pvalena / rpms / ruby

Forked from rpms/ruby 2 years ago
Clone
7c4943
From 71057ca5963108bac1e2c31bd0e8e205ba74cc19 Mon Sep 17 00:00:00 2001
7c4943
From: Kazuki Yamaguchi <k@rhe.jp>
7c4943
Date: Fri, 11 May 2018 13:43:32 +0900
7c4943
Subject: [PATCH 1/2] test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
7c4943
7c4943
OpenSSL 1.1.1 raised the minimum size for RSA keys to 512 bits.
7c4943
---
7c4943
 test/openssl/test_pkey_rsa.rb | 9 ++++++++-
7c4943
 1 file changed, 8 insertions(+), 1 deletion(-)
7c4943
7c4943
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
7c4943
index c1205563..b4393e68 100644
7c4943
--- a/test/openssl/test_pkey_rsa.rb
7c4943
+++ b/test/openssl/test_pkey_rsa.rb
7c4943
@@ -60,6 +60,13 @@ def test_new_with_exponent
7c4943
     end
7c4943
   end
7c4943
 
7c4943
+  def test_generate
7c4943
+    key = OpenSSL::PKey::RSA.generate(512, 17)
7c4943
+    assert_equal 512, key.n.num_bits
7c4943
+    assert_equal 17, key.e
7c4943
+    assert_not_nil key.d
7c4943
+  end
7c4943
+
7c4943
   def test_new_break
7c4943
     assert_nil(OpenSSL::PKey::RSA.new(1024) { break })
7c4943
     assert_raise(RuntimeError) do
7c4943
@@ -256,7 +263,7 @@ def test_pem_passwd
7c4943
   end
7c4943
 
7c4943
   def test_dup
7c4943
-    key = OpenSSL::PKey::RSA.generate(256, 17)
7c4943
+    key = Fixtures.pkey("rsa1024")
7c4943
     key2 = key.dup
7c4943
     assert_equal key.params, key2.params
7c4943
     key2.set_key(key2.n, 3, key2.d)
7c4943
7c4943
From a5e26bc1345fe325bdc619f9b1768b7ad3c94214 Mon Sep 17 00:00:00 2001
7c4943
From: Kazuki Yamaguchi <k@rhe.jp>
7c4943
Date: Fri, 11 May 2018 14:12:39 +0900
7c4943
Subject: [PATCH 2/2] test/test_ssl_session: set client protocol version
7c4943
 explicitly
7c4943
7c4943
Clients that implement TLS 1.3's Middlebox Compatibility Mode will
7c4943
always provide a non-empty session ID in the ClientHello. This means
7c4943
the "get" callback for the server-side session caching may be called
7c4943
for the initial connection.
7c4943
---
7c4943
 test/openssl/test_ssl_session.rb | 14 +++++++++-----
7c4943
 1 file changed, 9 insertions(+), 5 deletions(-)
7c4943
7c4943
diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb
7c4943
index af8c65b1..6db0c2d1 100644
7c4943
--- a/test/openssl/test_ssl_session.rb
7c4943
+++ b/test/openssl/test_ssl_session.rb
7c4943
@@ -198,7 +198,9 @@ def test_server_session_cache
7c4943
       first_session = nil
7c4943
       10.times do |i|
7c4943
         connections = i
7c4943
-        server_connect_with_session(port, nil, first_session) { |ssl|
7c4943
+        cctx = OpenSSL::SSL::SSLContext.new
7c4943
+        cctx.ssl_version = :TLSv1_2
7c4943
+        server_connect_with_session(port, cctx, first_session) { |ssl|
7c4943
           ssl.puts("abc"); assert_equal "abc\n", ssl.gets
7c4943
           first_session ||= ssl.session
7c4943
 
7c4943
@@ -257,6 +259,8 @@ def test_ctx_server_session_cb
7c4943
 
7c4943
     connections = nil
7c4943
     called = {}
7c4943
+    cctx = OpenSSL::SSL::SSLContext.new
7c4943
+    cctx.ssl_version = :TLSv1_2
7c4943
     sctx = nil
7c4943
     ctx_proc = Proc.new { |ctx|
7c4943
       sctx = ctx
7c4943
@@ -292,7 +296,7 @@ def test_ctx_server_session_cb
7c4943
     }
7c4943
     start_server(ctx_proc: ctx_proc) do |port|
7c4943
       connections = 0
7c4943
-      sess0 = server_connect_with_session(port, nil, nil) { |ssl|
7c4943
+      sess0 = server_connect_with_session(port, cctx, nil) { |ssl|
7c4943
         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
7c4943
         assert_equal false, ssl.session_reused?
7c4943
         ssl.session
7c4943
@@ -307,7 +311,7 @@ def test_ctx_server_session_cb
7c4943
 
7c4943
       # Internal cache hit
7c4943
       connections = 1
7c4943
-      server_connect_with_session(port, nil, sess0.dup) { |ssl|
7c4943
+      server_connect_with_session(port, cctx, sess0.dup) { |ssl|
7c4943
         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
7c4943
         assert_equal true, ssl.session_reused?
7c4943
         ssl.session
7c4943
@@ -328,7 +332,7 @@ def test_ctx_server_session_cb
7c4943
 
7c4943
       # External cache hit
7c4943
       connections = 2
7c4943
-      sess2 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
7c4943
+      sess2 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
7c4943
         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
7c4943
         if !ssl.session_reused? && openssl?(1, 1, 0) && !openssl?(1, 1, 0, 7)
7c4943
           # OpenSSL >= 1.1.0, < 1.1.0g
7c4943
@@ -355,7 +359,7 @@ def test_ctx_server_session_cb
7c4943
 
7c4943
       # Cache miss
7c4943
       connections = 3
7c4943
-      sess3 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
7c4943
+      sess3 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
7c4943
         ssl.puts("abc"); assert_equal "abc\n", ssl.gets
7c4943
         assert_equal false, ssl.session_reused?
7c4943
         ssl.session