diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2022-10-08 01:54:35 +0900 |
---|---|---|
committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2022-10-12 10:36:51 +0900 |
commit | 4e29ca0c4093133838eda852879b23ed4fad56b5 (patch) | |
tree | ab7aa278579daf757a6c20da5f00de87ebfe9857 /test/open-uri | |
parent | ced1d172804b6dfe39aa31a323ffab80a25223b9 (diff) | |
download | ruby-4e29ca0c4093133838eda852879b23ed4fad56b5.tar.gz |
Add :ssl_min_version and :ssl_max_version options
Replace :ssl_version option with these two new options. These provide
access to OpenSSL::SSL::SSLContext#{min,max}_version=, which is the
recommended way to specify SSL/TLS protocol versions.
Diffstat (limited to 'test/open-uri')
-rw-r--r-- | test/open-uri/test_ssl.rb | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/test/open-uri/test_ssl.rb b/test/open-uri/test_ssl.rb index 2d6149e654..3f94cab40f 100644 --- a/test/open-uri/test_ssl.rb +++ b/test/open-uri/test_ssl.rb @@ -92,38 +92,37 @@ class TestOpenURISSL } end - def test_validation_ssl_version - with_https {|srv, dr, url| - setup_validation(srv, dr) - URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_version => :TLSv1_2) {|f| - assert_equal("200", f.status[0]) - assert_equal("ddd", f.read) + def test_validation_failure + unless /mswin|mingw/ =~ RUBY_PLATFORM + # on Windows, Errno::ECONNRESET will be raised, and it'll be eaten by + # WEBrick + log_tester = lambda {|server_log| + assert_equal(1, server_log.length) + assert_match(/ERROR OpenSSL::SSL::SSLError:/, server_log[0]) } + end + with_https(log_tester) {|srv, dr, url, server_thread, server_log| + setup_validation(srv, dr) + assert_raise(OpenSSL::SSL::SSLError) { URI.open("#{url}/data") {} } } end - def test_validate_bad_ssl_version_silently + def test_ssl_min_version with_https {|srv, dr, url| setup_validation(srv, dr) - URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_version => :TLS_no_such_version) {|f| + URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_min_version => :TLS1_2) {|f| assert_equal("200", f.status[0]) assert_equal("ddd", f.read) } } end - def test_validation_failure - unless /mswin|mingw/ =~ RUBY_PLATFORM - # on Windows, Errno::ECONNRESET will be raised, and it'll be eaten by - # WEBrick - log_tester = lambda {|server_log| - assert_equal(1, server_log.length) - assert_match(/ERROR OpenSSL::SSL::SSLError:/, server_log[0]) - } - end - with_https(log_tester) {|srv, dr, url, server_thread, server_log| + def test_bad_ssl_version + with_https(nil) {|srv, dr, url| setup_validation(srv, dr) - assert_raise(OpenSSL::SSL::SSLError) { URI.open("#{url}/data") {} } + assert_raise(ArgumentError) { + URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_min_version => :TLS_no_such_version) {} + } } end |