Bug #13718 ยป test-net_openssl_ctx.patch
test/net/ftp/test_ftp.rb | ||
---|---|---|
require "ostruct"
|
||
require "stringio"
|
||
require "tempfile"
|
||
require_relative '..\utils'
|
||
class FTPTest < Test::Unit::TestCase
|
||
SERVER_NAME = "localhost"
|
||
... | ... | |
rescue SocketError
|
||
"127.0.0.1"
|
||
end
|
||
CA_FILE = File.expand_path("../fixtures/cacert.pem", __dir__)
|
||
SERVER_KEY = File.expand_path("../fixtures/server.key", __dir__)
|
||
SERVER_CERT = File.expand_path("../fixtures/server.crt", __dir__)
|
||
def setup
|
||
@thread = nil
|
||
... | ... | |
begin
|
||
Net::FTP.new(SERVER_NAME,
|
||
:port => port,
|
||
:ssl => { :ca_file => CA_FILE })
|
||
:ssl => { :ca_file => Net::TestUtils::CA_FILE })
|
||
rescue SystemCallError
|
||
skip $!
|
||
end
|
||
... | ... | |
# so the following code should raise a SSLError.
|
||
Net::FTP.new(SERVER_ADDR,
|
||
:port => port,
|
||
:ssl => { :ca_file => CA_FILE })
|
||
:ssl => { :ca_file => Net::TestUtils::CA_FILE })
|
||
end
|
||
end
|
||
end
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
begin
|
||
... | ... | |
end
|
||
ftp = Net::FTP.new(SERVER_NAME,
|
||
port: port,
|
||
ssl: { ca_file: CA_FILE },
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE },
|
||
passive: false)
|
||
begin
|
||
assert_equal("AUTH TLS\r\n", commands.shift)
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
begin
|
||
... | ... | |
end
|
||
ftp = Net::FTP.new(SERVER_NAME,
|
||
port: port,
|
||
ssl: { ca_file: CA_FILE },
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE },
|
||
passive: true)
|
||
begin
|
||
assert_equal("AUTH TLS\r\n", commands.shift)
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
begin
|
||
... | ... | |
end
|
||
ftp = Net::FTP.new(SERVER_NAME,
|
||
port: port,
|
||
ssl: { ca_file: CA_FILE },
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE },
|
||
private_data_connection: false,
|
||
passive: false)
|
||
begin
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
begin
|
||
... | ... | |
end
|
||
ftp = Net::FTP.new(SERVER_NAME,
|
||
port: port,
|
||
ssl: { ca_file: CA_FILE },
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE },
|
||
private_data_connection: false,
|
||
passive: true)
|
||
begin
|
||
... | ... | |
assert_raise(Net::OpenTimeout) do
|
||
Net::FTP.new(SERVER_NAME,
|
||
port: port,
|
||
ssl: { ca_file: CA_FILE },
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE },
|
||
ssl_handshake_timeout: 0.1)
|
||
end
|
||
@thread.join
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
sock.accept
|
||
... | ... | |
begin
|
||
ftp = Net::FTP.new(SERVER_NAME,
|
||
port: server.port,
|
||
ssl: { ca_file: CA_FILE })
|
||
ssl: { ca_file: Net::TestUtils::CA_FILE })
|
||
assert_equal("AUTH TLS\r\n", commands.shift)
|
||
assert_equal("PBSZ 0\r\n", commands.shift)
|
||
assert_equal("PROT P\r\n", commands.shift)
|
||
... | ... | |
sock.print("220 (test_ftp).\r\n")
|
||
commands.push(sock.gets)
|
||
sock.print("234 AUTH success.\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
begin
|
test/net/imap/test_imap.rb | ||
---|---|---|
require "net/imap"
|
||
require "test/unit"
|
||
require_relative '..\utils'
|
||
class IMAPTest < Test::Unit::TestCase
|
||
CA_FILE = File.expand_path("../fixtures/cacert.pem", __dir__)
|
||
SERVER_KEY = File.expand_path("../fixtures/server.key", __dir__)
|
||
SERVER_CERT = File.expand_path("../fixtures/server.crt", __dir__)
|
||
SERVER_ADDR = "127.0.0.1"
|
||
... | ... | |
begin
|
||
Net::IMAP.new("localhost",
|
||
:port => port,
|
||
:ssl => { :ca_file => CA_FILE })
|
||
:ssl => { :ca_file => Net::TestUtils::CA_FILE })
|
||
rescue SystemCallError
|
||
skip $!
|
||
end
|
||
... | ... | |
# so the following code should raise a SSLError.
|
||
Net::IMAP.new(SERVER_ADDR,
|
||
:port => port,
|
||
:ssl => { :ca_file => CA_FILE })
|
||
:ssl => { :ca_file => Net::TestUtils::CA_FILE })
|
||
end
|
||
end
|
||
end
|
||
... | ... | |
imap = nil
|
||
starttls_test do |port|
|
||
imap = Net::IMAP.new("localhost", :port => port)
|
||
imap.starttls(:ca_file => CA_FILE)
|
||
imap.starttls(:ca_file => Net::TestUtils::CA_FILE)
|
||
imap
|
||
end
|
||
rescue SystemCallError
|
||
... | ... | |
def imaps_test
|
||
server = create_tcp_server
|
||
port = server.addr[1]
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
ssl_server = OpenSSL::SSL::SSLServer.new(server, ctx)
|
||
ths = Thread.start do
|
||
begin
|
||
... | ... | |
sock.print("* OK test server\r\n")
|
||
sock.gets
|
||
sock.print("RUBY0001 OK completed\r\n")
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
sock = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
||
sock.sync_close = true
|
||
sock.accept
|
test/net/smtp/test_smtp.rb | ||
---|---|---|
require 'net/smtp'
|
||
require 'stringio'
|
||
require 'test/unit'
|
||
require_relative '..\utils'
|
||
module Net
|
||
class TestSMTP < Test::Unit::TestCase
|
||
CA_FILE = File.expand_path("../fixtures/cacert.pem", __dir__)
|
||
SERVER_KEY = File.expand_path("../fixtures/server.key", __dir__)
|
||
SERVER_CERT = File.expand_path("../fixtures/server.crt", __dir__)
|
||
class FakeSocket
|
||
attr_reader :write_io
|
||
... | ... | |
def test_tls_connect
|
||
servers = Socket.tcp_server_sockets("localhost", 0)
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = File.open(SERVER_KEY) { |f|
|
||
OpenSSL::PKey::RSA.new(f)
|
||
}
|
||
ctx.cert = File.open(SERVER_CERT) { |f|
|
||
OpenSSL::X509::Certificate.new(f)
|
||
}
|
||
ctx = Net::TestUtils.create_ssl_ctx
|
||
begin
|
||
sock = nil
|
||
Thread.start do
|
test/net/utils.rb | ||
---|---|---|
# frozen_string_literal: true
|
||
module Net::TestUtils
|
||
CA_FILE = File.join(__dir__, "fixtures/cacert.pem")
|
||
SERVER_KEY = File.join(__dir__, "fixtures/server.key")
|
||
SERVER_CERT = File.join(__dir__, "fixtures/server.crt")
|
||
def self.create_ssl_ctx
|
||
ctx = OpenSSL::SSL::SSLContext.new
|
||
ctx.ca_file = CA_FILE
|
||
ctx.key = OpenSSL::PKey::RSA.new( File.read(SERVER_KEY) )
|
||
ctx.cert = OpenSSL::X509::Certificate.new( File.read(SERVER_CERT) )
|
||
ctx
|
||
end
|
||
end
|