[前][次][番号順一覧][スレッド一覧]

ruby-changes:50677

From: nagachika <ko1@a...>
Date: Tue, 20 Mar 2018 00:11:16 +0900 (JST)
Subject: [ruby-changes:50677] nagachika:r62842 (ruby_2_4): Update rubygems to 2.0.6. [Bug #13935]

nagachika	2018-03-20 00:11:08 +0900 (Tue, 20 Mar 2018)

  New Revision: 62842

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=62842

  Log:
    Update rubygems to 2.0.6. [Bug #13935]
    The patch is provided by Kazuki Yamaguchi.
    
    From: Kazuki Yamaguchi <k@r...>
    Date: Mon, 25 Sep 2017 01:32:02 +0900
    Subject: [PATCH] openssl: import v2.0.6
    
    Import Ruby/OpenSSL 2.0.6. This contains only bug fixes and test
    improvements. The full commit log since v2.0.5 (imported at r59567, to
    trunk) can be found at:
    
            https://github.com/ruby/openssl/compare/v2.0.5...v2.0.6
    
    All the changes included in this patch are already imported to trunk by
    r59734, r59751, r59857, and r60013.

  Added directories:
    branches/ruby_2_4/test/openssl/fixtures/
    branches/ruby_2_4/test/openssl/fixtures/pkey/
  Added files:
    branches/ruby_2_4/test/openssl/fixtures/pkey/dh1024.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/dsa1024.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/dsa256.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/dsa512.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/p256.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/rsa1024.pem
    branches/ruby_2_4/test/openssl/fixtures/pkey/rsa2048.pem
  Modified files:
    branches/ruby_2_4/ext/openssl/History.md
    branches/ruby_2_4/ext/openssl/lib/openssl/buffering.rb
    branches/ruby_2_4/ext/openssl/openssl.gemspec
    branches/ruby_2_4/ext/openssl/ossl.c
    branches/ruby_2_4/ext/openssl/ossl_cipher.c
    branches/ruby_2_4/ext/openssl/ossl_ssl.c
    branches/ruby_2_4/ext/openssl/ossl_version.h
    branches/ruby_2_4/ext/openssl/ruby_missing.h
    branches/ruby_2_4/test/openssl/test_asn1.rb
    branches/ruby_2_4/test/openssl/test_bn.rb
    branches/ruby_2_4/test/openssl/test_buffering.rb
    branches/ruby_2_4/test/openssl/test_config.rb
    branches/ruby_2_4/test/openssl/test_digest.rb
    branches/ruby_2_4/test/openssl/test_engine.rb
    branches/ruby_2_4/test/openssl/test_hmac.rb
    branches/ruby_2_4/test/openssl/test_ns_spki.rb
    branches/ruby_2_4/test/openssl/test_ocsp.rb
    branches/ruby_2_4/test/openssl/test_pair.rb
    branches/ruby_2_4/test/openssl/test_pkcs12.rb
    branches/ruby_2_4/test/openssl/test_pkcs5.rb
    branches/ruby_2_4/test/openssl/test_pkcs7.rb
    branches/ruby_2_4/test/openssl/test_pkey_dh.rb
    branches/ruby_2_4/test/openssl/test_pkey_dsa.rb
    branches/ruby_2_4/test/openssl/test_pkey_ec.rb
    branches/ruby_2_4/test/openssl/test_pkey_rsa.rb
    branches/ruby_2_4/test/openssl/test_random.rb
    branches/ruby_2_4/test/openssl/test_ssl.rb
    branches/ruby_2_4/test/openssl/test_ssl_session.rb
    branches/ruby_2_4/test/openssl/test_x509cert.rb
    branches/ruby_2_4/test/openssl/test_x509crl.rb
    branches/ruby_2_4/test/openssl/test_x509name.rb
    branches/ruby_2_4/test/openssl/test_x509req.rb
    branches/ruby_2_4/test/openssl/test_x509store.rb
    branches/ruby_2_4/test/openssl/ut_eof.rb
    branches/ruby_2_4/test/openssl/utils.rb
    branches/ruby_2_4/version.h
Index: ruby_2_4/test/openssl/test_pkcs5.rb
===================================================================
--- ruby_2_4/test/openssl/test_pkcs5.rb	(revision 62841)
+++ ruby_2_4/test/openssl/test_pkcs5.rb	(revision 62842)
@@ -1,8 +1,9 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkcs5.rb#L1
 # frozen_string_literal: false
 require_relative 'utils'
 
