summaryrefslogtreecommitdiff
path: root/test/net
diff options
context:
space:
mode:
authorgotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2007-12-20 16:21:22 +0000
committergotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2007-12-20 16:21:22 +0000
commitc6920177f3e561f779f54534e511f0c9f0de6edd (patch)
tree3e7fe138ecb67bb2e2a9e520b373d420b315e147 /test/net
parentd86caf318820ebcebf981b822a65d5a4cfab6364 (diff)
* lib/net/http.rb (Net::HTTP#connect): use
OpenSSL::SSL::SSLContext.build instead of SSLContext.new (default verify mode is now OpenSSL::SSL::VERIFY_PEER). * lib/net/https.rb: SSL parameters are defined by attr_accessor. * test/net/http/test_https.rb: add test for HTTPS features. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/net')
-rw-r--r--test/net/http/test_https.rb97
-rw-r--r--test/net/http/utils.rb19
2 files changed, 113 insertions, 3 deletions
diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb
new file mode 100644
index 0000000000..d74f10712c
--- /dev/null
+++ b/test/net/http/test_https.rb
@@ -0,0 +1,97 @@
+require "test/unit"
+begin
+ require 'net/https'
+rescue LoadError
+ # should skip this test
+end
+require 'stringio'
+require File.expand_path("utils", File.dirname(__FILE__))
+require File.expand_path("../../openssl/utils", File.dirname(__FILE__))
+
+class TestNetHTTPS < Test::Unit::TestCase
+ include TestNetHTTPUtils
+
+ subject = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
+ exts = [
+ ["keyUsage", "keyEncipherment,digitalSignature", true],
+ ]
+ key = OpenSSL::TestUtils::TEST_KEY_RSA1024
+ cert = OpenSSL::TestUtils.issue_cert(
+ subject, key, 1, Time.now, Time.now + 3600, exts,
+ nil, nil, OpenSSL::Digest::SHA1.new
+ )
+
+ CONFIG = {
+ 'host' => '127.0.0.1',
+ 'port' => 10081,
+ 'proxy_host' => nil,
+ 'proxy_port' => nil,
+ 'ssl_enable' => true,
+ 'ssl_certificate' => cert,
+ 'ssl_private_key' => key,
+ }
+
+ def test_get
+ http = Net::HTTP.new("localhost", config("port"))
+ http.use_ssl = true
+ http.verify_callback = Proc.new do |preverify_ok, store_ctx|
+ store_ctx.current_cert.to_der == config('ssl_certificate').to_der
+ end
+ http.request_get("/") {|res|
+ assert_equal($test_net_http_data, res.body)
+ }
+ end
+
+ def test_post
+ http = Net::HTTP.new("localhost", config("port"))
+ http.use_ssl = true
+ http.verify_callback = Proc.new do |preverify_ok, store_ctx|
+ store_ctx.current_cert.to_der == config('ssl_certificate').to_der
+ end
+ data = config('ssl_private_key').to_der
+ http.request_post("/", data) {|res|
+ assert_equal(data, res.body)
+ }
+ end
+
+ if ENV["RUBY_OPENSSL_TEST_ALL"]
+ def test_verify
+ http = Net::HTTP.new("ssl.netlab.jp", 443)
+ http.use_ssl = true
+ assert(
+ http.request_head("/"){|res| },
+ "The system may not have default CA certificate store."
+ )
+ end
+ end
+
+ def test_verify_none
+ http = Net::HTTP.new("localhost", config("port"))
+ http.use_ssl = true
+ http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ http.request_get("/") {|res|
+ assert_equal($test_net_http_data, res.body)
+ }
+ end
+
+ def test_certificate_verify_failure
+ http = Net::HTTP.new("localhost", config("port"))
+ http.use_ssl = true
+ ex = assert_raise(OpenSSL::SSL::SSLError){
+ http.request_get("/") {|res| }
+ }
+ assert_match(/certificate verify failed/, ex.message)
+ end
+
+ def test_identity_verify_failure
+ http = Net::HTTP.new("127.0.0.1", config("port"))
+ http.use_ssl = true
+ http.verify_callback = Proc.new do |preverify_ok, store_ctx|
+ store_ctx.current_cert.to_der == config('ssl_certificate').to_der
+ end
+ ex = assert_raise(OpenSSL::SSL::SSLError){
+ http.request_get("/") {|res| }
+ }
+ assert_match(/hostname was not match/, ex.message)
+ end
+end if defined?(OpenSSL)
diff --git a/test/net/http/utils.rb b/test/net/http/utils.rb
index aec1967a74..766bf71c46 100644
--- a/test/net/http/utils.rb
+++ b/test/net/http/utils.rb
@@ -1,4 +1,9 @@
require 'webrick'
+begin
+ require "webrick/https"
+rescue LoadError
+ # SSL features cannot be tested
+end
require 'webrick/httpservlet/abstract'
module TestNetHTTPUtils
@@ -35,14 +40,22 @@ module TestNetHTTPUtils
end
def spawn_server
- @server = WEBrick::HTTPServer.new(
+ server_config = {
:BindAddress => config('host'),
:Port => config('port'),
:Logger => WEBrick::Log.new(NullWriter.new),
:AccessLog => [],
:ShutdownSocketWithoutClose => true,
- :ServerType => Thread
- )
+ :ServerType => Thread,
+ }
+ if defined?(OpenSSL) and config('ssl_enable')
+ server_config.update({
+ :SSLEnable => true,
+ :SSLCertificate => config('ssl_certificate'),
+ :SSLPrivateKey => config('ssl_private_key'),
+ })
+ end
+ @server = WEBrick::HTTPServer.new(server_config)
@server.mount('/', Servlet)
@server.start
n_try_max = 5