summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 04:07:47 +0000
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 04:07:47 +0000
commitc8cb26252a9615378a3000d7752a6d6fbb6ea3db (patch)
treed2b44188726eae2ab06a875f2a1a1779aad28ed5
parentd66e88dc2c9fc3b6acdf98fa88ad04ec0de82622 (diff)
openssl: clear OpenSSL error queue before return to Ruby
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify() family may put errors on 0 return (0 means verification failure). Clear OpenSSL error queue before return to Ruby. Since the queue is thread global, remaining errors in the queue can cause an unexpected error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215] * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto. * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto. * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error queue before re-raising exception. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto. * test/openssl: check that OpenSSL.errors is empty every time after running a test case. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog26
-rw-r--r--ext/openssl/ossl_pkey_dh.c6
-rw-r--r--ext/openssl/ossl_pkey_dsa.c9
-rw-r--r--ext/openssl/ossl_pkey_rsa.c6
-rw-r--r--ext/openssl/ossl_ssl.c7
-rw-r--r--ext/openssl/ossl_x509cert.c15
-rw-r--r--ext/openssl/ossl_x509crl.c14
-rw-r--r--ext/openssl/ossl_x509req.c14
-rw-r--r--ext/openssl/ossl_x509store.c16
-rw-r--r--test/openssl/test_asn1.rb2
-rw-r--r--test/openssl/test_bn.rb2
-rw-r--r--test/openssl/test_buffering.rb2
-rw-r--r--test/openssl/test_cipher.rb3
-rw-r--r--test/openssl/test_config.rb3
-rw-r--r--test/openssl/test_digest.rb3
-rw-r--r--test/openssl/test_engine.rb3
-rw-r--r--test/openssl/test_fips.rb2
-rw-r--r--test/openssl/test_hmac.rb5
-rw-r--r--test/openssl/test_ns_spki.rb2
-rw-r--r--test/openssl/test_ocsp.rb2
-rw-r--r--test/openssl/test_pair.rb12
-rw-r--r--test/openssl/test_pkcs12.rb2
-rw-r--r--test/openssl/test_pkcs5.rb2
-rw-r--r--test/openssl/test_pkcs7.rb2
-rw-r--r--test/openssl/test_pkey_dh.rb2
-rw-r--r--test/openssl/test_pkey_dsa.rb12
-rw-r--r--test/openssl/test_pkey_ec.rb7
-rw-r--r--test/openssl/test_pkey_rsa.rb11
-rw-r--r--test/openssl/test_random.rb2
-rw-r--r--test/openssl/test_x509cert.rb5
-rw-r--r--test/openssl/test_x509crl.rb5
-rw-r--r--test/openssl/test_x509ext.rb5
-rw-r--r--test/openssl/test_x509name.rb5
-rw-r--r--test/openssl/test_x509req.rb2
-rw-r--r--test/openssl/test_x509store.rb5
-rw-r--r--test/openssl/utils.rb12
36 files changed, 125 insertions, 108 deletions
diff --git a/ChangeLog b/ChangeLog
index 0940f98926a..5663cf37742 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,29 @@
+Wed May 18 13:03:07 2016 Kazuki Yamaguchi <k@rhe.jp>
+
+ * ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
+ family may put errors on 0 return (0 means verification failure).
+ Clear OpenSSL error queue before return to Ruby. Since the queue is
+ thread global, remaining errors in the queue can cause an unexpected
+ error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215]
+
+ * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.
+
+ * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.
+
+ * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.
+
+ * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
+ queue before re-raising exception.
+
+ * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
+
+ * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
+
+ * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.
+
+ * test/openssl: check that OpenSSL.errors is empty every time after
+ running a test case.
