jmeter-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Schumacher <felix.schumac...@internetallee.de>
Subject Re: SMTP Sampler and TLSv1.2/CipherSuites
Date Sat, 06 Jun 2015 16:28:26 GMT
Am 06.06.2015 um 18:14 schrieb Milamber:
>
>
> On 06/06/2015 16:59, Felix Schumacher wrote:
>> Hi all,
>>
>> to enable the SMPT Sampler to use a higher TLS version than TLSv1 it 
>> seems to be necessary to change the SSLContext.getInstance call in 
>> TrustAllSSLSocketFactory from "TLS" to "TLSv1.2".
>>
>> We can't make that value the default one, since I believe it will 
>> prevent connections to servers with older TLS versions.
>>
>> So it seems, we should make it configurable. Should this parameter be 
>> made visible in the gui, or should we make it a system property?
>
> Must: As a jmeter property (in jmeter.properties file)
That one is easy, so I will start with this option.
>
> Better: In addition of the jmeter property, a combo list in the SMTP 
> sampler.
The values for this depend on the capability of the jvm (jre?) but are 
probably static for a while. We could just assume that the only valid 
values are those listed in 
http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SSLContext

and change that when needed, or get them by instantiating an SSLContext 
at runtime.

The first option seems to be easy, the second one seems to be the more 
robust version.

The second option might be a bit confusing, if I build the test plan 
with different jvms and the options change.

>
>
>>
>> The same thing is probably useful for the supported CipherSuites.
>
> Yes probably. But the list will be long I think.
The list will be long and probably confusing for most people.

I wonder if most people would just want to specify exactly one 
CipherSuite, to test their setup and let the jvm decide in all other cases.

Which leads me to another question.

Should the CipherSuite and Protocol be stored in the SampleResult, so 
that one could assert on them?

Regards
  Felix
>
>
>>
>> What do you think?
>>  Felix
>>
>


Mime
View raw message