ruby-changes:34825
From: nagachika <ko1@a...>
Date: Wed, 23 Jul 2014 22:30:01 +0900 (JST)
Subject: [ruby-changes:34825] nagachika:r46908 (ruby_2_1): merge revision(s) r46899, r46903, r46904:
nagachika 2014-07-23 22:29:52 +0900 (Wed, 23 Jul 2014) New Revision: 46908 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46908 Log: merge revision(s) r46899,r46903,r46904: split assertions into algorithms CentOS 7 seems finish MD5 support http://chkbuild005.hsbt.org/chkbuild/ruby-trunk/log/20140722T140010Z.fail.html.gz Modified directories: branches/ruby_2_1/ Modified files: branches/ruby_2_1/ChangeLog branches/ruby_2_1/test/openssl/test_x509cert.rb branches/ruby_2_1/test/openssl/test_x509req.rb branches/ruby_2_1/version.h Index: ruby_2_1/ChangeLog =================================================================== --- ruby_2_1/ChangeLog (revision 46907) +++ ruby_2_1/ChangeLog (revision 46908) @@ -1,3 +1,11 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_1/ChangeLog#L1 +Wed Jul 23 22:24:26 2014 CHIKANAGA Tomoyuki <nagachika@r...> + + * test/openssl/test_x509cert.rb: split assertions into algorithms. + CentOS 7 seems finish MD5 support + http://chkbuild005.hsbt.org/chkbuild/ruby-trunk/log/20140722T140010Z.fail.html.gz + + * test/openssl/test_x509req.rb: ditto. + Sat Jul 19 01:44:34 2014 Nobuyoshi Nakada <nobu@r...> * re.c (match_aref): should not ignore name after NUL byte. Index: ruby_2_1/version.h =================================================================== --- ruby_2_1/version.h (revision 46907) +++ ruby_2_1/version.h (revision 46908) @@ -1,10 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_1/version.h#L1 #define RUBY_VERSION "2.1.2" -#define RUBY_RELEASE_DATE "2014-07-19" -#define RUBY_PATCHLEVEL 176 +#define RUBY_RELEASE_DATE "2014-07-23" +#define RUBY_PATCHLEVEL 177 #define RUBY_RELEASE_YEAR 2014 #define RUBY_RELEASE_MONTH 7 -#define RUBY_RELEASE_DAY 19 +#define RUBY_RELEASE_DAY 23 #include "ruby/version.h" Index: ruby_2_1/test/openssl/test_x509cert.rb =================================================================== --- ruby_2_1/test/openssl/test_x509cert.rb (revision 46907) +++ ruby_2_1/test/openssl/test_x509cert.rb (revision 46908) @@ -125,7 +125,7 @@ class OpenSSL::TestX509Certificate < Tes https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509cert.rb#L125 end - def test_sign_and_verify + def test_sign_and_verify_rsa_sha1 cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::SHA1.new) assert_equal(false, cert.verify(@rsa1024)) @@ -134,7 +134,9 @@ class OpenSSL::TestX509Certificate < Tes https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509cert.rb#L134 assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) cert.serial = 2 assert_equal(false, cert.verify(@rsa2048)) + end + def test_sign_and_verify_rsa_md5 cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::MD5.new) assert_equal(false, cert.verify(@rsa1024)) @@ -144,7 +146,10 @@ class OpenSSL::TestX509Certificate < Tes https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509cert.rb#L146 assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) cert.subject = @ee1 assert_equal(false, cert.verify(@rsa2048)) + rescue OpenSSL::X509::CertificateError # RHEL7 disables MD5 + end + def test_sign_and_verify_dsa cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new) assert_equal(false, certificate_error_returns_false { cert.verify(@rsa1024) }) @@ -153,19 +158,21 @@ class OpenSSL::TestX509Certificate < Tes https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509cert.rb#L158 assert_equal(true, cert.verify(@dsa512)) cert.not_after = Time.now assert_equal(false, cert.verify(@dsa512)) + end - begin - cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], - nil, nil, OpenSSL::Digest::DSS1.new) - assert_equal(false, cert.verify(@rsa1024)) - assert_equal(true, cert.verify(@rsa2048)) - assert_equal(false, certificate_error_returns_false { cert.verify(@dsa256) }) - assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) - cert.subject = @ee1 - assert_equal(false, cert.verify(@rsa2048)) - rescue OpenSSL::X509::CertificateError - end + def test_sign_and_verify_rsa_dss1 + cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::DSS1.new) + assert_equal(false, cert.verify(@rsa1024)) + assert_equal(true, cert.verify(@rsa2048)) + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa256) }) + assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) }) + cert.subject = @ee1 + assert_equal(false, cert.verify(@rsa2048)) + rescue OpenSSL::X509::CertificateError + end + def test_sign_and_verify_dsa_md5 assert_raise(OpenSSL::X509::CertificateError){ issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], nil, nil, OpenSSL::Digest::MD5.new) Index: ruby_2_1/test/openssl/test_x509req.rb =================================================================== --- ruby_2_1/test/openssl/test_x509req.rb (revision 46907) +++ ruby_2_1/test/openssl/test_x509req.rb (revision 46908) @@ -98,7 +98,7 @@ class OpenSSL::TestX509Request < Test::U https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509req.rb#L98 assert_equal(exts, get_ext_req(attrs[1].value)) end - def test_sign_and_verify + def test_sign_and_verify_rsa_sha1 req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new) assert_equal(true, req.verify(@rsa1024)) assert_equal(false, req.verify(@rsa2048)) @@ -106,7 +106,9 @@ class OpenSSL::TestX509Request < Test::U https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509req.rb#L106 assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) req.version = 1 assert_equal(false, req.verify(@rsa1024)) + end + def test_sign_and_verify_rsa_md5 req = issue_csr(0, @dn, @rsa2048, OpenSSL::Digest::MD5.new) assert_equal(false, req.verify(@rsa1024)) assert_equal(true, req.verify(@rsa2048)) @@ -114,7 +116,10 @@ class OpenSSL::TestX509Request < Test::U https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509req.rb#L116 assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) req.subject = OpenSSL::X509::Name.parse("/C=JP/CN=FooBar") assert_equal(false, req.verify(@rsa2048)) + rescue OpenSSL::X509::RequestError # RHEL7 disables MD5 + end + def test_sign_and_verify_dsa req = issue_csr(0, @dn, @dsa512, OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new) assert_equal(false, request_error_returns_false { req.verify(@rsa1024) }) assert_equal(false, request_error_returns_false { req.verify(@rsa2048) }) @@ -122,18 +127,21 @@ class OpenSSL::TestX509Request < Test::U https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_x509req.rb#L127 assert_equal(true, req.verify(@dsa512)) req.public_key = @rsa1024.public_key assert_equal(false, req.verify(@dsa512)) + end - begin - req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::DSS1.new) - assert_equal(true, req.verify(@rsa1024)) - assert_equal(false, req.verify(@rsa2048)) - assert_equal(false, request_error_returns_false { req.verify(@dsa256) }) - assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) - req.version = 1 - assert_equal(false, req.verify(@rsa1024)) - rescue OpenSSL::X509::RequestError - end + def test_sign_and_verify_rsa_dss1 + req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::DSS1.new) + assert_equal(true, req.verify(@rsa1024)) + assert_equal(false, req.verify(@rsa2048)) + assert_equal(false, request_error_returns_false { req.verify(@dsa256) }) + assert_equal(false, request_error_returns_false { req.verify(@dsa512) }) + req.version = 1 + assert_equal(false, req.verify(@rsa1024)) + rescue OpenSSL::X509::RequestError + skip + end + def test_sign_and_verify_dsa_md5 assert_raise(OpenSSL::X509::RequestError){ issue_csr(0, @dn, @dsa512, OpenSSL::Digest::MD5.new) } end Property changes on: ruby_2_1 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r46899,46903-46904 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/