2015-12-16 08:07:31 +03:00
|
|
|
# frozen_string_literal: false
|
2010-12-11 04:25:25 +03:00
|
|
|
require_relative 'utils'
|
2005-03-06 00:36:11 +03:00
|
|
|
|
2014-12-13 06:05:43 +03:00
|
|
|
if defined?(OpenSSL::TestUtils)
|
2005-03-06 00:36:11 +03:00
|
|
|
|
|
|
|
|
require 'socket'
|
2009-09-12 21:00:51 +04:00
|
|
|
require_relative '../ruby/ut_eof'
|
2005-03-06 00:36:11 +03:00
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
module OpenSSL::SSLPairM
|
2005-03-06 00:36:11 +03:00
|
|
|
def server
|
|
|
|
|
host = "127.0.0.1"
|
|
|
|
|
port = 0
|
|
|
|
|
ctx = OpenSSL::SSL::SSLContext.new()
|
2005-03-09 13:45:42 +03:00
|
|
|
ctx.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx.security_level = 0
|
2012-08-29 00:03:32 +04:00
|
|
|
ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
|
2014-05-08 03:21:10 +04:00
|
|
|
tcps = create_tcp_server(host, port)
|
2005-03-06 00:36:11 +03:00
|
|
|
ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
|
|
|
|
|
return ssls
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def client(port)
|
|
|
|
|
host = "127.0.0.1"
|
|
|
|
|
ctx = OpenSSL::SSL::SSLContext.new()
|
2005-03-09 13:45:42 +03:00
|
|
|
ctx.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx.security_level = 0
|
2014-05-08 03:21:10 +04:00
|
|
|
s = create_tcp_client(host, port)
|
2005-03-06 00:36:11 +03:00
|
|
|
ssl = OpenSSL::SSL::SSLSocket.new(s, ctx)
|
|
|
|
|
ssl.connect
|
|
|
|
|
ssl.sync_close = true
|
|
|
|
|
ssl
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def ssl_pair
|
|
|
|
|
ssls = server
|
|
|
|
|
th = Thread.new {
|
|
|
|
|
ns = ssls.accept
|
|
|
|
|
ssls.close
|
|
|
|
|
ns
|
|
|
|
|
}
|
2014-05-08 03:21:10 +04:00
|
|
|
port = ssls.to_io.local_address.ip_port
|
2005-03-06 00:36:11 +03:00
|
|
|
c = client(port)
|
|
|
|
|
s = th.value
|
|
|
|
|
if block_given?
|
|
|
|
|
begin
|
|
|
|
|
yield c, s
|
|
|
|
|
ensure
|
|
|
|
|
c.close unless c.closed?
|
|
|
|
|
s.close unless s.closed?
|
|
|
|
|
end
|
|
|
|
|
else
|
|
|
|
|
return c, s
|
|
|
|
|
end
|
2007-12-15 18:00:52 +03:00
|
|
|
ensure
|
2015-12-14 11:04:28 +03:00
|
|
|
if th&.alive?
|
2007-12-15 18:00:52 +03:00
|
|
|
th.kill
|
2009-03-06 06:56:38 +03:00
|
|
|
th.join
|
2007-12-15 18:00:52 +03:00
|
|
|
end
|
2005-03-06 00:36:11 +03:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
module OpenSSL::SSLPair
|
|
|
|
|
include OpenSSL::SSLPairM
|
2014-05-07 16:48:27 +04:00
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
def create_tcp_server(host, port)
|
|
|
|
|
TCPServer.new(host, port)
|
2014-05-07 16:48:27 +04:00
|
|
|
end
|
|
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
def create_tcp_client(host, port)
|
|
|
|
|
TCPSocket.new(host, port)
|
2014-05-07 16:48:27 +04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
module OpenSSL::SSLPairLowlevelSocket
|
|
|
|
|
include OpenSSL::SSLPairM
|
|
|
|
|
|
|
|
|
|
def create_tcp_server(host, port)
|
|
|
|
|
Addrinfo.tcp(host, port).listen
|
|
|
|
|
end
|
2005-03-06 00:36:11 +03:00
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
def create_tcp_client(host, port)
|
|
|
|
|
Addrinfo.tcp(host, port).connect
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
module OpenSSL::TestEOF1M
|
2005-03-06 00:36:11 +03:00
|
|
|
def open_file(content)
|
|
|
|
|
s1, s2 = ssl_pair
