diff --git a/src/main/java/org/jruby/ext/openssl/SSLSocket.java b/src/main/java/org/jruby/ext/openssl/SSLSocket.java index 3ffc934f..965967dc 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLSocket.java +++ b/src/main/java/org/jruby/ext/openssl/SSLSocket.java @@ -854,6 +854,12 @@ public IRubyObject set_session(IRubyObject session) { return getRuntime().getNil(); // throw new UnsupportedOperationException(); } + @JRubyMethod + public IRubyObject ssl_version() { + if ( engine == null ) return getRuntime().getNil(); + return getRuntime().newString( engine.getSession().getProtocol() ); + } + private SocketChannel getSocketChannel() { return (SocketChannel) io.getChannel(); } diff --git a/src/test/ruby/ssl/test_ssl.rb b/src/test/ruby/ssl/test_ssl.rb index 305fc4de..1a04cd3e 100644 --- a/src/test/ruby/ssl/test_ssl.rb +++ b/src/test/ruby/ssl/test_ssl.rb @@ -82,4 +82,34 @@ def test_post_connection_check end end -end \ No newline at end of file + def test_ssl_version_sslv3 + skip('Disable SSLv3 test in CI as it currently fails on some JVM versions') unless ENV['CI'].nil? + # This test appears to fail on Oracle JDK 1.7.0_76 but not Oracle JDK 1.6.0_65 + # The test (client) reports Connection reset by peer + # The server reports "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)" + ctx_proc = Proc.new do |ctx| + ctx.ssl_version = "SSLv3" + end + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc) do |server, port| + sock = TCPSocket.new("127.0.0.1", port) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.connect + assert_equal("SSLv3", ssl.ssl_version) + ssl.close + end + end + + def test_ssl_version_tlsv1 + ctx_proc = Proc.new do |ctx| + ctx.ssl_version = "TLSv1" + end + start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc) do |server, port| + sock = TCPSocket.new("127.0.0.1", port) + ssl = OpenSSL::SSL::SSLSocket.new(sock) + ssl.connect + assert_equal("TLSv1", ssl.ssl_version) + ssl.close + end + end + +end