summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorgotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2005-02-14 04:14:39 +0000
committergotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2005-02-14 04:14:39 +0000
commit1883e41c1b5f2f8d087cb63ba9efe47cdc450972 (patch)
tree0a799bcccecc95f8af5c90d876e340fbc2557ac2 /test
parent610131d7b9044857ba552eceec4884772be7ecff (diff)
* ext/openssl/lib/openssl/ssl.rb
(OpenSSL::SSL::SSLSocket#post_connection_check): new method. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
-rw-r--r--test/openssl/test_ssl.rb49
1 files changed, 49 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index c7bf15d82a7..8f440076e8f 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -198,6 +198,55 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
ssls.each{|ssl| ssl.close }
}
end
+
+ def test_post_connection_check
+ sslerr = OpenSSL::SSL::SSLError
+
+ start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p|
+ sock = TCPSocket.new("127.0.0.1", p)
+ ssl = OpenSSL::SSL::SSLSocket.new(sock)
+ ssl.connect
+ assert_raises(sslerr){ssl.post_connection_check("localhost.localdomain")}
+ assert_raises(sslerr){ssl.post_connection_check("127.0.0.1")}
+ assert(ssl.post_connection_check("localhost"))
+ assert_raises(sslerr){ssl.post_connection_check("foo.example.com")}
+ }
+
+ now = Time.now
+ exts = [
+ ["keyUsage","keyEncipherment,digitalSignature",true],
+ ["subjectAltName","DNS:localhost.localdomain",false],
+ ["subjectAltName","IP:127.0.0.1",false],
+ ]
+ @svr_cert = issue_cert(@svr, @svr_key, 4, now, now+1800, exts,
+ @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new)
+ start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p|
+ sock = TCPSocket.new("127.0.0.1", p)
+ ssl = OpenSSL::SSL::SSLSocket.new(sock)
+ ssl.connect
+ assert(ssl.post_connection_check("localhost.localdomain"))
+ assert(ssl.post_connection_check("127.0.0.1"))
+ assert_raises(sslerr){ssl.post_connection_check("localhost")}
+ assert_raises(sslerr){ssl.post_connection_check("foo.example.com")}
+ }
+
+ now = Time.now
+ exts = [
+ ["keyUsage","keyEncipherment,digitalSignature",true],
+ ["subjectAltName","DNS:*.localdomain",false],
+ ]
+ @svr_cert = issue_cert(@svr, @svr_key, 5, now, now+1800, exts,
+ @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new)
+ start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p|
+ sock = TCPSocket.new("127.0.0.1", p)
+ ssl = OpenSSL::SSL::SSLSocket.new(sock)
+ ssl.connect
+ assert(ssl.post_connection_check("localhost.localdomain"))
+ assert_raises(sslerr){ssl.post_connection_check("127.0.0.1")}
+ assert_raises(sslerr){ssl.post_connection_check("localhost")}
+ assert_raises(sslerr){ssl.post_connection_check("foo.example.com")}
+ }
+ end
end
end