ruby-changes:20148
From: nahi <ko1@a...>
Date: Wed, 22 Jun 2011 12:44:48 +0900 (JST)
Subject: [ruby-changes:20148] nahi:r32196 (trunk): * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der):
nahi 2011-06-22 12:43:38 +0900 (Wed, 22 Jun 2011) New Revision: 32196 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=32196 Log: * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der): OpenSSL::SSL::Session#to_der was broken. Fix buffer handling. * test/openssl/test_ssl_session.rb (test_session): Test it. Modified files: trunk/ChangeLog trunk/ext/openssl/ossl_ssl_session.c trunk/test/openssl/test_ssl_session.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 32195) +++ ChangeLog (revision 32196) @@ -1,3 +1,10 @@ +Wed Jun 22 12:41:03 2011 Hiroshi Nakamura <nahi@r...> + + * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_to_der): + OpenSSL::SSL::Session#to_der was broken. Fix buffer handling. + + * test/openssl/test_ssl_session.rb (test_session): Test it. + Wed Jun 22 12:38:52 2011 Hiroshi Nakamura <nahi@r...> * test/openssl/test_ssl_session.rb: Split out SSL::Session related Index: ext/openssl/ossl_ssl_session.c =================================================================== --- ext/openssl/ossl_ssl_session.c (revision 32195) +++ ext/openssl/ossl_ssl_session.c (revision 32196) @@ -195,20 +195,21 @@ static VALUE ossl_ssl_session_to_der(VALUE self) { SSL_SESSION *ctx; - unsigned char buf[1024*10], *p; + unsigned char *p; int len; + VALUE str; GetSSLSession(self, ctx); - - p = buf; - len = i2d_SSL_SESSION(ctx, &p); - - if (len <= 0) + len = i2d_SSL_SESSION(ctx, NULL); + if (len <= 0) { ossl_raise(eSSLSession, "i2d_SSL_SESSION"); - else if (len >= (int)sizeof(buf)) - ossl_raise(eSSLSession, "i2d_SSL_SESSION too large"); + } - return rb_str_new((const char *) p, len); + str = rb_str_new(0, len); + p = (unsigned char *)RSTRING_PTR(str); + i2d_SSL_SESSION(ctx, &p); + ossl_str_adjust(str, p); + return str; } /* Index: test/openssl/test_ssl_session.rb =================================================================== --- test/openssl/test_ssl_session.rb (revision 32195) +++ test/openssl/test_ssl_session.rb (revision 32196) @@ -3,6 +3,35 @@ if defined?(OpenSSL) class OpenSSL::TestSSLSession < OpenSSL::SSLTestCase + def test_session + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port| + sock = TCPSocket.new("127.0.0.1", port) + ctx = OpenSSL::SSL::SSLContext.new("TLSv1") + ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) + ssl.sync_close = true + ssl.connect + session = ssl.session + assert(session == OpenSSL::SSL::Session.new(session.to_pem)) + assert(session == OpenSSL::SSL::Session.new(ssl)) + assert_equal(300, session.timeout) + session.timeout = 5 + assert_equal(5, session.timeout) + assert_not_nil(session.time) + # SSL_SESSION_time keeps long value so we can't keep nsec fragment. + session.time = t1 = Time.now.to_i + assert_equal(Time.at(t1), session.time) + if session.respond_to?(:id) + assert_not_nil(session.id) + end + pem = session.to_pem + assert_match(/\A-----BEGIN SSL SESSION PARAMETERS-----/, pem) + assert_match(/-----END SSL SESSION PARAMETERS-----\Z/, pem) + pem.gsub!(/-----(BEGIN|END) SSL SESSION PARAMETERS-----/, '').gsub!(/[\r\n]+/m, '') + assert_equal(session.to_der, pem.unpack('m*')[0]) + ssl.close + end + end + def test_client_session last_session = nil start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port| -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/