+
Wed May 18 12:07:42 2016 Kazuki Yamaguchi <k@rhe.jp>
* ext/openssl/ossl.c (ossl_clear_error): Extracted from
diff --git a/ext/openssl/ossl_pkey_dh.c b/ext/openssl/ossl_pkey_dh.c
index 2f79bfb2f6f..19c517fd3c6 100644
--- a/ext/openssl/ossl_pkey_dh.c
+++ b/ext/openssl/ossl_pkey_dh.c
@@ -129,7 +129,11 @@ dh_generate(int size, int gen)
if (!gen_arg.result) {
DH_free(dh);
- if (cb_arg.state) rb_jump_tag(cb_arg.state);
+ if (cb_arg.state) {
+ /* Clear OpenSSL error queue before re-raising. */
+ ossl_clear_error();
+ rb_jump_tag(cb_arg.state);
+ }
return 0;
}
#else
diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c
index 2e42a0cef5e..4c0c3f1bd75 100644
--- a/ext/openssl/ossl_pkey_dsa.c
+++ b/ext/openssl/ossl_pkey_dsa.c
@@ -135,7 +135,14 @@ dsa_generate(int size)
}
if (!gen_arg.result) {
DSA_free(dsa);
- if (cb_arg.state) rb_jump_tag(cb_arg.state);
+ if (cb_arg.state) {
+ /* Clear OpenSSL error queue before re-raising. By the way, the
+ * documentation of DSA_generate_parameters_ex() says the error code
+ * can be obtained by ERR_get_error(), but the default
+ * implementation, dsa_builtin_paramgen() doesn't put any error... */
+ ossl_clear_error();
+ rb_jump_tag(cb_arg.state);
+ }
return 0;
}
#else
diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c
index 20b993abb87..6ad9f3eda57 100644
--- a/ext/openssl/ossl_pkey_rsa.c
+++ b/ext/openssl/ossl_pkey_rsa.c
@@ -139,7 +139,11 @@ rsa_generate(int size, unsigned long exp)
if (!gen_arg.result) {
BN_free(e);
RSA_free(rsa);
- if (cb_arg.state) rb_jump_tag(cb_arg.state);
+ if (cb_arg.state) {
+ /* must clear OpenSSL error stack */
+ ossl_clear_error();
+ rb_jump_tag(cb_arg.state);
+ }
return 0;
}
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 10797109fd9..938e36f18af 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -1288,8 +1288,11 @@ ossl_start_ssl(VALUE self, int (*func)(), const char *funcname, VALUE opts)
ret = func(ssl);
cb_state = rb_ivar_get(self, ID_callback_state);
- if (!NIL_P(cb_state))
- rb_jump_tag(NUM2INT(cb_state));
+ if (!NIL_P(cb_state)) {
+ /* must cleanup OpenSSL error stack before re-raising */
+ ossl_clear_error();
+ rb_jump_tag(NUM2INT(cb_state));
+ }
if (ret > 0)
break;
diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c
index 4dafae17b91..226704efc6d 100644
--- a/ext/openssl/ossl_x509cert.c
+++ b/ext/openssl/ossl_x509cert.c
@@ -591,18 +591,19 @@ ossl_x509_verify(VALUE self, VALUE key)
{
X509 *x509;
EVP_PKEY *pkey;
- int i;
pkey = GetPKeyPtr(key); /* NO NEED TO DUP */
GetX509(self, x509);
- if ((i = X509_verify(x509, pkey)) < 0) {
- ossl_raise(eX509CertError, NULL);
- }
- if (i > 0) {
+
+ switch (X509_verify(x509, pkey)) {
+ case 1:
return Qtrue;
+ case 0:
+ ossl_clear_error();
+ return Qfalse;
+ default:
+ ossl_raise(eX509CertError, NULL);
}
-
- return Qfalse;
}
/*
diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c
index f64712efcd3..a660cccebc9 100644
--- a/ext/openssl/ossl_x509crl.c
+++ b/ext/openssl/ossl_x509crl.c
@@ -360,17 +360,17 @@ static VALUE
ossl_x509crl_verify(VALUE self, VALUE key)
{
X509_CRL *crl;
- int ret;
GetX509CRL(self, crl);
- if ((ret = X509_CRL_verify(crl, GetPKeyPtr(key))) < 0) {
- ossl_raise(eX509CRLError, NULL);
- }
- if (ret == 1) {
+ switch (X509_CRL_verify(crl, GetPKeyPtr(key))) {
+ case 1:
return Qtrue;
+ case 0:
+ ossl_clear_error();
+ return Qfalse;
+ default:
+ ossl_raise(eX509CRLError, NULL);
}
-
- return Qfalse;
}
static VALUE
diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c
index e5ce088a15c..c1cdca5fbe1 100644
--- a/ext/openssl/ossl_x509req.c
+++ b/ext/openssl/ossl_x509req.c
@@ -375,18 +375,18 @@ ossl_x509req_verify(VALUE self, VALUE key)
{
X509_REQ *req;
EVP_PKEY *pkey;
- int i;
GetX509Req(self, req);
pkey = GetPKeyPtr(key); /* NO NEED TO DUP */
- if ((i = X509_REQ_verify(req, pkey)) < 0) {
- ossl_raise(eX509ReqError, NULL);
- }
- if (i > 0) {
+ switch (X509_REQ_verify(req, pkey)) {
+ case 1:
return Qtrue;
+ case 0:
+ ossl_clear_error();
+ return Qfalse;
+ default:
+ ossl_raise(eX509ReqError, NULL);
}
-
- return Qfalse;
}
static VALUE
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index bb6fe14d874..aca25b150cf 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -464,14 +464,20 @@ static VALUE
ossl_x509stctx_verify(VALUE self)
{
X509_STORE_CTX *ctx;
- int result;
GetX509StCtx(self, ctx);
X509_STORE_CTX_set_ex_data(ctx, ossl_verify_cb_idx,
- (void*)rb_iv_get(self, "@verify_callback"));
- result = X509_verify_cert(ctx);
-
- return result ? Qtrue : Qfalse;
+ (void *)rb_iv_get(self, "@verify_callback"));
+
+ switch (X509_verify_cert(ctx)) {
+ case 1:
+ return Qtrue;
+ case 0:
+ ossl_clear_error();
+ return Qfalse;
+ default:
+ ossl_raise(eX509CertError, NULL);
+ }
}
static VALUE
diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb
index fd2118d808d..9db9ec510b4 100644
--- a/test/openssl/test_asn1.rb
+++ b/test/openssl/test_asn1.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: false
require_relative 'utils'
-class OpenSSL::TestASN1 < Test::Unit::TestCase
+class OpenSSL::TestASN1 < OpenSSL::TestCase
def test_decode
subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
key = OpenSSL::TestUtils::TEST_KEY_RSA1024
diff --git a/test/openssl/test_bn.rb b/test/openssl/test_bn.rb
index 415bd74c79f..37ba5e5595d 100644
--- a/test/openssl/test_bn.rb
+++ b/test/openssl/test_bn.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestBN < Test::Unit::TestCase
+class OpenSSL::TestBN < OpenSSL::TestCase
def test_new_str
e1 = OpenSSL::BN.new(999.to_s(16), 16) # OpenSSL::BN.new(str, 16) must be most stable
e2 = OpenSSL::BN.new((2**107-1).to_s(16), 16)
diff --git a/test/openssl/test_buffering.rb b/test/openssl/test_buffering.rb
index 1f552c935bc..1f42cd3c318 100644
--- a/test/openssl/test_buffering.rb
+++ b/test/openssl/test_buffering.rb
@@ -2,7 +2,7 @@
require_relative 'utils'
require 'stringio'
-class OpenSSL::TestBuffering < Test::Unit::TestCase
+class OpenSSL::TestBuffering < OpenSSL::TestCase
class IO
include OpenSSL::Buffering
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb
index 32f0d118f48..dab64aa5a16 100644
--- a/test/openssl/test_cipher.rb
+++ b/test/openssl/test_cipher.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestCipher < Test::Unit::TestCase
+class OpenSSL::TestCipher < OpenSSL::TestCase
class << self
@@ -34,6 +34,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
end
def teardown
+ super
@c1 = @c2 = nil
end
diff --git a/test/openssl/test_config.rb b/test/openssl/test_config.rb
index 1a5dfe62e8c..bedd1d047c6 100644
--- a/test/openssl/test_config.rb
+++ b/test/openssl/test_config.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: false
require_relative 'utils'
-class OpenSSL::TestConfig < Test::Unit::TestCase
+class OpenSSL::TestConfig < OpenSSL::TestCase
def setup
file = Tempfile.open("openssl.cnf")
file << <<__EOD__
@@ -18,6 +18,7 @@ __EOD__
end
def teardown
+ super
@tmpfile.close!
