mirror of
https://github.com/ruby/ruby.git
synced 2025-09-15 08:33:58 +02:00
01d368e7b0
When compiled with OpenSSL <= 1.1.1, OpenSSL::SSL::SSLContext#setup does not raise an exception on an error return from SSL_CTX_load_verify_locations(), but instead only prints a verbose-mode warning. This is not helpful since it very likely indicates an actual error, such as the specified file not being readable. Also, OpenSSL's error queue is not correctly cleared: $ ruby -w -ropenssl -e'OpenSSL.debug=true; ctx=OpenSSL::SSL::SSLContext.new; ctx.ca_file="bad-path"; ctx.setup; pp OpenSSL.errors' -e:1: warning: can't set verify locations ["error:02001002:system library:fopen:No such file or directory", "error:2006D080:BIO routines:BIO_new_file:no such file", "error:0B084002:x509 certificate routines:X509_load_cert_crl_file: system lib"] The behavior is currently different when compiled with OpenSSL >= 3.0: SSLError is raised if SSL_CTX_load_verify_file() or SSL_CTX_load_verify_dir() fails. This inconsistency was unintentionally introduced by commit |
||
|---|---|---|
| .. | ||
| fixtures | ||
| test_asn1.rb | ||
| test_bn.rb | ||
| test_buffering.rb | ||
| test_cipher.rb | ||
| test_config.rb | ||
| test_digest.rb | ||
| test_engine.rb | ||
| test_fips.rb | ||
| test_hmac.rb | ||
| test_kdf.rb | ||
| test_ns_spki.rb | ||
| test_ocsp.rb | ||
| test_ossl.rb | ||
| test_pair.rb | ||
| test_pkcs7.rb | ||
| test_pkcs12.rb | ||
| test_pkey.rb | ||
| test_pkey_dh.rb | ||
| test_pkey_dsa.rb | ||
| test_pkey_ec.rb | ||
| test_pkey_rsa.rb | ||
| test_provider.rb | ||
| test_random.rb | ||
| test_ssl.rb | ||
| test_ssl_session.rb | ||
| test_ts.rb | ||
| test_x509attr.rb | ||
| test_x509cert.rb | ||
| test_x509crl.rb | ||
| test_x509ext.rb | ||
| test_x509name.rb | ||
| test_x509req.rb | ||
| test_x509store.rb | ||
| ut_eof.rb | ||
| utils.rb | ||