* ext/openssl/ossl_ssl.c: Introduce SSLContext#renegotiation_cb and

remove SSLContext#disable_client_renegotiation and related
  functionality introduced in r35797. The new callback approach
  gives clients maximum flexibility to decide on their own what to
  do on renegotiation attempts.
  Add documentation for SSL module and SSLError. 
* test/openssl/test_ssl.rb: Add a test for
  SSLContext#renegotiation_cb.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

test/openssl/test_ssl.rb

@@ -505,39 +505,17 @@ if OpenSSL::SSL::SSLContext::METHODS.include? :TLSv1_2
 
 end
 
-  def test_disable_client_renegotiation
-    ctx_proc = Proc.new { |ctx| ctx.disable_client_renegotiation }
+  def test_renegotiation_cb
+    num_handshakes = 0
+    renegotiation_cb = Proc.new { |ssl| num_handshakes += 1 }
+    ctx_proc = Proc.new { |ctx| ctx.renegotiation_cb = renegotiation_cb }
     start_server_version(:SSLv23, ctx_proc) { |server, port|
       server_connect(port) { |ssl|
-        assert(ssl.ssl_version)
+        assert_equal(1, num_handshakes)
       }
     }
   end
-
-  def test_allow_client_renegotiation_args
-    ctx = OpenSSL::SSL::SSLContext.new
-    assert_raise(ArgumentError) { ctx.allow_client_renegotiation(0) }
-    assert_raise(ArgumentError) { ctx.allow_client_renegotiation(-1) }
-  end
-
-  def test_allow_client_renegotiation_once
-    ctx_proc = Proc.new { |ctx| ctx.allow_client_renegotiation(2) }
-    start_server_version(:SSLv23, ctx_proc) { |server, port|
-      server_connect(port) { |ssl|
-        assert(ssl.ssl_version)
-      }
-    }
-  end
-
-  def test_allow_arbitrary_client_renegotiation
-    ctx_proc = Proc.new { |ctx| ctx.allow_client_renegotiation }
-    start_server_version(:SSLv23, ctx_proc) { |server, port|
-      server_connect(port) { |ssl|
-        assert(ssl.ssl_version)
-      }
-    }
-  end
-
+  
   private
 
   def start_server_version(version, ctx_proc=nil, server_proc=nil, &blk)