summaryrefslogtreecommitdiff
path: root/test/openssl
AgeCommit message (Collapse)Author
2011-12-20* Make sure to clear $! when ignoring an exceptionnahi
* ext/openssl/ossl.c (ossl_pem_passwd_cb0, ossl_verify_cb): pem_passwd_cb and verify_cb ignores the exception raised in a callback proc so it should clear $! for subsequent execution. That's said, both subsequent processes for pem_passwd_cb and verify_cb raises another exception before leaking $! to Ruby world. We cannot test this fix in Ruby land. * test/openssl/test_pkey_rsa.rb (test_read_private_key_pem_pw_exception): Test for pem_passwd_cb + exception. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@34078 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-26* test/openssl/test_engine.rb: remove side effect of generic engineemboss
load by explicitly loading software-based "openssl" engine for all tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33850 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-24* test/openssl/test_engine.rb: use IO#reopen to restore stderr.akr
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33829 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-24* test/openssl/test_engine.rb: Suppress output from 'openssl'emboss
engine's RC4 cipher. [Bug #5633] [ruby-core:41026] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33825 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-05* test/openssl/test_engine.rb: add test for engine cipher. RC4 is usedemboss
because AES is not supported by the "openssl" engine currently. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33645 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-04* ext/openssl/ossl_pkey_rsa.c (rsa_generate): [SECURITY] Set RSAnahi
exponent value correctly. Awful bug. This bug caused exponent of generated key to be always '1'. By default, and regardless of e given as a parameter. !!! Keys generated by this code (trunk after 2011-09-01) must be re-generated !!! (ruby_1_9_3 is safe) * test/openssl/test_pkey_rsa.rb: Add tests for default exponent and specifying exponent by a parameter. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33633 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-04* test/openssl/test_engine.rb: add first tests for builtin "openssl"emboss
engine. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33632 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-02* test/openssl/test_engine.rb: call Engine::cleanup on exit.emboss
Patch provided by Yui Naruse, thanks! [Bug #5547] [ruby-core:40669] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33614 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-22* test/openssl/test_ssl.rb (test_multibyte_read_write): start serverakr
for each length to avoid race condition. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33508 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-20* ext/openssl/ossl_ns_spki.c: Complete documentation.emboss
* test/openssl/test_ns_spki.rb: Integrate SPKI#to_text. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33497 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-20* test/openssl/test_pkcs5.rb: add RFC 6070 tests for PBKDF2 withemboss
HMAC-SHA1 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33490 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-19* lib/openssl/buffering.rb: Force multi-byte strings to be treated asemboss
binary data. * test/openssl/test_ssl.rb: Add test for it. Thanks to Niklas Baumstark for reporting the issue! [Ruby 1.9 - Bug #5233] [ruby-core:39120] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-10-12* test/openssl/test_ssl.rb: Move duplicated tests for SSL::Session to nahi
test_ssl_session.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33458 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-25* ext/openssl/ossl_asn1.c: fix int_ossl_asn1_decode0_cons when beingemboss
fed arbitrary string values. Clearly distinguish between the cases "universal, infinite and not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly infinite". Raise error for universal tags that are not infinite. * test/openssl/test_asn1.rb: add a test for this. Thanks to Hiroshi Yoshida for reporting this bug. [Bug #5363] [ruby-dev:44542] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33333 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-23* test/openssl/test_ssl_session.rb: execute test_session_exts_reademboss
only for OpenSSL versions >= 0.9.8k. Thanks, Eric Wong, for reporting this. [Bug #4961] [ruby-core:37726] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33315 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-23* test/openssl/test_ssl_session.rb: ensure server calls callbacks inemboss
test_ctx_server_session_cb. Thanks to Eric Wong for the patch. [Bug #5336] [ruby-core:39619] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33311 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-20Skip patented algorithms: IDEA and RC5 on NetBSD.naruse
On NetBSD, if it uses patented algorithms without explicit option, openssl will abort. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33301 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-20Explicitly close the tcp connection.naruse
Without this, the connection will be alive without GC after exit the block and the test will fail as "TCPServer was closed and SSLServer is still alive" on 64bit Unix: at least CentOS, Ubuntu, and FreeBSD. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33300 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-19OepnSSL supports TLS extension from 0.9.8f.naruse
http://www.openssl.org/news/changelog.html Reported by Eric Wong. [ruby-core:39617] [Bug #4961] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33298 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-19* test/openssl/test_ssl.rb (class OpenSSL): Testdrbrain
