diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2020-05-13 14:33:06 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2020-05-13 14:55:26 +0900 |
| commit | ea925619a99cc706556214a807260b0e5d30cd45 (patch) | |
| tree | e1955d35608252060268a5c20fe4858db42d0b66 /test | |
| parent | 306b26ae68824e89c33f69fe2bf6bb170bed8343 (diff) | |
| download | ruby-openssl-ea925619a99cc706556214a807260b0e5d30cd45.tar.gz | |
ssl: temporarily remove SSLContext#add_certificate_chain_file
Let's revert the changes for now, as it cannot be included in the 2.2.0
release.
My comment on #257:
> A blocker is OpenSSL::SSL::SSLContext#add_certificate_chain_file. It
> has a pending change and I don't want to include it in an incomplete
> state.
>
> The initial implementation in commit 46e4bdba40c5 was not really
> useful. The issue is described in #305. #309 extended it
> to take the corresponding private key together. However, the new
> implementation was incompatible on Windows and was reverted by #320 to
> the initial one.
>
> (The prerequisite to implement it in) an alternative way is #288, and
> it's still cooking.
This effectively reverts the following commits:
- dacd08937ccd ("ssl: suppress test failure with SSLContext#add_certificate_chain_file", 2020-03-09)
- 46e4bdba40c5 ("Add support for SSL_CTX_use_certificate_chain_file. Fixes #254.", 2019-06-13)
Diffstat (limited to 'test')
| -rw-r--r-- | test/openssl/test_ssl.rb | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 4598927a..6095d545 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -189,34 +189,6 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end end - def test_add_certificate_chain_file - # Create chain certificates file - certs = Tempfile.open { |f| f << @svr_cert.to_pem << @ca_cert.to_pem; f } - pkey = Tempfile.open { |f| f << @svr_key.to_pem; f } - - ctx_proc = -> ctx { - # FIXME: This is a temporary test case written just to match the current - # state. ctx.add_certificate_chain_file should take two arguments. - ctx.add_certificate_chain_file(certs.path) - # # Unset values set by start_server - # ctx.cert = ctx.key = ctx.extra_chain_cert = nil - # assert_nothing_raised { ctx.add_certificate_chain_file(certs.path, pkey.path) } - } - - start_server(ctx_proc: ctx_proc) { |port| - server_connect(port) { |ssl| - assert_equal @svr_cert.subject, ssl.peer_cert.subject - assert_equal [@svr_cert.subject, @ca_cert.subject], - ssl.peer_cert_chain.map(&:subject) - - ssl.puts "abc"; assert_equal "abc\n", ssl.gets - } - } - ensure - certs&.unlink - pkey&.unlink - end - def test_sysread_and_syswrite start_server { |port| server_connect(port) { |ssl| |