-class OpenSSL::TestPKCS5 < OpenSSL::TestCase
+if defined?(OpenSSL::TestUtils)
 
+class OpenSSL::TestPKCS5 < OpenSSL::TestCase
   def test_pbkdf2_hmac_sha1_rfc6070_c_1_len_20
     p ="password"
     s = "salt"
@@ -94,5 +95,6 @@ class OpenSSL::TestPKCS5 < OpenSSL::Test https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkcs5.rb#L95
     value2 = OpenSSL::PKCS5.pbkdf2_hmac(p, s, c, dk_len, digest)
     assert_equal(value1, value2)
   end if OpenSSL::PKCS5.respond_to?(:pbkdf2_hmac)
+end
 
-end if defined?(OpenSSL::TestUtils)
+end
Index: ruby_2_4/test/openssl/test_pkey_dsa.rb
===================================================================
--- ruby_2_4/test/openssl/test_pkey_dsa.rb	(revision 62841)
+++ ruby_2_4/test/openssl/test_pkey_dsa.rb	(revision 62842)
@@ -1,12 +1,9 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L1
 # frozen_string_literal: false
 require_relative 'utils'
-require 'base64'
 
 if defined?(OpenSSL::TestUtils)
 
 class OpenSSL::TestPKeyDSA < OpenSSL::PKeyTestCase
-  DSA512 = OpenSSL::TestUtils::TEST_KEY_DSA512
-
   def test_private
     key = OpenSSL::PKey::DSA.new(256)
     assert(key.private?)
@@ -37,27 +34,28 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PK https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L34
   end
 
   def test_sign_verify
+    dsa512 = Fixtures.pkey("dsa512")
     data = "Sign me!"
     if defined?(OpenSSL::Digest::DSS1)
-      signature = DSA512.sign(OpenSSL::Digest::DSS1.new, data)
-      assert_equal true, DSA512.verify(OpenSSL::Digest::DSS1.new, signature, data)
+      signature = dsa512.sign(OpenSSL::Digest::DSS1.new, data)
+      assert_equal true, dsa512.verify(OpenSSL::Digest::DSS1.new, signature, data)
     end
 
-    return if OpenSSL::OPENSSL_VERSION_NUMBER <= 0x010000000
-    signature = DSA512.sign("SHA1", data)
-    assert_equal true, DSA512.verify("SHA1", signature, data)
+    return unless openssl?(1, 0, 0)
+    signature = dsa512.sign("SHA1", data)
+    assert_equal true, dsa512.verify("SHA1", signature, data)
 
     signature0 = (<<~'end;').unpack("m")[0]
       MCwCFH5h40plgU5Fh0Z4wvEEpz0eE9SnAhRPbkRB8ggsN/vsSEYMXvJwjGg/
       6g==
     end;
-    assert_equal true, DSA512.verify("SHA256", signature0, data)
+    assert_equal true, dsa512.verify("SHA256", signature0, data)
     signature1 = signature0.succ
-    assert_equal false, DSA512.verify("SHA256", signature1, data)
+    assert_equal false, dsa512.verify("SHA256", signature1, data)
   end
 
   def test_sys_sign_verify
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
+    key = Fixtures.pkey("dsa256")
     data = 'Sign me!'
     digest = OpenSSL::Digest::SHA1.digest(data)
     sig = key.syssign(digest)
@@ -66,17 +64,18 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PK https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L64
 
