path: root/test/openssl/test_ssl.rb
diff options
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2017-08-10 09:23:45 +0000
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2017-08-10 09:23:45 +0000
commitdf94c66f71448cf30b34375349fd201d1d035423 (patch)
tree2d1b53832bee1ca9a4119abfc1154233669b31d6 /test/openssl/test_ssl.rb
parentc9bb3cae315aa7d17f620e9bcaa9223b1e6d2c07 (diff)
openssl: import v2.0.5
Import Ruby/OpenSSL 2.0.5. The full commit history since v2.0.4 (imported at r59081) can be found at: This will fix the test failure on latest Debian sid and the "no OPENSSL_Applink" issue on mswin. ---------------------------------------------------------------- Kazuki Yamaguchi (11): test/test_ssl: allow 3DES cipher suites in test_sslctx_set_params bio: prevent possible GC issue in ossl_obj2bio() bio: do not use the FILE BIO method in ossl_obj2bio() Rakefile: install_dependencies: install only when needed appveyor.yml: test against Ruby 2.4 ossl_pem_passwd_cb: relax passphrase length constraint ossl_pem_passwd_cb: do not check for taintedness ossl_pem_passwd_cb: handle nil from the block explicitly ssl: remove unsupported TLS versions from SSLContext::METHODS ssl: fix compile error with OpenSSL 1.0.0 Ruby/OpenSSL 2.0.5 Lars Kanis (1): Add msys2 library dependency tag in gem metadata git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/test_ssl.rb')
1 files changed, 3 insertions, 3 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 1906656635..8c65df953d 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -350,7 +350,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
assert_equal OpenSSL::SSL::VERIFY_PEER, ctx.verify_mode
ciphers_names = ctx.ciphers.collect{|v, _, _, _| v }
assert ciphers_names.all?{|v| /A(EC)?DH/ !~ v }, "anon ciphers are disabled"
- assert ciphers_names.all?{|v| /(RC4|MD5|EXP|DES)/ !~ v }, "weak ciphers are disabled"
+ assert ciphers_names.all?{|v| /(RC4|MD5|EXP|DES(?!-EDE|-CBC3))/ !~ v }, "weak ciphers are disabled"
assert_equal 0, ctx.options & OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
if defined?(OpenSSL::SSL::OP_NO_COMPRESSION) # >= 1.0.0
assert_equal OpenSSL::SSL::OP_NO_COMPRESSION,
@@ -810,7 +810,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContex
-if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_1
+if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_1) && OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1)
def test_tls_v1_1
start_server_version(:TLSv1_1) { |server, port|
@@ -837,7 +837,7 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_1
-if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2
+if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_2) && OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_1)
def test_tls_v1_2
start_server_version(:TLSv1_2) { |server, port|