diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-12 00:12:53 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-21 00:46:34 +0900 |
commit | 5c383cc72f9dc9af81dbe713814495e868a102d4 (patch) | |
tree | bf64474ce592ffd7352152f4a3a7edfbcd25aec3 | |
parent | 1b0e67dbc7272f16df5729fd50d70f89e2539a91 (diff) | |
download | ruby-5c383cc72f9dc9af81dbe713814495e868a102d4.tar.gz |
unyaa
-rw-r--r-- | ext/openssl/ossl_pkey.h | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 2 | ||||
-rw-r--r-- | test/openssl/test_pair.rb | 4 | ||||
-rw-r--r-- | test/openssl/test_ssl.rb | 20 | ||||
-rw-r--r-- | test/openssl/utils.rb | 20 |
5 files changed, 37 insertions, 10 deletions
diff --git a/ext/openssl/ossl_pkey.h b/ext/openssl/ossl_pkey.h index f75cc6c13c..b80e7c7c31 100644 --- a/ext/openssl/ossl_pkey.h +++ b/ext/openssl/ossl_pkey.h @@ -137,7 +137,6 @@ static VALUE ossl_##keytype##_set_##name(VALUE self, VALUE bignum) \ ossl_raise(eBNError, NULL); \ if (!(set)) { \ if (name) BN_clear_free(name); \ - rb_bug("xx %d %d", !!b1, !!b2);\ ossl_raise(eBNError, "priv_key set failed"); \ } \ BN_clear_free(old); \ diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index e2d44a23be..6156a64caf 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1632,7 +1632,7 @@ ossl_ssl_stop(VALUE self) if (ssl) { ossl_ssl_shutdown(ssl); - SSL_free(ssl); + //SSL_free(ssl); } DATA_PTR(self) = NULL; diff --git a/test/openssl/test_pair.rb b/test/openssl/test_pair.rb index 1a45afc085..d9dc52adc8 100644 --- a/test/openssl/test_pair.rb +++ b/test/openssl/test_pair.rb @@ -11,7 +11,7 @@ module OpenSSL::SSLPairM host = "127.0.0.1" port = 0 ctx = OpenSSL::SSL::SSLContext.new() - ctx.ciphers = "DH" + ctx.ciphers = "ADH" ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } tcps = create_tcp_server(host, port) ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx) @@ -21,7 +21,7 @@ module OpenSSL::SSLPairM def client(port) host = "127.0.0.1" ctx = OpenSSL::SSL::SSLContext.new() - ctx.ciphers = "DH" + ctx.ciphers = "ADH" s = create_tcp_client(host, port) ssl = OpenSSL::SSL::SSLSocket.new(s, ctx) ssl.connect diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 6e9078dace..8532d10879 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -687,6 +687,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase ctx3 = OpenSSL::SSL::SSLContext.new ctx3.ciphers = "DH" + ctx3.key = @svr_key + ctx3.cert = @svr_cert ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" @@ -720,6 +722,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" + ctx2.key = @svr_key + ctx2.cert = @svr_cert ctx2.servername_cb = lambda { |args| Object.new } sock1, sock2 = socketpair @@ -752,6 +756,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase ctx3 = OpenSSL::SSL::SSLContext.new ctx3.ciphers = "DH" + ctx3.key = @svr_key + ctx3.cert = @svr_cert assert_not_predicate ctx3, :frozen? ctx2 = OpenSSL::SSL::SSLContext.new @@ -785,6 +791,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" + ctx2.key = @svr_key + ctx2.cert = @svr_cert ctx2.servername_cb = lambda { |args| nil } sock1, sock2 = socketpair @@ -813,21 +821,20 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase cb_socket = nil hostname = 'example.org' + sock1, sock2 = socketpair + ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" + ctx2.key = @svr_key + ctx2.cert = @svr_cert ctx2.servername_cb = lambda do |args| cb_socket = args[0] lambda_called = args[1] ctx2 end - - sock1, sock2 = socketpair - s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) ctx1 = OpenSSL::SSL::SSLContext.new - ctx1.ciphers = "DH" - s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) s1.hostname = hostname t = Thread.new { s1.connect } @@ -836,6 +843,9 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase assert t.value assert_equal hostname, lambda_called assert_equal s2, cb_socket + rescue => e + p e + puts e.backtrace ensure s1.close if s1 s2.close if s2 diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index 6909854cad..3f46e1bd9e 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -85,6 +85,21 @@ Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S -----END DSA PRIVATE KEY----- _end_of_pem_ + TEST_KEY_DSA1024 = OpenSSL::PKey::DSA.new <<-_end_of_pem_ +-----BEGIN DSA PRIVATE KEY----- +MIIBugIBAAKBgQCH9aAoXvWWThIjkA6D+nI1F9ksF9iDq594rkiGNOT9sPDOdB+n +D+qeeeeloRlj19ymCSADPI0ZLRgkchkAEnY2RnqnhHOjVf/roGgRbW+iQDMbQ9wa +/pvc6/fAbsu1goE1hBYjm98/sZEeXavj8tR56IXnjF1b6Nx0+sgeUKFKEQIVAMiz +4BJUFeTtddyM4uadBM7HKLPRAoGAZdLBSYNGiij7vAjesF5mGUKTIgPd+JKuBEDx +OaBclsgfdoyoF/TMOkIty+PVlYD+//Vl2xnoUEIRaMXHwHfm0r2xUX++oeRaSScg +YizJdUxe5jvBuBszGPRc/mGpb9YvP0sB+FL1KmuxYmdODfCe51zl8uM/CVhouJ3w +DjmRGscCgYAuFlfC7p+e8huCKydfcv/beftqjewiOPpQ3u5uI6KPCtCJPpDhs3+4 +IihH2cPsAlqwGF4tlibW1+/z/OZ1AZinPK3y7b2jSJASEaPeEltVzB92hcd1khk2 +jTYcmSsV4VddplOPK9czytR/GbbibxsrhhgZUbd8LPbvIgaiadJ1PgIUBnJ/5vN2 +CVArsEzlPUCbohPvZnE= +-----END DSA PRIVATE KEY----- + _end_of_pem_ + if defined?(OpenSSL::PKey::EC) TEST_KEY_EC_P256V1 = OpenSSL::PKey::EC.new <<-_end_of_pem_ @@ -105,6 +120,8 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC -----END DH PARAMETERS----- _end_of_pem_ + # WORKAROUND: OpenSSL 1.1.0-pre4 requires pub_key to be set + TEST_KEY_DH1024.pub_key = OpenSSL::BN.new("556af1598ae69899867ceba9f29ce4862b884c2b43c9019ea0231908f6efa785e3c462a6ecb16df676866e997ffb72b487dc7967c58c3ca38ce974473bf19b2aa5dcbf102735572eba6f353f6f0bbe7ff1de1b07fe1381a355c275c33405004317f9491b5955f191f6615a63b30e55a027fb88a1a4b25608e09eee68a7df32d", 16) TEST_KEY_DH1024.priv_key = OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16) DSA_SIGNATURE_DIGEST = OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000 ? @@ -188,7 +205,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC def setup @ca_key = OpenSSL::TestUtils::TEST_KEY_RSA2048 @svr_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - @cli_key = OpenSSL::TestUtils::TEST_KEY_DSA256 + @cli_key = OpenSSL::TestUtils::TEST_KEY_DSA1024 @ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA") @svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") @cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") @@ -290,6 +307,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC ssls.start_immediately = start_immediately threads = [] + Thread.abort_on_exception=true begin server = Thread.new do begin |