   def test_DSAPrivateKey
     # OpenSSL DSAPrivateKey format; similar to RSAPrivateKey
+    dsa512 = Fixtures.pkey("dsa512")
     asn1 = OpenSSL::ASN1::Sequence([
       OpenSSL::ASN1::Integer(0),
-      OpenSSL::ASN1::Integer(DSA512.p),
-      OpenSSL::ASN1::Integer(DSA512.q),
-      OpenSSL::ASN1::Integer(DSA512.g),
-      OpenSSL::ASN1::Integer(DSA512.pub_key),
-      OpenSSL::ASN1::Integer(DSA512.priv_key)
+      OpenSSL::ASN1::Integer(dsa512.p),
+      OpenSSL::ASN1::Integer(dsa512.q),
+      OpenSSL::ASN1::Integer(dsa512.g),
+      OpenSSL::ASN1::Integer(dsa512.pub_key),
+      OpenSSL::ASN1::Integer(dsa512.priv_key)
     ])
     key = OpenSSL::PKey::DSA.new(asn1.to_der)
     assert_predicate key, :private?
-    assert_same_dsa DSA512, key
+    assert_same_dsa dsa512, key
 
     pem = <<~EOF
     -----BEGIN DSA PRIVATE KEY-----
@@ -89,14 +88,15 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PK https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L88
     -----END DSA PRIVATE KEY-----
     EOF
     key = OpenSSL::PKey::DSA.new(pem)
-    assert_same_dsa DSA512, key
+    assert_same_dsa dsa512, key
 
-    assert_equal asn1.to_der, DSA512.to_der
-    assert_equal pem, DSA512.export
+    assert_equal asn1.to_der, dsa512.to_der
+    assert_equal pem, dsa512.export
   end
 
   def test_DSAPrivateKey_encrypted
     # key = abcdef
+    dsa512 = Fixtures.pkey("dsa512")
     pem = <<~EOF
     -----BEGIN DSA PRIVATE KEY-----
     Proc-Type: 4,ENCRYPTED
@@ -111,35 +111,36 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PK https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L111
     -----END DSA PRIVATE KEY-----
     EOF
     key = OpenSSL::PKey::DSA.new(pem, "abcdef")
-    assert_same_dsa DSA512, key
+    assert_same_dsa dsa512, key
     key = OpenSSL::PKey::DSA.new(pem) { "abcdef" }
-    assert_same_dsa DSA512, key
+    assert_same_dsa dsa512, key
 
     cipher = OpenSSL::Cipher.new("aes-128-cbc")
-    exported = DSA512.to_pem(cipher, "abcdef\0\1")
-    assert_same_dsa DSA512, OpenSSL::PKey::DSA.new(exported, "abcdef\0\1")
+    exported = dsa512.to_pem(cipher, "abcdef\0\1")
+    assert_same_dsa dsa512, OpenSSL::PKey::DSA.new(exported, "abcdef\0\1")
     assert_raise(OpenSSL::PKey::DSAError) {
       OpenSSL::PKey::DSA.new(exported, "abcdef")
     }
   end
 
   def test_PUBKEY
+    dsa512 = Fixtures.pkey("dsa512")
     asn1 = OpenSSL::ASN1::Sequence([
       OpenSSL::ASN1::Sequence([
         OpenSSL::ASN1::ObjectId("DSA"),
         OpenSSL::ASN1::Sequence([
-          OpenSSL::ASN1::Integer(DSA512.p),
-          OpenSSL::ASN1::Integer(DSA512.q),
-          OpenSSL::ASN1::Integer(DSA512.g)
+          OpenSSL::ASN1::Integer(dsa512.p),
+          OpenSSL::ASN1::Integer(dsa512.q),
+          OpenSSL::ASN1::Integer(dsa512.g)
         ])
       ]),
       OpenSSL::ASN1::BitString(
-        OpenSSL::ASN1::Integer(DSA512.pub_key).to_der
+        OpenSSL::ASN1::Integer(dsa512.pub_key).to_der
       )
     ])
     key = OpenSSL::PKey::DSA.new(asn1.to_der)
     assert_not_predicate key, :private?
-    assert_same_dsa dup_public(DSA512), key
+    assert_same_dsa dup_public(dsa512), key
 
     pem = <<~EOF
     -----BEGIN PUBLIC KEY-----
@@ -152,10 +153,10 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PK https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/test_pkey_dsa.rb#L153
     -----END PUBLIC KEY-----
     EOF
     key = OpenSSL::PKey::DSA.new(pem)
-    assert_same_dsa dup_public(DSA512), key
+    assert_same_dsa dup_public(dsa512), key
 
