aboutsummaryrefslogtreecommitdiffstats
path: root/test/openssl/utils.rb
Commit message (Collapse)AuthorAgeFilesLines
* ext/openssl: implement OpenSSL::PKey::{DSA,RSA,EC}#public_pkeytopic/openssl-pkey-ecKazuki Yamaguchi2016-05-131-1/+1
| | | | | | | | | | | | | | Add OpenSSL::PKey::{DSA,RSA,EC}#public_pkey. They return a new instance of itself, which contains only parameters and public information. The old methods, {DSA,RSA}#public_key, are now deprecated. There are 3 types of PKey#public_key: 1) EC#public_key, which returns the actual public key (EC::Point). 2) RSA/DSA#public_key, which returns a new instance of PKey with no private information. 3) DH#public_key, which returns a new instance of DH which contains only DH params. This doesn't even contain 'private key'. This is very confusing. The new methods are intend to replace the 2).
* openssl: Access to ephemeral TLS session keynobu2016-04-041-0/+1
| | | | | | | | | * ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral TLS session key in case of forward secrecy cipher. Only available since OpenSSL 1.0.2. [Fix GH-1318] * ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * Remove 512-bit DH group. It's affected by LogJam Attack.hsbt2016-01-141-7/+0
| | | | | | | https://weakdh.org/ [fix GH-1196][Bug #11968][ruby-core:72766] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Add frozen_string_literal: false for all filesnaruse2015-12-161-0/+1
| | | | | | When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): raise a moretenderlove2015-07-271-0/+2
| | | | | | | | | | helpful exception when verifying the peer connection and an anonymous cipher has been selected. [ruby-core:68330] [Bug #10910] Thanks to Chris Sinjakli <chris@sinjakli.co.uk> for the patch. * test/openssl/test_ssl.rb (class OpenSSL): test for change git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl: skip old OpenSSLnobu2014-12-131-1/+2
| | | | | | | * test/openssl/utils.rb (OpenSSL::TestUtils): ignore out-of-date OpenSSL before 1.0. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* revert r48819nobu2014-12-131-20/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test_ocsp.rb: run separatelynobu2014-12-131-0/+20
| | | | | | | * test/openssl/test_ocsp.rb (test_new_ocsp_request): run in a separated process to continue on CentOS 5.6 i386. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48819 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/lib/envutil.rb: Moved from test/ruby/.akr2014-11-131-1/+0
| | | | | | | | | | | | | | * test/lib/find_executable.rb: Ditto. * test/lib/memory_status.rb: Ditto. * test/lib/test/unit.rb: require envutil. * test/: Don't require envutil in test files. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl: Don't specify port number.akr2014-11-131-9/+3
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48400 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/ssl_server.rb: Unused file removed.akr2014-11-131-2/+1
| | | | | | | | It is not used since r16111, Ruby 1.9.1. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48399 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb: The default of :ignore_listener_error isakr2014-11-031-1/+1
| | | | | | | | changed to false. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ignore_ssl_accept_error option is changed to ignore_listener_error.akr2014-11-011-4/+7
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48231 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* start_server refined.akr2014-11-011-46/+42
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48228 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb (start_server): Don't close sockets beforeakr2014-11-011-15/+18
| | | | | | | | threads finished. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48227 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/test_ssl_session.rb (test_ctx_client_session_cb): Don'takr2014-11-011-54/+55
| | | | | | | | | | | | | | | | ignore errors of SSL accept. (test_ctx_server_session_cb): Ditto. * test/openssl/utils.rb (server_loop): Add ignore_ssl_accept_error argument. (start_server): Refine threads waits. * test/ruby/envutil.rb (assert_join_threads): Show a thread before backtrace. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb (start_server, server_loop): Use aakr2014-11-011-13/+12
| | | | | | | | pipe to stop server instead of shutdown/close a listening socket. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48224 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): Close a socketakr2014-05-291-2/+0
| | | | | | | | if any exception occur. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46223 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl: Join threads.akr2014-05-251-3/+10
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46108 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.c: do not use FIPS_mode_set if not available.emboss2012-12-201-2/+3
| | | | | | | | | | | | * test/openssl/utils.rb: revise comment about setting FIPS mode to false. * test/openssl/test_fips.rb: remove tests that cause errors on ruby-ci. [Feature #6946] [ruby-core:47345] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38491 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.c: add OpenSSL.fips_mode= to allow enabling FIPSemboss2012-12-201-0/+4
| | | | | | | | | | | | | | mode manually. * test/openssl/utils.rb: turn off FIPS mode for tests. This prevents OpenSSL installations with FIPS mode enabled by default from raising FIPS-related errors during the tests. * test/openssl/test_fips.rb: add tests for FIPS-capable OpenSSL installations. [Feature #6946] [ruby-core:47345] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38480 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb: Use DSS1 as DSA signature digest for allemboss2012-09-031-1/+1
