test/test_pair, test/test_ssl: fix for TLS 1.3

Fix test cases failing with TLS 1.3-enabled OpenSSL master.

Author: rhenium

test/test_pair.rb

@@ -5,55 +5,41 @@
 if defined?(OpenSSL::TestUtils)
 
 module OpenSSL::SSLPairM
-  def server
-    host = "127.0.0.1"
-    port = 0
-    ctx = OpenSSL::SSL::SSLContext.new()
-    ctx.ciphers = "ADH"
-    ctx.security_level = 0
-    ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::Fixtures.pkey_dh("dh1024") }
-    tcps = create_tcp_server(host, port)
-    ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
-    return ssls
+  def setup
+    svr_dn = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
+    ee_exts = [
+      ["keyUsage", "keyEncipherment,digitalSignature", true],
+    ]
+    @svr_key = OpenSSL::TestUtils::Fixtures.pkey("rsa1024")
+    @svr_cert = issue_cert(svr_dn, @svr_key, 1, ee_exts, nil, nil)
   end
 
-  def client(port)
+  def ssl_pair
     host = "127.0.0.1"
-    ctx = OpenSSL::SSL::SSLContext.new()
-    ctx.ciphers = "ADH"
-    ctx.security_level = 0
-    s = create_tcp_client(host, port)
-    ssl = OpenSSL::SSL::SSLSocket.new(s, ctx)
-    ssl.connect
-    ssl.sync_close = true
-    ssl
-  end
+    tcps = create_tcp_server(host, 0)
+    port = tcps.connect_address.ip_port
 
-  def ssl_pair
-    ssls = server
     th = Thread.new {
+      sctx = OpenSSL::SSL::SSLContext.new
+      sctx.cert = @svr_cert
+      sctx.key = @svr_key
+      sctx.tmp_dh_callback = proc { OpenSSL::TestUtils::Fixtures.pkey_dh("dh1024") }
+      ssls = OpenSSL::SSL::SSLServer.new(tcps, sctx)
       ns = ssls.accept
       ssls.close
       ns
     }
-    port = ssls.to_io.local_address.ip_port
-    c = client(port)
+
+    tcpc = create_tcp_client(host, port)
+    c = OpenSSL::SSL::SSLSocket.new(tcpc)
+    c.connect
     s = th.value
-    if block_given?
-      begin
-        yield c, s
-      ensure
-        c.close unless c.closed?
-        s.close unless s.closed?
-      end
-    else
-      return c, s
-    end
+
+    yield c, s
   ensure
-    if th&.alive?
-      th.kill
-      th.join
-    end
+    tcpc&.close
+    tcps&.close
+    s&.close
   end
 end
 
@@ -83,23 +69,27 @@ def create_tcp_client(host, port)
 
 module OpenSSL::TestEOF1M
   def open_file(content)
-    s1, s2 = ssl_pair
-    th = Thread.new { s2 << content; s2.close }
-    yield s1
-  ensure
-    th.join if th
-    s1.close
+    ssl_pair { |s1, s2|
+      begin
+        th = Thread.new { s2 << content; s2.close }
+        yield s1
+      ensure
+        th&.join
+      end
+    }
   end
 end
 
 module OpenSSL::TestEOF2M
   def open_file(content)
-    s1, s2 = ssl_pair
-    th = Thread.new { s1 << content; s1.close }
-    yield s2
-  ensure
-    th.join if th
-    s2.close
+    ssl_pair { |s1, s2|
+      begin
+        th = Thread.new { s1 << content; s1.close }
+        yield s2
+      ensure
+        th&.join
+      end
+    }
   end
 end
 
@@ -373,8 +363,8 @@ def tcp_pair
 
   def test_connect_accept_nonblock_no_exception
     ctx2 = OpenSSL::SSL::SSLContext.new
-    ctx2.ciphers = "ADH"
-    ctx2.security_level = 0
+    ctx2.cert = @svr_cert
+    ctx2.key = @svr_key
     ctx2.tmp_dh_callback = proc { OpenSSL::TestUtils::Fixtures.pkey_dh("dh1024") }
 
     sock1, sock2 = tcp_pair
@@ -384,8 +374,6 @@ def test_connect_accept_nonblock_no_exception
     assert_equal :wait_readable, accepted
 
     ctx1 = OpenSSL::SSL::SSLContext.new
-    ctx1.ciphers = "ADH"
-    ctx1.security_level = 0
     s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1)
     th = Thread.new do
       rets = []
@@ -423,8 +411,8 @@ def test_connect_accept_nonblock_no_exception
 
   def test_connect_accept_nonblock
     ctx = OpenSSL::SSL::SSLContext.new()
-    ctx.ciphers = "ADH"
-    ctx.security_level = 0
+    ctx.cert = @svr_cert
+    ctx.key = @svr_key
     ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::Fixtures.pkey_dh("dh1024") }
 
     sock1, sock2 = tcp_pair
@@ -447,8 +435,6 @@ def test_connect_accept_nonblock
 
     sleep 0.1
     ctx = OpenSSL::SSL::SSLContext.new()
-    ctx.ciphers = "ADH"
-    ctx.security_level = 0
     s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx)
     begin
       sleep 0.2