|
2014-05-25 09:22:49 +04:00
|
|
|
th = Thread.new { s2 << content; s2.close }
|
2005-03-06 00:36:11 +03:00
|
|
|
yield s1
|
2014-05-25 09:22:49 +04:00
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
th.join if th
|
2014-05-28 19:06:39 +04:00
|
|
|
s1.close
|
2005-03-06 00:36:11 +03:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
module OpenSSL::TestEOF2M
|
2005-03-06 00:36:11 +03:00
|
|
|
def open_file(content)
|
|
|
|
|
s1, s2 = ssl_pair
|
2014-05-25 09:22:49 +04:00
|
|
|
th = Thread.new { s1 << content; s1.close }
|
2005-03-06 00:36:11 +03:00
|
|
|
yield s2
|
2014-05-25 09:22:49 +04:00
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
th.join if th
|
2014-05-28 19:06:39 +04:00
|
|
|
s2.close
|
2005-03-06 00:36:11 +03:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-08 03:21:10 +04:00
|
|
|
module OpenSSL::TestPairM
|
2005-03-06 00:36:11 +03:00
|
|
|
def test_getc
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s1 << "a"
|
|
|
|
|
assert_equal(?a, s2.getc)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2015-08-02 01:08:17 +03:00
|
|
|
def test_gets_eof_limit
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s1.write("hello")
|
|
|
|
|
s1.close # trigger EOF
|
|
|
|
|
assert_match "hello", s2.gets("\n", 6), "[ruby-core:70149] [Bug #11140]"
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2005-03-06 00:36:11 +03:00
|
|
|
def test_readpartial
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s2.write "a\nbcd"
|
|
|
|
|
assert_equal("a\n", s1.gets)
|
2014-05-27 14:03:09 +04:00
|
|
|
result = ""
|
|
|
|
|
result << s1.readpartial(10) until result.length == 3
|
|
|
|
|
assert_equal("bcd", result)
|
2005-03-06 00:36:11 +03:00
|
|
|
s2.write "efg"
|
2014-05-27 14:03:09 +04:00
|
|
|
result = ""
|
|
|
|
|
result << s1.readpartial(10) until result.length == 3
|
|
|
|
|
assert_equal("efg", result)
|
2005-03-06 00:36:11 +03:00
|
|
|
s2.close
|
|
|
|
|
assert_raise(EOFError) { s1.readpartial(10) }
|
|
|
|
|
assert_raise(EOFError) { s1.readpartial(10) }
|
|
|
|
|
assert_equal("", s1.readpartial(0))
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def test_readall
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s2.close
|
|
|
|
|
assert_equal("", s1.read)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def test_readline
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s2.close
|
|
|
|
|
assert_raise(EOFError) { s1.readline }
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def test_puts_meta
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
begin
|
|
|
|
|
old = $/
|
|
|
|
|
$/ = '*'
|
|
|
|
|
s1.puts 'a'
|
|
|
|
|
ensure
|
|
|
|
|
$/ = old
|
|
|
|
|
end
|
|
|
|
|
s1.close
|
|
|
|
|
assert_equal("a\n", s2.read)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def test_puts_empty
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s1.puts
|
|
|
|
|
s1.close
|
|
|
|
|
assert_equal("\n", s2.read)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2008-12-28 19:09:59 +03:00
|
|
|
def test_read_nonblock
|
|
|
|
|
ssl_pair {|s1, s2|
|
2008-12-31 11:18:12 +03:00
|
|
|
err = nil
|
2013-04-08 23:58:55 +04:00
|
|
|
assert_raise(OpenSSL::SSL::SSLErrorWaitReadable) {
|
2008-12-31 11:18:12 +03:00
|
|
|
begin
|
|
|
|
|
s2.read_nonblock(10)
|
|
|
|
|
ensure
|
|
|
|
|
err = $!
