-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
2.1.0.beta1 vs 2.0.5 with 1.1.0f - SSLContext::METHODS change #147
Comments
I just came across ssl: rework SSLContext#ssl_version=, so I'll close this, since I haven't had time to look thru... |
After reviewing the commit, and the added methods in SSLContext, I believe that SSLContext::METHODS should remain. For instance, I have seen it used in test scripts to determine what tests to run, as it allows one to easily determine whether the OpenSSL library supports various SSL/TLS methods. |
I probably should have mentioned the change in SSLContext#ssl_version= and SSLContext::METHODS in History.md. I'll try when I make 2.1.0.beta2 release. The change itself is perfectly expected. The constant contains symbol values that would be accepted by SSLContext#ssl_version=, so the semantics did not change. In fact, checking the constant has never been a proper way to check whether an SSL/TLS protocol version is supported by the OpenSSL library or not -- with previous versions of ext/openssl, one could build OpenSSL with the TLSv1{,_client,_server} methods enabled and no actual TLS 1.0 support. |
I'm somewhat in the middle of some other coding tasks, but I just noticed that
when using 2.1.0.beta1, SSLContext::METHODS is contains
when using 2.0.5, SSLContext::METHODS contains
Note that
SSLv2
andSSLv3
appear in 2.1.0 but not 2.0.5. I'm using 1.1.0f, and I thought the OpenSSL package was build with SSL disabled. I run a daily Appveyor with info helpful for Ruby, the trunk builds are all the way at the bottom. See the OpenSSL section, 2.1.0.beta1 here and 2.0.5 here.I checked History.md, the only thing I saw related to SSLContext::Methods was 'OpenSSL::SSL::SSLContext#min_version= and #max_version= are added. [GitHub #142]'
Not super knowledgeable about SSL, but this seems kind of odd...
EDIT: Just found some notes:
1.1.0f package used for above builds (shows no SSL versions):
Same command with a 1.0.2l package (shows SSLv2 & SSLv3):
The text was updated successfully, but these errors were encountered: