ruby-changes:68501
From: Kazuki <ko1@a...>
Date: Sat, 16 Oct 2021 19:53:27 +0900 (JST)
Subject: [ruby-changes:68501] e36906f9ab (master): [ruby/openssl] test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL
https://git.ruby-lang.org/ruby.git/commit/?id=e36906f9ab From e36906f9abcc8f5f9cd4b5a52dae2ddd0aef8e9d Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Tue, 28 Sep 2021 17:49:04 +0900 Subject: [ruby/openssl] test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL LibreSSL 2.2.x has a bug in the Finished message handling with TLS 1.3. This is fixed by LibreSSL 3.3.2. https://github.com/ruby/openssl/commit/0bea59d245 --- test/openssl/test_ssl.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 0337205c45..2a52f2724b 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -526,6 +526,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase https://github.com/ruby/ruby/blob/trunk/test/openssl/test_ssl.rb#L526 }) { |port| ctx = OpenSSL::SSL::SSLContext.new ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE + ctx.max_version = :TLS1_2 if libressl?(3, 2, 0) && !libressl?(3, 3, 0) server_connect(port, ctx) { |ssl| ssl.puts "abc"; ssl.gets -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/