|
|
|
|
|
end
|
|
|
|
|
}
|
2009-03-19 14:40:38 +03:00
|
|
|
assert_kind_of(IO::WaitReadable, err)
|
2008-12-28 19:09:59 +03:00
|
|
|
s1.write "abc\ndef\n"
|
2009-02-08 05:01:22 +03:00
|
|
|
IO.select([s2])
|
2008-12-28 19:09:59 +03:00
|
|
|
assert_equal("ab", s2.read_nonblock(2))
|
|
|
|
|
assert_equal("c\n", s2.gets)
|
|
|
|
|
ret = nil
|
|
|
|
|
assert_nothing_raised("[ruby-core:20298]") { ret = s2.read_nonblock(10) }
|
|
|
|
|
assert_equal("def\n", ret)
|
2013-08-27 02:41:44 +04:00
|
|
|
s1.close
|
2013-09-04 22:46:16 +04:00
|
|
|
sleep 0.1
|
2013-08-27 02:41:44 +04:00
|
|
|
assert_raise(EOFError) { s2.read_nonblock(10) }
|
2008-12-28 19:09:59 +03:00
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-27 02:41:44 +04:00
|
|
|
def test_read_nonblock_no_exception
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
assert_equal :wait_readable, s2.read_nonblock(10, exception: false)
|
|
|
|
|
s1.write "abc\ndef\n"
|
|
|
|
|
IO.select([s2])
|
|
|
|
|
assert_equal("ab", s2.read_nonblock(2, exception: false))
|
|
|
|
|
assert_equal("c\n", s2.gets)
|
|
|
|
|
ret = nil
|
|
|
|
|
assert_nothing_raised("[ruby-core:20298]") { ret = s2.read_nonblock(10, exception: false) }
|
|
|
|
|
assert_equal("def\n", ret)
|
|
|
|
|
s1.close
|
2013-09-04 22:46:16 +04:00
|
|
|
sleep 0.1
|
2013-08-27 02:41:44 +04:00
|
|
|
assert_equal(nil, s2.read_nonblock(10, exception: false))
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def write_nonblock(socket, meth, str)
|
|
|
|
|
ret = socket.send(meth, str)
|
|
|
|
|
ret.is_a?(Symbol) ? 0 : ret
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def write_nonblock_no_ex(socket, str)
|
|
|
|
|
ret = socket.write_nonblock str, exception: false
|
|
|
|
|
ret.is_a?(Symbol) ? 0 : ret
|
|
|
|
|
end
|
|
|
|
|
|
2009-03-20 20:39:44 +03:00
|
|
|
def test_write_nonblock
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
n = 0
|
|
|
|
|
begin
|
2013-08-27 02:41:44 +04:00
|
|
|
n += write_nonblock s1, :write_nonblock, "a" * 100000
|
|
|
|
|
n += write_nonblock s1, :write_nonblock, "b" * 100000
|
|
|
|
|
n += write_nonblock s1, :write_nonblock, "c" * 100000
|
|
|
|
|
n += write_nonblock s1, :write_nonblock, "d" * 100000
|
|
|
|
|
n += write_nonblock s1, :write_nonblock, "e" * 100000
|
|
|
|
|
n += write_nonblock s1, :write_nonblock, "f" * 100000
|
2009-03-20 20:39:44 +03:00
|
|
|
rescue IO::WaitWritable
|
|
|
|
|
end
|
|
|
|
|
s1.close
|
|
|
|
|
assert_equal(n, s2.read.length)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-27 02:41:44 +04:00
