diff options
author | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-30 14:48:52 +0000 |
---|---|---|
committer | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-30 14:48:52 +0000 |
commit | 1dcd4b325ee9074952461d1748d881ea27da05d5 (patch) | |
tree | 4778772f60cd2c461ca5792d137985ee77f47760 /test | |
parent | c4becf8aaf8b1dc27ca274457548117d703c65e5 (diff) | |
download | ruby-1dcd4b325ee9074952461d1748d881ea27da05d5.tar.gz |
* ext/openssl/ossl.c/.h: Added ossl_x509_name_sk2ary.
* ext/openssl/ossl.c: Replaced ossl_x509_ary2k by generic macro to
simplify future conversions.
* ext/openssl/ossl_ssl.c: Implement SSLSocket#client_ca.
* test/openssl/test_ssl.rb: Add test for SSLSocket#client_ca.
Thanks to Ippei Obayashi for providing the patch!
[ Ruby 1.9 - Feature #4481 ] [ruby-core:35461]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32337 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
-rw-r--r-- | test/openssl/test_ssl.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 77dcff8d44..8c3d00e5e5 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -135,6 +135,28 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase } end + def test_client_ca + ctx_proc = Proc.new do |ctx| + ctx.client_ca = [@ca_cert] + end + + vflag = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT + start_server(PORT, vflag, true, :ctx_proc => ctx_proc){|server, port| + ctx = OpenSSL::SSL::SSLContext.new + client_ca_from_server = nil + ctx.client_cert_cb = Proc.new do |sslconn| + client_ca_from_server = sslconn.client_ca + [@cli_cert, @cli_key] + end + sock = TCPSocket.new("127.0.0.1", port) + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.sync_close = true + ssl.connect + assert_equal([@ca], client_ca_from_server) + ssl.close + } + end + def test_starttls start_server(PORT, OpenSSL::SSL::VERIFY_NONE, false){|server, port| sock = TCPSocket.new("127.0.0.1", port) |