Merge branch 'maint-2.2'

* maint-2.2: (43 commits) Ruby/OpenSSL 2.2.1 openssl is ractor-safe Fixed the results of OpenSSL::Timestamp::Response#failure_info Don't redefine #rb_intern over and over again Use rb_intern_const instead of rb_intern in Init functions Remove trailing spaces [ci skip] test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL Ruby/OpenSSL 2.1.3 ssl: avoid directly storing String object in NPN callback x509store: explicitly call rb_gc_mark() against Store/StoreContext ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects digest: load digest library using Kernel#require pkey: use RSTRING_LENINT() instead of casting to int fix segv in Timestamp::{Request,Response,TokenInfo}.new ts: libressl build fix warning ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3 .github/workflows: update OpenSSL/LibreSSL versions test: adjust test cases for LibreSSL 3.2.4 ssl: temporary lock string buffer while reading ssl: create a temporary frozen string buffer when writing ...
author: Kazuki Yamaguchi <k@rhe.jp> 2021-10-16 18:11:39 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2021-10-16 18:13:24 +0900
commit: 51d18715e491317aad005c77e0e408a614a4582c (patch)
tree: 4188d5c5add98a24f2a4a888b1c6bfaa106050cb /test
parent: e3a40937ac2b18ac02203e3539c4e90c539a36f9 (diff)
parent: 65e7207a07da23214be4a7c4cd4dc32f9f01e5fd (diff)
download: ruby-openssl-51d18715e491317aad005c77e0e408a614a4582c.tar.gz
3 files changed, 27 insertions, 8 deletions
diff --git a/test/openssl/test_config.rb b/test/openssl/test_config.rb
index 769e65ce..24a215a4 100644
--- a/test/openssl/test_config.rb
+++ b/test/openssl/test_config.rb
@@ -61,14 +61,14 @@ foo\\bar::foo\\bar = baz
 [default1  default2]\t\t  # space is allowed in section name
           fo =b  ar       # space allowed in value
 [emptysection]
- [doller ]
+ [dollar ]
 foo=bar
 bar = $(foo)
 baz = 123$(default::bar)456${foo}798
 qux = ${baz}
 quxx = $qux.$qux
 __EOC__
-    assert_equal(['default', 'default1  default2', 'doller', 'emptysection', 'foo', 'foo\\bar'], c.sections.sort)
+    assert_equal(['default', 'default1  default2', 'dollar', 'emptysection', 'foo', 'foo\\bar'], c.sections.sort)
     assert_equal(['', 'a', 'bar', 'baz', 'd', 'dq', 'dq2', 'esc', 'foo\\bar', 'sq'], c['default'].keys.sort)
     assert_equal('c', c['default'][''])
     assert_equal('', c['default']['a'])
@@ -84,12 +84,12 @@ __EOC__
     assert_equal('baz', c['foo\\bar']['foo\\bar'])
     assert_equal('b  ar', c['default1  default2']['fo'])
 
-    # dolloer
-    assert_equal('bar', c['doller']['foo'])
-    assert_equal('bar', c['doller']['bar'])
-    assert_equal('123baz456bar798', c['doller']['baz'])
-    assert_equal('123baz456bar798', c['doller']['qux'])
-    assert_equal('123baz456bar798.123baz456bar798', c['doller']['quxx'])
+    # dollar
+    assert_equal('bar', c['dollar']['foo'])
+    assert_equal('bar', c['dollar']['bar'])
+    assert_equal('123baz456bar798', c['dollar']['baz'])
+    assert_equal('123baz456bar798', c['dollar']['qux'])
+    assert_equal('123baz456bar798.123baz456bar798', c['dollar']['quxx'])
 
     excn = assert_raise(OpenSSL::ConfigError) do
       OpenSSL::Config.parse("foo = $bar")
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 0337205c..2a52f272 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -526,6 +526,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
     }) { |port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      ctx.max_version = :TLS1_2 if libressl?(3, 2, 0) && !libressl?(3, 3, 0)
       server_connect(port, ctx) { |ssl|
         ssl.puts "abc"; ssl.gets
 
diff --git a/test/openssl/test_ts.rb b/test/openssl/test_ts.rb
index 8e31a7d2..7cb1a1fe 100644
--- a/test/openssl/test_ts.rb
+++ b/test/openssl/test_ts.rb
@@ -181,6 +181,12 @@ _end_of_pem_
     assert_equal(42, qer2.nonce)
   end
 
+  def test_request_invalid_asn1
+    assert_raise(OpenSSL::Timestamp::TimestampError) do
+      OpenSSL::Timestamp::Request.new("*" * 44)
+    end
+  end
+
   def test_response_constants
     assert_equal(0, OpenSSL::Timestamp::Response::GRANTED)
     assert_equal(1, OpenSSL::Timestamp::Response::GRANTED_WITH_MODS)
@@ -338,6 +344,12 @@ _end_of_pem_
     end
   end
 
+  def test_response_invalid_asn1
+    assert_raise(OpenSSL::Timestamp::TimestampError) do
+      OpenSSL::Timestamp::Response.new("*" * 44)
+    end
+  end
+
   def test_no_cert_requested
     req = OpenSSL::Timestamp::Request.new
     req.algorithm = "SHA1"
@@ -590,6 +602,12 @@ _end_of_pem_
     assert_equal(123, info.nonce)
   end
 
+  def test_token_info_invalid_asn1
+    assert_raise(OpenSSL::Timestamp::TimestampError) do
+      OpenSSL::Timestamp::TokenInfo.new("*" * 44)
+    end
+  end
+
   private
 
   def assert_cert expected, actual
author	Kazuki Yamaguchi <k@rhe.jp>	2021-10-16 18:11:39 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2021-10-16 18:13:24 +0900
commit	51d18715e491317aad005c77e0e408a614a4582c (patch)
tree	4188d5c5add98a24f2a4a888b1c6bfaa106050cb /test
parent	e3a40937ac2b18ac02203e3539c4e90c539a36f9 (diff)
parent	65e7207a07da23214be4a7c4cd4dc32f9f01e5fd (diff)
download	ruby-openssl-51d18715e491317aad005c77e0e408a614a4582c.tar.gz