ruby-changes:23745
From: emboss <ko1@a...>
Date: Fri, 25 May 2012 23:44:29 +0900 (JST)
Subject: [ruby-changes:23745] emboss:r35796 (trunk): * test/openssl/test_ssl.rb: Clarify the intention of errors to be
emboss 2012-05-25 23:44:15 +0900 (Fri, 25 May 2012) New Revision: 35796 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=35796 Log: * test/openssl/test_ssl.rb: Clarify the intention of errors to be expected. Two errors are possible when connection is refused due to a protocol version that was explicitly disallowed, OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the OpenSSL version in use. Modified files: trunk/ChangeLog trunk/test/openssl/test_ssl.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 35795) +++ ChangeLog (revision 35796) @@ -1,3 +1,11 @@ +Fri May 25 23:38:58 2012 Martin Bosslet <Martin.Bosslet@g...> + + * test/openssl/test_ssl.rb: Clarify the intention of errors to be + expected. Two errors are possible when connection is refused due + to a protocol version that was explicitly disallowed, + OpenSSL::SSL::SSLError or Errno::ECONNRESET, depending on the + OpenSSL version in use. + Fri May 25 22:19:40 2012 Martin Bosslet <Martin.Bosslet@g...> * ext/openssl/ossl_ssl.c: Revert r35583 @@ -2,3 +10,3 @@ * test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid - the test failing in Ruby CI [1] + the test failing in Ruby CI [1] Index: test/openssl/test_ssl.rb =================================================================== --- test/openssl/test_ssl.rb (revision 35795) +++ test/openssl/test_ssl.rb (revision 35796) @@ -408,6 +408,11 @@ } end + # different OpenSSL versions react differently when being faced with a + # SSL/TLS version that has been marked as forbidden, therefore either of + # these may be raised + FORBIDDEN_PROTOCOL_ERRORS = [OpenSSL::SSL::SSLError, Errno::ECONNRESET] + if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1 def test_forbid_ssl_v3_for_client @@ -415,7 +420,7 @@ start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :SSLv3 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end @@ -423,7 +428,7 @@ start_server_version(:SSLv3) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end @@ -442,7 +447,7 @@ start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end @@ -450,7 +455,7 @@ start_server_version(:TLSv1) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end @@ -469,7 +474,7 @@ start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1_1 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1) @@ -477,7 +482,7 @@ start_server_version(:TLSv1_1) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_1 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_1) @@ -486,7 +491,7 @@ start_server_version(:SSLv23, ctx_proc) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.ssl_version = :TLSv1_2 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2) @@ -494,7 +499,7 @@ start_server_version(:TLSv1_2) { |server, port| ctx = OpenSSL::SSL::SSLContext.new ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_TLSv1_2 - assert_raise(OpenSSL::SSL::SSLError) { server_connect(port, ctx) } + assert_raise(*FORBIDDEN_PROTOCOL_ERRORS) { server_connect(port, ctx) } } end if defined?(OpenSSL::SSL::OP_NO_TLSv1_2) @@ -516,8 +521,6 @@ ssl.sync_close = true ssl.connect yield ssl - rescue Errno::ECONNRESET => e - raise OpenSSL::SSL::SSLError.new(e.message) ensure ssl.close end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/