|
1 Fixes for test errors when SSLv3 is disabled on Solaris, |
|
2 based on this patch from upstream: |
|
3 https://bugs.ruby-lang.org/attachments/download/5384/0004-Don-t-force-SSLv3-in-test-as-it-is-insecure-and-may-.patch |
|
4 for this issue |
|
5 https://bugs.ruby-lang.org/issues/11366 |
|
6 |
|
7 which also requires this patch |
|
8 https://bugs.ruby-lang.org/attachments/download/5385/0005-Use-OP_NO_TICKET-when-testing-SSL-session-cache-call.patch |
|
9 for this issue |
|
10 https://bugs.ruby-lang.org/issues/11367 |
|
11 |
|
12 --- ruby-2.1.6-orig/test/openssl/test_ssl_session.rb 2012-09-03 15:54:12.000000000 -0700 |
|
13 +++ ruby-2.1.6/test/openssl/test_ssl_session.rb 2015-07-30 16:51:17.000000000 -0700 |
|
14 @@ -273,7 +273,7 @@ __EOS__ |
|
15 |
|
16 def test_ctx_client_session_cb |
|
17 called = {} |
|
18 - ctx = OpenSSL::SSL::SSLContext.new("SSLv3") |
|
19 + ctx = OpenSSL::SSL::SSLContext.new |
|
20 ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT |
|
21 |
|
22 ctx.session_new_cb = lambda { |ary| |
|
23 @@ -307,6 +307,7 @@ __EOS__ |
|
24 |
|
25 ctx_proc = Proc.new { |ctx, ssl| |
|
26 ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_SERVER |
|
27 + ctx.options = OpenSSL::SSL::OP_NO_TICKET |
|
28 last_server_session = nil |
|
29 |
|
30 # get_cb is called whenever a client proposed to resume a session but |
|
31 @@ -345,7 +346,7 @@ __EOS__ |
|
32 last_client_session = nil |
|
33 3.times do |
|
34 sock = TCPSocket.new("127.0.0.1", port) |
|
35 - ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new("SSLv3")) |
|
36 + ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new) |
|
37 ssl.sync_close = true |
|
38 ssl.session = last_client_session if last_client_session |
|
39 ssl.connect |