diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2015-12-18 11:02:18 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2015-12-18 11:02:18 +0900 |
commit | 11175ba2dccac382ad1721cc09cf36b9d799a98e (patch) | |
tree | 53e28a0490352129f17ce6c03c29c8800dfc8ac6 | |
parent | a9ed5f5df99050e3551331be95ef18f0ec5a840f (diff) | |
download | plum-11175ba2dccac382ad1721cc09cf36b9d799a98e.tar.gz |
rack: tls_session: generate dummy cert with SHA-256
-rw-r--r-- | lib/plum/rack/listener.rb | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/lib/plum/rack/listener.rb b/lib/plum/rack/listener.rb index 881a18a..4b8fd45 100644 --- a/lib/plum/rack/listener.rb +++ b/lib/plum/rack/listener.rb @@ -69,14 +69,14 @@ module Plum end def plum(sock) - raise ::Plum::LegacyHTTPError.new("client doesn't offered h2 with ALPN", nil) unless sock.alpn_protocol == "h2" + raise ::Plum::LegacyHTTPError.new("client didn't offer h2 with ALPN", nil) unless sock.alpn_protocol == "h2" ::Plum::ServerConnection.new(sock.method(:write)) end private # returns: [cert, key] def dummy_key - puts "WARNING: Generating new dummy certificate..." + STDERR.puts "WARNING: Generating new dummy certificate..." key = OpenSSL::PKey::RSA.new(2048) cert = OpenSSL::X509::Certificate.new @@ -93,10 +93,9 @@ module Plum cert.extensions = [ ef.create_extension("basicConstraints", "CA:TRUE", true), ef.create_extension("subjectKeyIdentifier", "hash"), + ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") ] - cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") - - cert.sign key, OpenSSL::Digest::SHA1.new + cert.sign(key, OpenSSL::Digest::SHA256.new) [cert.to_s, key.to_s] end |