search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
history | raw | HEAD
Make test_hash_symbol_colon_key pass on LANG=en_US
[ruby.git] / test / open-uri / test_ssl.rb
blob389391e685fc59166b250a30d7b3bce1f8dd3889
1 # frozen_string_literal: true
2 require 'test/unit'
3 require 'open-uri'
4 require_relative 'utils'
5 begin
6   require 'openssl'
7 rescue LoadError
8 end
9
10 class TestOpenURISSL < Test::Unit::TestCase
11   include TestOpenURIUtils
12
13   def setup
14     @proxies = %w[http_proxy HTTP_PROXY https_proxy HTTPS_PROXY ftp_proxy FTP_PROXY no_proxy]
15     @old_proxies = @proxies.map {|k| ENV[k] }
16     @proxies.each {|k| ENV[k] = nil }
17   end
18
19   def teardown
20     @proxies.each_with_index {|k, i| ENV[k] = @old_proxies[i] }
21   end
22
23   def setup_validation(srv, dr)
24     cacert_filename = "#{dr}/cacert.pem"
25     URI.open(cacert_filename, "w") {|f| f << CA_CERT }
26     if srv.respond_to?(:mount_proc)
27       srv.mount_proc("/data", lambda { |req, res| res.body = "ddd" } )
28     end
29     cacert_filename
30   end
31
32   def test_validation_success
33     with_https {|srv, dr, url|
34       cacert_filename = setup_validation(srv, dr)
35       URI.open("#{url}/data", :ssl_ca_cert => cacert_filename) {|f|
36         assert_equal("200", f.status[0])
37         assert_equal("ddd", f.read)
38       }
39     }
40   end
41
42   def test_validation_noverify
43     with_https {|srv, dr, url|
44       setup_validation(srv, dr)
45       URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE) {|f|
46         assert_equal("200", f.status[0])
47         assert_equal("ddd", f.read)
48       }
49     }
50   end
51
52   def test_validation_failure
53     with_https(nil) {|srv, dr, url|
54       setup_validation(srv, dr)
55       assert_raise(OpenSSL::SSL::SSLError) { URI.open("#{url}/data") {} }
56       sleep 0.5 unless RUBY_PLATFORM =~ /mswin|mingw/
57     }
58   end
59
60   def test_ssl_min_version
61     with_https {|srv, dr, url|
62       setup_validation(srv, dr)
63       URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_min_version => :TLS1_2) {|f|
64         assert_equal("200", f.status[0])
65         assert_equal("ddd", f.read)
66       }
67     }
68   end
69
70   def test_bad_ssl_version
71     with_https(nil) {|srv, dr, url|
72       setup_validation(srv, dr)
73       assert_raise(ArgumentError) {
74         URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_min_version => :TLS_no_such_version) {}
75       }
76     }
77   end
78
79   def test_proxy_cacert_file
80     url = nil
81     proxy_log_tester = lambda {|proxy_log, proxy_access_log|
82       assert_equal(1, proxy_access_log.length)
83       assert_match(%r[CONNECT #{url.sub(%r{\Ahttps://}, '')} ], proxy_access_log[0])
84       assert_equal([], proxy_log)
85     }
86     with_https_proxy(proxy_log_tester) {|srv, dr, url_, cacert_filename, cacert_directory, proxy_host, proxy_port|
87       url = url_
88       URI.open("#{url}/proxy", :proxy=>"http://#{proxy_host}:#{proxy_port}/", :ssl_ca_cert => cacert_filename) {|f|
89         assert_equal("200", f.status[0])
90         assert_equal("proxy", f.read)
91       }
92     }
93   end
94
95   def test_proxy_cacert_dir
96     url = nil
97     proxy_log_tester = lambda {|proxy_log, proxy_access_log|
98       assert_equal(1, proxy_access_log.length)
99       assert_match(%r[CONNECT #{url.sub(%r{\Ahttps://}, '')} ], proxy_access_log[0])
100       assert_equal([], proxy_log)
101     }
102     with_https_proxy(proxy_log_tester) {|srv, dr, url_, cacert_filename, cacert_directory, proxy_host, proxy_port|
103       url = url_
104       URI.open("#{url}/proxy", :proxy=>"http://#{proxy_host}:#{proxy_port}/", :ssl_ca_cert => cacert_directory) {|f|
105         assert_equal("200", f.status[0])
106         assert_equal("proxy", f.read)
107       }
108     }
109   end
110
111 end if defined?(OpenSSL::SSL)
The Ruby Programming Language