ruby-changes:40563
From: usa <ko1@a...>
Date: Wed, 18 Nov 2015 20:34:26 +0900 (JST)
Subject: [ruby-changes:40563] usa:r52642 (ruby_2_1): merge revision(s) 51722, 51724: [Backport #11376]
usa 2015-11-18 20:34:19 +0900 (Wed, 18 Nov 2015) New Revision: 52642 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=52642 Log: merge revision(s) 51722,51724: [Backport #11376] * ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support if the SSL library supports it. Thanks Kurt Roeckx <kurt@r...> [Bug #11376] * ext/openssl/extconf.rb: check for SSLv3 support in the SSL implementation. * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 if there is no support. * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support Modified directories: branches/ruby_2_1/ Modified files: branches/ruby_2_1/ChangeLog branches/ruby_2_1/ext/openssl/extconf.rb branches/ruby_2_1/ext/openssl/ossl_ssl.c branches/ruby_2_1/test/openssl/test_ssl.rb branches/ruby_2_1/version.h Index: ruby_2_1/ChangeLog =================================================================== --- ruby_2_1/ChangeLog (revision 52641) +++ ruby_2_1/ChangeLog (revision 52642) @@ -1,3 +1,15 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_1/ChangeLog#L1 +Wed Nov 18 20:31:56 2015 Aaron Patterson <tenderlove@r...> + + * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support + if the SSL library supports it. Thanks Kurt Roeckx <kurt@r...> + [Bug #11376] + + * ext/openssl/extconf.rb: check for SSLv3 support in the SSL + implementation. + + * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 + if there is no support. + Wed Nov 18 20:26:08 2015 Koichi Sasada <ko1@a...> * vm_trace.c (rb_threadptr_exec_event_hooks_orig): Index: ruby_2_1/ext/openssl/ossl_ssl.c =================================================================== --- ruby_2_1/ext/openssl/ossl_ssl.c (revision 52641) +++ ruby_2_1/ext/openssl/ossl_ssl.c (revision 52642) @@ -134,9 +134,12 @@ struct { https://github.com/ruby/ruby/blob/trunk/ruby_2_1/ext/openssl/ossl_ssl.c#L134 OSSL_SSL_METHOD_ENTRY(SSLv2_server), OSSL_SSL_METHOD_ENTRY(SSLv2_client), #endif +#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \ + defined(HAVE_SSLV3_CLIENT_METHOD) OSSL_SSL_METHOD_ENTRY(SSLv3), OSSL_SSL_METHOD_ENTRY(SSLv3_server), OSSL_SSL_METHOD_ENTRY(SSLv3_client), +#endif OSSL_SSL_METHOD_ENTRY(SSLv23), OSSL_SSL_METHOD_ENTRY(SSLv23_server), OSSL_SSL_METHOD_ENTRY(SSLv23_client), Index: ruby_2_1/ext/openssl/extconf.rb =================================================================== --- ruby_2_1/ext/openssl/extconf.rb (revision 52641) +++ ruby_2_1/ext/openssl/extconf.rb (revision 52642) @@ -103,6 +103,9 @@ have_func("OPENSSL_cleanse") https://github.com/ruby/ruby/blob/trunk/ruby_2_1/ext/openssl/extconf.rb#L103 have_func("SSLv2_method") have_func("SSLv2_server_method") have_func("SSLv2_client_method") +have_func("SSLv3_method") +have_func("SSLv3_server_method") +have_func("SSLv3_client_method") have_func("TLSv1_1_method") have_func("TLSv1_1_server_method") have_func("TLSv1_1_client_method") Index: ruby_2_1/version.h =================================================================== --- ruby_2_1/version.h (revision 52641) +++ ruby_2_1/version.h (revision 52642) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_1/version.h#L1 #define RUBY_VERSION "2.1.8" #define RUBY_RELEASE_DATE "2015-11-18" -#define RUBY_PATCHLEVEL 417 +#define RUBY_PATCHLEVEL 418 #define RUBY_RELEASE_YEAR 2015 #define RUBY_RELEASE_MONTH 11 Index: ruby_2_1/test/openssl/test_ssl.rb =================================================================== --- ruby_2_1/test/openssl/test_ssl.rb (revision 52641) +++ ruby_2_1/test/openssl/test_ssl.rb (revision 52642) @@ -623,7 +623,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/ruby_2_1/test/openssl/test_ssl.rb#L623 # that has been marked as forbidden, therefore either of these may be raised HANDSHAKE_ERRORS = [OpenSSL::SSL::SSLError, Errno::ECONNRESET] -if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1 +if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContext::METHODS.include?(:SSLv3) def test_forbid_ssl_v3_for_client ctx_proc = Proc.new { |ctx| ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3 } Property changes on: ruby_2_1 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r51722,51724 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/