end
diff --git a/test/openssl/test_digest.rb b/test/openssl/test_digest.rb
index 8b724a03a91..ba3e974bc6d 100644
--- a/test/openssl/test_digest.rb
+++ b/test/openssl/test_digest.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestDigest < Test::Unit::TestCase
+class OpenSSL::TestDigest < OpenSSL::TestCase
def setup
@d1 = OpenSSL::Digest.new("MD5")
@d2 = OpenSSL::Digest::MD5.new
@@ -12,6 +12,7 @@ class OpenSSL::TestDigest < Test::Unit::TestCase
end
def teardown
+ super
@d1 = @d2 = @md = nil
end
diff --git a/test/openssl/test_engine.rb b/test/openssl/test_engine.rb
index 3521de63961..9a0da340701 100644
--- a/test/openssl/test_engine.rb
+++ b/test/openssl/test_engine.rb
@@ -1,9 +1,10 @@
# frozen_string_literal: false
require_relative 'utils'
-class OpenSSL::TestEngine < Test::Unit::TestCase
+class OpenSSL::TestEngine < OpenSSL::TestCase
def teardown
+ super
OpenSSL::Engine.cleanup # [ruby-core:40669]
assert_equal(0, OpenSSL::Engine.engines.size)
end
diff --git a/test/openssl/test_fips.rb b/test/openssl/test_fips.rb
index 33769c9388f..534dade02bd 100644
--- a/test/openssl/test_fips.rb
+++ b/test/openssl/test_fips.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestFIPS < Test::Unit::TestCase
+class OpenSSL::TestFIPS < OpenSSL::TestCase
def test_fips_mode_is_reentrant
OpenSSL.fips_mode = false
diff --git a/test/openssl/test_hmac.rb b/test/openssl/test_hmac.rb
index 135d26f02c7..3c90a5de02f 100644
--- a/test/openssl/test_hmac.rb
+++ b/test/openssl/test_hmac.rb
@@ -3,7 +3,7 @@
require_relative 'utils'
-class OpenSSL::TestHMAC < Test::Unit::TestCase
+class OpenSSL::TestHMAC < OpenSSL::TestCase
def setup
@digest = OpenSSL::Digest::MD5
@key = "KEY"
@@ -12,9 +12,6 @@ class OpenSSL::TestHMAC < Test::Unit::TestCase
@h2 = OpenSSL::HMAC.new(@key, "MD5")
end
- def teardown
- end
-
def test_hmac
@h1.update(@data)
@h2.update(@data)
diff --git a/test/openssl/test_ns_spki.rb b/test/openssl/test_ns_spki.rb
index 4f6e6f59e79..4740c0b29e9 100644
--- a/test/openssl/test_ns_spki.rb
+++ b/test/openssl/test_ns_spki.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestNSSPI < Test::Unit::TestCase
+class OpenSSL::TestNSSPI < OpenSSL::TestCase
def setup
# This request data is adopt from the specification of
# "Netscape Extensions for User Key Generation".
diff --git a/test/openssl/test_ocsp.rb b/test/openssl/test_ocsp.rb
index 1a969fd767f..d04b4216159 100644
--- a/test/openssl/test_ocsp.rb
+++ b/test/openssl/test_ocsp.rb
@@ -3,7 +3,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestOCSP < Test::Unit::TestCase
+class OpenSSL::TestOCSP < OpenSSL::TestCase
def setup
ca_subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
ca_key = OpenSSL::TestUtils::TEST_KEY_RSA1024
diff --git a/test/openssl/test_pair.rb b/test/openssl/test_pair.rb
index 06c34442b7c..38b33a46226 100644
--- a/test/openssl/test_pair.rb
+++ b/test/openssl/test_pair.rb
@@ -517,36 +517,36 @@ module OpenSSL::TestPairM
end
end
-class OpenSSL::TestEOF1 < Test::Unit::TestCase
+class OpenSSL::TestEOF1 < OpenSSL::TestCase
include TestEOF
include OpenSSL::SSLPair
include OpenSSL::TestEOF1M
end
-class OpenSSL::TestEOF1LowlevelSocket < Test::Unit::TestCase
+class OpenSSL::TestEOF1LowlevelSocket < OpenSSL::TestCase
include TestEOF
include OpenSSL::SSLPairLowlevelSocket
include OpenSSL::TestEOF1M
end
-class OpenSSL::TestEOF2 < Test::Unit::TestCase
+class OpenSSL::TestEOF2 < OpenSSL::TestCase
include TestEOF
include OpenSSL::SSLPair
include OpenSSL::TestEOF2M
end
-class OpenSSL::TestEOF2LowlevelSocket < Test::Unit::TestCase
+class OpenSSL::TestEOF2LowlevelSocket < OpenSSL::TestCase
include TestEOF
include OpenSSL::SSLPairLowlevelSocket
include OpenSSL::TestEOF2M
end
-class OpenSSL::TestPair < Test::Unit::TestCase
+class OpenSSL::TestPair < OpenSSL::TestCase
include OpenSSL::SSLPair