OpenSSL::SSL::SSLSocket#session and #session=. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-01* Release GVL while OpenSSL's public key generation.nahi
t = Thread.new { print "."; sleep 0.1 } key = OpenSSL::PKey::RSA.new(2048) #=> Thread t works in parallel with public key generation if OS/machine allows it. This works with OpenSSL >= 0.9.8. From this version, it has new public key generation function which allows us to interrupt the execution while pkey generation iterations. * ext/openssl/extconf.rb: Check existence of OpenSSL's new public key generation function. (DH_generate_parameters_ex, DSA_generate_parameters_ex and RSA_generate_key_ex. * ext/openssl/ossl_pkey.{h,c} (ossl_generate_cb_2, ossl_generate_cb_stop): Added new callback function for OpenSSL pkey generation which handles Thread interruption by Ruby. ossl_generate_cb_stop is the unblock function(ubf) for Ruby which sets a stop flag. New pkey generation callback ossl_generate_cb_2 checks the stop flag at each iterations of OpenSSL and interrupts pkey generation when the flag is set. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): Call rb_thread_blocking_region with the above unblock function to release GVL while pkey generation. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): ditto. * test/openssl/test_pkey_{dh,dsa,rsa}.rb: Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-08-15* ext/openssl/ossl_ssl.c: Support disabling OpenSSL compression.emboss
* test/openssl/test_ssl.rb: Add a test for it. Thanks to Eric Wong for the patch. [Ruby 1.9 - Feature #5183] [ruby-core:38911] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32973 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-28* ext/openssl/ossl_cipher.c (ossl_cipher_initialize): Avoid possiblenahi
SEGV from AES encryption/decryption. Processing data by Cipher#update without initializing key (meaningless usage of Cipher object since we don't offer a way to export a key) could cause SEGV. In OpenSSL, the EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows uninitialized key, but other EVPs (such as AES) does not allow it. Calling EVP_CipherUpdate() without initializing key causes SEGV so we set the data filled with "\0" as the key by default. See #2768. * test/openssl/test_cipher.rb: test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32723 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-27* test/openssl/test_pkcs12.rb: Add test and intermediate certificates.emboss
[ Ruby 1.9 - Feature #3793 ] [ruby-core:32088] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32690 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-22* ext/openssl/ossl_engine.c: Avoid double free of ENGINE reference.emboss
* test/openssl/test_engine.rb: Add a test for it. Thanks to Ippei Obayashi for providing the patch. [ Ruby 1.9 - Bug #5062 ] [ruby-dev:44173] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32604 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-16* test/openssl/test_ssl_session.rb: add PEM SSL session without TLSemboss
extensions. Use this as the default for the tests to ensure compatibility with OpenSSL 0.9.7. [ Ruby 1.9 - Bug #4961 ] [ruby-core:37726] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-14* ext/openssl/ossl.c (ossl_verify_cb): trap the exception fromnahi
verify callback of SSLContext and X509Store and make the verification fail normally. Raising exception directly from callback causes orphan resouces in OpenSSL stack. Patched by Ippei Obayashi. See #4445. * test/openssl/test_ssl.rb (test_exception_in_verify_callback_is_ignored): test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-02* test/openssl/test_ocsp.rbemboss
* test/openssl/test_x509_cert.rb: Perform SHA-256 tests only if supported by the available OpenSSL version. Versions < 0.9.8 don't support it. [ruby-core:37724] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32366 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-30* ext/openssl/ossl.c/.h: Added ossl_x509_name_sk2ary.emboss
* ext/openssl/ossl.c: Replaced ossl_x509_ary2k by generic macro to simplify future conversions. * ext/openssl/ossl_ssl.c: Implement SSLSocket#client_ca. * test/openssl/test_ssl.rb: Add test for SSLSocket#client_ca. Thanks to Ippei Obayashi for providing the patch! [ Ruby 1.9 - Feature #4481 ] [ruby-core:35461] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32337 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-23* ext/openssl/ossl_x509name.c: Add X509::Name#hash_old as a wrapper nahi
for X509_NAME_hash_old in OpenSSL 1.0.0. See #4805 * test/openssl/test_x509name.rb (test_hash): Make test pass with OpenSSL 1.0.0. * NEWS: Add it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-23* test/openssl/test_ssl_session.rb: Test parameter bug fixed. 2**31 is not innahi
a signed long in 32bit long env. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32212 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-23* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check nahi
argument type with NUM2LONG if the arg is not a Time object. See #4919. * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check type with NUM2LONG. Time as an arg is not allowed. See #4919. * test/openssl/test_ssl_session.rb (test_session_time, test_session_timeout): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32211 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl.c (ossl_sslctx_session_new_cb): Return 0 tonahi
