ruby.git/test/openssl/test_ssl.rb, branch v2_1_0_preview2 The Ruby Programming Language * test/openssl/test_ssl.rb: Fix test for CVE-2013-4073. 2013-08-07T21:00:34+00:00 charliesome charliesome@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-08-07T21:00:34+00:00 885147037b37d8fc5424b95d82972c45c1151073 Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42429 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42429 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/openssl/ssl.rb: Fix SSL client connection crash for SAN marked 2013-07-05T21:08:04+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-07-05T21:08:04+00:00 a3a62f87e144be31b9ca8ad6415b207f43f4e126 critical. The patch for CVE-2013-4073 caused SSL crash when a SSL server returns the certificate that has critical SAN value. X509 extension could include 2 or 3 elements in it: [id, criticality, octet_string] if critical, [id, octet_string] if not. Making sure to pick the last element of X509 extension and use it as SAN value. [ruby-core:55685] [Bug #8575] Thank you @nahi for providing the patch! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41805 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  critical.
  The patch for CVE-2013-4073 caused SSL crash when a SSL server returns
  the certificate that has critical SAN value.  X509 extension could
  include 2 or 3 elements in it:

  [id, criticality, octet_string] if critical,
  [id, octet_string] if not.

  Making sure to pick the last element of X509 extension and use it as
  SAN value.
  [ruby-core:55685] [Bug #8575]

  Thank you @nahi for providing the patch!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41805 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix 2013-06-27T11:09:19+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-06-27T11:09:19+00:00 bc47f294ee88630bad65a603225b9486ec1752eb hostname verification. Patched by nahi. * test/openssl/test_ssl.rb (test_verify_certificate_identity): test for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41671 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  hostname verification. Patched by nahi.

* test/openssl/test_ssl.rb (test_verify_certificate_identity): test for
  above.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41671 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Correct shutdown behavior w.r.t GC. 2013-04-15T02:04:07+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-04-15T02:04:07+00:00 d6b1ab91dcf83536ea7d94f2b855e8ce21802136 * test/openssl/test_ssl.rb: Add tests to verify correct behavior. [Bug #8240] Patch provided by Shugo Maeda. Thanks! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40304 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/test_ssl.rb: Add tests to verify correct behavior.  

[Bug #8240] Patch provided by Shugo Maeda. Thanks!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40304 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Use :TLSv1_2_client explicitly in 2012-12-18T02:32:28+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:32:28+00:00 831af844ef2d4d716da07eda331c50d1e73005e3 test_tls_v1_2 to prevent upstream bug. [Bug #7197] [ruby-dev:46240] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test_tls_v1_2 to prevent upstream bug.
  [Bug #7197] [ruby-dev:46240]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38436 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb: Improve my grammar. 2012-12-18T02:04:52+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:04:52+00:00 e814e2ff3a6a970e88843cc6ff1e161075931e8e git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/ssl.rb: Enable insertion of empty fragments as a 2012-12-18T02:02:43+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:02:43+00:00 84f1dae9d637a2038d1b395bcc2f22404770d2d7 countermeasure for the BEAST attack by default. The default options of OpenSSL::SSL:SSLContext are now: OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS [Bug #5353] [ruby-core:39673] * test/openssl/test_ssl.rb: Adapt tests to new SSLContext default. * NEWS: Announce the new default. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  countermeasure for the BEAST attack by default. The default options
  of OpenSSL::SSL:SSLContext are now:
  OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
  [Bug #5353] [ruby-core:39673]

* test/openssl/test_ssl.rb: Adapt tests to new SSLContext default.

* NEWS: Announce the new default.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_asn1_rb: 2012-09-03T22:54:12+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T22:54:12+00:00 4bb125f91a1df7d5252b1dd1f59c1ce0238e0192 test/openssl/test_ssl_session.rb: test/openssl/test_x509name.rb: test/openssl/test_buffering.rb: test/openssl/test_x509cert.rb: test/openssl/test_ssl.rb: Refactor code that leads to warnings on Ruby CI. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test/openssl/test_ssl_session.rb:
  test/openssl/test_x509name.rb:
  test/openssl/test_buffering.rb:
  test/openssl/test_x509cert.rb:
  test/openssl/test_ssl.rb: Refactor code that leads to warnings on
  Ruby CI.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of OPENSSL_NPN_NEGOTIATED. 2012-08-31T09:47:36+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-31T09:47:36+00:00 25e6db3e3cb52c1a81e1e4a958a8d520a996812e ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be advertised by the server can be set in the SSLContext by using SSLContext#npn_protocols=, protocol selection on the client is supported by providing a selection callback with SSLContext#npn_select_cb. The protocol that was finally negotiated is available through SSL#npn_protocol. test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation. NEWS: add news about NPN support. [Feature #6503] [ruby-core:45272] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
  advertised by the server can be set in the SSLContext by using
  SSLContext#npn_protocols=, protocol selection on the client is
  supported by providing a selection callback with
  SSLContext#npn_select_cb. The protocol that was finally negotiated
  is available through SSL#npn_protocol.
  test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
  NEWS: add news about NPN support.
  [Feature #6503] [ruby-core:45272]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trainling spaces. 2012-08-21T04:50:18+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-21T04:50:18+00:00 d059d718b505bacbf7af6e9c473eb95391d481d0 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e