mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
29c5ab0b77
#nnn is a ticket number at http://dev.ctor.org/soap4r * SOAP * allow to configure an envelope namespace of SOAP request. (#124) TemporaryNamespace = 'http://www.w3.org/2003/05/soap-envelope' @client.options["soap.envelope.requestnamespace"] = TemporaryNamespace @client.options["soap.envelope.responsenamespace"] = TemporaryNamespace @client.do_proc(...) * let SOAP request XML indent space configuable. see "soap.envelope.no_indent" option. (#130) * let external CES configuable. ex. client["soap.mapping.external_ces"] = 'SJIS'. $KCODE is used by default. (#133) external CES ::= CES used in Ruby object of client and server internal CES ::= CES used in SOAP/OM * add iso-8859-1 external CES support. (#106) * fixed illegal 'qualified' handling of elements. it caused ASP.NET inteoperability problem. (#144) * added 'soap.envelope.use_numeric_character_reference' (boolean) option to let query XML use numeric character reference in XML, not plain UTF-8 character. !GoogleSearch server seems to not allow plain UTF-8 character since 2005-08-15 update. (#147) * SOAP::Header::SimpleHeader (de)serialization throws an exception on !SimpleHeader.on_(in|out)bound when header is a String. so we could not use a simple single element headerItem. fixed. thanks to emil. (#129) * out parameter of rpc operation did not work. (#132) * follow HTTP redirect only if using http-access2. (#125) (#145) * add a workaround for importing an WSDL whose path begins with drive letter. (#115) * WSDL * SOAP Data which is defined as a simpletype was not mapped correctly to Ruby obj when using wsdl2ruby.rb generated classdef file. (#123) * rpc/literal support. (#118) * re-implemented local element qualify/unqualify control. handles elementFormDefault and form in WSDL. (#119) * Array of an element which has simpleType causes a crash. (#128) * prarmeterOrder may not contain return part so it can be shorter than parts size. Thanks to Hugh. (#139) * Samples * added !BasicAuth client sample. (#117) * added Base64 client/server sample. * added Flickr SOAP interface client sample. (#122) * added !SalesForce client sample. (#135) * updated Thawte CA certificate for !GoogleAdWords sample. * updated a client script with the newer version made by Johan. thanks! * shortened long file names. (#120) * fixed typo in authheader sample. (#129) * updated deprecated method usage. (#138) git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9169 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
236 lines
7.4 KiB
Ruby
236 lines
7.4 KiB
Ruby
require 'test/unit'
|
|
begin
|
|
require 'http-access2'
|
|
rescue LoadError
|
|
end
|
|
require 'soap/rpc/driver'
|
|
|
|
if defined?(HTTPAccess2) and defined?(OpenSSL)
|
|
|
|
module SOAP; module SSL
|
|
|
|
|
|
class TestSSL < Test::Unit::TestCase
|
|
PORT = 17171
|
|
|
|
DIR = File.dirname(File.expand_path(__FILE__))
|
|
require 'rbconfig'
|
|
RUBY = File.join(
|
|
Config::CONFIG["bindir"],
|
|
Config::CONFIG["ruby_install_name"] + Config::CONFIG["EXEEXT"]
|
|
)
|
|
|
|
def setup
|
|
@url = "https://localhost:#{PORT}/hello"
|
|
@serverpid = @client = nil
|
|
@verify_callback_called = false
|
|
setup_server
|
|
setup_client
|
|
end
|
|
|
|
def teardown
|
|
teardown_client
|
|
teardown_server
|
|
end
|
|
|
|
def test_options
|
|
cfg = @client.streamhandler.client.ssl_config
|
|
assert_nil(cfg.client_cert)
|
|
assert_nil(cfg.client_key)
|
|
assert_nil(cfg.client_ca)
|
|
assert_equal(OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT, cfg.verify_mode)
|
|
assert_nil(cfg.verify_callback)
|
|
assert_nil(cfg.timeout)
|
|
assert_equal(OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv2, cfg.options)
|
|
assert_equal("ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH", cfg.ciphers)
|
|
assert_instance_of(OpenSSL::X509::Store, cfg.cert_store)