-    assert_equal asn1.to_der, dup_public(DSA512).to_der
-    assert_equal pem, dup_public(DSA512).export
+    assert_equal asn1.to_der, dup_public(dsa512).to_der
+    assert_equal pem, dup_public(dsa512).export
   end
 
   def test_read_DSAPublicKey_pem
Index: ruby_2_4/test/openssl/utils.rb
===================================================================
--- ruby_2_4/test/openssl/utils.rb	(revision 62841)
+++ ruby_2_4/test/openssl/utils.rb	(revision 62842)
@@ -9,120 +9,52 @@ begin https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/utils.rb#L9
 rescue LoadError
 end
 
+# Compile OpenSSL with crypto-mdebug and run this test suite with OSSL_MDEBUG=1
+# environment variable to enable memory leak check.
+if ENV["OSSL_MDEBUG"] == "1"
+  if OpenSSL.respond_to?(:print_mem_leaks)
+    OpenSSL.mem_check_start
+
+    END {
+      GC.start
+      case OpenSSL.print_mem_leaks
+      when nil
+        warn "mdebug: check what is printed"
+      when true
+        raise "mdebug: memory leaks detected"
+      end
+    }
+  else
+    warn "OSSL_MDEBUG=1 is specified but OpenSSL is not built with crypto-mdebug"
+  end
+end
+
 require "test/unit"
-require 'tempfile'
-require "rbconfig"
+require "tempfile"
 require "socket"
 require "envutil"
 
