ruby.git/test/openssl/utils.rb, branch v2_1_0_preview2 The Ruby Programming Language * ext/openssl/ossl.c: do not use FIPS_mode_set if not available. 2012-12-20T07:00:11+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-20T07:00:11+00:00 4fce754f9b603664501ac4ee982988fb264d20f2 * test/openssl/utils.rb: revise comment about setting FIPS mode to false. * test/openssl/test_fips.rb: remove tests that cause errors on ruby-ci. [Feature #6946] [ruby-core:47345] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38491 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/utils.rb: revise comment about setting FIPS mode to
  false.
* test/openssl/test_fips.rb: remove tests that cause errors on
  ruby-ci.
  [Feature #6946] [ruby-core:47345]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38491 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c: add OpenSSL.fips_mode= to allow enabling FIPS 2012-12-20T00:29:07+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-20T00:29:07+00:00 a3b753b28214ad321e7335afada7f1b06d036836 mode manually. * test/openssl/utils.rb: turn off FIPS mode for tests. This prevents OpenSSL installations with FIPS mode enabled by default from raising FIPS-related errors during the tests. * test/openssl/test_fips.rb: add tests for FIPS-capable OpenSSL installations. [Feature #6946] [ruby-core:47345] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38480 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  mode manually.
* test/openssl/utils.rb: turn off FIPS mode for tests. This prevents
  OpenSSL installations with FIPS mode enabled by default from raising
  FIPS-related errors during the tests.
* test/openssl/test_fips.rb: add tests for FIPS-capable OpenSSL
  installations.
  [Feature #6946] [ruby-core:47345]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38480 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/utils.rb: Use DSS1 as DSA signature digest for all 2012-09-03T22:09:33+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T22:09:33+00:00 78755b8d52101e3b85ebce3aedd97e4cce8ed6ad OpenSSL versions < 1.0.0. [ruby-core:47405] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36891 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  OpenSSL versions < 1.0.0.
  [ruby-core:47405]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36891 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trailing spaces. 2012-09-03T03:22:22+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T03:22:22+00:00 a4ce3ab4fd5982af49662320839f8ec109d63881 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36886 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36886 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Detect OpenSSL_FIPS macro 2012-09-03T01:14:26+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-03T01:14:26+00:00 e29819df6e6a644bbfadbdc706a472c413015286 ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to indicate whether OpenSSL runs in FIPS mode. test/openssl/test_pkey_dh.rb: Generate 256 bit keys for non-FIPS installations to improve test performance (e.g. for rubyci). test/openssl/utils.rb: Replace DSS1 as certificate signature digest with SHA1 for FIPS installations when using DSA by introducing TestUtils::DSA_SIGNATURE_DIGEST. test/openssl/test_x509cert.rb: test/openssl/test_x509crl.rb: test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST NEWS: Introduce OpenSSL::OPENSSL_FIPS These changes allow running the OpenSSL tests in FIPS mode while keeping a high performance for non-FIPS installations. Introduction of OpenSSL::OPENSSL_FIPS allows for applications to react to special requirements when using OpenSSL in FIPS mode. [Feature #6946] [ruby-core:47345] - Diese und die folgenden Zeilen werden ignoriert -- M ext/openssl/extconf.rb M ext/openssl/ossl.c M NEWS M ChangeLog M test/openssl/utils.rb M test/openssl/test_x509crl.rb M test/openssl/test_x509req.rb M test/openssl/test_x509cert.rb M test/openssl/test_pkey_dh.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to
  indicate whether OpenSSL runs in FIPS mode.
  test/openssl/test_pkey_dh.rb: Generate 256 bit keys for
  non-FIPS installations to improve test performance (e.g. for
  rubyci).
  test/openssl/utils.rb: Replace DSS1 as certificate signature
  digest with SHA1 for FIPS installations when using DSA by
  introducing TestUtils::DSA_SIGNATURE_DIGEST.
  test/openssl/test_x509cert.rb: 
  test/openssl/test_x509crl.rb:
  test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST
  NEWS: Introduce OpenSSL::OPENSSL_FIPS
  
