java.net.ServerSocket;
 import java.net.SocketException;
 import java.nio.ByteBuffer;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.List;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicReference;
-
 import javax.net.ServerSocketFactory;
 import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.SSLSocket;
-
 import org.glassfish.jersey.SslConfigurator;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ConditionEvaluationResult;
+import org.junit.jupiter.api.extension.ExecutionCondition;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.api.extension.ExtensionContext;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -48,6 +55,7 @@
 /**
  * @author Petr Janouch
  */
+@ExtendWith(SslFilterTest.DeprecatedTLSCondition.class)
 public abstract class SslFilterTest {
 
     private static final int PORT = 8321;
@@ -531,4 +539,32 @@ void rehandshake() throws IOException {
             socket.startHandshake();
         }
     }
+
+    public static class DeprecatedTLSCondition implements ExecutionCondition {
+
+        @Override
+        public ConditionEvaluationResult evaluateExecutionCondition(ExtensionContext context) {
+            Class<?> test = context.getTestClass().get();
+            String required = null;
+            if (test == SslFilterTLS1Test.class) {
+                required = "TLSv1";
+            } else if (test == SslFilterTLS11Test.class) {
+                required = "TLSv1.1";
+            }
+            if (required != null) {
+                try {
+                    SSLContext context1 = SSLContext.getInstance("TLS");
+                    context1.init(null, null, null);
+                    List<String> supportedProtocols = Arrays.asList(context1.getDefaultSSLParameters().getProtocols());
+                    if (!supportedProtocols.contains(required)) {
+                        return ConditionEvaluationResult.disabled("JDK does not support " + required);
+                    }
+                } catch (KeyManagementException | NoSuchAlgorithmException e) {
+                    return ConditionEvaluationResult.disabled("JDK does not support TLS: " + e.getMessage());
+                }
+            }
+            return ConditionEvaluationResult.enabled("JDK is valid to run " + test.getCanonicalName());
+        }
+
+    }
 }