|
|
|
def test_write_nonblock_no_exceptions
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
n = 0
|
2013-09-03 05:08:09 +04:00
|
|
|
begin
|
|
|
|
|
n += write_nonblock_no_ex s1, "a" * 100000
|
|
|
|
|
n += write_nonblock_no_ex s1, "b" * 100000
|
|
|
|
|
n += write_nonblock_no_ex s1, "c" * 100000
|
|
|
|
|
n += write_nonblock_no_ex s1, "d" * 100000
|
|
|
|
|
n += write_nonblock_no_ex s1, "e" * 100000
|
|
|
|
|
n += write_nonblock_no_ex s1, "f" * 100000
|
|
|
|
|
rescue OpenSSL::SSL::SSLError => e
|
|
|
|
|
# on some platforms (maybe depend on OpenSSL version), writing to
|
|
|
|
|
# SSLSocket after SSL_ERROR_WANT_WRITE causes this error.
|
|
|
|
|
raise e if n == 0
|
|
|
|
|
end
|
2013-08-27 02:41:44 +04:00
|
|
|
s1.close
|
|
|
|
|
assert_equal(n, s2.read.length)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2009-03-20 20:39:44 +03:00
|
|
|
def test_write_nonblock_with_buffered_data
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s1.write "foo"
|
|
|
|
|
s1.write_nonblock("bar")
|
|
|
|
|
s1.write "baz"
|
|
|
|
|
s1.close
|
|
|
|
|
assert_equal("foobarbaz", s2.read)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-27 02:41:44 +04:00
|
|
|
def test_write_nonblock_with_buffered_data_no_exceptions
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
s1.write "foo"
|
|
|
|
|
s1.write_nonblock("bar", exception: false)
|
|
|
|
|
s1.write "baz"
|
|
|
|
|
s1.close
|
|
|
|
|
assert_equal("foobarbaz", s2.read)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2016-03-31 23:33:55 +03:00
|
|
|
def test_write_nonblock_retry
|
|
|
|
|
ssl_pair {|s1, s2|
|
|
|
|
|
# fill up a socket so we hit EAGAIN
|
|
|
|
|
written = String.new
|
|
|
|
|
n = 0
|
|
|
|
|
buf = 'a' * 11
|
|
|
|
|
case ret = s1.write_nonblock(buf, exception: false)
|
|
|
|
|
when :wait_readable then break
|
|
|
|
|
when :wait_writable then break
|
|
|
|
|
when Integer
|
|
|
|
|
written << buf
|
|
|
|
|
n += ret
|
|
|
|
|
exp = buf.bytesize
|
|
|
|
|
if ret != exp
|
|
|
|
|
buf = buf.byteslice(ret, exp - ret)
|
|
|
|
|
end
|
|
|
|
|
end while true
|
|
|
|
|
assert_kind_of Symbol, ret
|
|
|
|
|
|
|
|
|
|
# make more space for subsequent write:
|
|
|
|
|
readed = s2.read(n)
|
|
|
|
|
assert_equal written, readed
|
|
|
|
|
|
|
|
|
|
# this fails if SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is missing:
|
|
|
|
|
buf2 = Marshal.load(Marshal.dump(buf))
|
|
|
|
|
assert_kind_of Integer, s1.write_nonblock(buf2, exception: false)
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-07 16:22:02 +04:00
|
|
|
def tcp_pair
|
2009-03-21 09:56:33 +03:00
|
|
|
host = "127.0.0.1"
|
2014-05-07 16:22:02 +04:00
|
|
|
serv = TCPServer.new(host, 0)
|
2009-03-21 09:56:33 +03:00
|
|
|
port = serv.connect_address.ip_port
|
|
|
|
|
sock1 = TCPSocket.new(host, port)
|
|
|
|
|
sock2 = serv.accept
|
|
|
|
|
serv.close
|
2014-05-07 16:22:02 +04:00
|
|
|
[sock1, sock2]
|
|
|
|
|
ensure
|
|
|
|
|
serv.close if serv && !serv.closed?
|
|
|
|
|
end
|
|
|
|
|
|
2015-07-26 02:16:49 +03:00
|
|
|
def test_connect_works_when_setting_dh_callback_to_nil
|
|
|
|
|
ctx2 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx2.ciphers = "DH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx2.security_level = 0
|
2015-07-26 02:16:49 +03:00
|
|
|
ctx2.tmp_dh_callback = nil
|
|
|
|
|
sock1, sock2 = tcp_pair
|
|
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
|
|
|
|
|
accepted = s2.accept_nonblock(exception: false)
|
|
|
|
|
|
|
|
|
|
ctx1 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx1.ciphers = "DH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx1.security_level = 0
|
2015-07-26 02:16:49 +03:00
|
|
|
ctx1.tmp_dh_callback = nil
|
|
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
|
|
|
|
|
t = Thread.new { s1.connect }
|
|
|
|
|
|
|
|
|
|
accept = s2.accept
|
|
|
|
|
assert_equal s1, t.value
|
|
|
|
|
assert accept
|
|
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
t.join if t
|
2015-07-26 02:16:49 +03:00
|
|
|
s1.close if s1
|
|
|
|
|
s2.close if s2
|
|
|
|
|
sock1.close if sock1
|
|
|
|
|
sock2.close if sock2
|
|
|
|
|
accepted.close if accepted.respond_to?(:close)
|
|
|
|
|
end
|
|
|
|
|
|
2015-07-26 00:23:22 +03:00
|
|
|
def test_connect_without_setting_dh_callback
|
|
|
|
|
ctx2 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx2.ciphers = "DH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx2.security_level = 0
|
2015-07-26 00:23:22 +03:00
|
|
|
sock1, sock2 = tcp_pair