include OpenSSL::TestPairM
end
-class OpenSSL::TestPairLowlevelSocket < Test::Unit::TestCase
+class OpenSSL::TestPairLowlevelSocket < OpenSSL::TestCase
include OpenSSL::SSLPairLowlevelSocket
include OpenSSL::TestPairM
end
diff --git a/test/openssl/test_pkcs12.rb b/test/openssl/test_pkcs12.rb
index ba07d767898..61fb4474735 100644
--- a/test/openssl/test_pkcs12.rb
+++ b/test/openssl/test_pkcs12.rb
@@ -4,7 +4,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
module OpenSSL
- class TestPKCS12 < Test::Unit::TestCase
+ class TestPKCS12 < OpenSSL::TestCase
include OpenSSL::TestUtils
def setup
diff --git a/test/openssl/test_pkcs5.rb b/test/openssl/test_pkcs5.rb
index f38fd716b76..ad8132c263b 100644
--- a/test/openssl/test_pkcs5.rb
+++ b/test/openssl/test_pkcs5.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: false
require_relative 'utils'
-class OpenSSL::TestPKCS5 < Test::Unit::TestCase
+class OpenSSL::TestPKCS5 < OpenSSL::TestCase
def test_pbkdf2_hmac_sha1_rfc6070_c_1_len_20
p ="password"
diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb
index ce99db50b17..dfe4c6ca828 100644
--- a/test/openssl/test_pkcs7.rb
+++ b/test/openssl/test_pkcs7.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestPKCS7 < Test::Unit::TestCase
+class OpenSSL::TestPKCS7 < OpenSSL::TestCase
def setup
@rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
@rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
diff --git a/test/openssl/test_pkey_dh.rb b/test/openssl/test_pkey_dh.rb
index a0eca53c487..afd7a3187c5 100644
--- a/test/openssl/test_pkey_dh.rb
+++ b/test/openssl/test_pkey_dh.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestPKeyDH < Test::Unit::TestCase
+class OpenSSL::TestPKeyDH < OpenSSL::TestCase
NEW_KEYLEN = 256
diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index eb3e4f1c65e..2c0e1fc24fe 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -4,7 +4,7 @@ require 'base64'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestPKeyDSA < Test::Unit::TestCase
+class OpenSSL::TestPKeyDSA < OpenSSL::TestCase
def test_private
key = OpenSSL::PKey::DSA.new(256)
assert(key.private?)
@@ -20,7 +20,6 @@ class OpenSSL::TestPKeyDSA < Test::Unit::TestCase
key = OpenSSL::PKey::DSA.new 256
pem = key.public_key.to_pem
OpenSSL::PKey::DSA.new pem
- assert_equal([], OpenSSL.errors)
end
def test_new_break
@@ -84,7 +83,6 @@ end
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
- assert_equal([], OpenSSL.errors)
end
def test_read_DSAPublicKey_pem
@@ -109,7 +107,6 @@ fWLOqqkzFeRrYMDzUpl36XktY6Yq8EJYlW9pCMmBVNy/dQ==
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
- assert_equal([], OpenSSL.errors)
end
def test_read_DSA_PUBKEY_pem
@@ -135,7 +132,6 @@ YNMbNw==
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
- assert_equal([], OpenSSL.errors)
end
def test_export_format_is_DSA_PUBKEY_pem
@@ -165,7 +161,6 @@ YNMbNw==
pub_key = OpenSSL::ASN1.decode(seq[1].value)
assert_equal(OpenSSL::ASN1::INTEGER, pub_key.tag)
assert_equal(key.pub_key, pub_key.value)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_der
@@ -174,7 +169,6 @@ YNMbNw==
key2 = OpenSSL::PKey.read(der)
assert(key2.private?)
assert_equal(der, key2.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -183,7 +177,6 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem)
assert(key2.private?)
assert_equal(pem, key2.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -192,7 +185,6 @@ YNMbNw==
key2 = OpenSSL::PKey.read(der)
assert(!key2.private?)
assert_equal(der, key2.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -201,7 +193,6 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem)
assert(!key2.private?)
assert_equal(pem, key2.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -216,7 +207,6 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem, 'secret')
assert(key2.private?)
