diff options
author | Zachary Scott <e@zzak.io> | 2015-11-13 12:05:41 +0900 |
---|---|---|
committer | Zachary Scott <e@zzak.io> | 2015-11-13 12:05:41 +0900 |
commit | 81e1a3007e4720fa5adc42793ad434b07eebfcd6 (patch) | |
tree | 3a6f9d7d433df622b75c20503ebb0054c955ceee /ext | |
parent | cc36e11b6621281e2f3e700a1b38327adcff2b71 (diff) | |
download | ruby-openssl-81e1a3007e4720fa5adc42793ad434b07eebfcd6.tar.gz |
Skip anon cipher test if constant is unavailable, as with OpenSSL < 1.2
We define this constant on the ExtConfig module at compile time,
based on the cipher lists of OpenSSL:
https://www.openssl.org/docs/manmaster/apps/ciphers.html
This is because the `start_server` test helper method defaults to use this
cipher for anonymous connections. Currently:
```ruby
def start_server(verify_mode, start_immediately, args = {}, &block)
# ...
use_anon_cipher = args.fetch(:use_anon_cipher, false)
ctx.ciphers = "ADH-AES256-GCM-SHA384" if use_anon_cipher
# ...
end
```
This _should_ fix the build. Patch reviewed by @nobu /cc @hsbt
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 09d8dd24..538ba37f 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -2107,6 +2107,12 @@ Init_ossl_ssl(void) rb_define_const(mSSLExtConfig, "HAVE_TLSEXT_HOST_NAME", Qfalse); #endif +#ifdef TLS_DH_anon_WITH_AES_256_GCM_SHA384 + rb_define_const(mSSLExtConfig, "TLS_DH_anon_WITH_AES_256_GCM_SHA384", Qtrue); +#else + rb_define_const(mSSLExtConfig, "TLS_DH_anon_WITH_AES_256_GCM_SHA384", Qfalse); +#endif + /* * A callback invoked whenever a new handshake is initiated. May be used * to disable renegotiation entirely. |