summaryrefslogtreecommitdiff
path: root/test/openssl/test_ssl_session.rb
AgeCommit message (Collapse)Author
2016-06-07openssl: adjust tests for OpenSSL 1.1.0rhe
This fixes `make test-all TESTS=openssl` with OpenSSL master. * test/openssl/test_x509name.rb: Don't register OID for 'emailAddress' and 'serialNumber'. A recent change in OpenSSL made OBJ_create() reject an already existing OID. They were needed to run tests with OpenSSL 0.9.6 which is now unsupported. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25 [ruby-core:75225] [Feature #12324] * test/openssl/test_ssl_session.rb (test_server_session): Duplicate SSL::Session before re-adding to the session store. OpenSSL 1.1.0 starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session(). https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75 * test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519 is new in OpenSSL 1.1.0 but this is for key agreement and not for signing. * test/openssl/test_pair.rb, test/openssl/test_ssl.rb, test/openssl/utils.rb: Set security level to 0 when using aNULL cipher suites. * test/openssl/utils.rb: Use 1024 bits DSA key for client certificates. * test/openssl/test_engine.rb: Run each test in separate process. We can no longer cleanup engines explicitly as ENGINE_cleanup() was removed. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743 * ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the RDoc for Engine.cleanup. * ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS, DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed. * test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb, test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't test unsupported hash functions. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-25openssl: drop OpenSSL 0.9.6/0.9.7 supportrhe
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-20openssl: don't test default session lifetime valuerhe
OpenSSL's default session timeout for TLS v1.0 method is not 300 seconds but 7200. The TLS v1.0 specification[1] mentions about it as just "An upper limit of 24 hours is suggested for session ID lifetimes,". And according to OpenSSL 1.0.2h source comment[2], the value 7200 is decided just because "the 24 hours mentioned in the TLSv1 spec is way too long for http, the cache would over fill". The reason why the default lifetime is set to 300 is maybe an OpenSSL bug. We always call SSL_CTX_new() with SSLv23_method(), and this set ssl_ctx->session to 300, the default value for SSLv23_method(). But the following SSL_set_ssl_method() call does not update it. By the way this will be fixed in OpenSSL 1.1.0. [1] https://tools.ietf.org/html/rfc2246#appendix-F.1.4 [2] https://git.openssl.org/?p=openssl.git;a=blob;f=ssl/t1_lib.c;h=dd5bd0050d89f5585c1b06a227eb8221ebf984f1;hb=5dd94f1847c744929a3bd24819f1c99644bb18c7#l193 * test/openssl/test_ssl_session.rb (test_session): remove assertion of the default session timeout. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55078 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16Add frozen_string_literal: false for all filesnaruse
When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-08-20* test/openssl/test_ssl_session.rb: Fix tests so that they take in totenderlove
account OpenSSL installations that have SSLv3 disabled by default. Thanks Jeremy Evans <code@jeremyevans.net> for the patches. [Bug #11366] [Bug #11367] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51649 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-08-14test_ssl_session.rb: check SSL methodnobu
* test/openssl/test_ssl_session.rb (test_ctx_server_session_cb): ensure the method to be tested is supported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51569 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-13use Timeout.timeoutnobu
* time: Object#timeout has been deprecated a long time ago, use Timeout.timeout. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-01-02* test/openssl/test_ssl_session.rb (OpenSSL#test_ctx_client_session_cb):hsbt
fix test failure with OpenSSL disabled SSLv3 protocol. [ruby-core:63772] [Bug #10046] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49099 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-12-13test/openssl: skip old OpenSSLnobu
* test/openssl/utils.rb (OpenSSL::TestUtils): ignore out-of-date OpenSSL before 1.0. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-13* test/openssl: Don't specify port number.akr
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48400 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-03* test/openssl/utils.rb: The default of :ignore_listener_error isakr
changed to false. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-01* test/openssl/test_ssl.rb: Don't ignore errors on listener threads,akr
as much as possible. * test/openssl/test_ssl_session.rb: Ditto. * test/openssl/test_partial_record_read.rb: Ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48232 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-01ignore_ssl_accept_error option is changed to ignore_listener_error.akr
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48231 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-01* test/openssl/utils.rb (start_server): Don't close sockets beforeakr
threads finished. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48227 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-01* test/openssl/test_ssl_session.rb (test_ctx_client_session_cb): Don'takr
ignore errors of SSL accept. (test_ctx_server_session_cb): Ditto. * test/openssl/utils.rb (server_loop): Add ignore_ssl_accept_error argument. (start_server): Refine threads waits. * test/ruby/envutil.rb (assert_join_threads): Show a thread before backtrace. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-08-13* test/openssl/test_ssl_session.rb: fix indent.hsbt
contributed from @spk. [fix GH-698] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-08-11add timeoutnaruse
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47144 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-09-03* test/openssl/test_asn1_rb:emboss
test/openssl/test_ssl_session.rb: test/openssl/test_x509name.rb: test/openssl/test_buffering.rb: test/openssl/test_x509cert.rb: test/openssl/test_ssl.rb: Refactor code that leads to warnings on Ruby CI. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-04-09Wait until the callback is called with timeout.naruse
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35270 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-12* test/openssl/test_ssl.rb: Move duplicated tests for SSL::Session to nahi
test_ssl_session.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33458 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-23* test/openssl/test_ssl_session.rb: execute test_session_exts_reademboss
only for OpenSSL versions >= 0.9.8k. Thanks, Eric Wong, for reporting this. [Bug #4961] [ruby-core:37726] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33315 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-23* test/openssl/test_ssl_session.rb: ensure server calls callbacks inemboss
test_ctx_server_session_cb. Thanks to Eric Wong for the patch. [Bug #5336] [ruby-core:39619] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33311 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-19OepnSSL supports TLS extension from 0.9.8f.naruse
http://www.openssl.org/news/changelog.html Reported by Eric Wong. [ruby-core:39617] [Bug #4961] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33298 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-16* test/openssl/test_ssl_session.rb: add PEM SSL session without TLSemboss
extensions. Use this as the default for the tests to ensure compatibility with OpenSSL 0.9.7. [ Ruby 1.9 - Bug #4961 ] [ruby-core:37726] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-23* test/openssl/test_ssl_session.rb: Test parameter bug fixed. 2**31 is not innahi
a signed long in 32bit long env. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32212 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-23* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check nahi
argument type with NUM2LONG if the arg is not a Time object. See #4919. * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check type with NUM2LONG. Time as an arg is not allowed. See #4919. * test/openssl/test_ssl_session.rb (test_session_time, test_session_timeout): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32211 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl.c (ossl_sslctx_session_new_cb): Return 0 tonahi
OpenSSL from the callback for SSL_CTX_sess_set_get_cb(). Returning 0 means to OpenSSL that the the session is still valid (since we created Ruby Session object) and was not freed by us with SSL_SESSION_free(). Call SSLContext#remove_session(sess) in session_get_cb block if you don't want OpenSSL to cache the session internally. This potential issue was pointed by Ippei Obayashi. See #4416. * test/openssl/test_ssl_session.rb (test_ctx_server_session_cb): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32204 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl.c (ossl_sslctx_session_remove_cb):nahi
OpenSSL::SSL::SSLContext#session_remove_cb was broken. It wrongly tried to call the session_*new*_cb callback. * test/openssl/test_ssl_session.rb (class OpenSSL): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der):nahi
OpenSSL::SSL::Session#to_der was broken. Fix buffer handling. * test/openssl/test_ssl_session.rb (test_session): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* test/openssl/test_ssl_session.rb: Split out SSL::Session related nahi
tests from test_ssl.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 23:48:21 +0000