diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-22 12:45:08 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-22 12:45:08 +0900 |
| commit | 897ee5ecfe78a6c86cc1821fdb00d799f06fbc71 (patch) | |
| tree | d8462802fc7346a84016227022011d20deaba8d1 /test | |
| parent | 8ebac4a35ab4d3942b24ccc8b3debaad9bc99c4c (diff) | |
| parent | 62af0446569ae842de67b636b0bd0bb84ec2c8be (diff) | |
| download | ruby-openssl-897ee5ecfe78a6c86cc1821fdb00d799f06fbc71.tar.gz | |
Merge branch 'ky/ssl-version-min-max'
* ky/ssl-version-min-max:
ssl: fix conflict of options in SSLContext#set_params
Use caller with length to reduce unused strings
Diffstat (limited to 'test')
| -rw-r--r-- | test/test_ssl.rb | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/test/test_ssl.rb b/test/test_ssl.rb index ab6382d7..4f3df9dd 100644 --- a/test/test_ssl.rb +++ b/test/test_ssl.rb @@ -811,6 +811,24 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase supported end + def test_set_params_min_version + supported = check_supported_protocol_versions + store = OpenSSL::X509::Store.new + store.add_cert(@ca_cert) + + if supported.include?(OpenSSL::SSL::SSL3_VERSION) + # SSLContext#set_params properly disables SSL 3.0 by default + ctx_proc = proc { |ctx| + ctx.min_version = ctx.max_version = OpenSSL::SSL::SSL3_VERSION + } + start_server(ctx_proc: ctx_proc, ignore_listener_error: true) { |port| + ctx = OpenSSL::SSL::SSLContext.new + ctx.set_params(cert_store: store, verify_hostname: false) + assert_handshake_error { server_connect(port, ctx) { } } + } + end + end + def test_minmax_version supported = check_supported_protocol_versions |