diff options
author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-06-07 12:20:46 +0000 |
---|---|---|
committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-06-07 12:20:46 +0000 |
commit | 2aa5fb13da2ae045b17c2cbbe1f6df323d6ad95a (patch) | |
tree | 6d8ff28aa42005dbc2710965308b6e9055da9bfa /test/openssl/utils.rb | |
parent | d2442b242132a67f1a9bbf2398969723373a7368 (diff) | |
download | ruby-2aa5fb13da2ae045b17c2cbbe1f6df323d6ad95a.tar.gz |
openssl: adjust tests for OpenSSL 1.1.0
This fixes `make test-all TESTS=openssl` with OpenSSL master.
* test/openssl/test_x509name.rb: Don't register OID for 'emailAddress'
and 'serialNumber'. A recent change in OpenSSL made OBJ_create()
reject an already existing OID. They were needed to run tests with
OpenSSL 0.9.6 which is now unsupported.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25
[ruby-core:75225] [Feature #12324]
* test/openssl/test_ssl_session.rb (test_server_session): Duplicate
SSL::Session before re-adding to the session store. OpenSSL 1.1.0
starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session().
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75
* test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519
is new in OpenSSL 1.1.0 but this is for key agreement and not for
signing.
* test/openssl/test_pair.rb, test/openssl/test_ssl.rb,
test/openssl/utils.rb: Set security level to 0 when using aNULL cipher
suites.
* test/openssl/utils.rb: Use 1024 bits DSA key for client certificates.
* test/openssl/test_engine.rb: Run each test in separate process.
We can no longer cleanup engines explicitly as ENGINE_cleanup() was
removed.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743
* ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the
RDoc for Engine.cleanup.
* ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS,
DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed.
* test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb,
test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't
test unsupported hash functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/utils.rb')
-rw-r--r-- | test/openssl/utils.rb | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index 82a018aabb..e4861fa688 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -85,6 +85,21 @@ Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S -----END DSA PRIVATE KEY----- _end_of_pem_ + TEST_KEY_DSA1024 = OpenSSL::PKey::DSA.new <<-_end_of_pem_ +-----BEGIN DSA PRIVATE KEY----- +MIIBugIBAAKBgQCH9aAoXvWWThIjkA6D+nI1F9ksF9iDq594rkiGNOT9sPDOdB+n +D+qeeeeloRlj19ymCSADPI0ZLRgkchkAEnY2RnqnhHOjVf/roGgRbW+iQDMbQ9wa +/pvc6/fAbsu1goE1hBYjm98/sZEeXavj8tR56IXnjF1b6Nx0+sgeUKFKEQIVAMiz +4BJUFeTtddyM4uadBM7HKLPRAoGAZdLBSYNGiij7vAjesF5mGUKTIgPd+JKuBEDx +OaBclsgfdoyoF/TMOkIty+PVlYD+//Vl2xnoUEIRaMXHwHfm0r2xUX++oeRaSScg +YizJdUxe5jvBuBszGPRc/mGpb9YvP0sB+FL1KmuxYmdODfCe51zl8uM/CVhouJ3w +DjmRGscCgYAuFlfC7p+e8huCKydfcv/beftqjewiOPpQ3u5uI6KPCtCJPpDhs3+4 +IihH2cPsAlqwGF4tlibW1+/z/OZ1AZinPK3y7b2jSJASEaPeEltVzB92hcd1khk2 +jTYcmSsV4VddplOPK9czytR/GbbibxsrhhgZUbd8LPbvIgaiadJ1PgIUBnJ/5vN2 +CVArsEzlPUCbohPvZnE= +-----END DSA PRIVATE KEY----- + _end_of_pem_ + if defined?(OpenSSL::PKey::EC) TEST_KEY_EC_P256V1 = OpenSSL::PKey::EC.new <<-_end_of_pem_ @@ -196,7 +211,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC def setup @ca_key = OpenSSL::TestUtils::TEST_KEY_RSA2048 @svr_key = OpenSSL::TestUtils::TEST_KEY_RSA1024 - @cli_key = OpenSSL::TestUtils::TEST_KEY_DSA256 + @cli_key = OpenSSL::TestUtils::TEST_KEY_DSA1024 @ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA") @svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") @cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") @@ -277,6 +292,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT ctx = OpenSSL::SSL::SSLContext.new ctx.ciphers = "ADH-AES256-GCM-SHA384" if use_anon_cipher + ctx.security_level = 0 if use_anon_cipher ctx.cert_store = store #ctx.extra_chain_cert = [ ca_cert ] ctx.cert = @svr_cert |