| | | | | | | | | OpenSSL versions < 1.0.0. [ruby-core:47405] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36891 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* remove trailing spaces.nobu2012-09-031-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36886 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/extconf.rb: Detect OpenSSL_FIPS macroemboss2012-09-031-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to indicate whether OpenSSL runs in FIPS mode. test/openssl/test_pkey_dh.rb: Generate 256 bit keys for non-FIPS installations to improve test performance (e.g. for rubyci). test/openssl/utils.rb: Replace DSS1 as certificate signature digest with SHA1 for FIPS installations when using DSA by introducing TestUtils::DSA_SIGNATURE_DIGEST. test/openssl/test_x509cert.rb: test/openssl/test_x509crl.rb: test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST NEWS: Introduce OpenSSL::OPENSSL_FIPS These changes allow running the OpenSSL tests in FIPS mode while keeping a high performance for non-FIPS installations. Introduction of OpenSSL::OPENSSL_FIPS allows for applications to react to special requirements when using OpenSSL in FIPS mode. [Feature #6946] [ruby-core:47345] - Diese und die folgenden Zeilen werden ignoriert -- M ext/openssl/extconf.rb M ext/openssl/ossl.c M NEWS M ChangeLog M test/openssl/utils.rb M test/openssl/test_x509crl.rb M test/openssl/test_x509req.rb M test/openssl/test_x509cert.rb M test/openssl/test_pkey_dh.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb: Use a cached DH key instead of generating aemboss2012-09-021-1/+8
| | | | | | | new one each time. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rbemboss2012-08-281-3/+5
| | | | | | | | | | test/openssl/test_pair.rb test/openssl/test_pkey_dh.rb: Use 1024 bit DH parameters to satisfy OpenSSL FIPS requirements. Patch by Vit Ondruch. [Bug #6938] [ruby-core:47326] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c: add support for option flagsemboss2012-05-071-1/+1
| | | | | | | | | | | | | | | | | OpenSSL::SSL::OP_NO_TLSv1_1 OpenSSL::SSL::OP_NO_TLSv1_2 to allow blocking specific TLS versions. Thanks to Justin Guyett for pointing this out to me. * test/openssl/test_ssl.rb: add tests to assert correct behavior when blocking certain versions of TLS/SSL both on server and client side. Also refactored tests to reduce boilerplate code a little. * test/openssl/utils.rb: rescue Errno::ECONNRESET for tests where client rejects the connection because a forbidden protocol version was used. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.c (ossl_verify_cb): trap the exception fromnahi2011-07-141-1/+1
| | | | | | | | | | | | | verify callback of SSLContext and X509Store and make the verification fail normally. Raising exception directly from callback causes orphan resouces in OpenSSL stack. Patched by Ippei Obayashi. See #4445. * test/openssl/test_ssl.rb (test_exception_in_verify_callback_is_ignored): test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/test_ssl_session.rb: Split out SSL::Session related nahi2011-06-221-0/+142
| | | | | | | tests from test_ssl.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/test_ec.rbemboss2011-06-131-0/+4
| | | | | | | | | | test/openssl/test_pkey_ec.rb: merge both files into test_pkey_ec.rb. Removed redundant group instantiation from PKey tests. * test/openssl/utils.rb: only create TEST_PKEY_EC_P256V1 if EC is defined. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32058 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/pkey_dh.c: corrected documentation.emboss2011-06-131-0/+7
| | | | | | | | * test/openssl/utils.rb: add test key for DH. * test/openssl/test_pkey_dh.rb: add tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32039 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_pkey.c: added PKey.read module function that allowemboss2011-06-121-0/+8
| | | | | | | | | | | | | | | | reading arbitrary public/private keys from DER-/PEM-encoded File or string instances. * ext/openssl/ossl_pkey_dh.c: improved documentation. * test/openssl/utils.rb: added EC test key. * test/openssl/test_pkey_rsa.rb test/openssl/test_pkey_dsa.rb: Test PKey.read. Reuse keys from OpenSSL::TestUtils. * test/openssl/test_pkey_ec.rb: Created test file for EC tests. Test PKey.read. [Ruby 1.9 - Feature #4424] [ruby-core:35330] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32036 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* drying up the requires in the openssl teststenderlove2010-12-151-0/+5
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30220 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* refactor load error rescue to the openssl util filetenderlove2010-12-111-2/+5
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30176 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/openssl/utils.rb (OpenSSL#silent): always restore $VERBOSE. ↵kazu2010-09-221-1/+1
| | | | | | [ruby-dev:42285] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29317 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * backport r28621 and r28632 from ruby_1_8;nahi2010-08-191-0/+9
| | | | | | | | | | | | | * ext/openssl/ossl_config.c, ext/openssl/lib/openssl/config.rb, ext/openssl/lib/openssl.rb: reimplement OpenSSL::Config in Ruby. Now it should work on windows. * test/openssl/test_config.rb: added tests for OpenSSL::Config#dup. * test/openssl/test_config.rb: added tests for Config#clone. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * {ext,lib,test}/**/*.rb: removed trailing spaces.nobu2009-03-061-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c: Switch stats hash key from string to symbol.technorama2008-04-201-2/+2
| | | | | | | | | | | | New method SSLContext#setup to aid C extension writers. * test/openssl/test_ssl.rb: Add tests for new method and sessions. Use threads for ssl server instead of forking. * ext/openssl/ossl_version.h: Bump version. * ext/openssl/ossl_x509ext.c: Fix warnings. * test/openssl/utils.rb: Fix warnings. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test_x509crl.rb (test_basic): add test for CRL issuer.gotoyuzo2004-05-211-0/+1
| | | | | | | | * test_x509store.rb: test for OpenSSL::X509::Store * utils.rb (issue_crl): should set issuer's subject. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6381 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test for OpenSSL::X509gotoyuzo2004-05-171-0/+134
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6350 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-22 13:48:45 +0000