[前][次][番号順一覧][スレッド一覧]

ruby-changes:23745

From: emboss <ko1@a...>
Date: Fri, 25 May 2012 23:44:29 +0900 (JST)
Subject: [ruby-changes:23745] emboss:r35796 (trunk): * test/openssl/test_ssl.rb: Clarify the intention of errors to be

emboss	2012-05-25 23:44:15 +0900 (Fri, 25 May 2012)

  New Revision: 35796

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=35796

  Log:
    * test/openssl/test_ssl.rb: Clarify the intention of errors to be
      expected. Two errors are possible when connection is refused due
      to a protocol version that was explicitly disallowed,
      OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the
      OpenSSL version in use.

  Modified files:
    trunk/ChangeLog
    trunk/test/openssl/test_ssl.rb

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 35795)
+++ ChangeLog	(revision 35796)
@@ -1,3 +1,11 @@
+Fri May 25 23:38:58 2012  Martin Bosslet  <Martin.Bosslet@g...>
+
+	* test/openssl/test_ssl.rb: Clarify the intention of errors to be
+	  expected. Two errors are possible when connection is refused due
+	  to a protocol version that was explicitly disallowed,
+	  OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the
+	  OpenSSL version in use.
+
 Fri May 25 22:19:40 2012  Martin Bosslet  <Martin.Bosslet@g...>
 
 	* ext/openssl/ossl_ssl.c: Revert r35583
@@ -2,3 +10,3 @@
 	* test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid
-	the test failing in Ruby CI [1]
+	  the test failing in Ruby CI [1]
 	
Index: test/openssl/test_ssl.rb
===================================================================
--- test/openssl/test_ssl.rb	(revision 35795)
+++ test/openssl/test_ssl.rb	(revision 35796)
@@ -408,6 +408,11 @@
     }
   end
 
+  # different OpenSSL versions react differently when being faced with a
+  # SSL/TLS version that has been marked as forbidden, therefore either of
+  # these may be raised
+  FORBIDDEN_PROTOCOL_ERRORS = [OpenSSL::SSL::SSLError, Errno::ECONNRESET]
+  
 if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1
 
   def test_forbid_ssl_v3_for_client
@@ -415,7 +420,7 @@
     start_server_version(:SSLv23, ctx_proc) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.ssl_version = :SSLv3
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end
 
@@ -423,7 +428,7 @@
     start_server_version(:SSLv3) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end
 
@@ -442,7 +447,7 @@
     start_server_version(:SSLv23, ctx_proc) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.ssl_version = :TLSv1
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end
 
@@ -450,7 +455,7 @@
     start_server_version(:TLSv1) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end
 
@@ -469,7 +474,7 @@
     start_server_version(:SSLv23, ctx_proc) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.ssl_version = :TLSv1_1
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
 
@@ -477,7 +482,7 @@
     start_server_version(:TLSv1_1) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_1
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
 
@@ -486,7 +491,7 @@
     start_server_version(:SSLv23, ctx_proc) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.ssl_version = :TLSv1_2
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2)
 
@@ -494,7 +499,7 @@
     start_server_version(:TLSv1_2) { |server, port|
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_2
-      assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) }
+      assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) }
     }
   end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2)
 
@@ -516,8 +521,6 @@
     ssl.sync_close = true
     ssl.connect
     yield ssl
-  rescue Errno::ECONNRESET => e
-    raise OpenSSL::SSL::SSLError.new(e.message)
   ensure
     ssl.close
   end

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]