Correcting setupSslOnlyMode to use AbstractSecurityUnitTest.hasCustom…

[debjanibnrj]

…TransportSettings()

opendistro-for-elasticsearch/security pull request intake form

Please provide as much details as possible to get feedback/acceptance on your PR quickly

1. Category: (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation)
   Test fix

2. Github Issue # or road-map entry, if available:
   N/A

3. Description of changes:
   The setupSslOnlyMode helper method was incorrectly assuming that the hasCustomTransportSettings would always be false. Making this change to use AbstractSecurityUnitTest.hasCustomTransportSettings() helper.

I have also modified AbstractSecurityUnitTest.hasCustomTransportSettings() to return false if OPENDISTRO_SECURITY_SSL_TRANSPORT_EXTENDED_KEY_USAGE_ENABLED flag is defined in the settings

4. Why these changes are required?
   See description.

5. What is the old behavior before changes and new behavior after changes? (Please add any example/logs/screen-shot if available)

6. Testing done: (Please provide details of testing done: Unit testing, integration testing and manual testing)

7. TO-DOs, if any: (Please describe pending items and provide Github issues# for each of them)

8. Is it backport from main branch? (If yes, please add backport PR # and commits #)

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or

(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or

(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.

(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.

[codecov]

Codecov Report

Merging #1057 (7b0cb1b) into main (3014f2b) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main    #1057   +/-   ##
=========================================
  Coverage     64.49%   64.49%           
  Complexity     3168     3168           
=========================================
  Files           244      244           
  Lines         17035    17035           
  Branches       3023     3023           
=========================================
  Hits          10986    10986           
  Misses         4515     4515           
  Partials       1534     1534           

Impacted Files	Coverage Δ	Complexity Δ
...search/security/tools/OpenDistroSecurityAdmin.java	47.26% <0.00%> (-0.27%)	76.00% <0.00%> (-1.00%)
.../dlic/auth/ldap2/LDAPConnectionFactoryFactory.java	58.01% <0.00%> (+1.52%)	24.00% <0.00%> (+1.00%)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3014f2b...0e7cec2. Read the comment docs.

[cliu123]

CI failed.

[vrozov]

Please track all places where minimumSecuritySettings... should be replaced from hardcoded flag to a call to hasCustomTransportSettings. Please also revert the changes related to the introduction of the flag introduced in #493

[vrozov]

LGTM