archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-23 04:24:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

[ruby/openssl] ssl: remove SSL::SSLContext#tmp_ecdh_callback

Browse source 
The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by
LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not
supported by any non-EOL versions of OpenSSL.

The wrapper was initially implemented in Ruby 2.3 and has been
deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit
warning with rb_warn().

ee037e1460
This commit is contained in:
Kazuki Yamaguchi 2020-08-12 20:57:52 +09:00
parent 945ed40862
commit d47210b113
Notes: git 2021-03-16 20:38:43 +09:00
3 changed files with 3 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

24
test/openssl/test_ssl.rb
View file

@ -1603,30 +1603,6 @@ end
end
end
def test_tmp_ecdh_callback
pend "EC is disabled" unless defined?(OpenSSL::PKey::EC)
pend "tmp_ecdh_callback is not supported" unless \
OpenSSL::SSL::SSLContext.method_defined?(:tmp_ecdh_callback)
pend "LibreSSL 2.6 has broken SSL_CTX_set_tmp_ecdh_callback()" \
if libressl?(2, 6, 1)
EnvUtil.suppress_warning do # tmp_ecdh_callback is deprecated (2016-05)
called = false
ctx_proc = -> ctx {
ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
ctx.tmp_ecdh_callback = -> (*args) {
called = true
OpenSSL::PKey::EC.new "prime256v1"
}
}
start_server(ctx_proc: ctx_proc) do |port|
server_connect(port) { |s|
assert called, "tmp_ecdh_callback should be called"
}
end
end
end
def test_ecdh_curves
pend "EC is disabled" unless defined?(OpenSSL::PKey::EC)