ruby-changes:43018
From: nagachika <ko1@a...>
Date: Sat, 21 May 2016 02:36:30 +0900 (JST)
Subject: [ruby-changes:43018] nagachika:r55092 (ruby_2_3): merge revision(s) 55078:
nagachika 2016-05-21 02:36:26 +0900 (Sat, 21 May 2016) New Revision: 55092 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=55092 Log: merge revision(s) 55078: openssl: don't test default session lifetime value OpenSSL's default session timeout for TLS v1.0 method is not 300 seconds but 7200. The TLS v1.0 specification[1] mentions about it as just "An upper limit of 24 hours is suggested for session ID lifetimes,". And according to OpenSSL 1.0.2h source comment[2], the value 7200 is decided just because "the 24 hours mentioned in the TLSv1 spec is way too long for http, the cache would over fill". The reason why the default lifetime is set to 300 is maybe an OpenSSL bug. We always call SSL_CTX_new() with SSLv23_method(), and this set ssl_ctx->session to 300, the default value for SSLv23_method(). But the following SSL_set_ssl_method() call does not update it. By the way this will be fixed in OpenSSL 1.1.0. [1] https://tools.ietf.org/html/rfc2246#appendix-F.1.4 [2] https://git.openssl.org/?p=openssl.git;a=blob;f=ssl/t1_lib.c;h=dd5bd0050d89f5585c1b06a227eb8221ebf984f1;hb=5dd94f1847c744929a3bd24819f1c99644bb18c7#l193 * test/openssl/test_ssl_session.rb (test_session): remove assertion of the default session timeout. Modified directories: branches/ruby_2_3/ Modified files: branches/ruby_2_3/test/openssl/test_ssl_session.rb branches/ruby_2_3/version.h Index: ruby_2_3/version.h =================================================================== --- ruby_2_3/version.h (revision 55091) +++ ruby_2_3/version.h (revision 55092) @@ -1,10 +1,10 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_3/version.h#L1 #define RUBY_VERSION "2.3.2" -#define RUBY_RELEASE_DATE "2016-05-15" -#define RUBY_PATCHLEVEL 119 +#define RUBY_RELEASE_DATE "2016-05-21" +#define RUBY_PATCHLEVEL 120 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 5 -#define RUBY_RELEASE_DAY 15 +#define RUBY_RELEASE_DAY 21 #include "ruby/version.h" Index: ruby_2_3/test/openssl/test_ssl_session.rb =================================================================== --- ruby_2_3/test/openssl/test_ssl_session.rb (revision 55091) +++ ruby_2_3/test/openssl/test_ssl_session.rb (revision 55092) @@ -55,7 +55,6 @@ tddwpBAEDjcwMzA5NTYzMTU1MzAwpQMCARM= https://github.com/ruby/ruby/blob/trunk/ruby_2_3/test/openssl/test_ssl_session.rb#L55 session = ssl.session assert(session == OpenSSL::SSL::Session.new(session.to_pem)) assert(session == OpenSSL::SSL::Session.new(ssl)) - assert_equal(300, session.timeout) session.timeout = 5 assert_equal(5, session.timeout) assert_not_nil(session.time) Property changes on: ruby_2_3 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r55078 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/