  These changes allow running the OpenSSL tests in FIPS mode
  while keeping a high performance for non-FIPS installations.
  Introduction of OpenSSL::OPENSSL_FIPS allows for applications
  to react to special requirements when using OpenSSL in FIPS mode.
  [Feature #6946] [ruby-core:47345]
- Diese und die folgenden Zeilen werden ignoriert --

M    ext/openssl/extconf.rb
M    ext/openssl/ossl.c
M    NEWS
M    ChangeLog
M    test/openssl/utils.rb
M    test/openssl/test_x509crl.rb
M    test/openssl/test_x509req.rb
M    test/openssl/test_x509cert.rb
M    test/openssl/test_pkey_dh.rb


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/utils.rb: Use a cached DH key instead of generating a 2012-09-02T12:50:02+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-02T12:50:02+00:00 5aa3caaa5d68d6e62612574869f1dc6293ebb836 new one each time. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  new one each time.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/utils.rb 2012-08-28T20:03:32+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-28T20:03:32+00:00 9871dd5783963ad3d341ddb58f6bfe7ca7ceb444 test/openssl/test_pair.rb test/openssl/test_pkey_dh.rb: Use 1024 bit DH parameters to satisfy OpenSSL FIPS requirements. Patch by Vit Ondruch. [Bug #6938] [ruby-core:47326] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test/openssl/test_pair.rb
  test/openssl/test_pkey_dh.rb: Use 1024 bit DH parameters to satisfy
  OpenSSL FIPS requirements. Patch by Vit Ondruch.
  [Bug #6938] [ruby-core:47326]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: add support for option flags 2012-05-07T11:57:01+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-07T11:57:01+00:00 5f7be3150f0bffb6a958770c61270302123774c3 OpenSSL::SSL::OP_NO_TLSv1_1 OpenSSL::SSL::OP_NO_TLSv1_2 to allow blocking specific TLS versions. Thanks to Justin Guyett for pointing this out to me. * test/openssl/test_ssl.rb: add tests to assert correct behavior when blocking certain versions of TLS/SSL both on server and client side. Also refactored tests to reduce boilerplate code a little. * test/openssl/utils.rb: rescue Errno::ECONNRESET for tests where client rejects the connection because a forbidden protocol version was used. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  OpenSSL::SSL::OP_NO_TLSv1_1
  OpenSSL::SSL::OP_NO_TLSv1_2
  to allow blocking specific TLS versions. Thanks to Justin Guyett for
  pointing this out to me.
* test/openssl/test_ssl.rb: add tests to assert correct behavior when
  blocking certain versions of TLS/SSL both on server and client side.
  Also refactored tests to reduce boilerplate code a little.
* test/openssl/utils.rb: rescue Errno::ECONNRESET for tests where
  client rejects the connection because a forbidden protocol version
  was used.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_verify_cb): trap the exception from 2011-07-14T05:41:05+00:00 nahi nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-07-14T05:41:05+00:00 ab86f1cffb204ab2c51c39926b9c34c4e608c5ad verify callback of SSLContext and X509Store and make the verification fail normally. Raising exception directly from callback causes orphan resouces in OpenSSL stack. Patched by Ippei Obayashi. See #4445. * test/openssl/test_ssl.rb (test_exception_in_verify_callback_is_ignored): test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  verify callback of SSLContext and X509Store and make the 
  verification fail normally. Raising exception directly from callback
  causes orphan resouces in OpenSSL stack. Patched by Ippei Obayashi. 
  See #4445.

* test/openssl/test_ssl.rb
  (test_exception_in_verify_callback_is_ignored): test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl_session.rb: Split out SSL::Session related 2011-06-22T03:40:08+00:00 nahi nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-06-22T03:40:08+00:00 02ab6d95beca6a23401da882e36123428367960d tests from test_ssl.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  tests from test_ssl.rb


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e