+if defined?(OpenSSL) && OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10000000
+
 module OpenSSL::TestUtils
-  TEST_KEY_RSA1024 = OpenSSL::PKey::RSA.new <<-_end_of_pem_
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDLwsSw1ECnPtT+PkOgHhcGA71nwC2/nL85VBGnRqDxOqjVh7Cx
-aKPERYHsk4BPCkE3brtThPWc9kjHEQQ7uf9Y1rbCz0layNqHyywQEVLFmp1cpIt/
-Q3geLv8ZD9pihowKJDyMDiN6ArYUmZczvW4976MU3+l54E6lF/JfFEU5hwIDAQAB
-AoGBAKSl/MQarye1yOysqX6P8fDFQt68VvtXkNmlSiKOGuzyho0M+UVSFcs6k1L0
-maDE25AMZUiGzuWHyaU55d7RXDgeskDMakD1v6ZejYtxJkSXbETOTLDwUWTn618T
-gnb17tU1jktUtU67xK/08i/XodlgnQhs6VoHTuCh3Hu77O6RAkEA7+gxqBuZR572
-74/akiW/SuXm0SXPEviyO1MuSRwtI87B02D0qgV8D1UHRm4AhMnJ8MCs1809kMQE
-JiQUCrp9mQJBANlt2ngBO14us6NnhuAseFDTBzCHXwUUu1YKHpMMmxpnGqaldGgX
-sOZB3lgJsT9VlGf3YGYdkLTNVbogQKlKpB8CQQDiSwkb4vyQfDe8/NpU5Not0fII
-8jsDUCb+opWUTMmfbxWRR3FBNu8wnym/m19N4fFj8LqYzHX4KY0oVPu6qvJxAkEA
-wa5snNekFcqONLIE4G5cosrIrb74sqL8GbGb+KuTAprzj5z1K8Bm0UW9lTjVDjDi
-qRYgZfZSL+x1P/54+xTFSwJAY1FxA/N3QPCXCjPh5YqFxAMQs2VVYTfg+t0MEcJD
-dPMQD5JX6g5HKnHFg2mZtoXQrWmJSn7p8GJK8yNTopEErA==
------END RSA PRIVATE KEY-----
-  _end_of_pem_
-
-  TEST_KEY_RSA2048 = OpenSSL::PKey::RSA.new <<-_end_of_pem_
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAuV9ht9J7k4NBs38jOXvvTKY9gW8nLICSno5EETR1cuF7i4pN
-s9I1QJGAFAX0BEO4KbzXmuOvfCpD3CU+Slp1enenfzq/t/e/1IRW0wkJUJUFQign
-4CtrkJL+P07yx18UjyPlBXb81ApEmAB5mrJVSrWmqbjs07JbuS4QQGGXLc+Su96D
-kYKmSNVjBiLxVVSpyZfAY3hD37d60uG+X8xdW5v68JkRFIhdGlb6JL8fllf/A/bl
-NwdJOhVr9mESHhwGjwfSeTDPfd8ZLE027E5lyAVX9KZYcU00mOX+fdxOSnGqS/8J
-DRh0EPHDL15RcJjV2J6vZjPb0rOYGDoMcH+94wIDAQABAoIBAAzsamqfYQAqwXTb
-I0CJtGg6msUgU7HVkOM+9d3hM2L791oGHV6xBAdpXW2H8LgvZHJ8eOeSghR8+dgq
-PIqAffo4x1Oma+FOg3A0fb0evyiACyrOk+EcBdbBeLo/LcvahBtqnDfiUMQTpy6V
-seSoFCwuN91TSCeGIsDpRjbG1vxZgtx+uI+oH5+ytqJOmfCksRDCkMglGkzyfcl0
-Xc5CUhIJ0my53xijEUQl19rtWdMnNnnkdbG8PT3LZlOta5Do86BElzUYka0C6dUc
-VsBDQ0Nup0P6rEQgy7tephHoRlUGTYamsajGJaAo1F3IQVIrRSuagi7+YpSpCqsW
-wORqorkCgYEA7RdX6MDVrbw7LePnhyuaqTiMK+055/R1TqhB1JvvxJ1CXk2rDL6G
-0TLHQ7oGofd5LYiemg4ZVtWdJe43BPZlVgT6lvL/iGo8JnrncB9Da6L7nrq/+Rvj
-XGjf1qODCK+LmreZWEsaLPURIoR/Ewwxb9J2zd0CaMjeTwafJo1CZvcCgYEAyCgb
-aqoWvUecX8VvARfuA593Lsi50t4MEArnOXXcd1RnXoZWhbx5rgO8/ATKfXr0BK/n
-h2GF9PfKzHFm/4V6e82OL7gu/kLy2u9bXN74vOvWFL5NOrOKPM7Kg+9I131kNYOw
-Ivnr/VtHE5s0dY7JChYWE1F3vArrOw3T00a4CXUCgYEA0SqY+dS2LvIzW4cHCe9k
-IQqsT0yYm5TFsUEr4sA3xcPfe4cV8sZb9k/QEGYb1+SWWZ+AHPV3UW5fl8kTbSNb
-v4ng8i8rVVQ0ANbJO9e5CUrepein2MPL0AkOATR8M7t7dGGpvYV0cFk8ZrFx0oId
-U0PgYDotF/iueBWlbsOM430CgYEAqYI95dFyPI5/AiSkY5queeb8+mQH62sdcCCr
