From 9d63b3c00e83fa85a0856755714607a182bcd897 Mon Sep 17 00:00:00 2001
From: Harald Musum <musum@verizonmedia.com>
Date: Mon, 8 Nov 2021 14:48:31 +0100
Subject: Revert "JDK 17: verify cipher suites depending on JDK version."

---
 .../com/yahoo/vespa/zookeeper/ConfiguratorTest.java    | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

(limited to 'zookeeper-server/zookeeper-server-common/src')

diff --git a/zookeeper-server/zookeeper-server-common/src/test/java/com/yahoo/vespa/zookeeper/ConfiguratorTest.java b/zookeeper-server/zookeeper-server-common/src/test/java/com/yahoo/vespa/zookeeper/ConfiguratorTest.java
index 305e7b828b1..d2361853436 100644
--- a/zookeeper-server/zookeeper-server-common/src/test/java/com/yahoo/vespa/zookeeper/ConfiguratorTest.java
+++ b/zookeeper-server/zookeeper-server-common/src/test/java/com/yahoo/vespa/zookeeper/ConfiguratorTest.java
@@ -175,28 +175,18 @@ public class ConfiguratorTest {
         validateConfigFile(cfgFile, expected);
     }
 
-    private String cipherSuites() {
-        // TODO: Remove when Vespa is only built with JDK 17
-        int jdkVersion = Integer.parseInt(System.getProperty("java.version").split("\\.")[0]);
-        if (jdkVersion < 12)
-            return "TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," +
-                    "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
-
-        return "TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256," +
-                "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256," +
-                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
-    }
-
     private String tlsQuorumConfig() {
         return "ssl.quorum.context.supplier.class=com.yahoo.vespa.zookeeper.VespaSslContextProvider\n" +
-                "ssl.quorum.ciphersuites=" + cipherSuites() + "\n" +
+                "ssl.quorum.ciphersuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," +
+                "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n" +
                 "ssl.quorum.enabledProtocols=TLSv1.2\n" +
                 "ssl.quorum.clientAuth=NEED\n";
     }
 
     private String tlsClientServerConfig() {
         return "ssl.context.supplier.class=com.yahoo.vespa.zookeeper.VespaSslContextProvider\n" +
-                "ssl.ciphersuites=" + cipherSuites() + "\n" +
+                "ssl.ciphersuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," +
+                "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n" +
                 "ssl.enabledProtocols=TLSv1.2\n" +
                 "ssl.clientAuth=NEED\n";
     }
-- 
cgit v1.2.3