diff options
| -rw-r--r-- | ChangeLog | 12 | ||||
| -rw-r--r-- | ext/openssl/ossl_ssl_session.c | 67 | ||||
| -rw-r--r-- | test/openssl/test_ssl.rb | 56 | ||||
| -rw-r--r-- | version.h | 2 |
4 files changed, 112 insertions, 25 deletions
@@ -1,3 +1,15 @@ +Thu Jun 23 19:30:53 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check + argument type with NUM2LONG if the arg is not a Time object. + See #4919. + + * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check + type with NUM2LONG. Time as an arg is not allowed. See #4919. + + * test/openssl/test_ssl_session.rb (test_session_time, + test_session_timeout): Test it. + Fri Jun 24 19:57:30 2011 Hiroshi Nakamura <nahi@ruby-lang.org> * lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index 8bc250282a..8df6ba4df3 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -104,6 +104,8 @@ static VALUE ossl_ssl_session_eq(VALUE val1, VALUE val2) * call-seq: * session.time -> Time * + * Gets start time of the session. + * */ static VALUE ossl_ssl_session_get_time(VALUE self) { @@ -124,7 +126,7 @@ static VALUE ossl_ssl_session_get_time(VALUE self) * call-seq: * session.timeout -> integer * - * How long until the session expires in seconds. + * Gets how long until the session expires in seconds. * */ static VALUE ossl_ssl_session_get_timeout(VALUE self) @@ -139,31 +141,48 @@ static VALUE ossl_ssl_session_get_timeout(VALUE self) return TIMET2NUM(t); } -#define SSLSESSION_SET_TIME(func) \ - static VALUE ossl_ssl_session_set_##func(VALUE self, VALUE time_v) \ - { \ - SSL_SESSION *ctx; \ - unsigned long t; \ - \ - GetSSLSession(self, ctx); \ - \ - if (rb_obj_is_instance_of(time_v, rb_cTime)) { \ - time_v = rb_funcall(time_v, rb_intern("to_i"), 0); \ - } else if (FIXNUM_P(time_v)) { \ - ; \ - } else { \ - rb_raise(rb_eArgError, "unknown type"); \ - } \ - \ - t = NUM2ULONG(time_v); \ - \ - SSL_SESSION_set_##func(ctx, t); \ - \ - return ossl_ssl_session_get_##func(self); \ +/* + * call-seq: + * session.time=(Time) -> Time + * session.time=(integer) -> Time + * + * Sets start time of the session. Time resolution is in seconds. + * +*/ +static VALUE ossl_ssl_session_set_time(VALUE self, VALUE time_v) +{ + SSL_SESSION *ctx; + long t; + + GetSSLSession(self, ctx); + if (rb_obj_is_instance_of(time_v, rb_cTime)) { + time_v = rb_funcall(time_v, rb_intern("to_i"), 0); } + t = NUM2LONG(time_v); + SSL_SESSION_set_time(ctx, t); + return ossl_ssl_session_get_time(self); +} -SSLSESSION_SET_TIME(time) -SSLSESSION_SET_TIME(timeout) +/* + * call-seq: + * session.timeout=(integer) -> integer + * + * Sets how long until the session expires in seconds. + * +*/ +static VALUE ossl_ssl_session_set_timeout(VALUE self, VALUE time_v) +{ + SSL_SESSION *ctx; + long t; + + GetSSLSession(self, ctx); + if (rb_obj_is_instance_of(time_v, rb_cTime)) { + time_v = rb_funcall(time_v, rb_intern("to_i"), 0); + } + t = NUM2LONG(time_v); + SSL_SESSION_set_timeout(ctx, t); + return