Permalink
Browse files

Nah, test SHA1, but skip the test and whine if OpenSSL is borked up

  • Loading branch information...
1 parent 55f132a commit a6a0904fcb12b876469c48b1c885aadafe9188cf @jeremy jeremy committed Sep 25, 2009
Showing with 13 additions and 4 deletions.
  1. +13 −4 activesupport/test/message_verifier_test.rb
@@ -1,25 +1,34 @@
require 'abstract_unit'
+begin
+ require 'openssl'
+ OpenSSL::Digest::SHA1
+rescue LoadError, NameError
+ $stderr.puts "Skipping MessageVerifier test: broken OpenSSL install"
+else
@claudiob

claudiob Dec 4, 2014

Member

Hello @jeremy!

I know this is a long shot but… do you remember why this begin/rescue was needed in the first place?
In other words, in which case "OpenSSL is borked up" (as per your commit message)?

I've seen the same type of code was introduced in def2ccb, 35598db and d67f761 and the only hint I got is that it might be related to JRuby. Does that ring a bell?

I have a feeling we can safely remove the begin/rescue and Travis CI would still be happy, but I'd like to know your opinion first. Thanks! 🍭

@jeremy

jeremy Dec 4, 2014

Owner

If openssl didn't have sha1 support, that constant didn't exist. If jruby didn't have jruby-openssl gem, the require wouldn't work. Not sure whether either of these are still relevant today.

+
class MessageVerifierTest < Test::Unit::TestCase
def setup
- @verifier = ActiveSupport::MessageVerifier.new("Hey, I'm a secret!", 'MD5')
+ @verifier = ActiveSupport::MessageVerifier.new("Hey, I'm a secret!")
@data = {:some=>"data", :now=>Time.now}
end
-
+
def test_simple_round_tripping
message = @verifier.generate(@data)
assert_equal @data, @verifier.verify(message)
end
-
+
def test_tampered_data_raises
data, hash = @verifier.generate(@data).split("--")
assert_not_verified("#{data.reverse}--#{hash}")
assert_not_verified("#{data}--#{hash.reverse}")
end
-
+
def assert_not_verified(message)
assert_raise(ActiveSupport::MessageVerifier::InvalidSignature) do
@verifier.verify(message)
end
end
end
+
+end

0 comments on commit a6a0904

Please sign in to comment.