diff options
-rw-r--r-- | test/test_ssl.rb | 11 | ||||
-rw-r--r-- | test/utils.rb | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/test/test_ssl.rb b/test/test_ssl.rb index 23c508c0..0af93a8b 100644 --- a/test/test_ssl.rb +++ b/test/test_ssl.rb @@ -356,19 +356,22 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase end def test_post_connect_check_with_anon_ciphers - sslerr = OpenSSL::SSL::SSLError + ctx_proc = -> ctx { + ctx.ciphers = "aNULL" + ctx.security_level = 0 + } - start_server(use_anon_cipher: true) { |server, port| + start_server(ctx_proc: ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ciphers = "aNULL" ctx.security_level = 0 server_connect(port, ctx) { |ssl| - assert_raise_with_message(sslerr, /anonymous cipher suite/i){ + assert_raise_with_message(OpenSSL::SSL::SSLError, /anonymous cipher suite/i) { ssl.post_connection_check("localhost.localdomain") } } } - end if OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384 + end def test_post_connection_check sslerr = OpenSSL::SSL::SSLError diff --git a/test/utils.rb b/test/utils.rb index 45ea8766..6f3a3c6d 100644 --- a/test/utils.rb +++ b/test/utils.rb @@ -279,14 +279,12 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC def start_server(verify_mode: OpenSSL::SSL::VERIFY_NONE, start_immediately: true, ctx_proc: nil, server_proc: method(:readwrite_loop), - use_anon_cipher: false, ignore_listener_error: false, &block) + ignore_listener_error: false, &block) IO.pipe {|stop_pipe_r, stop_pipe_w| store = OpenSSL::X509::Store.new store.add_cert(@ca_cert) store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT ctx = OpenSSL::SSL::SSLContext.new - ctx.ciphers = "ADH-AES256-GCM-SHA384" if use_anon_cipher - ctx.security_level = 0 if use_anon_cipher ctx.cert_store = store ctx.cert = @svr_cert ctx.key = @svr_key |