From 565e56f2b10b4cf9c3f4d896b1929a2f1ee2e8d1 Mon Sep 17 00:00:00 2001
From: "Sean C. Sullivan" <github@seansullivan.com>
Date: Sat, 23 Jul 2022 14:44:05 -0700
Subject: [PATCH] additional unit tests for SslProvider

---
 .../reactor/netty/tcp/SslProviderTests.java   | 58 +++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/reactor-netty-http/src/test/java/reactor/netty/tcp/SslProviderTests.java b/reactor-netty-http/src/test/java/reactor/netty/tcp/SslProviderTests.java
index 7ed7afb16e..495656f54a 100644
--- a/reactor-netty-http/src/test/java/reactor/netty/tcp/SslProviderTests.java
+++ b/reactor-netty-http/src/test/java/reactor/netty/tcp/SslProviderTests.java
@@ -25,7 +25,10 @@
 import io.netty.buffer.ByteBufAllocator;
 import io.netty.handler.ssl.JdkSslContext;
 import io.netty.handler.ssl.OpenSsl;
+import io.netty.handler.ssl.OpenSslClientContext;
 import io.netty.handler.ssl.OpenSslContext;
+import io.netty.handler.ssl.OpenSslServerContext;
+import io.netty.handler.ssl.OpenSslSessionContext;
 import io.netty.handler.ssl.SslContext;
 import io.netty.handler.ssl.SslHandler;
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
@@ -366,4 +369,59 @@ void testServerNamesBadValues() throws Exception {
 						.sslContext(defaultSslContext)
 						.serverNames((SNIServerName[]) null));
 	}
+
+	@Test
+	void testDefaultClientProviderIsOpenSsl() {
+		final SslProvider clientProvider = SslProvider.defaultClientProvider();
+
+		final OpenSslClientContext clientContext = (OpenSslClientContext) clientProvider.getSslContext();
+		assertThat(clientContext.isClient()).isTrue();
+		assertThat(clientContext.applicationProtocolNegotiator().protocols())
+				.isEmpty();
+		assertThat(clientContext.cipherSuites())
+				.containsExactlyInAnyOrder("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+						"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+						"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+						"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+						"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+						"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+						"TLS_RSA_WITH_AES_128_GCM_SHA256",
+						"TLS_RSA_WITH_AES_128_CBC_SHA",
+						"TLS_RSA_WITH_AES_256_CBC_SHA",
+						"TLS_AES_128_GCM_SHA256",
+						"TLS_AES_256_GCM_SHA384",
+						"TLS_CHACHA20_POLY1305_SHA256");
+
+		final OpenSslSessionContext sessionContext = clientContext.sessionContext();
+		assertThat(sessionContext.getSessionTimeout()).isEqualTo(300);
+		assertThat(sessionContext.isSessionCacheEnabled()).isFalse();
+	}
+
+	@Test
+	void tesServerSslProviderIsOpenSsl() {
+		final SslProvider serverProvider = SslProvider.builder()
+												.sslContext(serverSslContextBuilderH2)
+												.build();
+
+		final OpenSslServerContext serverContext = (OpenSslServerContext) serverProvider.getSslContext();
+		assertThat(serverContext.isServer()).isTrue();
+		assertThat(serverContext.applicationProtocolNegotiator().protocols())
+				.containsExactly("h2", "http/1.1");
+		assertThat(serverContext.cipherSuites())
+				.containsExactlyInAnyOrder("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+						"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+						"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+						"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+						"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+						"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+						"TLS_AES_128_GCM_SHA256",
+						"TLS_AES_256_GCM_SHA384",
+						"TLS_CHACHA20_POLY1305_SHA256");
+
+		final OpenSslSessionContext sessionContext = serverContext.sessionContext();
+		assertThat(sessionContext.getSessionTimeout()).isEqualTo(300);
+		assertThat(sessionContext.isSessionCacheEnabled()).isTrue();
+		assertThat(sessionContext.getSessionCacheSize()).isEqualTo(20480);
+	}
+
 }