-vd/w/CZA/K5sbAo4SoTj8dLk4evU6HtIa0DOP63y071eaxvRpTNqLUOgmLh+D6gS
-Cc7TfLuFrD+WDBatBd5jZ+SoHccVrLR/4L8jeodo5FPW05A+9gnKXEXsTxY4LOUC
-9bS4e1kCgYAqVXZh63JsMwoaxCYmQ66eJojKa47VNrOeIZDZvd2BPVf30glBOT41
-gBoDG3WMPZoQj9pb7uMcrnvs4APj2FIhMU8U15LcPAj59cD6S6rWnAxO8NFK7HQG
-4Jxg3JNNf8ErQoCHb1B3oVdXJkmbJkARoDpBKmTCgKtP8ADYLmVPQw==
------END RSA PRIVATE KEY-----
-  _end_of_pem_
-
-  TEST_KEY_DSA256 = OpenSSL::PKey::DSA.new <<-_end_of_pem_
------BEGIN DSA PRIVATE KEY-----
-MIH3AgEAAkEAhk2libbY2a8y2Pt21+YPYGZeW6wzaW2yfj5oiClXro9XMR7XWLkE
-9B7XxLNFCS2gmCCdMsMW1HulaHtLFQmB2wIVAM43JZrcgpu6ajZ01VkLc93gu/Ed
-AkAOhujZrrKV5CzBKutKLb0GVyVWmdC7InoNSMZEeGU72rT96IjM59YzoqmD0pGM
-3I1o4cGqg1D1DfM1rQlnN1eSAkBq6xXfEDwJ1mLNxF6q8Zm/ugFYWR5xcX/3wFiT
-b4+EjHP/DbNh9Vm5wcfnDBJ1zKvrMEf2xqngYdrV/3CiGJeKAhRvL57QvJZcQGvn
-ISNX5cMzFHRW3Q==
------END DSA PRIVATE KEY-----
-  _end_of_pem_
-
-  TEST_KEY_DSA512 = OpenSSL::PKey::DSA.new <<-_end_of_pem_
------BEGIN DSA PRIVATE KEY-----
-MIH4AgEAAkEA5lB4GvEwjrsMlGDqGsxrbqeFRh6o9OWt6FgTYiEEHaOYhkIxv0Ok
-RZPDNwOG997mDjBnvDJ1i56OmS3MbTnovwIVAJgub/aDrSDB4DZGH7UyarcaGy6D
-AkB9HdFw/3td8K4l1FZHv7TCZeJ3ZLb7dF3TWoGUP003RCqoji3/lHdKoVdTQNuR
-S/m6DlCwhjRjiQ/lBRgCLCcaAkEAjN891JBjzpMj4bWgsACmMggFf57DS0Ti+5++
-Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S
-55jreJD3Se3slps=
------END DSA PRIVATE KEY-----
-  _end_of_pem_
-
-  TEST_KEY_DSA1024 = OpenSSL::PKey::DSA.new <<-_end_of_pem_
------BEGIN DSA PRIVATE KEY-----
-MIIBugIBAAKBgQCH9aAoXvWWThIjkA6D+nI1F9ksF9iDq594rkiGNOT9sPDOdB+n
-D+qeeeeloRlj19ymCSADPI0ZLRgkchkAEnY2RnqnhHOjVf/roGgRbW+iQDMbQ9wa
-/pvc6/fAbsu1goE1hBYjm98/sZEeXavj8tR56IXnjF1b6Nx0+sgeUKFKEQIVAMiz
-4BJUFeTtddyM4uadBM7HKLPRAoGAZdLBSYNGiij7vAjesF5mGUKTIgPd+JKuBEDx
-OaBclsgfdoyoF/TMOkIty+PVlYD+//Vl2xnoUEIRaMXHwHfm0r2xUX++oeRaSScg
-YizJdUxe5jvBuBszGPRc/mGpb9YvP0sB+FL1KmuxYmdODfCe51zl8uM/CVhouJ3w
-DjmRGscCgYAuFlfC7p+e8huCKydfcv/beftqjewiOPpQ3u5uI6KPCtCJPpDhs3+4
-IihH2cPsAlqwGF4tlibW1+/z/OZ1AZinPK3y7b2jSJASEaPeEltVzB92hcd1khk2
-jTYcmSsV4VddplOPK9czytR/GbbibxsrhhgZUbd8LPbvIgaiadJ1PgIUBnJ/5vN2
-CVArsEzlPUCbohPvZnE=
------END DSA PRIVATE KEY-----
-  _end_of_pem_
-
-if defined?(OpenSSL::PKey::EC)
-
-  TEST_KEY_EC_P256V1 = OpenSSL::PKey::EC.new <<-_end_of_pem_
------BEGIN EC PRIVATE KEY-----
-MHcCAQEEIID49FDqcf1O1eO8saTgG70UbXQw9Fqwseliit2aWhH1oAoGCCqGSM49
-AwEHoUQDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7lSZ/ArK41eGy5wAzU/0G51Xtt
-CeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg==
------END EC PRIVATE KEY-----
-  _end_of_pem_
+  module Fixtures
+    module_function
 
