From fd73a6315c02f9995717dd88155afcba3e959552 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Sat, 23 Apr 2016 22:43:05 +0900
Subject: ext/openssl: remove SHA, DSS, DSS1 if using OpenSSL 1.1.0

---
 ext/openssl/lib/openssl/digest.rb | 5 ++++-
 test/openssl/test_digest.rb       | 7 ++++---
 test/openssl/test_pkey_dsa.rb     | 4 ++--
 test/openssl/test_random.rb       | 1 +
 test/openssl/test_ssl.rb          | 2 +-
 test/openssl/test_x509cert.rb     | 2 +-
 test/openssl/test_x509req.rb      | 2 +-
 7 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/ext/openssl/lib/openssl/digest.rb b/ext/openssl/lib/openssl/digest.rb
index 1240bf596b..1a236cc77d 100644
--- a/ext/openssl/lib/openssl/digest.rb
+++ b/ext/openssl/lib/openssl/digest.rb
@@ -15,7 +15,10 @@
 module OpenSSL
   class Digest
 
-    alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
+    alg = %w(MD2 MD4 MD5 MDC2 RIPEMD160 SHA1)
+    if OPENSSL_VERSION_NUMBER < 0x10100000
+      alg += %w(DSS DSS1 SHA)
+    end
     if OPENSSL_VERSION_NUMBER > 0x00908000
       alg += %w(SHA224 SHA256 SHA384 SHA512)
     end
diff --git a/test/openssl/test_digest.rb b/test/openssl/test_digest.rb
index 8b724a03a9..95e5bb726a 100644
--- a/test/openssl/test_digest.rb
+++ b/test/openssl/test_digest.rb
@@ -58,9 +58,10 @@ class OpenSSL::TestDigest < Test::Unit::TestCase
   end
 
   def test_digest_constants
-    algs = %w(DSS1 MD4 MD5 RIPEMD160 SHA1)
-    if !libressl?  || !version_since([2,3])
-      algs += %w(SHA)
+    algs = %w(MD4 MD5 RIPEMD160 SHA1)
+    if libressl? && !version_since([2,3]) ||
+        OpenSSL::OPENSSL_VERSION_NUMBER < 0x10100000
+      algs += %w(SHA DSS1)
     end
     if OpenSSL::OPENSSL_VERSION_NUMBER > 0x00908000
       algs += %w(SHA224 SHA256 SHA384 SHA512)
diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index eb3e4f1c65..fa57178912 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -40,7 +40,7 @@ class OpenSSL::TestPKeyDSA < Test::Unit::TestCase
 
   def test_sign_verify
     check_sign_verify(OpenSSL::Digest::DSS1.new)
-  end
+  end if defined?(OpenSSL::Digest::DSS1)
 
 if (OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000)
   def test_sign_verify_sha1
@@ -62,7 +62,7 @@ end
     digest1 << 'Change state of digest1'
     assert(key.verify(digest1, sig, data))
     assert(key.verify(digest2, sig, data))
-  end
+  end if defined?(OpenSSL::Digest::DSS1)
 
   def test_read_DSA_PUBKEY
     p = 7188211954100152441468596248707152960171255279130004340103875772401008316444412091945435731597638374542374929457672178957081124632837356913990200866056699
diff --git a/test/openssl/test_random.rb b/test/openssl/test_random.rb
index 8c69d5431c..0d6289c09e 100644
--- a/test/openssl/test_random.rb
+++ b/test/openssl/test_random.rb
@@ -11,6 +11,7 @@ class OpenSSL::TestRandom < Test::Unit::TestCase
   end
 
   def test_pseudo_bytes
+    return unless defined?(OpenSSL::Random.pseudo_bytes)
     assert_equal("", OpenSSL::Random.pseudo_bytes(0))
     assert_equal(12, OpenSSL::Random.pseudo_bytes(12).bytesize)
   end
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 5314853849..e40afec14e 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -405,7 +405,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
       ciphers = ctx.ciphers
       ciphers_versions = ciphers.collect{|_, v, _, _| v }
       ciphers_names = ciphers.collect{|v, _, _, _| v }
-      assert(ciphers_names.all?{|v| /ADH/ !~ v })
+      assert(ciphers_names.all?{|v| /A(EC)?DH/ !~ v })
       assert(ciphers_versions.all?{|v| /SSLv2/ !~ v })
       ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
       ssl.sync_close = true
diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb
index 72cb9e6095..ab6d71d9d4 100644
--- a/test/openssl/test_x509cert.rb
+++ b/test/openssl/test_x509cert.rb
@@ -171,7 +171,7 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase
     cert.subject = @ee1
     assert_equal(false, cert.verify(@rsa2048))
   rescue OpenSSL::X509::CertificateError
-  end
+  end if defined?(OpenSSL::Digest::DSS1)
 
   def test_sign_and_verify_dsa_md5
     assert_raise(OpenSSL::X509::CertificateError){
diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb
index f1bf18465f..19b55486e8 100644
--- a/test/openssl/test_x509req.rb
+++ b/test/openssl/test_x509req.rb
@@ -140,7 +140,7 @@ class OpenSSL::TestX509Request < Test::Unit::TestCase
     assert_equal(false, req.verify(@rsa1024))
   rescue OpenSSL::X509::RequestError
     skip
-  end
+  end if defined?(OpenSSL::Digest::DSS1)
 
   def test_sign_and_verify_dsa_md5
     assert_raise(OpenSSL::X509::RequestError){
-- 
cgit v1.2.3