[compat] working SSLContext#options attr

Author: kares

lib/openssl/ssl.rb

@@ -132,16 +132,15 @@ class SSLContext
       # used.
       def set_params(params={})
         params = DEFAULT_PARAMS.merge(params)
-        # TODO JRuby: need to support SSLContext#options (since Ruby 2.5)
-        #self.options = params.delete(:options) # set before min_version/max_version
-        params.each { |name, value| self.__send__("#{name}=", value) }
+        self.options = params.delete(:options) # set before min_version/max_version
+        params.each{|name, value| self.__send__("#{name}=", value) }
         if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
           unless self.ca_file or self.ca_path or self.cert_store
             self.cert_store = DEFAULT_CERT_STORE
           end
         end
         return params
-      end unless method_defined? :set_params
+      end
 
       # call-seq:
       #    ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
@@ -194,29 +193,29 @@ def max_version=(version)
       # function which sets the SSL method used for connections created from
       # the context. As of Ruby/OpenSSL 2.1, this accessor method is
       # implemented to call #min_version= and #max_version= instead.
-      def ssl_version=(meth)
-        meth = meth.to_s if meth.is_a?(Symbol)
-        if /(?<type>_client|_server)\z/ =~ meth
-          meth = $`
-          if $VERBOSE
-            warn "#{caller(1, 1)[0]}: method type #{type.inspect} is ignored"
-          end
-        end
-        version = METHODS_MAP[meth.intern] or
-          raise ArgumentError, "unknown SSL method `%s'" % meth
-        set_minmax_proto_version(version, version)
-        @min_proto_version = @max_proto_version = version
-      end unless method_defined? :ssl_version=
-
-      METHODS_MAP = {
-        SSLv23: 0,
-        SSLv2: OpenSSL::SSL::SSL2_VERSION,
-        SSLv3: OpenSSL::SSL::SSL3_VERSION,
-        TLSv1: OpenSSL::SSL::TLS1_VERSION,
-        TLSv1_1: OpenSSL::SSL::TLS1_1_VERSION,
-        TLSv1_2: OpenSSL::SSL::TLS1_2_VERSION,
-      }.freeze
-      private_constant :METHODS_MAP
+      # def ssl_version=(meth)
+      #   meth = meth.to_s if meth.is_a?(Symbol)
+      #   if /(?<type>_client|_server)\z/ =~ meth
+      #     meth = $`
+      #     if $VERBOSE
+      #       warn "#{caller(1, 1)[0]}: method type #{type.inspect} is ignored"
+      #     end
+      #   end
+      #   version = METHODS_MAP[meth.intern] or
+      #       raise ArgumentError, "unknown SSL method `%s'" % meth
+      #   set_minmax_proto_version(version, version)
+      #   @min_proto_version = @max_proto_version = version
+      # end
+      #
+      # METHODS_MAP = {
+      #     SSLv23: 0,
+      #     SSLv2: OpenSSL::SSL::SSL2_VERSION,
+      #     SSLv3: OpenSSL::SSL::SSL3_VERSION,
+      #     TLSv1: OpenSSL::SSL::TLS1_VERSION,
+      #     TLSv1_1: OpenSSL::SSL::TLS1_1_VERSION,
+      #     TLSv1_2: OpenSSL::SSL::TLS1_2_VERSION,
+      # }.freeze
+      # private_constant :METHODS_MAP
 
       # METHODS setup from native (JRuby)
       # The list of available SSL/TLS methods. This constant is only provided

src/main/java/org/jruby/ext/openssl/SSLContext.java

@@ -192,7 +192,6 @@ public static void createSSLContext(final Ruby runtime, final RubyModule SSL) {
         SSLContext.addReadWriteAttribute(context, "verify_mode");
         SSLContext.addReadWriteAttribute(context, "verify_depth");
         SSLContext.addReadWriteAttribute(context, "verify_callback");
-        SSLContext.addReadWriteAttribute(context, "options");
         SSLContext.addReadWriteAttribute(context, "cert_store");
         SSLContext.addReadWriteAttribute(context, "extra_chain_cert");
         SSLContext.addReadWriteAttribute(context, "client_cert_cb");
@@ -245,6 +244,8 @@ public SSLContext(Ruby runtime, RubyClass type) {
         super(runtime, _SSLContext(runtime));
     }
 
+    private long options = OP_ALL;
+
     //private transient CipherStrings.Def cipher_list;
     /* same as above but sorted for lookup */
     //private transient CipherStrings.Def cipher_list_by_id;
@@ -269,17 +270,16 @@ public SSLContext(Ruby runtime, RubyClass type) {
 
     @JRubyMethod(required = 0, optional = 1, visibility = Visibility.PRIVATE)
     public IRubyObject initialize(IRubyObject[] args) {
-        if ( args.length > 0 ) set_ssl_version(args[0]);
+        assert this.options == OP_ALL; // self.options |= OpenSSL::SSL::OP_ALL
+        if ( args.length > 0 ) set_ssl_version(args[0]); // self.ssl_version = version if version
         return initializeImpl();
     }
 
-    @Override
+    @Override // NOTE: instance variables (no internal state) on #dup
     public IRubyObject initialize_copy(IRubyObject original) {
-        return super.initialize_copy(original);
-        // NOTE: only instance variables (no internal state) on #dup
-        // final SSLContext that = (SSLContext) original;
-        // this.ciphers = that.ciphers;
-        // return this;
+        SSLContext copy = (SSLContext) super.initialize_copy(original);
+        copy.options = ((SSLContext) original).options;
+        return copy;
     }
 
     final SSLContext initializeImpl() { return this; }
@@ -787,11 +787,23 @@ private String getCaPath() {
     }
 
     private long getOptions() {
-        IRubyObject options = getInstanceVariable("@options");
-        if ( options != null && ! options.isNil() ) {
-            return RubyNumeric.fix2long(options);
+        return options;
+    }
+
+    @JRubyMethod
+    public RubyInteger options(ThreadContext context) {
+        return context.runtime.newFixnum(getOptions());
+    }
+
+    @JRubyMethod(name = "options=")
+    public IRubyObject options_set(final IRubyObject options) {
+        if (options.isNil()) {
+            this.options = OP_ALL;
+        } else {
+            this.options = RubyNumeric.num2long(options);
         }
-        return 0;
+
+        return this;
     }
 
     private static List<X509AuxCertificate> convertToAuxCerts(final ThreadContext context, IRubyObject value) {