-end
+    def pkey(name)
+      OpenSSL::PKey.read(read_file("pkey", name))
+    end
 
-  TEST_KEY_DH1024 = OpenSSL::PKey::DH.new <<-_end_of_pem_
------BEGIN DH PARAMETERS-----
-MIGHAoGBAKnKQ8MNK6nYZzLrrcuTsLxuiJGXoOO5gT+tljOTbHBuiktdMTITzIY0
-pFxIvjG05D7HoBZQfrR0c92NGWPkAiCkhQKB8JCbPVzwNLDy6DZ0pmofDKrEsYHG
-AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
------END DH PARAMETERS-----
-  _end_of_pem_
+    def pkey_dh(name)
+      # DH parameters can be read by OpenSSL::PKey.read atm
+      OpenSSL::PKey::DH.new(read_file("pkey", name))
+    end
 
-  TEST_KEY_DH1024.set_key(OpenSSL::BN.new("556AF1598AE69899867CEBA9F29CE4862B884C2B43C9019EA0231908F6EFA785E3C462A6ECB16DF676866E997FFB72B487DC7967C58C3CA38CE974473BF19B2AA5DCBF102735572EBA6F353F6F0BBE7FF1DE1B07FE1381A355C275C33405004317F9491B5955F191F6615A63B30E55A027FB88A1A4B25608E09EEE68A7DF32D", 16),
-                          OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16))
+    def read_file(category, name)
+      @file_cache ||= {}
+      @file_cache[[category, name]] ||=
+        File.read(File.join(__dir__, "fixtures", category, name + ".pem"))
+    end
+  end
 
   DSA_SIGNATURE_DIGEST = OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000 ?
                          OpenSSL::Digest::SHA1 :
@@ -191,190 +123,188 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOP https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/openssl/utils.rb#L123
     OpenSSL::Digest::SHA1.hexdigest(pkvalue).scan(/../).join(":").upcase
   end
 
-  def silent
-    begin
-      back, $VERBOSE = $VERBOSE, nil
-      yield
-    ensure
-      $VERBOSE = back
-    end
+  def openssl?(major = nil, minor = nil, fix = nil, patch = 0)
+    return false if OpenSSL::OPENSSL_VERSION.include?("LibreSSL")
+    return true unless major
+    OpenSSL::OPENSSL_VERSION_NUMBER >=
+      major * 0x10000000 + minor * 0x100000 + fix * 0x1000 + patch * 0x10
   end
 
-  class OpenSSL::TestCase < Test::Unit::TestCase
-    def setup
-      if ENV["OSSL_GC_STRESS"] == "1"
-        GC.stress = true
-      end
-    end
-
-    def teardown
-      if ENV["OSSL_GC_STRESS"] == "1"
-        GC.stress = false
-      end
-      # OpenSSL error stack must be empty
-      assert_equal([], OpenSSL.errors)
-    end
+  def libressl?(major = nil, minor = nil, fix = nil)
+    version = OpenSSL::OPENSSL_VERSION.scan(/LibreSSL (\d+)\.(\d+)\.(\d+).*/)[0]
+    return false unless version
+    !major || (version.map(&:to_i) <=> [major, minor, fix]) >= 0
   end
+end
 
-  class OpenSSL::SSLTestCase < OpenSSL::TestCase
-    RUBY = EnvUtil.rubybin
-    ITERATIONS = ($0 == __FILE__) ? 100 : 10
-
-    def setup
-      super
-      @ca_key  = OpenSSL::TestUtils::TEST_KEY_RSA2048
-      @svr_key = OpenSSL::TestUtils::TEST_KEY_RSA1024
-      @cli_key = OpenSSL::TestUtils::TEST_KEY_DSA1024
-      @ca  = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
-      @svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
-      @cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
-      ca_exts = [
-        ["basicConstraints","CA:TRUE",true],
-        ["keyUsage","cRLSign,keyCertSign",true],
-      ]
-      ee_exts = [
-        ["keyUsage","keyEncipherment,digitalSignature",true],
-      ]
-      @ca_cert  = issue_cert(@ca, @ca_key, 1, ca_exts, nil, nil)
-      @svr_cert = issue_cert(@svr, @svr_key, 2, ee_exts, @ca_cert, @ca_key)
-      @cli_cert = issue_cert(@cli, @cli_key, 3, ee_exts, @ca_cert, @ca_key)
-      @server = nil
-    end
-
-    def issue_cert(*arg)
-      OpenSSL::TestUtils.issue_cert(*arg)
+class OpenSSL::TestCase < Test::Unit::TestCase
+  include OpenSSL::TestUtils
+  extend OpenSSL::TestUtils
+
+  def setup
+    if ENV["OSSL_GC_STRESS"] == "1"
+      GC.stress = true
     end
+  end
 
