diff options
Diffstat (limited to 'testing/ruby-eventmachine/0001-OpenSSL-1.1.0-test-updates.patch')
-rw-r--r-- | testing/ruby-eventmachine/0001-OpenSSL-1.1.0-test-updates.patch | 254 |
1 files changed, 0 insertions, 254 deletions
diff --git a/testing/ruby-eventmachine/0001-OpenSSL-1.1.0-test-updates.patch b/testing/ruby-eventmachine/0001-OpenSSL-1.1.0-test-updates.patch deleted file mode 100644 index 52089c4aaae..00000000000 --- a/testing/ruby-eventmachine/0001-OpenSSL-1.1.0-test-updates.patch +++ /dev/null @@ -1,254 +0,0 @@ -From 506a0c6d2f039c78c0f7d96a31b11b73aa36dccd Mon Sep 17 00:00:00 2001 -From: MSP-Greg <MSP-Greg@users.noreply.github.com> -Date: Sat, 8 Jul 2017 14:28:50 -0500 -Subject: [PATCH] OpenSSL 1.1.0 test updates - ---- - tests/test_ssl_protocols.rb | 127 ++++++++++++++++++++++++++++++++---- - 1 file changed, 114 insertions(+), 13 deletions(-) - -Patch-Source: https://src.fedoraproject.org/rpms/rubygem-eventmachine/blob/f34/f/rubygem-eventmachine-1.2.7-Bump-TLS-version.patch -Upstream-Issue: https://github.com/eventmachine/eventmachine/pull/868 - -diff --git a/tests/test_ssl_protocols.rb b/tests/test_ssl_protocols.rb -index bcb68246..e7b16370 100644 ---- a/tests/test_ssl_protocols.rb -+++ b/tests/test_ssl_protocols.rb -@@ -6,6 +6,20 @@ - if EM.ssl? - class TestSslProtocols < Test::Unit::TestCase - -+ # equal to base METHODS, downcased, like ["tlsv1, "tlsv1_1", "tlsv1_2"] -+ if RUBY_VERSION == "1.8.7" -+ SSL_AVAIL = ["sslv3", "tlsv1"] -+ else -+ SSL_AVAIL = ::OpenSSL::SSL::SSLContext::METHODS.select { |i| i =~ /[^\d]\d\z/ }.map { |i| i.to_s.downcase } -+ end -+ -+ libr_vers = OpenSSL.const_defined?(:OPENSSL_LIBRARY_VERSION) ? -+ OpenSSL::OPENSSL_VERSION : 'na' -+ -+ puts "OPENSSL_LIBRARY_VERSION: #{libr_vers}\n" \ -+ " OPENSSL_VERSION: #{OpenSSL::OPENSSL_VERSION}\n" \ -+ " SSL_AVAIL: #{SSL_AVAIL.join(' ')}" -+ - module Client - def ssl_handshake_completed - $client_handshake_completed = true -@@ -26,7 +40,7 @@ def ssl_handshake_completed - module ClientAny - include Client - def post_init -- start_tls(:ssl_version => %w(sslv2 sslv3 tlsv1 tlsv1_1 tlsv1_2)) -+ start_tls(:ssl_version => SSL_AVAIL) - end - end - -@@ -51,6 +65,20 @@ def post_init - end - end - -+ module ClientTLSv1_2 -+ include Client -+ def post_init -+ start_tls(:ssl_version => %w(TLSv1_2)) -+ end -+ end -+ -+ module ServerTLSv1_2 -+ include Server -+ def post_init -+ start_tls(:ssl_version => %w(TLSv1_2)) -+ end -+ end -+ - module ServerTLSv1CaseInsensitive - include Server - def post_init -@@ -61,7 +89,7 @@ def post_init - module ServerAny - include Server - def post_init -- start_tls(:ssl_version => %w(sslv2 sslv3 tlsv1 tlsv1_1 tlsv1_2)) -+ start_tls(:ssl_version => SSL_AVAIL) - end - end - -@@ -89,6 +117,7 @@ def test_invalid_ssl_version - end - - def test_any_to_v3 -+ omit("SSLv3 is (correctly) unavailable") unless SSL_AVAIL.include? "sslv3" - $client_handshake_completed, $server_handshake_completed = false, false - EM.run do - EM.start_server("127.0.0.1", 16784, ServerSSLv3) -@@ -99,6 +128,18 @@ def test_any_to_v3 - assert($server_handshake_completed) - end - -+ def test_any_to_tlsv1_2 -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" -+ $client_handshake_completed, $server_handshake_completed = false, false -+ EM.run do -+ EM.start_server("127.0.0.1", 16784, ServerTLSv1_2) -+ EM.connect("127.0.0.1", 16784, ClientAny) -+ end -+ -+ assert($client_handshake_completed) -+ assert($server_handshake_completed) -+ end -+ - def test_case_insensitivity - $client_handshake_completed, $server_handshake_completed = false, false - EM.run do -@@ -111,6 +152,7 @@ def test_case_insensitivity - end - - def test_v3_to_any -+ omit("SSLv3 is (correctly) unavailable") unless SSL_AVAIL.include? "sslv3" - $client_handshake_completed, $server_handshake_completed = false, false - EM.run do - EM.start_server("127.0.0.1", 16784, ServerAny) -@@ -121,7 +163,20 @@ def test_v3_to_any - assert($server_handshake_completed) - end - -+ def test_tlsv1_2_to_any -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" -+ $client_handshake_completed, $server_handshake_completed = false, false -+ EM.run do -+ EM.start_server("127.0.0.1", 16784, ServerAny) -+ EM.connect("127.0.0.1", 16784, ClientTLSv1_2) -+ end -+ -+ assert($client_handshake_completed) -+ assert($server_handshake_completed) -+ end -+ - def test_v3_to_v3 -+ omit("SSLv3 is (correctly) unavailable") unless SSL_AVAIL.include? "sslv3" - $client_handshake_completed, $server_handshake_completed = false, false - EM.run do - EM.start_server("127.0.0.1", 16784, ServerSSLv3) -@@ -132,6 +187,18 @@ def test_v3_to_v3 - assert($server_handshake_completed) - end - -+ def test_tlsv1_2_to_tlsv1_2 -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" -+ $client_handshake_completed, $server_handshake_completed = false, false -+ EM.run do -+ EM.start_server("127.0.0.1", 16784, ServerTLSv1_2) -+ EM.connect("127.0.0.1", 16784, ClientTLSv1_2) -+ end -+ -+ assert($client_handshake_completed) -+ assert($server_handshake_completed) -+ end -+ - def test_any_to_any - $client_handshake_completed, $server_handshake_completed = false, false - EM.run do -@@ -165,9 +232,20 @@ def ssl_handshake_completed - end - end - -- module ServerTLSv1StopAfterHandshake -+ module ServerTLSv1_2StopAfterHandshake - def post_init -- start_tls(:ssl_version => %w(TLSv1)) -+ start_tls(:ssl_version => %w(TLSv1_2)) -+ end -+ -+ def ssl_handshake_completed -+ $server_handshake_completed = true -+ EM.stop_event_loop -+ end -+ end -+ -+ module ServerAnyStopAfterHandshake -+ def post_init -+ start_tls(:ssl_version => SSL_AVAIL) - end - - def ssl_handshake_completed -@@ -177,6 +255,7 @@ def ssl_handshake_completed - end - - def test_v3_with_external_client -+ omit("SSLv3 is (correctly) unavailable") unless SSL_AVAIL.include? "sslv3" - $server_handshake_completed = false - EM.run do - setup_timeout(2) -@@ -195,15 +274,17 @@ def test_v3_with_external_client - assert($server_handshake_completed) - end - -- def test_tlsv1_with_external_client -+ # Fixed Server -+ def test_tlsv1_2_with_external_client -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" - $server_handshake_completed = false - EM.run do - setup_timeout(2) -- EM.start_server("127.0.0.1", 16784, ServerTLSv1StopAfterHandshake) -+ EM.start_server("127.0.0.1", 16784, ServerTLSv1_2StopAfterHandshake) - EM.defer do - sock = TCPSocket.new("127.0.0.1", 16784) - ctx = OpenSSL::SSL::SSLContext.new -- ctx.ssl_version = :TLSv1_client -+ ctx.ssl_version = :SSLv23_client - ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) - ssl.connect - ssl.close rescue nil -@@ -214,24 +295,44 @@ def test_tlsv1_with_external_client - assert($server_handshake_completed) - end - -- def test_tlsv1_required_with_external_client -+ # Fixed Client -+ def test_any_with_external_client_tlsv1_2 -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" - $server_handshake_completed = false -+ EM.run do -+ setup_timeout(2) -+ EM.start_server("127.0.0.1", 16784, ServerAnyStopAfterHandshake) -+ EM.defer do -+ sock = TCPSocket.new("127.0.0.1", 16784) -+ ctx = OpenSSL::SSL::SSLContext.new -+ ctx.ssl_version = :TLSv1_2_client -+ ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) -+ ssl.connect -+ ssl.close rescue nil -+ sock.close rescue nil -+ end -+ end -+ -+ assert($server_handshake_completed) -+ end - -+ # Refuse a client? -+ def test_tlsv1_2_required_with_external_client -+ omit("TLSv1_2 is unavailable") unless SSL_AVAIL.include? "tlsv1_2" -+ $server_handshake_completed = false - EM.run do - n = 0 - EM.add_periodic_timer(0.5) do - n += 1 - (EM.stop rescue nil) if n == 2 - end -- EM.start_server("127.0.0.1", 16784, ServerTLSv1StopAfterHandshake) -+ EM.start_server("127.0.0.1", 16784, ServerTLSv1_2StopAfterHandshake) - EM.defer do - sock = TCPSocket.new("127.0.0.1", 16784) - ctx = OpenSSL::SSL::SSLContext.new -- ctx.ssl_version = :SSLv3_client -+ ctx.ssl_version = :TLSv1_client - ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx) -- assert_raise OpenSSL::SSL::SSLError do -- ssl.connect -- end -+ assert_raise(OpenSSL::SSL::SSLError) { ssl.connect } - ssl.close rescue nil - sock.close rescue nil - EM.stop rescue nil |