ruby-changes:39300
From: tenderlove <ko1@a...>
Date: Sun, 26 Jul 2015 08:16:57 +0900 (JST)
Subject: [ruby-changes:39300] tenderlove:r51381 (trunk): * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support
tenderlove 2015-07-26 08:16:49 +0900 (Sun, 26 Jul 2015) New Revision: 51381 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=51381 Log: * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support specifically setting the tmp_dh_callback to nil. * ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto * test/openssl/test_pair.rb (module OpenSSL): add a test Modified files: trunk/ChangeLog trunk/ext/openssl/lib/openssl/ssl.rb trunk/ext/openssl/ossl_ssl.c trunk/test/openssl/test_pair.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 51380) +++ ChangeLog (revision 51381) @@ -1,3 +1,12 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sun Jul 26 08:14:59 2015 Aaron Patterson <tenderlove@r...> + + * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support + specifically setting the tmp_dh_callback to nil. + + * ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto + + * test/openssl/test_pair.rb (module OpenSSL): add a test + Sun Jul 26 07:47:14 2015 Aaron Patterson <tenderlove@r...> * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): move the default Index: ext/openssl/ossl_ssl.c =================================================================== --- ext/openssl/ossl_ssl.c (revision 51380) +++ ext/openssl/ossl_ssl.c (revision 51381) @@ -2122,7 +2122,7 @@ Init_ossl_ssl(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L2122 * The callback must return an OpenSSL::PKey::DH instance of the correct * key length. */ - rb_attr(cSSLContext, rb_intern("tmp_dh_callback"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern("tmp_dh_callback"), 1, 0, Qfalse); /* * Sets the context in which a session can be reused. This allows Index: ext/openssl/lib/openssl/ssl.rb =================================================================== --- ext/openssl/lib/openssl/ssl.rb (revision 51380) +++ ext/openssl/lib/openssl/ssl.rb (revision 51381) @@ -128,6 +128,10 @@ module OpenSSL https://github.com/ruby/ruby/blob/trunk/ext/openssl/lib/openssl/ssl.rb#L128 end return params end + + def tmp_dh_callback=(value) + @tmp_dh_callback = value || DEFAULT_TMP_DH_CALLBACK + end end module SocketForwarder Index: test/openssl/test_pair.rb =================================================================== --- test/openssl/test_pair.rb (revision 51380) +++ test/openssl/test_pair.rb (revision 51381) @@ -283,6 +283,31 @@ module OpenSSL::TestPairM https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pair.rb#L283 serv.close if serv && !serv.closed? end + def test_connect_works_when_setting_dh_callback_to_nil + ctx2 = OpenSSL::SSL::SSLContext.new + ctx2.ciphers = "DH" + ctx2.tmp_dh_callback = nil + sock1, sock2 = tcp_pair + s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2) + accepted = s2.accept_nonblock(exception: false) + + ctx1 = OpenSSL::SSL::SSLContext.new + ctx1.ciphers = "DH" + ctx1.tmp_dh_callback = nil + s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) + t = Thread.new { s1.connect } + + accept = s2.accept + assert_equal s1, t.value + assert accept + ensure + s1.close if s1 + s2.close if s2 + sock1.close if sock1 + sock2.close if sock2 + accepted.close if accepted.respond_to?(:close) + end + def test_connect_without_setting_dh_callback ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ciphers = "DH" -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/