diff options
| author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2024-07-10 17:09:52 +0900 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2024-07-10 23:06:08 +0000 |
| commit | 6428536146bd8910b2f1b8d4fcd20b1c22673e1f (patch) | |
| tree | 09dcfb0fbd379bcbfb3aa3cb7ecf3878aaef55ef /test | |
| parent | 4e6463ad7a56d7cf55726ff913129790b942ffb9 (diff) | |
| download | ruby-6428536146bd8910b2f1b8d4fcd20b1c22673e1f.tar.gz | |
[ruby/net-http] Split test class because TCPServer couldn't accept localhost and 127.0.0.1 both
https://github.com/ruby/net-http/commit/749a1b3197
Diffstat (limited to 'test')
| -rw-r--r-- | test/net/http/test_https.rb | 52 |
1 files changed, 39 insertions, 13 deletions
diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb index acfd0275cb..2de92a5e0d 100644 --- a/test/net/http/test_https.rb +++ b/test/net/http/test_https.rb @@ -242,19 +242,6 @@ class TestNetHTTPS < Test::Unit::TestCase assert_match(/certificate verify failed/, ex.message) end - def test_identity_verify_failure - # the certificate's subject has CN=localhost - http = Net::HTTP.new(HOST_IP, config("port")) - http.use_ssl = true - http.cert_store = TEST_STORE - @log_tester = lambda {|_| } - ex = assert_raise(OpenSSL::SSL::SSLError){ - http.request_get("/") {|res| } - } - re_msg = /certificate verify failed|hostname \"#{HOST_IP}\" does not match/ - assert_match(re_msg, ex.message) - end - def test_timeout_during_SSL_handshake bug4246 = "expected the SSL connection to have timed out but have not. [ruby-core:34203]" @@ -302,3 +289,42 @@ class TestNetHTTPS < Test::Unit::TestCase end end if defined?(OpenSSL::SSL) + +class TestNetHTTPSIdentityVerifyFailure < Test::Unit::TestCase + include TestNetHTTPUtils + + def self.read_fixture(key) + File.read(File.expand_path("../fixtures/#{key}", __dir__)) + end + + HOST = 'localhost' + HOST_IP = '127.0.0.1' + CA_CERT = OpenSSL::X509::Certificate.new(read_fixture("cacert.pem")) + SERVER_KEY = OpenSSL::PKey.read(read_fixture("server.key")) + SERVER_CERT = OpenSSL::X509::Certificate.new(read_fixture("server.crt")) + DHPARAMS = OpenSSL::PKey::DH.new(read_fixture("dhparams.pem")) + TEST_STORE = OpenSSL::X509::Store.new.tap {|s| s.add_cert(CA_CERT) } + + CONFIG = { + 'host' => HOST_IP, + 'proxy_host' => nil, + 'proxy_port' => nil, + 'ssl_enable' => true, + 'ssl_certificate' => SERVER_CERT, + 'ssl_private_key' => SERVER_KEY, + 'ssl_tmp_dh_callback' => proc { DHPARAMS }, + } + + def test_identity_verify_failure + # the certificate's subject has CN=localhost + http = Net::HTTP.new(HOST_IP, config("port")) + http.use_ssl = true + http.cert_store = TEST_STORE + @log_tester = lambda {|_| } + ex = assert_raise(OpenSSL::SSL::SSLError){ + http.request_get("/") {|res| } + } + re_msg = /certificate verify failed|hostname \"#{HOST_IP}\" does not match/ + assert_match(re_msg, ex.message) + end +end if defined?(OpenSSL::SSL)
\ No newline at end of file |