|
|
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
|
|
|
|
|
accepted = s2.accept_nonblock(exception: false)
|
|
|
|
|
|
|
|
|
|
ctx1 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx1.ciphers = "DH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx1.security_level = 0
|
2015-07-26 00:23:22 +03:00
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
|
|
|
|
|
t = Thread.new { s1.connect }
|
|
|
|
|
|
|
|
|
|
accept = s2.accept
|
|
|
|
|
assert_equal s1, t.value
|
|
|
|
|
assert accept
|
|
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
t.join if t
|
2015-07-26 00:23:22 +03:00
|
|
|
s1.close if s1
|
|
|
|
|
s2.close if s2
|
|
|
|
|
sock1.close if sock1
|
|
|
|
|
sock2.close if sock2
|
|
|
|
|
accepted.close if accepted.respond_to?(:close)
|
|
|
|
|
end
|
|
|
|
|
|
2015-07-22 21:34:45 +03:00
|
|
|
def test_ecdh_callback
|
2016-05-30 12:30:38 +03:00
|
|
|
return unless OpenSSL::SSL::SSLContext.instance_methods.include?(:tmp_ecdh_callback)
|
|
|
|
|
EnvUtil.suppress_warning do # tmp_ecdh_callback is deprecated (2016-05)
|
|
|
|
|
begin
|
|
|
|
|
called = false
|
|
|
|
|
ctx2 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx2.ciphers = "ECDH"
|
2016-06-07 15:20:46 +03:00
|
|
|
# OpenSSL 1.1.0 doesn't have tmp_ecdh_callback so this shouldn't be required
|
|
|
|
|
ctx2.security_level = 0
|
2016-05-30 12:30:38 +03:00
|
|
|
ctx2.tmp_ecdh_callback = ->(*args) {
|
|
|
|
|
called = true
|
|
|
|
|
OpenSSL::PKey::EC.new "prime256v1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sock1, sock2 = tcp_pair
|
|
|
|
|
|
|
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
|
|
|
|
|
ctx1 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx1.ciphers = "ECDH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx1.security_level = 0
|
2016-05-30 12:30:38 +03:00
|
|
|
|
|
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
|
|
|
|
|
th = Thread.new do
|
|
|
|
|
begin
|
|
|
|
|
rv = s1.connect_nonblock(exception: false)
|
|
|
|
|
case rv
|
|
|
|
|
when :wait_writable
|
|
|
|
|
IO.select(nil, [s1], nil, 5)
|
|
|
|
|
when :wait_readable
|
|
|
|
|
IO.select([s1], nil, nil, 5)
|
|
|
|
|
end
|
|
|
|
|
end until rv == s1
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
accepted = s2.accept
|
|
|
|
|
assert called, 'ecdh callback should be called'
|
|
|
|
|
rescue OpenSSL::SSL::SSLError => e
|
|
|
|
|
if e.message =~ /no cipher match/
|
|
|
|
|
skip "ECDH cipher not supported."
|
|
|
|
|
else
|
|
|
|
|
raise e
|
|
|
|
|
end
|
|
|
|
|
ensure
|
|
|
|
|
th.join if th
|
|
|
|
|
s1.close if s1
|
|
|
|
|
s2.close if s2
|
|
|
|
|
sock1.close if sock1
|
|
|
|
|
sock2.close if sock2
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-07-22 21:34:45 +03:00
|
|
|
|
2016-05-30 12:30:38 +03:00
|
|
|
def test_ecdh_curves
|
2015-07-22 21:34:45 +03:00
|
|
|
sock1, sock2 = tcp_pair
|
|
|
|
|
|
|
|
|
|
ctx1 = OpenSSL::SSL::SSLContext.new
|
2016-06-09 13:46:46 +03:00
|
|
|
begin
|
|
|
|
|
ctx1.ciphers = "ECDH"
|
|
|
|
|
rescue OpenSSL::SSL::SSLError
|
|
|
|
|
skip "ECDH is not enabled in this OpenSSL" if $!.message =~ /no cipher match/
|
|
|
|
|
raise
|
|
|
|
|
end
|
2016-05-30 19:52:10 +03:00
|
|
|
ctx1.ecdh_curves = "P-384:P-521"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx1.security_level = 0
|
2015-07-22 21:34:45 +03:00
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
|
|
|
|
|
|
2016-05-30 12:30:38 +03:00
|
|
|
ctx2 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx2.ciphers = "ECDH"
|
|
|
|
|
ctx2.ecdh_curves = "P-256:P-384"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx2.security_level = 0
|
2016-05-30 12:30:38 +03:00
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
|
2015-07-22 21:34:45 +03:00
|
|
|
|
2016-05-30 12:30:38 +03:00
|
|
|
th = Thread.new { s1.accept }
|
|
|
|
|
s2.connect
|
|
|
|
|
|
|
|
|
|
assert s2.cipher[0].start_with?("AECDH"), "AECDH should be used"
|
|
|
|
|
if s2.respond_to?(:tmp_key)
|
|
|
|
|
assert_equal "secp384r1", s2.tmp_key.group.curve_name
|
2015-10-31 14:16:02 +03:00
|
|
|
end
|
2015-07-22 21:34:45 +03:00
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
th.join if th
|
2015-07-22 21:34:45 +03:00
|
|
|
s1.close if s1
|
|
|
|
|
s2.close if s2
|
|
|
|
|
sock1.close if sock1
|
|
|
|
|
sock2.close if sock2
|
|
|
|
|
end
|
|
|
|
|
|
connect_nonblock supports "exception: false"
This is for consistency with accept_nonblock arguments and gives a
minor speedup from avoiding exceptions.
