rpms / ruby

Clone
Source Code
GIT

Blame ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch

2.7 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main patch private-ruby-2.1 private-ruby-2.2 private-ruby-2.3 private-ruby-2.4 private-ruby-2.5 private-ruby-2.6 private-ruby-2.7 private-ruby-2.8 private-ruby-3.0 private-ruby-3.1 private-ruby-3.2 rawhide ruby-2.0 ruby-2.5 ruby-3.3 stream-ruby-2.6 stream-ruby-2.7 stream-ruby-3.0
  1.   fe11680a051cffa4fe1dc4d3c513522db56dd0e7
  2.   ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch
Blob History Raw
94a588c 
From ef6153f727d118d4e7854c0f52d3d8b0e4ed7817 Mon Sep 17 00:00:00 2001
94a588c 
From: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
94a588c 
Date: Mon, 3 Dec 2018 04:51:08 +0000
94a588c 
Subject: [PATCH] webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a
94a588c
94a588c 
OpenSSL complains abour our keys being small and weak :<
94a588c 
Make them big and strong with 2048-bit RSA keys and SHA256 digests
94a588c
94a588c 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
94a588c 
---
94a588c 
 lib/webrick/ssl.rb             | 4 ++--
94a588c 
 test/webrick/test_httpproxy.rb | 2 +-
94a588c 
 2 files changed, 3 insertions(+), 3 deletions(-)
94a588c
94a588c 
diff --git a/lib/webrick/ssl.rb b/lib/webrick/ssl.rb
94a588c 
index 8a334eaff1..d125083528 100644
94a588c 
--- a/lib/webrick/ssl.rb
94a588c 
+++ b/lib/webrick/ssl.rb
94a588c 
@@ -130,7 +130,7 @@ def create_self_signed_cert(bits, cn, comment)
94a588c 
       aki = ef.create_extension("authorityKeyIdentifier",
94a588c 
                                 "keyid:always,issuer:always")
94a588c 
       cert.add_extension(aki)
94a588c 
-      cert.sign(rsa, OpenSSL::Digest::SHA1.new)
94a588c 
+      cert.sign(rsa, OpenSSL::Digest::SHA256.new)
94a588c
94a588c 
       return [ cert, rsa ]
94a588c 
     end
94a588c 
@@ -181,7 +181,7 @@ def setup_ssl_context(config) # :nodoc:
94a588c 
       unless config[:SSLCertificate]
94a588c 
         cn = config[:SSLCertName]
94a588c 
         comment = config[:SSLCertComment]
94a588c 
-        cert, key = Utils::create_self_signed_cert(1024, cn, comment)
94a588c 
+        cert, key = Utils::create_self_signed_cert(2048, cn, comment)
94a588c 
         config[:SSLCertificate] = cert
94a588c 
         config[:SSLPrivateKey] = key
94a588c 
       end
94a588c 
diff --git a/test/webrick/test_httpproxy.rb b/test/webrick/test_httpproxy.rb
94a588c 
index 452e7b94b7..780d95937a 100644
94a588c 
--- a/test/webrick/test_httpproxy.rb
94a588c 
+++ b/test/webrick/test_httpproxy.rb
94a588c 
@@ -133,7 +133,7 @@ def make_certificate(key, cn)
94a588c 
     cert.not_after = Time.now + 3600
94a588c 
     ef = OpenSSL::X509::ExtensionFactory.new(cert, cert)
94a588c 
     exts.each {|args| cert.add_extension(ef.create_extension(*args)) }
94a588c 
-    cert.sign(key, "sha1")
94a588c 
+    cert.sign(key, "sha256")
94a588c 
     return cert
94a588c 
   end if defined?(OpenSSL::SSL)
94a588c
94a588c 
--
94a588c 
2.26.2
94a588c
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.