From 7361a2ecb3b86e1fea0cc1bb5a3c4351ab50068f Mon Sep 17 00:00:00 2001 From: technorama Date: Sat, 24 Jan 2009 21:45:42 +0000 Subject: * ext/openssl/ossl_ssl.c: Server Name Indication support. new methods SSLContext#server_name_cb=, SSLSocket#hostname=. * test/openssl/test_ssl.rb: Tests for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21761 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- test/openssl/test_ssl.rb | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'test/openssl/test_ssl.rb') diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 9010fd2e9c..2c5886bb42 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -570,6 +570,50 @@ class OpenSSL::TestSSL < Test::Unit::TestCase end end end + + def test_tlsext_hostname + return unless OpenSSL::SSL::SSLSocket.instance_methods.include?(:hostname) + + ctx_proc = Proc.new do |ctx, ssl| + foo_ctx = ctx.dup + + ctx.servername_cb = Proc.new do |ssl, hostname| + case hostname + when 'foo.example.com' + foo_ctx + when 'bar.example.com' + nil + else + raise "unknown hostname #{hostname.inspect}" + end + end + end + + server_proc = Proc.new do |ctx, ssl| + readwrite_loop(ctx, ssl) + end + + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc, :server_proc => server_proc) do |server, port| + 2.times do |i| + sock = TCPSocket.new("127.0.0.1", port) + ctx = OpenSSL::SSL::SSLContext.new + if defined?(OpenSSL::SSL::OP_NO_TICKET) + # disable RFC4507 support + ctx.options = OpenSSL::SSL::OP_NO_TICKET + end + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.sync_close = true + ssl.hostname = (i & 1 == 0) ? 'foo.example.com' : 'bar.example.com' + ssl.connect + + str = "x" * 100 + "\n" + ssl.puts(str) + assert_equal(str, ssl.gets) + + ssl.close + end + end + end end end -- cgit v1.2.3