Skip to content

Add SSLSocket ssl_version property like MRI has #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 2 commits into from
Closed

Add SSLSocket ssl_version property like MRI has #38

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5b497d9
Add SSLSocket ssl_version property like MRI has
driskell Apr 4, 2015
2ce855b
Disable the SSLv3 ssl_version test in CI as it currently fails on som…
driskell Apr 7, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions src/main/java/org/jruby/ext/openssl/SSLSocket.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -854,6 +854,12 @@ public IRubyObject set_session(IRubyObject session) {
return getRuntime().getNil(); // throw new UnsupportedOperationException();
}

@JRubyMethod
public IRubyObject ssl_version() {
if ( engine == null ) return getRuntime().getNil();
return getRuntime().newString( engine.getSession().getProtocol() );
}

private SocketChannel getSocketChannel() {
return (SocketChannel) io.getChannel();
}
Expand Down
32 changes: 31 additions & 1 deletion src/test/ruby/ssl/test_ssl.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,4 +82,34 @@ def test_post_connection_check
end
end

end
def test_ssl_version_sslv3
skip('Disable SSLv3 test in CI as it currently fails on some JVM versions') unless ENV['CI'].nil?
# This test appears to fail on Oracle JDK 1.7.0_76 but not Oracle JDK 1.6.0_65
# The test (client) reports Connection reset by peer
# The server reports "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"
ctx_proc = Proc.new do |ctx|
ctx.ssl_version = "SSLv3"
end
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc) do |server, port|
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock)
ssl.connect
assert_equal("SSLv3", ssl.ssl_version)
ssl.close
end
end

def test_ssl_version_tlsv1
ctx_proc = Proc.new do |ctx|
ctx.ssl_version = "TLSv1"
end
start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc) do |server, port|
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock)
ssl.connect
assert_equal("TLSv1", ssl.ssl_version)
ssl.close
end
end

end