#omit pem equality check, will be different due to cipher iv
- assert_equal([], OpenSSL.errors)
end
def test_export_password_length
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
index d3edcc47b40..c530ee06b0f 100644
--- a/test/openssl/test_pkey_ec.rb
+++ b/test/openssl/test_pkey_ec.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils) && defined?(OpenSSL::PKey::EC)
-class OpenSSL::TestEC < Test::Unit::TestCase
+class OpenSSL::TestEC < OpenSSL::TestCase
def setup
@data1 = 'foo'
@data2 = 'bar' * 1000 # data too long for DSA sig
@@ -131,7 +131,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(der)
assert(ec2.private_key?)
assert_equal(der, ec2.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -140,7 +139,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(pem)
assert(ec2.private_key?)
assert_equal(pem, ec2.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -151,7 +149,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec3 = OpenSSL::PKey.read(der)
assert(!ec3.private_key?)
assert_equal(der, ec3.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -162,7 +159,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec3 = OpenSSL::PKey.read(pem)
assert(!ec3.private_key?)
assert_equal(pem, ec3.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -177,7 +173,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(pem, 'secret')
assert(ec2.private_key?)
#omit pem equality check, will be different due to cipher iv
- assert_equal([], OpenSSL.errors)
end
def test_export_password_length
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index 165b1ec98eb..54fce2f59ea 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -4,7 +4,7 @@ require 'base64'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
+class OpenSSL::TestPKeyRSA < OpenSSL::TestCase
def test_padding
key = OpenSSL::PKey::RSA.new(512, 3)
@@ -180,7 +180,6 @@ AudJR1JobbIbDJrQu6AXnWh5k/YtAgMBAAE=
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
- assert_equal([], OpenSSL.errors)
end
def test_read_RSA_PUBKEY_pem
@@ -201,7 +200,6 @@ AwEAAQ==
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
- assert_equal([], OpenSSL.errors)
end
def test_export_format_is_RSA_PUBKEY
@@ -223,7 +221,6 @@ AwEAAQ==
key = OpenSSL::PKey.read(der)
assert(key.private?)
assert_equal(der, key.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -231,7 +228,6 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem)
assert(key.private?)
assert_equal(pem, key.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -239,7 +235,6 @@ AwEAAQ==
key = OpenSSL::PKey.read(der)
assert(!key.private?)
assert_equal(der, key.to_der)
- assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -247,7 +242,6 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem)
assert(!key.private?)
assert_equal(pem, key.to_pem)
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -261,7 +255,6 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem, 'secret')
assert(key.private?)
#omit pem equality check, will be different due to cipher iv
- assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw_exception
@@ -272,7 +265,6 @@ AwEAAQ==
raise RuntimeError
end
end
- assert_equal([], OpenSSL.errors)
end
def test_export_password_length
@@ -306,7 +298,6 @@ AwEAAQ==
assert_equal(key.n, pub_key.value[0].value)
assert_equal(OpenSSL::ASN1::INTEGER, pub_key.value[1].tag)
assert_equal(key.e, pub_key.value[1].value)
- assert_equal([], OpenSSL.errors)
end
end
diff --git a/test/openssl/test_random.rb b/test/openssl/test_random.rb
index 8c69d5431c4..defa09dd759 100644
--- a/test/openssl/test_random.rb
+++ b/test/openssl/test_random.rb
@@ -4,7 +4,7 @@ begin
rescue LoadError
end
-class OpenSSL::TestRandom < Test::Unit::TestCase
+class OpenSSL::TestRandom < OpenSSL::TestCase
def test_random_bytes
assert_equal("", OpenSSL::Random.random_bytes(0))
assert_equal(12, OpenSSL::Random.random_bytes(12).bytesize)
diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb
index 72cb9e6095f..ae7a0f08554 100644
--- a/test/openssl/test_x509cert.rb
+++ b/test/openssl/test_x509cert.rb
@@ -3,7 +3,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509Certificate < Test::Unit::TestCase
+class OpenSSL::TestX509Certificate < OpenSSL::TestCase
def setup
@rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
@rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
@@ -14,9 +14,6 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase
@ee2 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE2")
end
- def teardown
- end
-
def issue_cert(*args)
OpenSSL::TestUtils.issue_cert(*args)
end
diff --git a/test/openssl/test_x509crl.rb b/test/openssl/test_x509crl.rb
index 7994ddeaf90..fd66c975887 100644
--- a/test/openssl/test_x509crl.rb
+++ b/test/openssl/test_x509crl.rb
@@ -3,7 +3,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509CRL < Test::Unit::TestCase
+class OpenSSL::TestX509CRL < OpenSSL::TestCase
def setup
@rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
@rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
@@ -14,9 +14,6 @@ class OpenSSL::TestX509CRL < Test::Unit::TestCase
@ee2 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE2")
end
- def teardown
- end
-
def issue_crl(*args)
OpenSSL::TestUtils.issue_crl(*args)
end
diff --git a/test/openssl/test_x509ext.rb b/test/openssl/test_x509ext.rb
index e6d49bb679e..99e2eda5b32 100644
--- a/test/openssl/test_x509ext.rb
+++ b/test/openssl/test_x509ext.rb
@@ -3,7 +3,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509Extension < Test::Unit::TestCase
+class OpenSSL::TestX509Extension < OpenSSL::TestCase
def setup
@basic_constraints_value = OpenSSL::ASN1::Sequence([
OpenSSL::ASN1::Boolean(true), # CA
@@ -16,9 +16,6 @@ class OpenSSL::TestX509Extension < Test::Unit::TestCase
])
end
- def teardown
- end
-
def test_new
ext = OpenSSL::X509::Extension.new(@basic_constraints.to_der)
assert_equal("basicConstraints", ext.oid)
diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb
index 56e79879cfc..d26174efdfc 100644
--- a/test/openssl/test_x509name.rb
+++ b/test/openssl/test_x509name.rb
@@ -4,7 +4,7 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509Name < Test::Unit::TestCase
+class OpenSSL::TestX509Name < OpenSSL::TestCase
OpenSSL::ASN1::ObjectId.register(
"1.2.840.113549.1.9.1", "emailAddress", "emailAddress")
OpenSSL::ASN1::ObjectId.register(
@@ -15,9 +15,6 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase
@obj_type_tmpl.update(OpenSSL::X509::Name::OBJECT_TYPE_TEMPLATE)
end
- def teardown
- end
-
def test_s_new
dn = [ ["C", "JP"], ["O", "example"], ["CN", "www.example.jp"] ]
name = OpenSSL::X509::Name.new(dn)
diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb
index f1bf18465f8..7ceff5839b5 100644
--- a/test/openssl/test_x509req.rb
+++ b/test/openssl/test_x509req.rb
@@ -3,7 +3,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509Request < Test::Unit::TestCase
+class OpenSSL::TestX509Request < OpenSSL::TestCase
def setup
@rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
@rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
diff --git a/test/openssl/test_x509store.rb b/test/openssl/test_x509store.rb
index 9964cc8fc47..6a443a7cf17 100644
--- a/test/openssl/test_x509store.rb
+++ b/test/openssl/test_x509store.rb
@@ -3,7 +3,7 @@ require_relative "utils"
if defined?(OpenSSL::TestUtils)
-class OpenSSL::TestX509Store < Test::Unit::TestCase
+class OpenSSL::TestX509Store < OpenSSL::TestCase
def setup
@rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
@rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
@@ -15,9 +15,6 @@ class OpenSSL::TestX509Store < Test::Unit::TestCase
@ee2 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE2")
end
- def teardown
- end
-
def test_nosegv_on_cleanup
cert = OpenSSL::X509::Certificate.new
store = OpenSSL::X509::Store.new
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
index 6909854cad7..450250169b1 100644
--- a/test/openssl/utils.rb
+++ b/test/openssl/utils.rb
@@ -181,7 +181,14 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
end
end
- class OpenSSL::SSLTestCase < Test::Unit::TestCase
+ class OpenSSL::TestCase < Test::Unit::TestCase
+ def teardown
+ # OpenSSL error stack must be empty
+ assert_equal([], OpenSSL.errors)
+ end
+ end
+
+ class OpenSSL::SSLTestCase < OpenSSL::TestCase
RUBY = EnvUtil.rubybin
ITERATIONS = ($0 == __FILE__) ? 100 : 10
@@ -206,9 +213,6 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
@server = nil
end
- def teardown
- end
-
def issue_cert(*arg)
OpenSSL::TestUtils.issue_cert(*arg)
end