Hi Jeremy!
Here is a diff tb@ was kind enough to smack together when I was trying to track
down why TLS 1.3 was not available in ruby.
I have tested on a few different machines with no ill effect.
I also ran the tests which resulted in:
Finished tests in 1463.007495s, 14.3492 tests/s, 1858.9283 assertions/s.
20993 tests, 2719626 assertions, 14 failures, 0 errors, 73 skips
And some irb action for good measure:
qbit@tal[0]:~$ irb27
irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> OpenSSL::SSL::TLS1_3_VERSION
=> 772
irb(main):003:0>
I am also able to connect to Google via tls 1.3 using the below:
#!/usr/bin/env ruby
require 'socket'
require 'openssl'
hostname = "google.com"
ctx = OpenSSL::SSL::SSLContext.new()
s = TCPSocket.new(hostname, 443)
ssl = OpenSSL::SSL::SSLSocket.new(s, ctx)
ssl.hostname = hostname
ssl.connect
p ssl.ssl_version
p ssl.peer_cert
ssl.sync_close = true
ssl.close
Any thoughts on adding this?
Cheers,
Aaron
diff refs/heads/master refs/heads/ruby_tls13
blob - 64d2b8a0f4fca132c9c60418a41b461a17901b8d
blob + 150b0490e7b3006ef7ddb581224adfbba400ed81
--- lang/ruby/2.7/Makefile
+++ lang/ruby/2.7/Makefile
@@ -6,7 +6,7 @@ SHARED_LIBS = ruby27 0.0
NEXTVER = 2.8
PKGSPEC-main ?= ruby->=2.7.0,<${NEXTVER}
-REVISION-main = 0
+REVISION-main = 1
PSEUDO_FLAVORS= no_ri_docs bootstrap
# Do not build the RI docs on slow arches
blob - /dev/null
blob + 795924e7187f8cdadc87117a475035ff9ed98273 (mode 644)
--- /dev/null
+++ lang/ruby/2.7/patches/patch-ext_openssl_ossl_ssl_c
@@ -0,0 +1,16 @@
+$OpenBSD$
+
+Index: ext/openssl/ossl_ssl.c
+--- ext/openssl/ossl_ssl.c.orig
++++ ext/openssl/ossl_ssl.c
+@@ -13,6 +13,10 @@
+
+ #define numberof(ary) (int)(sizeof(ary)/sizeof((ary)[0]))
+
++#ifndef TLS1_3_VERSION
++# define TLS1_3_VERSION 0x0304
++#endif
++
+ #ifdef _WIN32
+ # define TO_SOCKET(s) _get_osfhandle(s)
+ #else