[ruby-core:68838] [Feature #11024]
* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock):
support `exception: false'
* (get_no_exception): move function location
* ext/socket/socket.c (sock_connect_nonblock):
support `exception: false'
* test/openssl/test_pair.rb (test_connect_accept_nonblock_no_exception):
test `exception: false' on connect,
rename from `test_accept_nonblock_no_exception'
* test/socket/test_nonblock.rb (test_connect_nonblock_no_exception):
new test
Benchmark results:
default 0.050000 0.100000 0.150000 ( 0.151307)
exception: false 0.030000 0.080000 0.110000 ( 0.108840)
----------------------------8<-----------------------
require 'socket'
require 'benchmark'
require 'io/wait'
require 'tmpdir'
host = '127.0.0.1'
serv = TCPServer.new(host, 0) # UNIX sockets may not hit EINPROGRESS
nr = 5000 # few iterations to avoid running out of ports
addr = serv.getsockname
pid = fork do
begin
serv.accept.close
rescue => e
warn "#$$: #{e.message} (#{e.class})"
end while true
end
at_exit { Process.kill(:TERM, pid) }
serv.close
Benchmark.bmbm do |x|
x.report("default") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
begin
s.connect_nonblock(addr)
rescue IO::WaitWritable
s.wait_writable
end
s.close
end
end
x.report("exception: false") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
case s.connect_nonblock(addr, exception: false)
when :wait_writable
s.wait_writable
end
s.close
end
end
end
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-12 04:41:51 +03:00
|
|
|
def test_connect_accept_nonblock_no_exception
|
2015-03-12 06:03:04 +03:00
|
|
|
ctx2 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx2.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx2.security_level = 0
|
2015-03-12 06:03:04 +03:00
|
|
|
ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
|
|
|
|
|
|
|
|
|
|
sock1, sock2 = tcp_pair
|
|
|
|
|
|
|
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx2)
|
|
|
|
|
accepted = s2.accept_nonblock(exception: false)
|
|
|
|
|
assert_equal :wait_readable, accepted
|
|
|
|
|
|
|
|
|
|
ctx1 = OpenSSL::SSL::SSLContext.new
|
|
|
|
|
ctx1.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx1.security_level = 0
|
2015-03-12 06:03:04 +03:00
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
|
connect_nonblock supports "exception: false"
This is for consistency with accept_nonblock arguments and gives a
minor speedup from avoiding exceptions.
[ruby-core:68838] [Feature #11024]
* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock):
support `exception: false'
* (get_no_exception): move function location
* ext/socket/socket.c (sock_connect_nonblock):
support `exception: false'
* test/openssl/test_pair.rb (test_connect_accept_nonblock_no_exception):
test `exception: false' on connect,
rename from `test_accept_nonblock_no_exception'
* test/socket/test_nonblock.rb (test_connect_nonblock_no_exception):
new test
Benchmark results:
default 0.050000 0.100000 0.150000 ( 0.151307)
exception: false 0.030000 0.080000 0.110000 ( 0.108840)
----------------------------8<-----------------------
require 'socket'
require 'benchmark'
require 'io/wait'
require 'tmpdir'
host = '127.0.0.1'
serv = TCPServer.new(host, 0) # UNIX sockets may not hit EINPROGRESS
nr = 5000 # few iterations to avoid running out of ports
addr = serv.getsockname
pid = fork do
begin
serv.accept.close
rescue => e
warn "#$$: #{e.message} (#{e.class})"
end while true
end
at_exit { Process.kill(:TERM, pid) }
serv.close
Benchmark.bmbm do |x|
x.report("default") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
begin
s.connect_nonblock(addr)
rescue IO::WaitWritable
s.wait_writable
end
s.close
end
end
x.report("exception: false") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
case s.connect_nonblock(addr, exception: false)
when :wait_writable
s.wait_writable
end
s.close
end
end
end
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-12 04:41:51 +03:00
|
|
|
th = Thread.new do
|
|
|
|
|
rets = []
|
|
|
|
|
begin
|
|
|
|
|
rv = s1.connect_nonblock(exception: false)
|
|
|
|
|
rets << rv
|
|
|
|
|
case rv
|
|
|
|
|
when :wait_writable
|
|
|
|
|
IO.select(nil, [s1], nil, 5)
|
|
|
|
|
when :wait_readable
|
|
|
|
|
IO.select([s1], nil, nil, 5)
|
|
|
|
|
end
|
|
|
|
|
end until rv == s1
|
|
|
|
|
rets
|
|
|
|
|
end
|
|
|
|
|
|
2015-03-12 06:03:04 +03:00
|
|
|
until th.join(0.01)
|
|
|
|
|
accepted = s2.accept_nonblock(exception: false)
|
2016-07-26 16:02:33 +03:00
|
|
|
assert_include([s2, :wait_readable, :wait_writable ], accepted)
|
2015-03-12 06:03:04 +03:00
|
|
|
end
|
connect_nonblock supports "exception: false"
This is for consistency with accept_nonblock arguments and gives a
minor speedup from avoiding exceptions.
