diff options
| author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-02-14 04:14:39 +0000 |
|---|---|---|
| committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-02-14 04:14:39 +0000 |
| commit | 05529af1aceb492ab9e5b676e40e275ab48a7f2f (patch) | |
| tree | 0a799bcccecc95f8af5c90d876e340fbc2557ac2 /test | |
| parent | 87dacc14c28047ce11e8c5863efb92f2bc52ca91 (diff) | |
| download | ruby-05529af1aceb492ab9e5b676e40e275ab48a7f2f.tar.gz ruby-05529af1aceb492ab9e5b676e40e275ab48a7f2f.tar.xz ruby-05529af1aceb492ab9e5b676e40e275ab48a7f2f.zip | |
* ext/openssl/lib/openssl/ssl.rb
(OpenSSL::SSL::SSLSocket#post_connection_check): new method.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@7970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
| -rw-r--r-- | test/openssl/test_ssl.rb | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index c7bf15d82..8f440076e 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -198,6 +198,55 @@ class OpenSSL::TestSSL < Test::Unit::TestCase ssls.each{|ssl| ssl.close } } end + + def test_post_connection_check + sslerr = OpenSSL::SSL::SSLError + + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p| + sock = TCPSocket.new("127.0.0.1", p) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.connect + assert_raises(sslerr){ssl.post_connection_check("localhost.localdomain")} + assert_raises(sslerr){ssl.post_connection_check("127.0.0.1")} + assert(ssl.post_connection_check("localhost")) + assert_raises(sslerr){ssl.post_connection_check("foo.example.com")} + } + + now = Time.now + exts = [ + ["keyUsage","keyEncipherment,digitalSignature",true], + ["subjectAltName","DNS:localhost.localdomain",false], + ["subjectAltName","IP:127.0.0.1",false], + ] + @svr_cert = issue_cert(@svr, @svr_key, 4, now, now+1800, exts, + @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new) + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p| + sock = TCPSocket.new("127.0.0.1", p) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.connect + assert(ssl.post_connection_check("localhost.localdomain")) + assert(ssl.post_connection_check("127.0.0.1")) + assert_raises(sslerr){ssl.post_connection_check("localhost")} + assert_raises(sslerr){ssl.post_connection_check("foo.example.com")} + } + + now = Time.now + exts = [ + ["keyUsage","keyEncipherment,digitalSignature",true], + ["subjectAltName","DNS:*.localdomain",false], + ] + @svr_cert = issue_cert(@svr, @svr_key, 5, now, now+1800, exts, + @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new) + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true){|s, p| + sock = TCPSocket.new("127.0.0.1", p) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.connect + assert(ssl.post_connection_check("localhost.localdomain")) + assert_raises(sslerr){ssl.post_connection_check("127.0.0.1")} + assert_raises(sslerr){ssl.post_connection_check("localhost")} + assert_raises(sslerr){ssl.post_connection_check("foo.example.com")} + } + end end end |