ruby.git/test/openssl/test_ssl.rb, branch v2_0_0_451 The Ruby Programming Language merge revision(s) 42429: [Backport #8750] 2013-08-16T15:37:07+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-08-16T15:37:07+00:00 d15c1d10f63cee7ceb028a3762a4b8cc697427ef * test/openssl/test_ssl.rb: Fix test for CVE-2013-4073. Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@42588 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.
	  Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@42588 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 41805: [Backport #8575] [Backport #8582] 2013-07-06T17:05:08+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-07-06T17:05:08+00:00 239d52c825f7b98d3aa4ae42cbc7034cbf8198cd * lib/openssl/ssl.rb: Fix SSL client connection crash for SAN marked critical. The patch for CVE-2013-4073 caused SSL crash when a SSL server returns the certificate that has critical SAN value. X509 extension could include 2 or 3 elements in it: [id, criticality, octet_string] if critical, [id, octet_string] if not. Making sure to pick the last element of X509 extension and use it as SAN value. [ruby-core:55685] [Bug #8575] Thank you @nahi for providing the patch! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* lib/openssl/ssl.rb: Fix SSL client connection crash for SAN marked
	  critical.
	  The patch for CVE-2013-4073 caused SSL crash when a SSL server returns
	  the certificate that has critical SAN value.  X509 extension could
	  include 2 or 3 elements in it:
	  [id, criticality, octet_string] if critical,
	  [id, octet_string] if not.
	  Making sure to pick the last element of X509 extension and use it as
	  SAN value.
	  [ruby-core:55685] [Bug #8575]
	  Thank you @nahi for providing the patch!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 41671: 2013-06-27T11:11:11+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-06-27T11:11:11+00:00 8bbcbef83e1afe71fb49a098cbf7b9be62b1c47a * ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix hostname verification. Patched by nahi. * test/openssl/test_ssl.rb (test_verify_certificate_identity): test for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix
	  hostname verification. Patched by nahi.

	* test/openssl/test_ssl.rb (test_verify_certificate_identity): test for
	  above.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 40304: [Backport #8240] 2013-04-19T17:16:37+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-04-19T17:16:37+00:00 2e607b7ff3f14ffefb94f171e6f50c3fd120e0da * ext/openssl/ossl_ssl.c: Correct shutdown behavior w.r.t GC. * test/openssl/test_ssl.rb: Add tests to verify correct behavior. [Bug #8240] Patch provided by Shugo Maeda. Thanks! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@40387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c: Correct shutdown behavior w.r.t GC.

	* test/openssl/test_ssl.rb: Add tests to verify correct behavior.
	[Bug #8240] Patch provided by Shugo Maeda. Thanks!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@40387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Use :TLSv1_2_client explicitly in 2012-12-18T02:32:28+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:32:28+00:00 831af844ef2d4d716da07eda331c50d1e73005e3 test_tls_v1_2 to prevent upstream bug. [Bug #7197] [ruby-dev:46240] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test_tls_v1_2 to prevent upstream bug.
  [Bug #7197] [ruby-dev:46240]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Improve my grammar. 2012-12-18T02:04:52+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:04:52+00:00 e814e2ff3a6a970e88843cc6ff1e161075931e8e git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/ssl.rb: Enable insertion of empty fragments as a 2012-12-18T02:02:43+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:02:43+00:00 84f1dae9d637a2038d1b395bcc2f22404770d2d7 countermeasure for the BEAST attack by default. The default options of OpenSSL::SSL:SSLContext are now: OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS [Bug #5353] [ruby-core:39673] * test/openssl/test_ssl.rb: Adapt tests to new SSLContext default. * NEWS: Announce the new default. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  countermeasure for the BEAST attack by default. The default options
  of OpenSSL::SSL:SSLContext are now:
  OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
  [Bug #5353] [ruby-core:39673]

* test/openssl/test_ssl.rb: Adapt tests to new SSLContext default.

* NEWS: Announce the new default.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_asn1_rb: 2012-09-03T22:54:12+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T22:54:12+00:00 4bb125f91a1df7d5252b1dd1f59c1ce0238e0192 test/openssl/test_ssl_session.rb: test/openssl/test_x509name.rb: test/openssl/test_buffering.rb: test/openssl/test_x509cert.rb: test/openssl/test_ssl.rb: Refactor code that leads to warnings on Ruby CI. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test/openssl/test_ssl_session.rb:
  test/openssl/test_x509name.rb:
  test/openssl/test_buffering.rb:
  test/openssl/test_x509cert.rb:
  test/openssl/test_ssl.rb: Refactor code that leads to warnings on
  Ruby CI.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of OPENSSL_NPN_NEGOTIATED. 2012-08-31T09:47:36+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-31T09:47:36+00:00 25e6db3e3cb52c1a81e1e4a958a8d520a996812e ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be advertised by the server can be set in the SSLContext by using SSLContext#npn_protocols=, protocol selection on the client is supported by providing a selection callback with SSLContext#npn_select_cb. The protocol that was finally negotiated is available through SSL#npn_protocol. test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation. NEWS: add news about NPN support. [Feature #6503] [ruby-core:45272] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
  advertised by the server can be set in the SSLContext by using
  SSLContext#npn_protocols=, protocol selection on the client is
  supported by providing a selection callback with
  SSLContext#npn_select_cb. The protocol that was finally negotiated
  is available through SSL#npn_protocol.
  test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
  NEWS: add news about NPN support.
  [Feature #6503] [ruby-core:45272]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trainling spaces. 2012-08-21T04:50:18+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-21T04:50:18+00:00 d059d718b505bacbf7af6e9c473eb95391d481d0 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e