diff options
Diffstat (limited to 'ruby_1_8_5/test/soap/ssl')
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/README | 1 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/ca.cert | 23 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/client.cert | 19 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/client.key | 15 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/server.cert | 19 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/server.key | 15 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/sslsvr.rb | 57 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/subca.cert | 21 | ||||
-rw-r--r-- | ruby_1_8_5/test/soap/ssl/test_ssl.rb | 204 |
9 files changed, 0 insertions, 374 deletions
diff --git a/ruby_1_8_5/test/soap/ssl/README b/ruby_1_8_5/test/soap/ssl/README deleted file mode 100644 index 98ebcf7c23..0000000000 --- a/ruby_1_8_5/test/soap/ssl/README +++ /dev/null @@ -1 +0,0 @@ -* certificates and keys in this directory is copied from http-access2 test. diff --git a/ruby_1_8_5/test/soap/ssl/ca.cert b/ruby_1_8_5/test/soap/ssl/ca.cert deleted file mode 100644 index bcabbee4ad..0000000000 --- a/ruby_1_8_5/test/soap/ssl/ca.cert +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES -MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X -DTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ -BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR -wjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d -L5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY -bS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi -JI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm -dEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA -AaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w -ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f -USKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe -31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu -SlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD -ggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+ -r/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY -MJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj -PvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U -PbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a -d/xgcK06UVQRL/HbEYGiQL056mc= ------END CERTIFICATE----- diff --git a/ruby_1_8_5/test/soap/ssl/client.cert b/ruby_1_8_5/test/soap/ssl/client.cert deleted file mode 100644 index ad13c4b735..0000000000 --- a/ruby_1_8_5/test/soap/ssl/client.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDKDCCAhCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES -MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X -DTA0MDEzMTAzMTQ1OFoXDTM1MDEyMzAzMTQ1OFowZTELMAkGA1UEBgwCSlAxEjAQ -BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRAwDgYDVQQDDAdleGFtcGxl -MSIwIAYJKoZIhvcNAQkBDBNleGFtcGxlQGV4YW1wbGUub3JnMIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQDRWssrK8Gyr+500hpLjCGR3+AHL8/hEJM5zKi/MgLW -jTkvsgOwbYwXOiNtAbR9y4/ucDq7EY+cMUMHES4uFaPTcOaAV0aZRmk8AgslN1tQ -gNS6ew7/Luq3DcVeWkX8PYgR9VG0mD1MPfJ6+IFA5d3vKpdBkBgN4l46jjO0/2Xf -ewIDAQABo4GPMIGMMAwGA1UdEwEB/wQCMAAwMQYJYIZIAYb4QgENBCQWIlJ1Ynkv -T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFOFvay0H7lr2 -xUx6waYEV2bVDYQhMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI -KwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBABd2dYWqbDIWf5sWFvslezxJv8gI -w64KCJBuyJAiDuf+oazr3016kMzAlt97KecLZDusGNagPrq02UX7YMoQFsWJBans -cDtHrkM0al5r6/WGexNMgtYbNTYzt/IwodISGBgZ6dsOuhznwms+IBsTNDAvWeLP -lt2tOqD8kEmjwMgn0GDRuKjs4EoboA3kMULb1p9akDV9ZESU3eOtpS5/G5J5msLI -9WXbYBjcjvkLuJH9VsJhb+R58Vl0ViemvAHhPilSl1SPWVunGhv6FcIkdBEi1k9F -e8BNMmsEjFiANiIRvpdLRbiGBt0KrKTndVfsmoKCvY48oCOvnzxtahFxfs8= ------END CERTIFICATE----- diff --git a/ruby_1_8_5/test/soap/ssl/client.key b/ruby_1_8_5/test/soap/ssl/client.key deleted file mode 100644 index 37bc62f259..0000000000 --- a/ruby_1_8_5/test/soap/ssl/client.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDRWssrK8Gyr+500hpLjCGR3+AHL8/hEJM5zKi/MgLWjTkvsgOw -bYwXOiNtAbR9y4/ucDq7EY+cMUMHES4uFaPTcOaAV0aZRmk8AgslN1tQgNS6ew7/ -Luq3DcVeWkX8PYgR9VG0mD1MPfJ6+IFA5d3vKpdBkBgN4l46jjO0/2XfewIDAQAB -AoGAZcz8llWErtsV3QB9gNb3S/PNADGjqBFjReva8n3jG2k4sZSibpwWTwUaTNtT -ZQgjSRKRvH1hk9XwffNAvXAQZNNkuj/16gO2oO45nyLj4dO365ujLptWnVIWDHOE -uN0GeiZO+VzcCisT0WCq4tvtLeH8svrxzA8cbXIEyOK7NiECQQDwo2zPFyKAZ/Cu -lDJ6zKT+RjfWwW7DgWzirAlTrt4ViMaW+IaDH29TmQpb4V4NuR3Xi+2Xl4oicu6S -36TW9+/FAkEA3rgfOQJuLlWSnw1RTGwvnC816a/W7iYYY7B+0U4cDbfWl7IoXT4y -M8nV/HESooviZLqBwzAYSoj3fFKYBKpGPwJAUO8GN5iWWA2dW3ooiDiv/X1sZmRk -dojfMFWgRW747tEzya8Ivq0h6kH8w+5GjeMG8Gn1nRiwsulo6Ckj7dEx6QJACyui -7UIQ8qP6GZ4aYMHgVW4Mvy7Bkeo5OO7GPYs0Xv/EdJFL8vlGnVBXOjUVoS9w6Gpu -TbLg1QQvnX2rADjmEwJANxZO2GUkaWGsEif8aGW0x5g/IdaMGG27pTWk5zqix7P3 -1UDrdo/JOXhptovhRi06EppIxAxYmbh9vd9VN8Itlw== ------END RSA PRIVATE KEY----- diff --git a/ruby_1_8_5/test/soap/ssl/server.cert b/ruby_1_8_5/test/soap/ssl/server.cert deleted file mode 100644 index 998ccc5892..0000000000 --- a/ruby_1_8_5/test/soap/ssl/server.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQGDAJKUDES -MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxDjAMBgNVBAMMBVN1YkNB -MB4XDTA0MDEzMTAzMTMxNloXDTMzMDEyMzAzMTMxNlowQzELMAkGA1UEBgwCSlAx -EjAQBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRIwEAYDVQQDDAlsb2Nh -bGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANFJTxWqup3nV9dsJAku -p+WaXnPNIzcpAA3qMGZDJTJsfa8Du7ZxTP0XJK5mETttBrn711cJxAuP3KjqnW9S -vtZ9lY2sXJ6Zj62sN5LwG3VVe25dI28yR1EsbHjJ5Zjf9tmggMC6am52dxuHbt5/ -vHo4ngJuKE/U+eeGRivMn6gFAgMBAAGjgYUwgYIwDAYDVR0TAQH/BAIwADAxBglg -hkgBhvhCAQ0EJBYiUnVieS9PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd -BgNVHQ4EFgQUpZIyygD9JxFYHHOTEuWOLbCKfckwCwYDVR0PBAQDAgWgMBMGA1Ud -JQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4IBAQBwAIj5SaBHaA5X31IP -CFCJiep96awfp7RANO0cuUj+ZpGoFn9d6FXY0g+Eg5wAkCNIzZU5NHN9xsdOpnUo -zIBbyTfQEPrge1CMWMvL6uGaoEXytq84VTitF/xBTky4KtTn6+es4/e7jrrzeUXQ -RC46gkHObmDT91RkOEGjHLyld2328jo3DIN/VTHIryDeVHDWjY5dENwpwdkhhm60 -DR9IrNBbXWEe9emtguNXeN0iu1ux0lG1Hc6pWGQxMlRKNvGh0yZB9u5EVe38tOV0 -jQaoNyL7qzcQoXD3Dmbi1p0iRmg/+HngISsz8K7k7MBNVsSclztwgCzTZOBiVtkM -rRlQ ------END CERTIFICATE----- diff --git a/ruby_1_8_5/test/soap/ssl/server.key b/ruby_1_8_5/test/soap/ssl/server.key deleted file mode 100644 index 9ba2218a03..0000000000 --- a/ruby_1_8_5/test/soap/ssl/server.