21466647 Ruby tests should be patched to fix test failures when using upgraded OpenSSL
Fixes for test errors when SSLv3 is disabled on Solaris,
based on this patch from upstream:
https://bugs.ruby-lang.org/attachments/download/5384/0004-Don-t-force-SSLv3-in-test-as-it-is-insecure-and-may-.patch
for this issue
https://bugs.ruby-lang.org/issues/11366
which also requires this patch
https://bugs.ruby-lang.org/attachments/download/5385/0005-Use-OP_NO_TICKET-when-testing-SSL-session-cache-call.patch
for this issue
https://bugs.ruby-lang.org/issues/11367
--- ruby-1.9.3-p551-orig/test/openssl/test_ssl_session.rb 2011-09-22 21:56:55.000000000 -0700
+++ ruby-1.9.3-p551/test/openssl/test_ssl_session.rb 2015-07-31 09:28:32.210329967 -0700
@@ -236,7 +236,7 @@ __EOS__
def test_ctx_client_session_cb
called = {}
- ctx = OpenSSL::SSL::SSLContext.new("SSLv3")
+ ctx = OpenSSL::SSL::SSLContext.new
ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT
ctx.session_new_cb = lambda { |ary|
@@ -270,6 +270,7 @@ __EOS__
ctx_proc = Proc.new { |ctx, ssl|
ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_SERVER
+ ctx.options = OpenSSL::SSL::OP_NO_TICKET
last_server_session = nil
# get_cb is called whenever a client proposed to resume a session but
@@ -308,7 +309,7 @@ __EOS__
last_client_session = nil
3.times do
sock = TCPSocket.new("127.0.0.1", port)
- ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new("SSLv3"))
+ ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new)
ssl.sync_close = true
ssl.session = last_client_session if last_client_session
ssl.connect