[ruby-core:68838] [Feature #11024]
* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock):
support `exception: false'
* (get_no_exception): move function location
* ext/socket/socket.c (sock_connect_nonblock):
support `exception: false'
* test/openssl/test_pair.rb (test_connect_accept_nonblock_no_exception):
test `exception: false' on connect,
rename from `test_accept_nonblock_no_exception'
* test/socket/test_nonblock.rb (test_connect_nonblock_no_exception):
new test
Benchmark results:
default 0.050000 0.100000 0.150000 ( 0.151307)
exception: false 0.030000 0.080000 0.110000 ( 0.108840)
----------------------------8<-----------------------
require 'socket'
require 'benchmark'
require 'io/wait'
require 'tmpdir'
host = '127.0.0.1'
serv = TCPServer.new(host, 0) # UNIX sockets may not hit EINPROGRESS
nr = 5000 # few iterations to avoid running out of ports
addr = serv.getsockname
pid = fork do
begin
serv.accept.close
rescue => e
warn "#$$: #{e.message} (#{e.class})"
end while true
end
at_exit { Process.kill(:TERM, pid) }
serv.close
Benchmark.bmbm do |x|
x.report("default") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
begin
s.connect_nonblock(addr)
rescue IO::WaitWritable
s.wait_writable
end
s.close
end
end
x.report("exception: false") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
case s.connect_nonblock(addr, exception: false)
when :wait_writable
s.wait_writable
end
s.close
end
end
end
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-12 04:41:51 +03:00
|
|
|
|
|
|
|
|
rets = th.value
|
|
|
|
|
assert_instance_of Array, rets
|
|
|
|
|
rets.each do |rv|
|
2016-07-26 16:02:33 +03:00
|
|
|
assert_include([s1, :wait_readable, :wait_writable ], rv)
|
connect_nonblock supports "exception: false"
This is for consistency with accept_nonblock arguments and gives a
minor speedup from avoiding exceptions.
[ruby-core:68838] [Feature #11024]
* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock):
support `exception: false'
* (get_no_exception): move function location
* ext/socket/socket.c (sock_connect_nonblock):
support `exception: false'
* test/openssl/test_pair.rb (test_connect_accept_nonblock_no_exception):
test `exception: false' on connect,
rename from `test_accept_nonblock_no_exception'
* test/socket/test_nonblock.rb (test_connect_nonblock_no_exception):
new test
Benchmark results:
default 0.050000 0.100000 0.150000 ( 0.151307)
exception: false 0.030000 0.080000 0.110000 ( 0.108840)
----------------------------8<-----------------------
require 'socket'
require 'benchmark'
require 'io/wait'
require 'tmpdir'
host = '127.0.0.1'
serv = TCPServer.new(host, 0) # UNIX sockets may not hit EINPROGRESS
nr = 5000 # few iterations to avoid running out of ports
addr = serv.getsockname
pid = fork do
begin
serv.accept.close
rescue => e
warn "#$$: #{e.message} (#{e.class})"
end while true
end
at_exit { Process.kill(:TERM, pid) }
serv.close
Benchmark.bmbm do |x|
x.report("default") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
begin
s.connect_nonblock(addr)
rescue IO::WaitWritable
s.wait_writable
end
s.close
end
end
x.report("exception: false") do
nr.times do
s = Socket.new(:INET, :STREAM)
s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
case s.connect_nonblock(addr, exception: false)
when :wait_writable
s.wait_writable
end
s.close
end
end
end
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-12 04:41:51 +03:00
|
|
|
end
|
2015-03-12 06:03:04 +03:00
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
