1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* test/openssl/test_ssl_session.rb (test_ctx_client_session_cb): Don't

ignore errors of SSL accept.
  (test_ctx_server_session_cb): Ditto.

* test/openssl/utils.rb (server_loop): Add ignore_ssl_accept_error
  argument.
  (start_server): Refine threads waits.

* test/ruby/envutil.rb (assert_join_threads): Show a thread before
  backtrace.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
akr 2014-11-01 13:10:37 +00:00
parent a7c425cbf3
commit d5802c512e
4 changed files with 105 additions and 82 deletions

View file

@ -1,3 +1,16 @@
Sat Nov 1 22:06:24 2014 Tanaka Akira <akr@fsij.org>
* test/openssl/test_ssl_session.rb (test_ctx_client_session_cb): Don't
ignore errors of SSL accept.
(test_ctx_server_session_cb): Ditto.
* test/openssl/utils.rb (server_loop): Add ignore_ssl_accept_error
argument.
(start_server): Refine threads waits.
* test/ruby/envutil.rb (assert_join_threads): Show a thread before
backtrace.
Sat Nov 1 20:40:18 2014 Tanaka Akira <akr@fsij.org>
* test/openssl/utils.rb (start_server, server_loop): Use a

View file

@ -289,18 +289,22 @@ __EOS__
# any resulting value is OK (ignored)
}
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true) do |server, port|
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, ignore_ssl_accept_error: false) do |server, port|
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync_close = true
ssl.connect
assert_equal(1, ctx.session_cache_stats[:cache_num])
assert_equal(1, ctx.session_cache_stats[:connect_good])
assert_equal([ssl, ssl.session], called[:new])
assert(ctx.session_remove(ssl.session))
assert(!ctx.session_remove(ssl.session))
assert_equal([ctx, ssl.session], called[:remove])
ssl.close
begin
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync_close = true
ssl.connect
assert_equal(1, ctx.session_cache_stats[:cache_num])
assert_equal(1, ctx.session_cache_stats[:connect_good])
assert_equal([ssl, ssl.session], called[:new])
assert(ctx.session_remove(ssl.session))
assert(!ctx.session_remove(ssl.session))
assert_equal([ctx, ssl.session], called[:remove])
ssl.close
ensure
sock.close if !sock.closed?
end
end
end
@ -343,21 +347,25 @@ __EOS__
c.session_cache_stats
readwrite_loop(c, ssl)
}
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc, :server_proc => server_proc) do |server, port|
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, ctx_proc: ctx_proc, server_proc: server_proc, ignore_ssl_accept_error: false) do |server, port|
last_client_session = nil
3.times do
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new("SSLv3"))
ssl.sync_close = true
ssl.session = last_client_session if last_client_session
ssl.connect
last_client_session = ssl.session
ssl.close
timeout(5) do
Thread.pass until called.key?(:new)
assert(called.delete(:new))
Thread.pass until called.key?(:remove)
assert(called.delete(:remove))
begin
ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new("SSLv3"))
ssl.sync_close = true
ssl.session = last_client_session if last_client_session
ssl.connect
last_client_session = ssl.session
ssl.close
timeout(5) do
Thread.pass until called.key?(:new)
assert(called.delete(:new))
Thread.pass until called.key?(:remove)
assert(called.delete(:remove))
end
ensure
sock.close if !sock.closed?
end
end
end

View file

@ -240,7 +240,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
ssl.close rescue nil
end
def server_loop(ctx, ssls, stop_pipe_r, server_proc, threads)
def server_loop(ctx, ssls, stop_pipe_r, ignore_ssl_accept_error, server_proc, threads)
loop do
ssl = nil
begin
@ -250,11 +250,14 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
end
ssl = ssls.accept
rescue OpenSSL::SSL::SSLError
retry
if ignore_ssl_accept_error
retry
else
raise
end
end
th = Thread.start do
Thread.current.abort_on_exception = true
server_proc.call(ctx, ssl)
end
threads << th
@ -263,65 +266,63 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
end
def start_server(port0, verify_mode, start_immediately, args = {}, &block)
ctx_proc = args[:ctx_proc]
server_proc = args[:server_proc]
server_proc ||= method(:readwrite_loop)
threads = []
store = OpenSSL::X509::Store.new
store.add_cert(@ca_cert)
store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
ctx = OpenSSL::SSL::SSLContext.new
ctx.cert_store = store
#ctx.extra_chain_cert = [ ca_cert ]
ctx.cert = @svr_cert
ctx.key = @svr_key
ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
ctx.verify_mode = verify_mode
ctx_proc.call(ctx) if ctx_proc
Socket.do_not_reverse_lookup = true
tcps = nil
port = port0
begin
tcps = TCPServer.new("127.0.0.1", port)
rescue Errno::EADDRINUSE
port += 1
retry
end
stop_pipe_r, stop_pipe_w = IO.pipe
ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
ssls.start_immediately = start_immediately
begin
server = Thread.new do
Thread.current.abort_on_exception = true
server_loop(ctx, ssls, stop_pipe_r, server_proc, threads)
end
$stderr.printf("%s started: pid=%d port=%d\n", SSL_SERVER, $$, port) if $DEBUG
block.call(server, port.to_i)
ensure
IO.pipe {|stop_pipe_r, stop_pipe_w|
begin
stop_pipe_w.close
if (server)
server.join(5)
if server.alive?
server.join
flunk("TCPServer was closed and SSLServer is still alive") unless $!
ctx_proc = args[:ctx_proc]
server_proc = args[:server_proc]
ignore_ssl_accept_error = args.fetch(:ignore_ssl_accept_error, true)
server_proc ||= method(:readwrite_loop)
threads = []
store = OpenSSL::X509::Store.new
store.add_cert(@ca_cert)
store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
ctx = OpenSSL::SSL::SSLContext.new
ctx.cert_store = store
#ctx.extra_chain_cert = [ ca_cert ]
ctx.cert = @svr_cert
ctx.key = @svr_key
ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 }
ctx.verify_mode = verify_mode
ctx_proc.call(ctx) if ctx_proc
Socket.do_not_reverse_lookup = true
tcps = nil
port = port0
begin
tcps = TCPServer.new("127.0.0.1", port)
rescue Errno::EADDRINUSE
port += 1
retry
end
ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
ssls.start_immediately = start_immediately
server = Thread.new do
server_loop(ctx, ssls, stop_pipe_r, ignore_ssl_accept_error, server_proc, threads)
end
threads.unshift server
$stderr.printf("%s started: pid=%d port=%d\n", SSL_SERVER, $$, port) if $DEBUG
th = Thread.new do
begin
block.call(server, port.to_i)
ensure
stop_pipe_w.close
end
end
begin
th.join
rescue Exception
threads.unshift th
end
ensure
tcps.close if (tcps)
tcps.close if tcps
assert_join_threads(threads)
end
end
ensure
stop_pipe_r.close if !stop_pipe_r.closed?
stop_pipe_w.close if !stop_pipe_w.closed?
assert_join_threads(threads)
}
end
def starttls(ssl)

View file

@ -529,13 +529,14 @@ eom
begin
values << th.value
rescue Exception
errs << $!
errs << [th, $!]
end
end
if !errs.empty?
msg = errs.map {|err|
msg = errs.map {|t, err|
err.backtrace.map.with_index {|line, i|
if i == 0
"#{t.inspect}:\n" +
"#{line}: #{err.message} (#{err.class})"
else
"\tfrom #{line}"