1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support

Browse Source 
specifically setting the tmp_dh_callback to nil.

* ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto

* test/openssl/test_pair.rb (module OpenSSL): add a test

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51381 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
tenderlove 2015-07-25 23:16:49 +00:00
parent d9fcc9ba5e
commit 486e6e02c2
4 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
Sun Jul 26 08:14:59 2015 Aaron Patterson <tenderlove@ruby-lang.org>
* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support
specifically setting the tmp_dh_callback to nil.
* ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto
* test/openssl/test_pair.rb (module OpenSSL): add a test
Sun Jul 26 07:47:14 2015 Aaron Patterson <tenderlove@ruby-lang.org> Sun Jul 26 07:47:14 2015 Aaron Patterson <tenderlove@ruby-lang.org>
* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): move the default * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): move the default

4
ext/openssl/lib/openssl/ssl.rb
View File

@ -128,6 +128,10 @@ module OpenSSL
end end
return params return params
end end
def tmp_dh_callback=(value)
@tmp_dh_callback = value || DEFAULT_TMP_DH_CALLBACK
end
end end
module SocketForwarder module SocketForwarder

2
ext/openssl/ossl_ssl.c
View File

@ -2122,7 +2122,7 @@ Init_ossl_ssl(void)
* The callback must return an OpenSSL::PKey::DH instance of the correct * The callback must return an OpenSSL::PKey::DH instance of the correct
* key length. * key length.
*/ */
rb_attr(cSSLContext, rb_intern("tmp_dh_callback"), 1, 1, Qfalse); rb_attr(cSSLContext, rb_intern("tmp_dh_callback"), 1, 0, Qfalse);
/* /*
* Sets the context in which a session can be reused. This allows * Sets the context in which a session can be reused. This allows

25
test/openssl/test_pair.rb
View File

@ -283,6 +283,31 @@ module OpenSSL::TestPairM
serv.close if serv && !serv.closed? serv.close if serv && !serv.closed?
end end
def test_connect_works_when_setting_dh_callback_to_nil
ctx2 = OpenSSL::SSL::SSLContext.new
ctx2.ciphers = "DH"
ctx2.tmp_dh_callback = nil
sock1, sock2 = tcp_pair
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
accepted = s2.accept_nonblock(exception: false)
ctx1 = OpenSSL::SSL::SSLContext.new
ctx1.ciphers = "DH"
ctx1.tmp_dh_callback = nil
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
t = Thread.new { s1.connect }
accept = s2.accept
assert_equal s1, t.value
assert accept
ensure
s1.close if s1
s2.close if s2
sock1.close if sock1
sock2.close if sock2
accepted.close if accepted.respond_to?(:close)
end
def test_connect_without_setting_dh_callback def test_connect_without_setting_dh_callback
ctx2 = OpenSSL::SSL::SSLContext.new ctx2 = OpenSSL::SSL::SSLContext.new
ctx2.ciphers = "DH" ctx2.ciphers = "DH"