[前][次][番号順一覧][スレッド一覧]

ruby-changes:30360

From: charliesome <ko1@a...>
Date: Thu, 8 Aug 2013 06:00:47 +0900 (JST)
Subject: [ruby-changes:30360] charliesome:r42429 (trunk): * test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.

charliesome	2013-08-08 06:00:34 +0900 (Thu, 08 Aug 2013)

  New Revision: 42429

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=42429

  Log:
    * test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.
      Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]

  Modified files:
    trunk/ChangeLog
    trunk/test/openssl/test_ssl.rb
_______________________________________________
ruby-cvs mailing list
ruby-cvs@r...
http://lists.ruby-lang.org/cgi-bin/mailman/listinfo/ruby-cvs
Index: ChangeLog
===================================================================
--- ChangeLog	(revision 42428)
+++ ChangeLog	(revision 42429)
@@ -1,3 +1,8 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1
+Thu Aug  8 05:59:00 2013  Charlie Somerville  <charliesome@r...>
+
+	* test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.
+	  Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]
+
 Thu Aug  8 03:37:38 2013  Eric Hodel  <drbrain@s...>
 
 	* lib/webrick/httpresponse.rb:  Allow #body to be an IO-like object
Index: test/openssl/test_ssl.rb
===================================================================
--- test/openssl/test_ssl.rb	(revision 42428)
+++ test/openssl/test_ssl.rb	(revision 42429)
@@ -341,7 +341,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ssl.rb#L341
     [true, false].each do |criticality|
       cert = create_null_byte_SAN_certificate(criticality)
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, 'www.example.com'))
-      assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, 'www.example.com\0.evil.com'))
+      assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, "www.example.com\0.evil.com"))
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, '192.168.7.255'))
       assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, '192.168.7.1'))
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, '13::17'))
@@ -358,7 +358,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ssl.rb#L358
     ext_asn1 = OpenSSL::ASN1.decode(ext.to_der)
     san_list_der = ext_asn1.value.reduce(nil) { |memo,val| val.tag == 4 ? val.value : memo }
     san_list_asn1 = OpenSSL::ASN1.decode(san_list_der)
-    san_list_asn1.value[0].value = 'www.example.com\0.evil.com'
+    san_list_asn1.value[0].value = "www.example.com\0.evil.com"
     pos = critical ? 2 : 1
     ext_asn1.value[pos].value = san_list_asn1.to_der
     real_ext = OpenSSL::X509::Extension.new ext_asn1

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]