diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-12 10:08:35 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-21 00:46:34 +0900 |
commit | e8e06933e74c88ef89220813295c58575061cab4 (patch) | |
tree | 8a7a33f642211e492343d20401ec2604dc344f74 | |
parent | 483c2aa207fd3a3fec48b0647b17a7e2aeb96810 (diff) | |
download | ruby-e8e06933e74c88ef89220813295c58575061cab4.tar.gz |
SSLContext#security_level
-rw-r--r-- | ext/openssl/ossl_ssl.c | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 66549fae1f..5e01140583 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -968,6 +968,51 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v) } /* + * call-seq: + * ctx.security_level => 0, .., 5 + * + * The security level for this context (new in OpenSSL 1.1.0). + */ +static VALUE +ossl_sslctx_get_security_level(VALUE self) +{ + SSL_CTX *ctx; + int i; + + GetSSLCTX(self, ctx); + if (!ctx) { + rb_warning("SSL_CTX is not initialized."); + return Qnil; + } + + i = SSL_CTX_get_security_level(ctx); + return INT2FIX(i); +} + +/* + * call-seq: + * ctx.security_level = 0 + * ctx.security_level = 5 + * + * Sets the security level for this context (new in OpenSSL 1.1.0). + */ +static VALUE +ossl_sslctx_set_security_level(VALUE self, VALUE v) +{ + SSL_CTX *ctx; + + rb_check_frozen(self); + + GetSSLCTX(self, ctx); + if (!ctx) + ossl_raise(eSSLError, "SSL_CTX is not initialized."); + + SSL_CTX_set_security_level(ctx, NUM2INT(v)); + + return v; +} + +/* * call-seq: * ctx.session_add(session) -> true | false * @@ -2235,6 +2280,8 @@ Init_ossl_ssl(void) rb_define_method(cSSLContext, "ssl_version=", ossl_sslctx_set_ssl_version, 1); rb_define_method(cSSLContext, "ciphers", ossl_sslctx_get_ciphers, 0); rb_define_method(cSSLContext, "ciphers=", ossl_sslctx_set_ciphers, 1); + rb_define_method(cSSLContext, "security_level", ossl_sslctx_get_security_level, 0); + rb_define_method(cSSLContext, "security_level=", ossl_sslctx_set_security_level, 1); rb_define_method(cSSLContext, "setup", ossl_sslctx_setup, 0); |