Closed
Description
According to unit tests, OpenSSL::SSL::SSLSocket#tmp_key is supposed to return OpenSSL::PKey::EC or OpenSSL::PKey::DH.
I add some debug on unit test:
$ git diff test/test_ssl.rb
diff --git a/test/test_ssl.rb b/test/test_ssl.rb
index 060c1f1..9d2acc9 100644
--- a/test/test_ssl.rb
+++ b/test/test_ssl.rb
@@ -1305,6 +1305,7 @@ end
ctx.ssl_version = :TLSv1_2
ctx.ciphers = "EDH"
server_connect(port, ctx) { |ssl|
+ p "#{__FILE__}:#{__LINE__} #{ssl.tmp_key.class}"
assert_instance_of OpenSSL::PKey::DH, ssl.tmp_key
}
end
@@ -1320,6 +1321,7 @@ end
ctx = OpenSSL::SSL::SSLContext.new
ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
server_connect(port, ctx) { |ssl|
+ p "#{__FILE__}:#{__LINE__} #{ssl.tmp_key.class}"
assert_instance_of OpenSSL::PKey::EC, ssl.tmp_key
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
And then run them, all are good and the expected class are correctly seen:
$ RBENV_VERSION=2.6.6 rake test |& rg test_ssl
"ruby-openssl/test/test_ssl.rb:1308 OpenSSL::PKey::DH"
"ruby-openssl/test/test_ssl.rb:1324 OpenSSL::PKey::EC"
$ RBENV_VERSION=2.3.8 rake test |& rg test_ssl
"ruby-openssl/test/test_ssl.rb:1308 OpenSSL::PKey::DH"
"ruby-openssl/test/test_ssl.rb:1324 OpenSSL::PKey::EC"
But when executed on real code
#!/usr/bin/env ruby
require 'openssl'
require 'socket'
context = OpenSSL::SSL::SSLContext.new :TLSv1_2
tcp_socket = TCPSocket.new 'imirhil.fr', 443
ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
ssl_client.sync_close = true
ssl_client.connect
puts ssl_client.tmp_key
ssl_client.puts "GET / HTTP/1.0\n\n"
puts ssl_client.gets
ssl_client.close
We get a bare OpenSSL::PKey::PKey only on 2.6, not on 2.3 🤔
$ RBENV_VERSION=2.3.8 ./test.rb
#<OpenSSL::PKey::EC:0x00007f535ee2a2a8>
$ RBENV_VERSION=2.6.6 ./test.rb
#<OpenSSL::PKey::PKey:0x00007f5df9f8eec8>
I don't understand this behavior and why unit test result are different from real code result, and why different behavior from one ruby version to another…
Metadata
Metadata
Assignees
Labels
No labels