ruby-changes:40570

nagachika	2015-11-18 23:38:49 +0900 (Wed, 18 Nov 2015)

  New Revision: 52649

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=52649

  Log:
    merge revision(s) 51722,51724: [Backport #11376]
    
    * ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support
      if the SSL library supports it.  Thanks Kurt Roeckx <kurt@r...>
      [Bug #11376]
    
    * ext/openssl/extconf.rb: check for SSLv3 support in the SSL
      implementation.
    
    * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3
      if there is no support.
    
    * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support

  Modified directories:
    branches/ruby_2_2/
  Modified files:
    branches/ruby_2_2/ChangeLog
    branches/ruby_2_2/ext/openssl/extconf.rb
    branches/ruby_2_2/ext/openssl/ossl_ssl.c
    branches/ruby_2_2/test/openssl/test_ssl.rb
    branches/ruby_2_2/version.h
Index: ruby_2_2/ChangeLog
===================================================================
--- ruby_2_2/ChangeLog	(revision 52648)
+++ ruby_2_2/ChangeLog	(revision 52649)
@@ -1,3 +1,15 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ChangeLog#L1
+Wed Nov 18 23:29:32 2015  Aaron Patterson <tenderlove@r...>
+
+	* ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support
+	  if the SSL library supports it.  Thanks Kurt Roeckx <kurt@r...>
+	  [Bug #11376]
+
+	* ext/openssl/extconf.rb: check for SSLv3 support in the SSL
+	  implementation.
+
+	* test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3
+	  if there is no support.
+
 Mon Nov 16 03:39:59 2015  CHIKANAGA Tomoyuki  <nagachika@r...>
 
 	* tool/runruby.rb: rubyspec now requires other FDs not to be closed
Index: ruby_2_2/ext/openssl/ossl_ssl.c
===================================================================
--- ruby_2_2/ext/openssl/ossl_ssl.c	(revision 52648)
+++ ruby_2_2/ext/openssl/ossl_ssl.c	(revision 52649)
@@ -138,9 +138,12 @@ static const struct { https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L138
     OSSL_SSL_METHOD_ENTRY(SSLv2_server),
     OSSL_SSL_METHOD_ENTRY(SSLv2_client),
 #endif
+#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \
+        defined(HAVE_SSLV3_CLIENT_METHOD)
     OSSL_SSL_METHOD_ENTRY(SSLv3),
     OSSL_SSL_METHOD_ENTRY(SSLv3_server),
     OSSL_SSL_METHOD_ENTRY(SSLv3_client),
+#endif
     OSSL_SSL_METHOD_ENTRY(SSLv23),
     OSSL_SSL_METHOD_ENTRY(SSLv23_server),
     OSSL_SSL_METHOD_ENTRY(SSLv23_client),
Index: ruby_2_2/ext/openssl/extconf.rb
===================================================================
--- ruby_2_2/ext/openssl/extconf.rb	(revision 52648)
+++ ruby_2_2/ext/openssl/extconf.rb	(revision 52649)
@@ -103,6 +103,9 @@ have_func("OPENSSL_cleanse") https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/extconf.rb#L103
 have_func("SSLv2_method")
 have_func("SSLv2_server_method")
 have_func("SSLv2_client_method")
+have_func("SSLv3_method")
+have_func("SSLv3_server_method")
+have_func("SSLv3_client_method")
 have_func("TLSv1_1_method")
 have_func("TLSv1_1_server_method")
 have_func("TLSv1_1_client_method")
Index: ruby_2_2/version.h
===================================================================
--- ruby_2_2/version.h	(revision 52648)
+++ ruby_2_2/version.h	(revision 52649)
@@ -1,10 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/version.h#L1
 #define RUBY_VERSION "2.2.4"
-#define RUBY_RELEASE_DATE "2015-11-16"
-#define RUBY_PATCHLEVEL 187
+#define RUBY_RELEASE_DATE "2015-11-18"
+#define RUBY_PATCHLEVEL 188
 
 #define RUBY_RELEASE_YEAR 2015
 #define RUBY_RELEASE_MONTH 11
-#define RUBY_RELEASE_DAY 16
+#define RUBY_RELEASE_DAY 18
 
 #include "ruby/version.h"
 
Index: ruby_2_2/test/openssl/test_ssl.rb
===================================================================
--- ruby_2_2/test/openssl/test_ssl.rb	(revision 52648)
+++ ruby_2_2/test/openssl/test_ssl.rb	(revision 52649)
@@ -690,7 +690,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTes https://github.com/ruby/ruby/blob/trunk/ruby_2_2/test/openssl/test_ssl.rb#L690
   # that has been marked as forbidden, therefore either of these may be raised
   HANDSHAKE_ERRORS = [OpenSSL::SSL::SSLError, Errno::ECONNRESET]
 
-if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1
+if OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1) && OpenSSL::SSL::SSLContext::METHODS.include?(:SSLv3)
 
   def test_forbid_ssl_v3_for_client
     ctx_proc = Proc.new { |ctx| ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3 }

Property changes on: ruby_2_2
___________________________________________________________________
Modified: svn:mergeinfo
   Merged /trunk:r51722,51724


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/