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDRSU8Vqrqd51fXbCQJLqflml5zzSM3KQAN6jBmQyUybH2vA7u2 -cUz9FySuZhE7bQa5+9dXCcQLj9yo6p1vUr7WfZWNrFyemY+trDeS8Bt1VXtuXSNv -MkdRLGx4yeWY3/bZoIDAumpudncbh27ef7x6OJ4CbihP1PnnhkYrzJ+oBQIDAQAB -AoGBAIf4CstW2ltQO7+XYGoex7Hh8s9lTSW/G2vu5Hbr1LTHy3fzAvdq8MvVR12O -rk9fa+lU9vhzPc0NMB0GIDZ9GcHuhW5hD1Wg9OSCbTOkZDoH3CAFqonjh4Qfwv5W -IPAFn9KHukdqGXkwEMdErsUaPTy9A1V/aROVEaAY+HJgq/eZAkEA/BP1QMV04WEZ -Oynzz7/lLizJGGxp2AOvEVtqMoycA/Qk+zdKP8ufE0wbmCE3Qd6GoynavsHb6aGK -gQobb8zDZwJBANSK6MrXlrZTtEaeZuyOB4mAmRzGzOUVkUyULUjEx2GDT93ujAma -qm/2d3E+wXAkNSeRpjUmlQXy/2oSqnGvYbMCQQDRM+cYyEcGPUVpWpnj0shrF/QU -9vSot/X1G775EMTyaw6+BtbyNxVgOIu2J+rqGbn3c+b85XqTXOPL0A2RLYkFAkAm -syhSDtE9X55aoWsCNZY/vi+i4rvaFoQ/WleogVQAeGVpdo7/DK9t9YWoFBIqth0L -mGSYFu9ZhvZkvQNV8eYrAkBJ+rOIaLDsmbrgkeDruH+B/9yrm4McDtQ/rgnOGYnH -LjLpLLOrgUxqpzLWe++EwSLwK2//dHO+SPsQJ4xsyQJy ------END RSA PRIVATE KEY----- diff --git a/ruby_1_8_5/test/soap/ssl/sslsvr.rb b/ruby_1_8_5/test/soap/ssl/sslsvr.rb deleted file mode 100644 index 4f67eb9485..0000000000 --- a/ruby_1_8_5/test/soap/ssl/sslsvr.rb +++ /dev/null @@ -1,57 +0,0 @@ -require 'webrick/https' -require 'logger' -require 'rbconfig' - -require 'soap/rpc/httpserver' - -class HelloWorldServer < SOAP::RPC::HTTPServer -private - - def on_init - self.level = Logger::Severity::FATAL - @default_namespace = 'urn:ssltst' - add_method(self, 'hello_world', 'from') - end - - def hello_world(from) - "Hello World, from #{ from }" - end -end - - -if $0 == __FILE__ - PORT = 17171 - DIR = File.dirname(File.expand_path(__FILE__)) - - def cert(filename) - OpenSSL::X509::Certificate.new(File.open(File.join(DIR, filename)) { |f| - f.read - }) - end - - def key(filename) - OpenSSL::PKey::RSA.new(File.open(File.join(DIR, filename)) { |f| - f.read - }) - end - - $server = HelloWorldServer.new( - :BindAddress => "0.0.0.0", - :Port => PORT, - :AccessLog => [], - :SSLEnable => true, - :SSLCACertificateFile => File.join(DIR, 'ca.cert'), - :SSLCertificate => cert('server.cert'), - :SSLPrivateKey => key('server.key'), - :SSLVerifyClient => nil, #OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT|OpenSSL::SSL::VERIFY_PEER, - :SSLClientCA => cert('ca.cert'), - :SSLCertName => nil - ) - t = Thread.new { - Thread.current.abort_on_exception = true - $server.start - } - STDOUT.sync = true - puts $$ - t.join -end diff --git a/ruby_1_8_5/test/soap/ssl/subca.cert b/ruby_1_8_5/test/soap/ssl/subca.cert deleted file mode 100644 index 1e471851b8..0000000000 --- a/ruby_1_8_5/test/soap/ssl/subca.cert +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDaDCCAlCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES -MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X -DTA0MDEzMDAwNDMyN1oXDTM1MDEyMjAwNDMyN1owPzELMAkGA1UEBgwCSlAxEjAQ -BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQ4wDAYDVQQDDAVTdWJDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0Ou7AyRcRXnB/kVHv/6kwe -ANzgg/DyJfsAUqW90m7Lu1nqyug8gK0RBd77yU0w5HOAMHTVSdpjZK0g2sgx4Mb1 -d/213eL9TTl5MRVEChTvQr8q5DVG/8fxPPE7fMI8eOAzd98/NOAChk+80r4Sx7fC -kGVEE1bKwY1MrUsUNjOY2d6t3M4HHV3HX1V8ShuKfsHxgCmLzdI8U+5CnQedFgkm -3e+8tr8IX5RR1wA1Ifw9VadF7OdI/bGMzog/Q8XCLf+WPFjnK7Gcx6JFtzF6Gi4x -4dp1Xl45JYiVvi9zQ132wu8A1pDHhiNgQviyzbP+UjcB/tsOpzBQF8abYzgEkWEC -AwEAAaNyMHAwDwYDVR0TAQH/BAUwAwEB/zAxBglghkgBhvhCAQ0EJBYiUnVieS9P -cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUlCjXWLsReYzH -LzsxwVnCXmKoB/owCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCJ/OyN -rT8Cq2Y+G2yA/L1EMRvvxwFBqxavqaqHl/6rwsIBFlB3zbqGA/0oec6MAVnYynq4 -c4AcHTjx3bQ/S4r2sNTZq0DH4SYbQzIobx/YW8PjQUJt8KQdKMcwwi7arHP7A/Ha -LKu8eIC2nsUBnP4NhkYSGhbmpJK+PFD0FVtD0ZIRlY/wsnaZNjWWcnWF1/FNuQ4H -ySjIblqVQkPuzebv3Ror6ZnVDukn96Mg7kP4u6zgxOeqlJGRe1M949SS9Vudjl8X -SF4aZUUB9pQGhsqQJVqaz2OlhGOp9D0q54xko/rekjAIcuDjl1mdX4F2WRrzpUmZ -uY/bPeOBYiVsOYVe ------END CERTIFICATE----- diff --git a/ruby_1_8_5/test/soap/ssl/test_ssl.rb b/ruby_1_8_5/test/soap/ssl/test_ssl.rb deleted file mode 100644 index f0a1e18971..0000000000 --- a/ruby_1_8_5/test/soap/ssl/test_ssl.rb +++ /dev/null @@ -1,204 +0,0 @@ -require 'test/unit' -begin - require 'http-access2' -rescue LoadError -end -require 'soap/rpc/driver' - -if defined?(HTTPAccess2) and defined?(OpenSSL) - -module SOAP; module SSL - - -class TestSSL < Test::Unit::TestCase - PORT = 17171 - - DIR = File.dirname(File.expand_path(__FILE__)) - require 'rbconfig' - RUBY = File.join( - Config::CONFIG["bindir"], - Config::CONFIG["ruby_install_name"] + Config::CONFIG["EXEEXT"] - ) - - def setup - @url = "https://localhost:#{PORT}/hello" - @serverpid = @client = nil - @verify_callback_called = false - setup_server - setup_client - end - - def teardown - teardown_client - teardown_server - end - - def test_options - cfg = @client.streamhandler.client.ssl_config - assert_nil(cfg.client_cert) - assert_nil(cfg.client_key) - assert_nil(cfg.client_ca) - assert_equal(OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT, cfg.verify_mode) - assert_nil(cfg.verify_callback) - assert_nil(cfg.timeout) - assert_equal(OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv2, cfg.options) - assert_equal("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH", cfg.ciphers) - assert_instance_of(OpenSSL::X509::Store, cfg.cert_store) - # dummy call to ensure sslsvr initialization finished. - assert_raise(OpenSSL::SSL::SSLError) do - @client.hello_world("ssl client") - end - end - - def test_verification - cfg = @client.options - cfg["protocol.http.ssl_config.verify_callback"] = method(:verify_callback).to_proc - @verify_callback_called = false - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # - cfg["protocol.http.ssl_config.client_cert"] = File.join(DIR, "client.cert") - cfg["protocol.http.ssl_config.client_key"] = File.join(DIR, "client.key") - @verify_callback_called = false - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # - cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "ca.cert") - @verify_callback_called = false - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # - cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "subca.cert") - @verify_callback_called = false - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - assert(@verify_callback_called) - # - cfg["protocol.http.ssl_config.verify_depth"] = "1" - @verify_callback_called = false - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # - cfg["protocol.http.ssl_config.verify_depth"] = "" - cfg["protocol.http.ssl_config.cert_store"] = OpenSSL::X509::Store.new - cfg["protocol.http.ssl_config.verify_mode"] = OpenSSL::SSL::VERIFY_PEER.to_s - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - # - cfg["protocol.http.ssl_config.verify_mode"] = "" - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - end - - def test_property - testpropertyname = File.join(DIR, 'soapclient.properties') - File.open(testpropertyname, "w") do |f| - f <<<<__EOP__ -protocol.http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER -# depth: 1 causes an error (intentional) -protocol.http.ssl_config.verify_depth = 1 -protocol.http.ssl_config.client_cert = #{File.join(DIR, 'client.cert')} -protocol.http.ssl_config.client_key = #{File.join(DIR, 'client.key')} -protocol.http.ssl_config.ca_file = #{File.join(DIR, 'ca.cert')} -protocol.http.ssl_config.ca_file = #{File.join(DIR, 'subca.cert')} -protocol.http.ssl_config.ciphers = ALL -__EOP__ - end - begin - @client.loadproperty(testpropertyname) - @client.options["protocol.http.ssl_config.verify_callback"] = method(:verify_callback).to_proc - @verify_callback_called = false - # NG with String - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # NG with Integer - @client.options["protocol.http.ssl_config.verify_depth"] = 0 - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - assert_equal("certificate verify failed", ssle.message) - assert(@verify_callback_called) - # OK with empty - @client.options["protocol.http.ssl_config.verify_depth"] = "" - @verify_callback_called = false - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - assert(@verify_callback_called) - # OK with nil - @client.options["protocol.http.ssl_config.verify_depth"] = nil - @verify_callback_called = false - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - assert(@verify_callback_called) - # OK with String - @client.options["protocol.http.ssl_config.verify_depth"] = "3" - @verify_callback_called = false - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - assert(@verify_callback_called) - # OK with Integer - @client.options["protocol.http.ssl_config.verify_depth"] = 3 - @verify_callback_called = false - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - assert(@verify_callback_called) - ensure - File.unlink(testpropertyname) - end - end - - def test_ciphers - cfg = @client.options - cfg["protocol.http.ssl_config.client_cert"] = File.join(DIR, 'client.cert') - cfg["protocol.http.ssl_config.client_key"] = File.join(DIR, 'client.key') - cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "ca.cert") - cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "subca.cert") - #cfg.timeout = 123 - cfg["protocol.http.ssl_config.ciphers"] = "!ALL" - # - ssle = assert_raise(OpenSSL::SSL::SSLError) {@client.hello_world("ssl client")} - # depends on OpenSSL version. (?:0.9.8|0.9.7) - assert_match(/\A(?:SSL_CTX_set_cipher_list:: no cipher match|no ciphers available)\z/, ssle.message) - # - cfg["protocol.http.ssl_config.ciphers"] = "ALL" - assert_equal("Hello World, from ssl client", @client.hello_world("ssl client")) - end - -private - - def q(str) - %Q["#{str}"] - end - - def setup_server - svrcmd = "#{q(RUBY)} " - #svrcmd << "-d " if $DEBUG - svrcmd << File.join(DIR, "sslsvr.rb") - svrout = IO.popen(svrcmd) - @serverpid = Integer(svrout.gets.chomp) - end - - def setup_client - @client = SOAP::RPC::Driver.new(@url, 'urn:ssltst') - @client.add_method("hello_world", "from") - end - - def teardown_server - if @serverpid - Process.kill('KILL', @serverpid) - Process.waitpid(@serverpid) - end - end - - def teardown_client - @client.reset_stream if @client - end - - def verify_callback(ok, cert) - @verify_callback_called = true - p ["client", ok, cert] if $DEBUG - ok - end -end - - -end; end - -end |