ruby.git/test/openssl/test_ssl.rb, branch v2_0_0_rc1 The Ruby Programming Language * test/openssl/test_ssl.rb: Use :TLSv1_2_client explicitly in 2012-12-18T02:32:28+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:32:28+00:00 831af844ef2d4d716da07eda331c50d1e73005e3 test_tls_v1_2 to prevent upstream bug. [Bug #7197] [ruby-dev:46240] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test_tls_v1_2 to prevent upstream bug.
  [Bug #7197] [ruby-dev:46240]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Improve my grammar. 2012-12-18T02:04:52+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:04:52+00:00 e814e2ff3a6a970e88843cc6ff1e161075931e8e git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/ssl.rb: Enable insertion of empty fragments as a 2012-12-18T02:02:43+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:02:43+00:00 84f1dae9d637a2038d1b395bcc2f22404770d2d7 countermeasure for the BEAST attack by default. The default options of OpenSSL::SSL:SSLContext are now: OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS [Bug #5353] [ruby-core:39673] * test/openssl/test_ssl.rb: Adapt tests to new SSLContext default. * NEWS: Announce the new default. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  countermeasure for the BEAST attack by default. The default options
  of OpenSSL::SSL:SSLContext are now:
  OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
  [Bug #5353] [ruby-core:39673]

* test/openssl/test_ssl.rb: Adapt tests to new SSLContext default.

* NEWS: Announce the new default.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_asn1_rb: 2012-09-03T22:54:12+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T22:54:12+00:00 4bb125f91a1df7d5252b1dd1f59c1ce0238e0192 test/openssl/test_ssl_session.rb: test/openssl/test_x509name.rb: test/openssl/test_buffering.rb: test/openssl/test_x509cert.rb: test/openssl/test_ssl.rb: Refactor code that leads to warnings on Ruby CI. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test/openssl/test_ssl_session.rb:
  test/openssl/test_x509name.rb:
  test/openssl/test_buffering.rb:
  test/openssl/test_x509cert.rb:
  test/openssl/test_ssl.rb: Refactor code that leads to warnings on
  Ruby CI.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of OPENSSL_NPN_NEGOTIATED. 2012-08-31T09:47:36+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-31T09:47:36+00:00 25e6db3e3cb52c1a81e1e4a958a8d520a996812e ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be advertised by the server can be set in the SSLContext by using SSLContext#npn_protocols=, protocol selection on the client is supported by providing a selection callback with SSLContext#npn_select_cb. The protocol that was finally negotiated is available through SSL#npn_protocol. test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation. NEWS: add news about NPN support. [Feature #6503] [ruby-core:45272] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
  advertised by the server can be set in the SSLContext by using
  SSLContext#npn_protocols=, protocol selection on the client is
  supported by providing a selection callback with
  SSLContext#npn_select_cb. The protocol that was finally negotiated
  is available through SSL#npn_protocol.
  test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
  NEWS: add news about NPN support.
  [Feature #6503] [ruby-core:45272]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trainling spaces. 2012-08-21T04:50:18+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-21T04:50:18+00:00 d059d718b505bacbf7af6e9c473eb95391d481d0 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Introduce SSLContext#renegotiation_cb and 2012-06-09T16:44:12+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-06-09T16:44:12+00:00 14ba7fab58329201aebdc49b83ca96dfbf0b13e6 remove SSLContext#disable_client_renegotiation and related functionality introduced in r35797. The new callback approach gives clients maximum flexibility to decide on their own what to do on renegotiation attempts. Add documentation for SSL module and SSLError. * test/openssl/test_ssl.rb: Add a test for SSLContext#renegotiation_cb. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  remove SSLContext#disable_client_renegotiation and related
  functionality introduced in r35797. The new callback approach
  gives clients maximum flexibility to decide on their own what to
  do on renegotiation attempts.
  Add documentation for SSL module and SSLError. 
* test/openssl/test_ssl.rb: Add a test for
  SSLContext#renegotiation_cb.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Allow disabling client-side renegotiation. 2012-05-26T00:56:33+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-26T00:56:33+00:00 50ba64ab87e1715cc0bf6d6c8bdfa330de4f6699 * test/openssl/test_ssl.rb: Simple tests for this. Client-side renegotiation is still considered problematic, even when used in the context of secure renegotiation (RI, RFC 5746). The changes allow users to either completely disable client renegotiation on the server, or to specify a maximum number of handshakes allowed in total. The number of total handshakes is counted in a callback set as SSL_set_info_callback. If the maximum number of handshakes is exceeded an error will be raised We do not support renegotiation in the OpenSSL extension, therefore this feature can only be tested externally. The feature is opt-in, the default setting will be to allow unlimited client renegotiation, as was the case before. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/test_ssl.rb: Simple tests for this.

  Client-side renegotiation is still considered problematic, even
  when used in the context of secure renegotiation (RI, RFC 5746).
  The changes allow users to either completely disable client
  renegotiation on the server, or to specify a maximum number of
  handshakes allowed in total. The number of total handshakes is
  counted in a callback set as SSL_set_info_callback. If the
  maximum number of handshakes is exceeded an error will be raised
  We do not support renegotiation in the OpenSSL extension, therefore
  this feature can only be tested externally.
  The feature is opt-in, the default setting will be to allow
  unlimited client renegotiation, as was the case before.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Clarify the intention of errors to be 2012-05-25T14:44:15+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-25T14:44:15+00:00 6f5582a2ae543eb8000deba997348fda189c166a expected. Two errors are possible when connection is refused due to a protocol version that was explicitly disallowed, OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the OpenSSL version in use. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  expected. Two errors are possible when connection is refused due
  to a protocol version that was explicitly disallowed,
  OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the
  OpenSSL version in use.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Revert r35583 2012-05-25T13:24:47+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-25T13:24:47+00:00 913827b6afd701f5f5b7461e3acf15c70ab4f22b * test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid the test failing in Ruby CI [1] [1] http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz#test-all git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid
the test failing in Ruby CI [1]
	
[1] http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz#test-all


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e