|
|
# dummy call to ensure sslsvr initialization finished.
|
|
assert_raise(OpenSSL::SSL::SSLError) do
|
|
@client.hello_world("ssl client")
|
|
end
|
|
end
|
|
|
|
def test_verification
|
|
cfg = @client.options
|
|
cfg["protocol.http.ssl_config.verify_callback"] = method(:verify_callback).to_proc
|
|
begin
|
|
@verify_callback_called = false
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.client_cert"] = File.join(DIR, "client.cert")
|
|
cfg["protocol.http.ssl_config.client_key"] = File.join(DIR, "client.key")
|
|
@verify_callback_called = false
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "ca.cert")
|
|
@verify_callback_called = false
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "subca.cert")
|
|
@verify_callback_called = false
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
assert(@verify_callback_called)
|
|
#
|
|
cfg["protocol.http.ssl_config.verify_depth"] = "1"
|
|
@verify_callback_called = false
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.verify_depth"] = ""
|
|
cfg["protocol.http.ssl_config.cert_store"] = OpenSSL::X509::Store.new
|
|
cfg["protocol.http.ssl_config.verify_mode"] = OpenSSL::SSL::VERIFY_PEER.to_s
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.verify_mode"] = ""
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
end
|
|
|
|
def test_property
|
|
testpropertyname = File.join(DIR, 'soapclient.properties')
|
|
File.open(testpropertyname, "w") do |f|
|
|
f <<<<__EOP__
|
|
protocol.http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
# depth: 1 causes an error (intentional)
|
|
protocol.http.ssl_config.verify_depth = 1
|
|
protocol.http.ssl_config.client_cert = #{File.join(DIR, 'client.cert')}
|
|
protocol.http.ssl_config.client_key = #{File.join(DIR, 'client.key')}
|
|
protocol.http.ssl_config.ca_file = #{File.join(DIR, 'ca.cert')}
|
|
protocol.http.ssl_config.ca_file = #{File.join(DIR, 'subca.cert')}
|
|
protocol.http.ssl_config.ciphers = ALL
|
|
__EOP__
|
|
end
|
|
begin
|
|
@client.loadproperty(testpropertyname)
|
|
@client.options["protocol.http.ssl_config.verify_callback"] = method(:verify_callback).to_proc
|
|
@verify_callback_called = false
|
|
# NG with String
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
# NG with Integer
|
|
@client.options["protocol.http.ssl_config.verify_depth"] = 0
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
assert_equal("certificate verify failed", ssle.message)
|
|
assert(@verify_callback_called)
|
|
end
|
|
# OK with empty
|
|
@client.options["protocol.http.ssl_config.verify_depth"] = ""
|
|
@verify_callback_called = false
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
assert(@verify_callback_called)
|
|
# OK with nil
|
|
@client.options["protocol.http.ssl_config.verify_depth"] = nil
|
|
@verify_callback_called = false
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
assert(@verify_callback_called)
|
|
# OK with String
|
|
@client.options["protocol.http.ssl_config.verify_depth"] = "3"
|
|
@verify_callback_called = false
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
assert(@verify_callback_called)
|
|
# OK with Integer
|
|
@client.options["protocol.http.ssl_config.verify_depth"] = 3
|
|
@verify_callback_called = false
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
assert(@verify_callback_called)
|
|
ensure
|
|
File.unlink(testpropertyname)
|
|
end
|
|
end
|
|
|
|
def test_ciphers
|
|
cfg = @client.options
|
|
cfg["protocol.http.ssl_config.client_cert"] = File.join(DIR, 'client.cert')
|
|
cfg["protocol.http.ssl_config.client_key"] = File.join(DIR, 'client.key')
|
|
cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "ca.cert")
|
|
cfg["protocol.http.ssl_config.ca_file"] = File.join(DIR, "subca.cert")
|
|
#cfg.timeout = 123
|
|
cfg["protocol.http.ssl_config.ciphers"] = "!ALL"
|
|
#
|
|
begin
|
|
@client.hello_world("ssl client")
|
|
assert(false)
|
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
# depends on OpenSSL version. (?:0.9.8|0.9.7)
|
|
assert_match(/\A(?:SSL_CTX_set_cipher_list:: no cipher match|no ciphers available)\z/, ssle.message)
|
|
end
|
|
#
|
|
cfg["protocol.http.ssl_config.ciphers"] = "ALL"
|
|
assert_equal("Hello World, from ssl client", @client.hello_world("ssl client"))
|
|
end
|
|
|
|
private
|
|
|
|
def q(str)
|
|
%Q["#{str}"]
|
|
end
|
|
|
|
def setup_server
|
|
svrcmd = "#{q(RUBY)} "
|
|
#svrcmd << "-d " if $DEBUG
|
|
svrcmd << File.join(DIR, "sslsvr.rb")
|
|
svrout = IO.popen(svrcmd)
|
|
@serverpid = Integer(svrout.gets.chomp)
|
|
end
|
|
|
|
def setup_client
|
|
@client = SOAP::RPC::Driver.new(@url, 'urn:ssltst')
|
|
@client.add_method("hello_world", "from")
|
|
end
|
|
|
|
def teardown_server
|
|
if @serverpid
|
|
Process.kill('KILL', @serverpid)
|
|
Process.waitpid(@serverpid)
|
|
end
|
|
end
|
|
|
|
def teardown_client
|
|
@client.reset_stream if @client
|
|
end
|
|
|
|
def verify_callback(ok, cert)
|
|
@verify_callback_called = true
|
|
p ["client", ok, cert] if $DEBUG
|
|
ok
|
|
end
|
|
end
|
|
|
|
|
|
end; end
|
|
|
|
end
|