fix OpenSSL::SSL::SSLContext#min_version doesn't work

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60310 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-10-21 16:25:19 +0000
committer: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-10-21 16:25:19 +0000
commit: 8cbf2dae5aadfa5d6241b0df2bf44d55db46704f (patch)
tree: ea3fa9dd3726cd7dd21b14a5980f1c21886c0bfb /ext/openssl/lib
parent: 6cba29b4220cc0277f209af9d172f4ec1ddb5f0e (diff)
1 files changed, 15 insertions, 2 deletions
diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb
index fb143c9408..4bbbcf6c26 100644
--- a/ext/openssl/lib/openssl/ssl.rb
+++ b/ext/openssl/lib/openssl/ssl.rb
@@ -136,6 +136,7 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
       # used.
       def set_params(params={})
         params = DEFAULT_PARAMS.merge(params)
+        self.options = params.delete(:options) # set before min_version/max_version
         params.each{|name, value| self.__send__("#{name}=", value) }
         if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
           unless self.ca_file or self.ca_path or self.cert_store
@@ -147,7 +148,7 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
 
       # call-seq:
       #    ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
-      #    ctx.min_version = :TLS1_2
+      #    ctx.min_version = :TLSv1_2
       #    ctx.min_version = nil
       #
       # Sets the lower bound on the supported SSL/TLS protocol version. The
@@ -166,18 +167,30 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
       #   sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
       #   sock.connect # Initiates a connection using either TLS 1.1 or TLS 1.2
       def min_version=(version)
+        case version
+        when nil, Integer
+        else
+          version = (METHODS_MAP[version] or
+            raise ArgumentError, "unknown SSL version `#{version.inspect}'")
+        end
         set_minmax_proto_version(version, @max_proto_version ||= nil)
         @min_proto_version = version
       end
 
       # call-seq:
       #    ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
-      #    ctx.max_version = :TLS1_2
+      #    ctx.max_version = :TLSv1_2
       #    ctx.max_version = nil
       #
       # Sets the upper bound of the supported SSL/TLS protocol version. See
       # #min_version= for the possible values.
       def max_version=(version)
+        case version
+        when nil, Integer
+        else
+          version = (METHODS_MAP[version] or
+            raise ArgumentError, "unknown SSL version `#{version.inspect}'")
+        end
         set_minmax_proto_version(@min_proto_version ||= nil, version)
         @max_proto_version = version
       end
author	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-10-21 16:25:19 +0000
committer	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-10-21 16:25:19 +0000
commit	8cbf2dae5aadfa5d6241b0df2bf44d55db46704f (patch)
tree	ea3fa9dd3726cd7dd21b14a5980f1c21886c0bfb /ext/openssl/lib
parent	6cba29b4220cc0277f209af9d172f4ec1ddb5f0e (diff)