From a895fa2ccb331ecfa459fb895b7233a66e2f8d42 Mon Sep 17 00:00:00 2001
From: Norbert Klasen <nklasen@opentext.com>
Date: Thu, 21 Mar 2024 23:10:51 +0100
Subject: [PATCH] Use Forked Test Execution

Each Test class is started in a JVM with different system properties.
---
 pom.xml                                       |  8 ++++++-
 src/test/java/SSLPokeClientProtocolTest.java  | 23 ++++++++++++++++++
 .../java/SSLPokeIgnoreRevocationTest.java     | 21 ++++++++++++++++
 src/test/java/SSLPokeTest.java                | 24 +++++--------------
 4 files changed, 57 insertions(+), 19 deletions(-)
 create mode 100644 src/test/java/SSLPokeClientProtocolTest.java
 create mode 100644 src/test/java/SSLPokeIgnoreRevocationTest.java

diff --git a/pom.xml b/pom.xml
index 2be182b..b58a5cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,4 +1,6 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>de.norbertklasen.security</groupId>
     <artifactId>sslpoke</artifactId>
@@ -85,6 +87,10 @@
             <plugin>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>2.22.2</version>
+                <configuration>
+                    <reuseForks>false</reuseForks>
+                    <forkCount>4</forkCount>
+                </configuration>
             </plugin>
             <plugin>
                 <artifactId>maven-failsafe-plugin</artifactId>
diff --git a/src/test/java/SSLPokeClientProtocolTest.java b/src/test/java/SSLPokeClientProtocolTest.java
new file mode 100644
index 0000000..d98d455
--- /dev/null
+++ b/src/test/java/SSLPokeClientProtocolTest.java
@@ -0,0 +1,23 @@
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.io.IOException;
+import java.net.UnknownHostException;
+
+import org.junit.jupiter.api.Test;
+import org.junitpioneer.jupiter.ClearSystemProperty;
+import org.junitpioneer.jupiter.SetSystemProperty;
+
+/**
+ * Unit test.
+ */
+@ClearSystemProperty(key = "com.sun.net.ssl.checkRevocation")
+@ClearSystemProperty(key = "com.sun.security.enableCRLDP")
+public class SSLPokeClientProtocolTest {
+
+    @Test
+    @SetSystemProperty(key = "jdk.tls.client.protocols", value = "SSLv3")
+    public void sslV3() throws UnknownHostException, IOException {
+        assertThrows(javax.net.ssl.SSLHandshakeException.class,
+                () -> SSLPoke.connect("www.badssl.com", 443));
+    }
+}
diff --git a/src/test/java/SSLPokeIgnoreRevocationTest.java b/src/test/java/SSLPokeIgnoreRevocationTest.java
new file mode 100644
index 0000000..e27e410
--- /dev/null
+++ b/src/test/java/SSLPokeIgnoreRevocationTest.java
@@ -0,0 +1,21 @@
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+import java.io.IOException;
+import java.net.UnknownHostException;
+
+import org.junit.jupiter.api.Test;
+import org.junitpioneer.jupiter.ClearSystemProperty;
+
+/**
+ * Unit test.
+ */
+@ClearSystemProperty(key = "com.sun.net.ssl.checkRevocation")
+@ClearSystemProperty(key = "com.sun.security.enableCRLDP")
+public class SSLPokeIgnoreRevocationTest {
+
+    @Test
+    public void ignoreRevocation() throws UnknownHostException, IOException {
+        assertNotNull(SSLPoke.connect("revoked-rsa-dv.ssl.com", 443));
+    }
+
+}
diff --git a/src/test/java/SSLPokeTest.java b/src/test/java/SSLPokeTest.java
index 496c742..d8d6e6a 100644
--- a/src/test/java/SSLPokeTest.java
+++ b/src/test/java/SSLPokeTest.java
@@ -34,11 +34,11 @@ public void expired() throws UnknownHostException, IOException {
 
     }
 
-    // @Test
-    // public void wrongHost() throws UnknownHostException, IOException {
-    // assertThrows(javax.net.ssl.SSLHandshakeException.class,
-    // () -> SSLPoke.connect("wrong.host.badssl.com", 443));
-    // }
+    @Test
+    public void wrongHost() throws UnknownHostException, IOException {
+        assertThrows(javax.net.ssl.SSLHandshakeException.class,
+                () -> SSLPoke.connect("wrong.host.badssl.com", 443));
+    }
 
     @Test
     public void selfSigned() throws UnknownHostException, IOException {
@@ -52,19 +52,6 @@ public void untrustedRoot() throws UnknownHostException, IOException {
                 () -> SSLPoke.connect("untrusted-root.badssl.com", 443));
     }
 
-    // @Test
-    // @SetSystemProperty(key = "jdk.tls.client.protocols", value = "SSLv3")
-    // public void sslV3() throws UnknownHostException, IOException {
-    // assertThrows(javax.net.ssl.SSLHandshakeException.class,
-    // () -> SSLPoke.connect("www.badssl.com", 443));
-    // }
-
-    // @Test
-    // @SetSystemProperty(key = "com.sun.net.ssl.checkRevocation", value = "false")
-    // public void ignoreRevocation() throws UnknownHostException, IOException {
-    // assertNotNull(SSLPoke.connect("revoked-rsa-dv.ssl.com", 443));
-    // }
-
     @Test
     public void revoked() throws UnknownHostException, IOException {
         assertEquals("true", System.getProperty("com.sun.net.ssl.checkRevocation"));
@@ -73,4 +60,5 @@ public void revoked() throws UnknownHostException, IOException {
                 () -> SSLPoke.connect("revoked-rsa-dv.ssl.com", 443));
         assertTrue(exception.getMessage().contains("Certificate has been revoked"));
     }
+
 }