|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
From ef6153f727d118d4e7854c0f52d3d8b0e4ed7817 Mon Sep 17 00:00:00 2001
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
From: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
Date: Mon, 3 Dec 2018 04:51:08 +0000
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
Subject: [PATCH] webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
OpenSSL complains abour our keys being small and weak :<
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
Make them big and strong with 2048-bit RSA keys and SHA256 digests
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
---
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
lib/webrick/ssl.rb | 4 ++--
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
test/webrick/test_httpproxy.rb | 2 +-
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
diff --git a/lib/webrick/ssl.rb b/lib/webrick/ssl.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
index 8a334eaff1..d125083528 100644
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
--- a/lib/webrick/ssl.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
+++ b/lib/webrick/ssl.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
@@ -130,7 +130,7 @@ def create_self_signed_cert(bits, cn, comment)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
aki = ef.create_extension("authorityKeyIdentifier",
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
"keyid:always,issuer:always")
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
cert.add_extension(aki)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
- cert.sign(rsa, OpenSSL::Digest::SHA1.new)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
+ cert.sign(rsa, OpenSSL::Digest::SHA256.new)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
return [ cert, rsa ]
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
end
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
@@ -181,7 +181,7 @@ def setup_ssl_context(config) # :nodoc:
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
unless config[:SSLCertificate]
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
cn = config[:SSLCertName]
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
comment = config[:SSLCertComment]
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
- cert, key = Utils::create_self_signed_cert(1024, cn, comment)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
+ cert, key = Utils::create_self_signed_cert(2048, cn, comment)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
config[:SSLCertificate] = cert
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
config[:SSLPrivateKey] = key
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
end
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
diff --git a/test/webrick/test_httpproxy.rb b/test/webrick/test_httpproxy.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
index 452e7b94b7..780d95937a 100644
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
--- a/test/webrick/test_httpproxy.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
+++ b/test/webrick/test_httpproxy.rb
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
@@ -133,7 +133,7 @@ def make_certificate(key, cn)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
cert.not_after = Time.now + 3600
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
ef = OpenSSL::X509::ExtensionFactory.new(cert, cert)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
exts.each {|args| cert.add_extension(ef.create_extension(*args)) }
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
- cert.sign(key, "sha1")
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
+ cert.sign(key, "sha256")
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
return cert
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
end if defined?(OpenSSL::SSL)
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
--
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
2.26.2
|
|
![](https://seccdn.libravatar.org/avatar/cc1a006542f883342a5de6661719c947dbccb2f1d68580dd0d874e6a62a06777?s=16&d=retro) |
94a588c |
|