pvalena / rpms / ruby

Forked from rpms/ruby 6 years ago
Clone
Source Code
GIT

Files

  1.   fde2a68e73dd5bb0e7e59d38754c75bd1f1016c2
  2.   ruby-2.5.0-allow-3DES-cipher-suites-in-test_sslctx_set_params.patch
Blob Blame History Raw 
From 261353a42d0dc0e7bf73e5a8fb8ecffd04249d42 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Tue, 27 Jun 2017 14:31:09 +0900
Subject: [PATCH] test/test_ssl: allow 3DES cipher suites in
 test_sslctx_set_params

Fedora's OpenSSL seems to enable 3DES cipher suites by DEFAULT.

Fixes: https://github.com/ruby/openssl/issues/127
---
 test/test_ssl.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
index 19066566..b3efe95a 100644
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@@ -350,7 +350,7 @@ def test_sslctx_set_params
     assert_equal OpenSSL::SSL::VERIFY_PEER, ctx.verify_mode
     ciphers_names = ctx.ciphers.collect{|v, _, _, _| v }
     assert ciphers_names.all?{|v| /A(EC)?DH/ !~ v }, "anon ciphers are disabled"
-    assert ciphers_names.all?{|v| /(RC4|MD5|EXP|DES)/ !~ v }, "weak ciphers are disabled"
+    assert ciphers_names.all?{|v| /(RC4|MD5|EXP|DES(?!-EDE|-CBC3))/ !~ v }, "weak ciphers are disabled"
     assert_equal 0, ctx.options & OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
     if defined?(OpenSSL::SSL::OP_NO_COMPRESSION) # >= 1.0.0
       assert_equal OpenSSL::SSL::OP_NO_COMPRESSION,
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.