diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-16 18:11:39 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-16 18:13:24 +0900 |
commit | 51d18715e491317aad005c77e0e408a614a4582c (patch) | |
tree | 4188d5c5add98a24f2a4a888b1c6bfaa106050cb /test | |
parent | e3a40937ac2b18ac02203e3539c4e90c539a36f9 (diff) | |
parent | 65e7207a07da23214be4a7c4cd4dc32f9f01e5fd (diff) | |
download | ruby-openssl-51d18715e491317aad005c77e0e408a614a4582c.tar.gz |
Merge branch 'maint-2.2'
* maint-2.2: (43 commits)
Ruby/OpenSSL 2.2.1
openssl is ractor-safe
Fixed the results of OpenSSL::Timestamp::Response#failure_info
Don't redefine #rb_intern over and over again
Use rb_intern_const instead of rb_intern in Init functions
Remove trailing spaces [ci skip]
test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
fix segv in Timestamp::{Request,Response,TokenInfo}.new
ts: libressl build fix warning
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
...
Diffstat (limited to 'test')
-rw-r--r-- | test/openssl/test_config.rb | 16 | ||||
-rw-r--r-- | test/openssl/test_ssl.rb | 1 | ||||
-rw-r--r-- | test/openssl/test_ts.rb | 18 |
3 files changed, 27 insertions, 8 deletions
diff --git a/test/openssl/test_config.rb b/test/openssl/test_config.rb index 769e65ce..24a215a4 100644 --- a/test/openssl/test_config.rb +++ b/test/openssl/test_config.rb @@ -61,14 +61,14 @@ foo\\bar::foo\\bar = baz [default1 default2]\t\t # space is allowed in section name fo =b ar # space allowed in value [emptysection] - [doller ] + [dollar ] foo=bar bar = $(foo) baz = 123$(default::bar)456${foo}798 qux = ${baz} quxx = $qux.$qux __EOC__ - assert_equal(['default', 'default1 default2', 'doller', 'emptysection', 'foo', 'foo\\bar'], c.sections.sort) + assert_equal(['default', 'default1 default2', 'dollar', 'emptysection', 'foo', 'foo\\bar'], c.sections.sort) assert_equal(['', 'a', 'bar', 'baz', 'd', 'dq', 'dq2', 'esc', 'foo\\bar', 'sq'], c['default'].keys.sort) assert_equal('c', c['default']['']) assert_equal('', c['default']['a']) @@ -84,12 +84,12 @@ __EOC__ assert_equal('baz', c['foo\\bar']['foo\\bar']) assert_equal('b ar', c['default1 default2']['fo']) - # dolloer - assert_equal('bar', c['doller']['foo']) - assert_equal('bar', c['doller']['bar']) - assert_equal('123baz456bar798', c['doller']['baz']) - assert_equal('123baz456bar798', c['doller']['qux']) - assert_equal('123baz456bar798.123baz456bar798', c['doller']['quxx']) + # dollar + assert_equal('bar', c['dollar']['foo']) + assert_equal('bar', c['dollar']['bar']) + assert_equal('123baz456bar798', c['dollar']['baz']) + assert_equal('123baz456bar798', c['dollar']['qux']) + assert_equal('123baz456bar798.123baz456bar798', c['dollar']['quxx']) excn = assert_raise(OpenSSL::ConfigError) do OpenSSL::Config.parse("foo = $bar") diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 0337205c..2a52f272 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -526,6 +526,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase }) { |port| ctx = OpenSSL::SSL::SSLContext.new ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE + ctx.max_version = :TLS1_2 if libressl?(3, 2, 0) && !libressl?(3, 3, 0) server_connect(port, ctx) { |ssl| ssl.puts "abc"; ssl.gets diff --git a/test/openssl/test_ts.rb b/test/openssl/test_ts.rb index 8e31a7d2..7cb1a1fe 100644 --- a/test/openssl/test_ts.rb +++ b/test/openssl/test_ts.rb @@ -181,6 +181,12 @@ _end_of_pem_ assert_equal(42, qer2.nonce) end + def test_request_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::Request.new("*" * 44) + end + end + def test_response_constants assert_equal(0, OpenSSL::Timestamp::Response::GRANTED) assert_equal(1, OpenSSL::Timestamp::Response::GRANTED_WITH_MODS) @@ -338,6 +344,12 @@ _end_of_pem_ end end + def test_response_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::Response.new("*" * 44) + end + end + def test_no_cert_requested req = OpenSSL::Timestamp::Request.new req.algorithm = "SHA1" @@ -590,6 +602,12 @@ _end_of_pem_ assert_equal(123, info.nonce) end + def test_token_info_invalid_asn1 + assert_raise(OpenSSL::Timestamp::TimestampError) do + OpenSSL::Timestamp::TokenInfo.new("*" * 44) + end + end + private def assert_cert expected, actual |