diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-06-09 15:05:50 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-06-09 15:21:14 +0900 |
commit | 2267c7478dfd2d120008b2b97ae484fa11a78d26 (patch) | |
tree | 59ece4c54fa409eb439e7bb5b4be150db2426e7f /test/test_pair.rb | |
parent | c99c41a1d5e13468290b8a974fd12063bf992f2a (diff) | |
parent | 3f037dc1b4717b63ad293356477768a011cb5473 (diff) | |
download | ruby-openssl-2267c7478dfd2d120008b2b97ae484fa11a78d26.tar.gz |
Merge changes from Ruby trunk r55224..r55335
And adjust tests for test-unit.
* ruby-trunk r55224..r55335: (16 commits)
(r55335) openssl: fix build with OpenSSL 1.1.0 and no pkg-config
(r55314) openssl: adjust tests for OpenSSL 1.1.0
(r55309) openssl: add SSL::SSLContext#security_level{=,}
(r55304) openssl: avoid deprecated version-specific ssl methods if n..
(r55294) openssl: fix free function of OpenSSL::Cipher
(r55291) openssl: fix compile on VC
(r55289) openssl: use SSL_is_server()
(r55288) openssl: avoid d2i_ASN1_BOOLEAN()
(r55287) openssl: adapt to OpenSSL 1.1.0 opaque structs
(r55285) openssl: adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structs
(r55283) openssl: support OpenSSL 1.1.0's new multi-threading API
(r55282) openssl: check existence of RAND_pseudo_bytes()
(r55273) openssl: avoid deprecated BN_*prime* functions
(r55252) ossl_asn1.c: check overflow
(r55249) openssl: fix the Year 2038 problem
(r55229) openssl: add missing test for r55219
Sync-with-trunk: r55335
Diffstat (limited to 'test/test_pair.rb')
-rw-r--r-- | test/test_pair.rb | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/test/test_pair.rb b/test/test_pair.rb index c8770690..88e52a71 100644 --- a/test/test_pair.rb +++ b/test/test_pair.rb @@ -12,6 +12,7 @@ module OpenSSL::SSLPairM port = 0 ctx = OpenSSL::SSL::SSLContext.new() ctx.ciphers = "ADH" + ctx.security_level = 0 ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } tcps = create_tcp_server(host, port) ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx) @@ -22,6 +23,7 @@ module OpenSSL::SSLPairM host = "127.0.0.1" ctx = OpenSSL::SSL::SSLContext.new() ctx.ciphers = "ADH" + ctx.security_level = 0 s = create_tcp_client(host, port) ssl = OpenSSL::SSL::SSLSocket.new(s, ctx) ssl.connect @@ -324,6 +326,7 @@ module OpenSSL::TestPairM def test_connect_works_when_setting_dh_callback_to_nil ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" + ctx2.security_level = 0 ctx2.tmp_dh_callback = nil sock1, sock2 = tcp_pair s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) @@ -331,6 +334,7 @@ module OpenSSL::TestPairM ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "DH" + ctx1.security_level = 0 ctx1.tmp_dh_callback = nil s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) t = Thread.new { s1.connect } @@ -350,12 +354,14 @@ module OpenSSL::TestPairM def test_connect_without_setting_dh_callback ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" + ctx2.security_level = 0 sock1, sock2 = tcp_pair s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) accepted = s2.accept_nonblock(exception: false) ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "DH" + ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) t = Thread.new { s1.connect } @@ -378,6 +384,8 @@ module OpenSSL::TestPairM called = false ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "ECDH" + # OpenSSL 1.1.0 doesn't have tmp_ecdh_callback so this shouldn't be required + ctx2.security_level = 0 ctx2.tmp_ecdh_callback = ->(*args) { called = true OpenSSL::PKey::EC.new "prime256v1" @@ -388,6 +396,7 @@ module OpenSSL::TestPairM s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "ECDH" + ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) th = Thread.new do @@ -406,7 +415,7 @@ module OpenSSL::TestPairM assert called, 'ecdh callback should be called' rescue OpenSSL::SSL::SSLError => e if e.message =~ /no cipher match/ - skip "ECDH cipher not supported." + pend "ECDH cipher not supported." else raise e end @@ -426,11 +435,13 @@ module OpenSSL::TestPairM ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "ECDH" ctx1.ecdh_curves = "P-384:P-521" + ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "ECDH" ctx2.ecdh_curves = "P-256:P-384" + ctx2.security_level = 0 s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) th = Thread.new { s1.accept } @@ -451,6 +462,7 @@ module OpenSSL::TestPairM def test_connect_accept_nonblock_no_exception ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "ADH" + ctx2.security_level = 0 ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } sock1, sock2 = tcp_pair @@ -461,6 +473,7 @@ module OpenSSL::TestPairM ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ciphers = "ADH" + ctx1.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) th = Thread.new do rets = [] @@ -499,6 +512,7 @@ module OpenSSL::TestPairM def test_connect_accept_nonblock ctx = OpenSSL::SSL::SSLContext.new() ctx.ciphers = "ADH" + ctx.security_level = 0 ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } sock1, sock2 = tcp_pair @@ -522,6 +536,7 @@ module OpenSSL::TestPairM sleep 0.1 ctx = OpenSSL::SSL::SSLContext.new() ctx.ciphers = "ADH" + ctx.security_level = 0 s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx) begin sleep 0.2 |