[前][次][番号順一覧][スレッド一覧]

ruby-changes:30543

From: usa <ko1@a...>
Date: Mon, 19 Aug 2013 18:35:22 +0900 (JST)
Subject: [ruby-changes:30543] usa:r42622 (ruby_1_9_3): merge revision(s) 42429: [Backport #8750]

usa	2013-08-19 18:35:15 +0900 (Mon, 19 Aug 2013)

  New Revision: 42622

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=42622

  Log:
    merge revision(s) 42429: [Backport #8750]
    
    * test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.
      Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]

  Modified directories:
    branches/ruby_1_9_3/
  Modified files:
    branches/ruby_1_9_3/ChangeLog
    branches/ruby_1_9_3/test/openssl/test_ssl.rb
    branches/ruby_1_9_3/version.h
Index: ruby_1_9_3/ChangeLog
===================================================================
--- ruby_1_9_3/ChangeLog	(revision 42621)
+++ ruby_1_9_3/ChangeLog	(revision 42622)
@@ -1,3 +1,8 @@ https://github.com/ruby/ruby/blob/trunk/ruby_1_9_3/ChangeLog#L1
+Mon Aug 19 18:34:31 2013  Charlie Somerville  <charliesome@r...>
+
+	* test/openssl/test_ssl.rb: Fix test for CVE-2013-4073.
+	  Patch by Antonio Terceiro. [Bug #8750] [ruby-core:56437]
+
 Mon Aug 19 18:31:26 2013  Kazuhiro NISHIYAMA  <zn@m...>
 
 	* parse.y: fix build error with bison-3.0.
Index: ruby_1_9_3/version.h
===================================================================
--- ruby_1_9_3/version.h	(revision 42621)
+++ ruby_1_9_3/version.h	(revision 42622)
@@ -1,5 +1,5 @@ https://github.com/ruby/ruby/blob/trunk/ruby_1_9_3/version.h#L1
 #define RUBY_VERSION "1.9.3"
-#define RUBY_PATCHLEVEL 467
+#define RUBY_PATCHLEVEL 468
 
 #define RUBY_RELEASE_DATE "2013-08-19"
 #define RUBY_RELEASE_YEAR 2013
Index: ruby_1_9_3/test/openssl/test_ssl.rb
===================================================================
--- ruby_1_9_3/test/openssl/test_ssl.rb	(revision 42621)
+++ ruby_1_9_3/test/openssl/test_ssl.rb	(revision 42622)
@@ -355,7 +355,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/ruby_1_9_3/test/openssl/test_ssl.rb#L355
     [true, false].each do |criticality|
       cert = create_null_byte_SAN_certificate(criticality)
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, 'www.example.com'))
-      assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, 'www.example.com\0.evil.com'))
+      assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, "www.example.com\0.evil.com"))
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, '192.168.7.255'))
       assert_equal(true,  OpenSSL::SSL.verify_certificate_identity(cert, '192.168.7.1'))
       assert_equal(false, OpenSSL::SSL.verify_certificate_identity(cert, '13::17'))
@@ -372,7 +372,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/ruby_1_9_3/test/openssl/test_ssl.rb#L372
     ext_asn1 = OpenSSL::ASN1.decode(ext.to_der)
     san_list_der = ext_asn1.value.reduce(nil) { |memo,val| val.tag == 4 ? val.value : memo }
     san_list_asn1 = OpenSSL::ASN1.decode(san_list_der)
-    san_list_asn1.value[0].value = 'www.example.com\0.evil.com'
+    san_list_asn1.value[0].value = "www.example.com\0.evil.com"
     pos = critical ? 2 : 1
     ext_asn1.value[pos].value = san_list_asn1.to_der
     real_ext = OpenSSL::X509::Extension.new ext_asn1

Property changes on: ruby_1_9_3
___________________________________________________________________
Modified: svn:mergeinfo
   Merged /trunk:r42429


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]