Hmm, the problem appears to be that the actual tests have changed. One of the last tests failing after merging Lars' BC 1.47 changes is in test_pkey_rsa.rb, which is entirely different on the jruby repo from what it used to be in the jruby-openssl repo. The test is "test_load_pkey_rsa_enc". The jruby repo's copy of that file doesn't even have any PEM loading tests…
It looks like something got messed up (perhaps intentionally?) with the openssl tests when they were merged to the main jruby repo -- Matt Hauck On Wednesday, January 9, 2013 at 10:07 AM, Matt Hauck wrote: > Sorry for no context, I have a private fork of the old jruby-openssl gem > (forked from 0.7.5) that we are still using internally due to some fixes that > hadn't yet been accepted upstream. So I merged Lars' BC 1.47 changes back > there and ran it against those test cases and got some failures, though > running test:mri19 does not indicate any failures... > > -- > Matt Hauck > > > On Wednesday, January 9, 2013 at 9:52 AM, Charles Oliver Nutter wrote: > > > I'm not sure what you mean by the "old" openssl gem. If you run rake > > test:mri19 in the JRuby repo it will run the 1.9 version of the > > OpenSSL tests with known failures excluded. > > > > - Charlie > > > > On Wed, Jan 9, 2013 at 11:12 AM, Matt Hauck <mattha...@gmail.com > > (mailto:mattha...@gmail.com)> wrote: > > > Hmm. I don't know if all the tests are passing. It is possible I am doing > > > something wrong. I copied over the source to the old jruby openssl gem > > > (since that's the only place I knew how to run the openssl tests), and > > > some > > > of them were failing. The biggest change i needed to get them closer to > > > passing was in Recipient#_initialize. > > > > > > How do you run the openssl tests only from the jruby repo? > > > > > > -- > > > Matt Hauck > > > > > > On Wednesday, January 9, 2013 at 8:42 AM, Charles Oliver Nutter wrote: > > > > > > Excellent, Lars! I'll take a look at it and probably roll it into > > > master if it runs green. It will be *very* nice to be current on > > > Bouncy Castle. > > > > > > - Charlie > > > > > > On Wed, Jan 9, 2013 at 1:40 AM, Lars Westergren > > > <lars.westerg...@gmail.com (mailto:lars.westerg...@gmail.com)> wrote: > > > > > > I'm far from an expert on security, so if anyone is, a quick code inspect > > > of > > > the above commit would be appreciated! All the build tests pass now, but I > > > haven't had time to try it out on a real application. > > > > > > Regards, > > > Lars > > > > > > > > > On Wed, Jan 9, 2013 at 6:14 AM, Matt Hauck <mattha...@gmail.com > > > (mailto:mattha...@gmail.com)> wrote: > > > > > > > > > Sweet. Perfect timing. It looks like it's pretty far along! I'm glad > > > people that know more about this stuff are already working on it. =) > > > > > > -- > > > Matt Hauck > > > > > > On Tuesday, January 8, 2013 at 9:05 PM, Alex Tambellini wrote: > > > > > > The upgrade to 1.47 is already being worked on here: > > > > > > > > > https://github.com/LarsWestergren/jruby/commit/c9f36d616bebe5a96c93908469d974c64de314fe > > > > > > On Jan 8, 2013, at 11:10 PM, Matt Hauck <mattha...@gmail.com > > > (mailto:mattha...@gmail.com)> wrote: > > > > > > I am glad to hear that I will at least be able to upgrade to jruby 1.7.2 > > > and replace out the built-in openssl support in case I need to make a fork > > > with this bouncy castle 1.47 support. I've got it compiling now with the > > > updated BC now, and am beginning to work through some more the more > > > difficult changes. The biggest has to do with deprecating X509Name in > > > favor > > > of X500Name and the various implications of this. > > > > > > -- > > > Matt Hauck > > > > > > On Tuesday, January 8, 2013 at 8:00 PM, Matt Hauck wrote: > > > > > > Sadly not so. If you try replacing the bc*.jar files in build_lib with > > > bcprov and bcpkik 1.47 versions you will find the build fails with 100 > > > errors. > > > > > > -- > > > Matt Hauck > > > > > > On Tuesday, January 8, 2013 at 7:01 PM, kristian wrote: > > > > > > Jruby 1.7.x comes with openssl bundled. I think from version 1.7.1 onwards > > > bouncy castle gets a java package rewrite and is used only internally for > > > openssl. So you are free to add any version of bouncy castle as needed by > > > your application - just do not add the jruby-openssl since this will pull > > > in > > > the old version. > > > > > > Kristian > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe from this list, please visit: > > > > > > http://xircles.codehaus.org/manage_email > > > > --------------------------------------------------------------------- > > To unsubscribe from this list, please visit: > > > > http://xircles.codehaus.org/manage_email >