ossl_ssl_session_get_timeout(self); +} #ifdef HAVE_SSL_SESSION_GET_ID /* diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index a0939dacbe..6b9f335822 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -449,6 +449,62 @@ class OpenSSL::TestSSL < Test::Unit::TestCase } end + DUMMY_SESSION = <<__EOS__ +-----BEGIN SSL SESSION PARAMETERS----- +MIIDzQIBAQICAwEEAgA5BCAF219w9ZEV8dNA60cpEGOI34hJtIFbf3bkfzSgMyad +MQQwyGLbkCxE4OiMLdKKem+pyh8V7ifoP7tCxhdmwoDlJxI1v6nVCjai+FGYuncy +NNSWoQYCBE4DDWuiAwIBCqOCAo4wggKKMIIBcqADAgECAgECMA0GCSqGSIb3DQEB +BQUAMD0xEzARBgoJkiaJk/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5 +LWxhbmcxCzAJBgNVBAMMAkNBMB4XDTExMDYyMzA5NTQ1MVoXDTExMDYyMzEwMjQ1 +MVowRDETMBEGCgmSJomT8ixkARkWA29yZzEZMBcGCgmSJomT8ixkARkWCXJ1Ynkt +bGFuZzESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQDLwsSw1ECnPtT+PkOgHhcGA71nwC2/nL85VBGnRqDxOqjVh7CxaKPERYHs +k4BPCkE3brtThPWc9kjHEQQ7uf9Y1rbCz0layNqHyywQEVLFmp1cpIt/Q3geLv8Z +D9pihowKJDyMDiN6ArYUmZczvW4976MU3+l54E6lF/JfFEU5hwIDAQABoxIwEDAO +BgNVHQ8BAf8EBAMCBaAwDQYJKoZIhvcNAQEFBQADggEBACj5WhoZ/ODVeHpwgq1d +8fW/13ICRYHYpv6dzlWihyqclGxbKMlMnaVCPz+4JaVtMz3QB748KJQgL3Llg3R1 +ek+f+n1MBCMfFFsQXJ2gtLB84zD6UCz8aaCWN5/czJCd7xMz7fRLy3TOIW5boXAU +zIa8EODk+477K1uznHm286ab0Clv+9d304hwmBZgkzLg6+31Of6d6s0E0rwLGiS2 +sOWYg34Y3r4j8BS9Ak4jzpoLY6cJ0QAKCOJCgmjGr4XHpyXMLbicp3ga1uSbwtVO +gF/gTfpLhJC+y0EQ5x3Ftl88Cq7ZJuLBDMo/TLIfReJMQu/HlrTT7+LwtneSWGmr +KkSkAgQApQMCAROqgcMEgcAuDkAVfj6QAJMz9yqTzW5wPFyty7CxUEcwKjUqj5UP +/Yvky1EkRuM/eQfN7ucY+MUvMqv+R8ZSkHPsnjkBN5ChvZXjrUSZKFVjR4eFVz2V +jismLEJvIFhQh6pqTroRrOjMfTaM5Lwoytr2FTGobN9rnjIRsXeFQW1HLFbXn7Dh +8uaQkMwIVVSGRB8T7t6z6WIdWruOjCZ6G5ASI5XoqAHwGezhLodZuvJEfsVyCF9y +j+RBGfCFrrQbBdnkFI/ztgM= +-----END SSL SESSION PARAMETERS----- +__EOS__ + + def test_session_time + sess = OpenSSL::SSL::Session.new(DUMMY_SESSION) + sess.time = (now = Time.now) + assert_equal(now.to_i, sess.time.to_i) + sess.time = 1 + assert_equal(1, sess.time.to_i) + sess.time = 1.2345 + assert_equal(1, sess.time.to_i) + # Can OpenSSL handle t>2038y correctly? Version? + sess.time = 2**31 - 1 + assert_equal(2**31 - 1, sess.time.to_i) + end + + def test_session_timeout + sess = OpenSSL::SSL::Session.new(DUMMY_SESSION) + + # it is trivial that this is a wrong feature + # but necessary to keep it for compatibility. + sess.timeout = (now = Time.now) + assert_equal(now.to_i, sess.timeout.to_i) + + sess.timeout = 1 + assert_equal(1, sess.timeout.to_i) + sess.timeout = 1.2345 + assert_equal(1, sess.timeout.to_i) + sess.timeout = 2**31 - 1 + assert_equal(2**31 - 1, sess.timeout.to_i) + end + + def test_client_session last_session = nil start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port| @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.2" -#define RUBY_PATCHLEVEL 291 +#define RUBY_PATCHLEVEL 292 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 9 #define RUBY_VERSION_TEENY 1 |