diff options
| author | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-22 03:43:38 +0000 |
|---|---|---|
| committer | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-22 03:43:38 +0000 |
| commit | bda678dc5b8533d7161b1021230b9732acaab0c5 (patch) | |
| tree | 91355bd2c9613e250eb5ff182019690871ba8b9c | |
| parent | 02ab6d95beca6a23401da882e36123428367960d (diff) | |
* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der):
OpenSSL::SSL::Session#to_der was broken. Fix buffer handling.
* test/openssl/test_ssl_session.rb (test_session): Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | ext/openssl/ossl_ssl_session.c | 19 | ||||
| -rw-r--r-- | test/openssl/test_ssl_session.rb | 29 |
3 files changed, 46 insertions, 9 deletions
@@ -1,3 +1,10 @@ +Wed Jun 22 12:41:03 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der): + OpenSSL::SSL::Session#to_der was broken. Fix buffer handling. + + * test/openssl/test_ssl_session.rb (test_session): Test it. + Wed Jun 22 12:38:52 2011 Hiroshi Nakamura <nahi@ruby-lang.org> * test/openssl/test_ssl_session.rb: Split out SSL::Session related diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index d9db9a67fa..45cc8492c2 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -195,20 +195,21 @@ static VALUE ossl_ssl_session_get_id(VALUE self) static VALUE ossl_ssl_session_to_der(VALUE self) { SSL_SESSION *ctx; - unsigned char buf[1024*10], *p; + unsigned char *p; int len; + VALUE str; GetSSLSession(self, ctx); - - p = buf; - len = i2d_SSL_SESSION(ctx, &p); - - if (len <= 0) + len = i2d_SSL_SESSION(ctx, NULL); + if (len <= 0) { ossl_raise(eSSLSession, "i2d_SSL_SESSION"); - else if (len >= (int)sizeof(buf)) - ossl_raise(eSSLSession, "i2d_SSL_SESSION too large"); + } - return rb_str_new((const char *) p, len); + str = rb_str_new(0, len); + p = (unsigned char *)RSTRING_PTR(str); + i2d_SSL_SESSION(ctx, &p); + ossl_str_adjust(str, p); + return str; } /* diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb index 51720308ae..00513670b2 100644 --- a/test/openssl/test_ssl_session.rb +++ b/test/openssl/test_ssl_session.rb @@ -3,6 +3,35 @@ require_relative "utils" if defined?(OpenSSL) class OpenSSL::TestSSLSession < OpenSSL::SSLTestCase + def test_session + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port| + sock = TCPSocket.new("127.0.0.1", port) + ctx = OpenSSL::SSL::SSLContext.new("TLSv1") + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.sync_close = true + ssl.connect + session = ssl.session + assert(session == OpenSSL::SSL::Session.new(session.to_pem)) + assert(session == OpenSSL::SSL::Session.new(ssl)) + assert_equal(300, session.timeout) + session.timeout = 5 + assert_equal(5, session.timeout) + assert_not_nil(session.time) + # SSL_SESSION_time keeps long value so we can't keep nsec fragment. + session.time = t1 = Time.now.to_i + assert_equal(Time.at(t1), session.time) + if session.respond_to?(:id) + assert_not_nil(session.id) + end + pem = session.to_pem + assert_match(/\A-----BEGIN SSL SESSION PARAMETERS-----/, pem) + assert_match(/-----END SSL SESSION PARAMETERS-----\Z/, pem) + pem.gsub!(/-----(BEGIN|END) SSL SESSION PARAMETERS-----/, '').gsub!(/[\r\n]+/m, '') + assert_equal(session.to_der, pem.unpack('m*')[0]) + ssl.close + end + end + def test_client_session last_session = nil start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port| |