* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_initialize):

Add a null check for ssl; submitted by akira yamada in [ruby-dev:34950]. * ext/openssl/ossl_ssl.c (Init_ossl_ssl): Define OP_NO_TICKET if SSL_OP_NO_TICKET is present; submitted by akira yamada in [ruby-dev:34944]. * test/openssl/test_ssl.rb (OpenSSL#test_server_session): Add a workaround for the case where OpenSSL is configured with --enable-tlsext; submitted by akira yamada in [ruby-dev:34944]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16842 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-06-05 11:36:55 +00:00 · 2008-06-05 11:36:55 +00:00 · 55fece6379
parent 83b4c1c424
commit 55fece6379
4 changed files with 25 additions and 3 deletions
--- a/16
+++ b/16
@ -1,3 +1,17 @@
+Thu Jun  5 20:30:46 2008  Akinori MUSHA  <knu@iDaemons.org>
+
+	* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_initialize):
+	  Add a null check for ssl; submitted by akira yamada
+	  in [ruby-dev:34950].
+
+	* ext/openssl/ossl_ssl.c (Init_ossl_ssl): Define OP_NO_TICKET if
+	  SSL_OP_NO_TICKET is present; submitted by akira yamada
+	  in [ruby-dev:34944].
+
+	* test/openssl/test_ssl.rb (OpenSSL#test_server_session): Add a
+	  workaround for the case where OpenSSL is configured with
+	  --enable-tlsext; submitted by akira yamada in [ruby-dev:34944].
+
 Thu Jun  5 20:24:15 2008  Yusuke Endoh  <mame@tsg.ne.jp>

 	* thread.c (thread_set_trace_func_m): fix check for proc argument.
@ -6,7 +20,7 @@ Thu Jun  5 20:17:29 2008  Yusuke Endoh  <mame@tsg.ne.jp>

 	* lib/rexml/document.rb (REXML::Document:write): leaky modification
 	  trans -> transitive.  [ruby-dev:32040], r13686
-	
+
 	* lib/rexml/text.rb (Text.check): fix check for illigal characher.

 Thu Jun  5 14:03:44 2008  Nobuyoshi Nakada  <nobu@ruby-lang.org>
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@ -1466,6 +1466,9 @@ Init_ossl_ssl()
    ossl_ssl_def_const(OP_NO_SSLv2);
    ossl_ssl_def_const(OP_NO_SSLv3);
    ossl_ssl_def_const(OP_NO_TLSv1);
+#if defined(SSL_OP_NO_TICKET)
+    ossl_ssl_def_const(OP_NO_TICKET);
+#endif
    ossl_ssl_def_const(OP_PKCS1_CHECK_1);
    ossl_ssl_def_const(OP_PKCS1_CHECK_2);
    ossl_ssl_def_const(OP_NETSCAPE_CA_DN_BUG);
--- a/ext/openssl/ossl_ssl_session.c
+++ b/ext/openssl/ossl_ssl_session.c
@ -47,7 +47,7 @@ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1)

 		Data_Get_Struct(arg1, SSL, ssl);

-		if ((ctx = SSL_get1_session(ssl)) == NULL)
+		if (!ssl || (ctx = SSL_get1_session(ssl)) == NULL)
 			ossl_raise(eSSLSession, "no session available");
 	} else {
 		BIO *in = ossl_obj2bio(arg1);
--- a/test/openssl/test_ssl.rb
+++ b/test/openssl/test_ssl.rb
@ -511,7 +511,12 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
    start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc, :server_proc => server_proc) do |server, port|
      10.times do |i|
        sock = TCPSocket.new("127.0.0.1", port)
-        ssl = OpenSSL::SSL::SSLSocket.new(sock)
+        ctx = OpenSSL::SSL::SSLContext.new
+        if defined?(OpenSSL::SSL::OP_NO_TICKET)
+          # disable RFC4507 support
+          ctx.options = OpenSSL::SSL::OP_NO_TICKET
+        end
+        ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
        ssl.sync_close = true
        ssl.session = first_session if first_session
        ssl.connect