th.join if th
|
2015-03-12 06:03:04 +03:00
|
|
|
s1.close if s1
|
|
|
|
|
s2.close if s2
|
|
|
|
|
sock1.close if sock1
|
|
|
|
|
sock2.close if sock2
|
|
|
|
|
accepted.close if accepted.respond_to?(:close)
|
|
|
|
|
end
|
|
|
|
|
|
2014-05-07 16:22:02 +04:00
|
|
|
def test_connect_accept_nonblock
|
|
|
|
|
ctx = OpenSSL::SSL::SSLContext.new()
|
|
|
|
|
ctx.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx.security_level = 0
|
2014-05-07 16:22:02 +04:00
|
|
|
ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
|
|
|
|
|
|
|
|
|
|
sock1, sock2 = tcp_pair
|
2009-03-21 09:56:33 +03:00
|
|
|
|
|
|
|
|
th = Thread.new {
|
|
|
|
|
s2 = OpenSSL::SSL::SSLSocket.new(sock2, ctx)
|
|
|
|
|
s2.sync_close = true
|
|
|
|
|
begin
|
|
|
|
|
sleep 0.2
|
|
|
|
|
s2.accept_nonblock
|
|
|
|
|
rescue IO::WaitReadable
|
|
|
|
|
IO.select([s2])
|
|
|
|
|
retry
|
|
|
|
|
rescue IO::WaitWritable
|
|
|
|
|
IO.select(nil, [s2])
|
|
|
|
|
retry
|
|
|
|
|
end
|
|
|
|
|
s2
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sleep 0.1
|
|
|
|
|
ctx = OpenSSL::SSL::SSLContext.new()
|
|
|
|
|
ctx.ciphers = "ADH"
|
2016-06-07 15:20:46 +03:00
|
|
|
ctx.security_level = 0
|
2009-03-21 09:56:33 +03:00
|
|
|
s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx)
|
|
|
|
|
begin
|
|
|
|
|
sleep 0.2
|
|
|
|
|
s1.connect_nonblock
|
|
|
|
|
rescue IO::WaitReadable
|
|
|
|
|
IO.select([s1])
|
|
|
|
|
retry
|
|
|
|
|
rescue IO::WaitWritable
|
|
|
|
|
IO.select(nil, [s1])
|
|
|
|
|
retry
|
|
|
|
|
end
|
|
|
|
|
s1.sync_close = true
|
|
|
|
|
|
|
|
|
|
s2 = th.value
|
|
|
|
|
|
|
|
|
|
s1.print "a\ndef"
|
|
|
|
|
assert_equal("a\n", s2.gets)
|
|
|
|
|
ensure
|
2015-07-30 07:43:23 +03:00
|
|
|
th.join if th
|
2011-07-14 09:41:05 +04:00
|
|
|
s1.close if s1 && !s1.closed?
|
|
|
|
|
s2.close if s2 && !s2.closed?
|
2009-03-21 09:56:33 +03:00
|
|
|
sock1.close if sock1 && !sock1.closed?
|
|
|
|
|
sock2.close if sock2 && !sock2.closed?
|
|
|
|
|
end
|
2014-05-08 03:21:10 +04:00
|
|
|
end
|
2009-03-21 09:56:33 +03:00
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestEOF1 < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include TestEOF
|
|
|
|
|
include OpenSSL::SSLPair
|
|
|
|
|
include OpenSSL::TestEOF1M
|
2005-03-06 00:36:11 +03:00
|
|
|
end
|
|
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestEOF1LowlevelSocket < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include TestEOF
|
|
|
|
|
include OpenSSL::SSLPairLowlevelSocket
|
|
|
|
|
include OpenSSL::TestEOF1M
|
|
|
|
|
end
|
2014-05-07 16:48:27 +04:00
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestEOF2 < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include TestEOF
|
|
|
|
|
include OpenSSL::SSLPair
|
|
|
|
|
include OpenSSL::TestEOF2M
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestEOF2LowlevelSocket < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include TestEOF
|
|
|
|
|
include OpenSSL::SSLPairLowlevelSocket
|
|
|
|
|
include OpenSSL::TestEOF2M
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestPair < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include OpenSSL::SSLPair
|
|
|
|
|
include OpenSSL::TestPairM
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-18 07:07:47 +03:00
|
|
|
class OpenSSL::TestPairLowlevelSocket < OpenSSL::TestCase
|
2014-05-08 03:21:10 +04:00
|
|
|
include OpenSSL::SSLPairLowlevelSocket
|
|
|
|
|
include OpenSSL::TestPairM
|
2014-05-07 16:48:27 +04:00
|
|
|
end
|
|
|
|
|
|
2005-03-06 00:36:11 +03:00
|
|
|
end
|