-    def issue_crl(*arg)
-      OpenSSL::TestUtils.issue_crl(*arg)
+  def teardown
+    if ENV["OSSL_GC_STRESS"] == "1"
+      GC.stress = false
     end
+    # OpenSSL error stack must be empty
+    assert_equal([], OpenSSL.errors)
+  end
+end
 
-    def readwrite_loop(ctx, ssl)
-      while line = ssl.gets
-        ssl.write(line)
-      end
-    rescue OpenSSL::SSL::SSLError
-    rescue IOError
-    ensure
-      ssl.close rescue nil
-    end
+class OpenSSL::SSLTestCase < OpenSSL::TestCase
+  RUBY = EnvUtil.rubybin
+  ITERATIONS = ($0 == __FILE__) ? 100 : 10
+
+  def setup
+    super
+    @ca_key  = Fixtures.pkey("rsa2048")
+    @svr_key = Fixtures.pkey("rsa1024")
+    @cli_key = Fixtures.pkey("rsa2048")
+    @ca  = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
+    @svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
+    @cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
+    ca_exts = [
+      ["basicConstraints","CA:TRUE",true],
+      ["keyUsage","cRLSign,keyCertSign",true],
+    ]
+    ee_exts = [
+      ["keyUsage","keyEncipherment,digitalSignature",true],
+    ]
+    @ca_cert  = issue_cert(@ca, @ca_key, 1, ca_exts, nil, nil)
+    @svr_cert = issue_cert(@svr, @svr_key, 2, ee_exts, @ca_cert, @ca_key)
+    @cli_cert = issue_cert(@cli, @cli_key, 3, ee_exts, @ca_cert, @ca_key)
+    @server = nil
+  end
 
-    def server_loop(ctx, ssls, stop_pipe_r, ignore_listener_error, server_proc, threads)
-      loop do
-        ssl = nil
-        begin
-          readable, = IO.select([ssls, stop_pipe_r])
-          if readable.include? stop_pipe_r
-            return
-          end
-          ssl = ssls.accept
-        rescue OpenSSL::SSL::SSLError, Errno::ECONNRESET
-          if ignore_listener_error
-            retry
-          else
-            raise
-          end
-        end
+  def tls12_supported?
+    OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_2)
+  end
 
-        th = Thread.start do
-          server_proc.call(ctx, ssl)
-        end
-        threads << th
-      end
-    rescue Errno::EBADF, IOError, Errno::EINVAL, Errno::ECONNABORTED, Errno::ENOTSOCK, Errno::ECONNRESET
-      if !ignore_listener_error
-        raise
-      end
+  def readwrite_loop(ctx, ssl)
+    while line = ssl.gets
+      ssl.write(line)
     end
+  end
 
-    def start_server(verify_mode: OpenSSL::SSL::VERIFY_NONE, start_immediately: true,
-                     ctx_proc: nil, server_proc: method(:readwrite_loop),
-                     ignore_listener_error: false, &block)
-      IO.pipe {|stop_pipe_r, stop_pipe_w|
-        store = OpenSSL::X509::Store.new
-        store.add_cert(@ca_cert)
-        store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
-        ctx = OpenSSL::SSL::SSLContext.new
-        ctx.cert_store = store
-        ctx.cert = @svr_cert
-        ctx.key = @svr_key
-        ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
-        begin
-   (... truncated)

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]