OpenSSL from the callback for SSL_CTX_sess_set_get_cb(). Returning 0 means to OpenSSL that the the session is still valid (since we created Ruby Session object) and was not freed by us with SSL_SESSION_free(). Call SSLContext#remove_session(sess) in session_get_cb block if you don't want OpenSSL to cache the session internally. This potential issue was pointed by Ippei Obayashi. See #4416. * test/openssl/test_ssl_session.rb (test_ctx_server_session_cb): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32204 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl.c (ossl_sslctx_session_remove_cb):nahi
OpenSSL::SSL::SSLContext#session_remove_cb was broken. It wrongly tried to call the session_*new*_cb callback. * test/openssl/test_ssl_session.rb (class OpenSSL): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DERemboss
fallback scenarios. * ext/openssl/ossl_pkey_dsa.c * ext/openssl/ossl_x509req.c * ext/openssl/ossl_pkey_rsa.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_ssl_session.c * ext/openssl/ossl_x509crl.c * ext/openssl/ossl_pkey.c * ext/openssl/ossl_pkey_dh.c * ext/openssl/ossl_x509cert.c * ext/openssl/ossl_pkcs7.c: Use OSSL_BIO_reset. * ext/openssl/ossl_ssl.c * ext/openssl/ossl_cipher.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_pkcs12.c * ext/openssl/ossl_ssl_session.c: Replace rb_raise occurences by ossl_raise. This automatically flushes OpenSSL's error queue. * ext/openssl/ossl_pkcs7.c: Raise error if DER fallback for parsing fails. * test/openssl/test_pkey_ec.rb * test/openssl/test_pkey_dsa.rb * test/openssl/test_pkey_rsa.rb: Add assertions that OpenSSL.errors is empty. * test/openssl/test_pkey_rsa.rb: Remove initial OpenSSL.errors call in test_new. [ Ruby 1.9 - Bug #4885 ] [ruby-core:37134] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32199 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* test/openssl/test_buffering.rbemboss
* test/openssl/test_pkcs12.rb: Inherit from Test::Unit::TestCase instead of Mintest::Unit::TestCase. [ruby-core:37275] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32197 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der):nahi
OpenSSL::SSL::Session#to_der was broken. Fix buffer handling. * test/openssl/test_ssl_session.rb (test_session): Test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-22* test/openssl/test_ssl_session.rb: Split out SSL::Session related nahi
tests from test_ssl.rb git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-21* test/openssl/test_x509store.rb (test_set_errors): Redhat is nahi
distributing a patched version of OpenSSL that allows multiple CRL for a key (multi-crl.patch.) Make test pass on such env. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-15* test/openssl/test_config.rb: Commit missing fileemboss
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32105 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-14Clear error messages before process and get errors. [ruby-dev:43791] [Bug #4879]naruse
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32076 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-13* test/openssl/test_ec.rbemboss
test/openssl/test_pkey_ec.rb: merge both files into test_pkey_ec.rb. Removed redundant group instantiation from PKey tests. * test/openssl/utils.rb: only create TEST_PKEY_EC_P256V1 if EC is defined. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32058 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-13* test/openssl/digest.rb: remove MDC2 from test, it is not availableemboss
by default in an OpenSSL installation. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32057 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-13* ext/openssl/ossl_digest.c: fix error for digests that have no oidemboss
(e.g. DSS1). * test/openssl/test_digest.c: add tests for this. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32045 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-13* ext/openssl/ossl_digest.c: allow Digests to be created by sn, ln oremboss
oid. * test/openssl/test_digest.rb: add tests for this. [Ruby 1.9 - Feature #4412] [ruby-core:35319] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32040 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-13* ext/openssl/pkey_dh.c: corrected documentation.emboss
* test/openssl/utils.rb: add test key for DH. * test/openssl/test_pkey_dh.rb: add tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32039 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-12* ext/openssl/ossl_pkey.c: added PKey.read module function that allowemboss
reading arbitrary public/private keys from DER-/PEM-encoded File or string instances. * ext/openssl/ossl_pkey_dh.c: improved documentation. * test/openssl/utils.rb: added EC test key. * test/openssl/test_pkey_rsa.rb test/openssl/test_pkey_dsa.rb: Test PKey.read. Reuse keys from OpenSSL::TestUtils. * test/openssl/test_pkey_ec.rb: Created test file for EC tests. Test PKey.read. [Ruby 1.9 - Feature #4424] [ruby-core:35330] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32036 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-12* test/openssl/test_pkey_dsa.rb: Test for DSA#syssign/sysverify.emboss
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32032 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-11* ext/openssl/lib/openssl/buffering.rb (module OpenSSL):nahi
Buffering#each_byte should return String in accordance with IO in 1.9. * test/openssl/test_buffering.rb (class OpenSSL): add tests for getc and each_byte. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32012 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-23* ext/openssl/ossl_asn1.c: Do not parse zero-tagged values as EOC. Doemboss
not let current length become negative for infinite length constructed values. Support constructed values of length zero. Added tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31711 b2dd03c8-39d4-4d8f-98ff-823fe69b080e