diff options
author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-06-07 07:52:24 +0000 |
---|---|---|
committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-06-07 07:52:24 +0000 |
commit | 1f5784ecaf212f486fad6c586fe0dcedb778cd57 (patch) | |
tree | 6cd0aabf2846fec13562c7978122806e83d55379 /test/openssl | |
parent | 53a3e3ddd9e5fc88b9dfec30825cbc9e4e239cd4 (diff) | |
download | ruby-1f5784ecaf212f486fad6c586fe0dcedb778cd57.tar.gz |
openssl: add SSL::SSLContext#security_level{=,}
* ext/openssl/extconf.rb: Check for SSL_CTX_get_security_level().
OpenSSL 1.1.0 introduced "security level".
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c (ossl_sslctx_{get,set}_security_level): Add
SSLContext#security_level and #security_level=.
* test/openssl/test_ssl.rb (test_security_level): Add test. ...but this
doesn't actually test it. Because #security_level= is necessary in
order to run other tests on OpenSSL 1.1.0, go without tests for now.
Will fix after converting SSLContext#key= and #cert= to normal methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl')
-rw-r--r-- | test/openssl/test_ssl.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 9a717a4256..65cc30e71e 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -1218,6 +1218,22 @@ end end end + def test_security_level + ctx = OpenSSL::SSL::SSLContext.new + begin + ctx.security_level = 1 + rescue NotImplementedError + assert_equal(0, ctx.security_level) + return + end + assert_equal(1, ctx.security_level) + # assert_raise(OpenSSL::SSL::SSLError) { ctx.key = OpenSSL::TestUtils::TEST_KEY_DSA512 } + # ctx.key = OpenSSL::TestUtils::TEST_KEY_RSA1024 + # ctx.security_level = 2 + # assert_raise(OpenSSL::SSL::SSLError) { ctx.key = OpenSSL::TestUtils::TEST_KEY_RSA1024 } + skip "FIXME: SSLContext#key= currently does not raise because SSL_CTX_use_certificate() is delayed" + end + private def start_server_version(version, ctx_proc=nil, server_proc=nil, &blk) |