Merge pull request #222 from MariuszCwikla/issue_221_SSLContext_set_ciphers

Fix SSLContext#ciphers=

Author: headius

src/main/java/org/jruby/ext/openssl/CipherStrings.java

@@ -562,10 +562,16 @@ static Collection<Def> matchingCiphers(final String cipherString, final String[]
 
     private static Collection<Def> matchingExact(final String name, final String[] all,
         final boolean setSuite) {
-        final Def pattern = Definitions.get(name);
+        Def pattern = Definitions.get(name);
         if ( pattern != null ) {
             return matchingPattern(pattern, all, true, setSuite);
         }
+        else {
+            Def cipher = CipherNames.get(name);
+            if (cipher != null) {
+                return Collections.singleton(cipher);
+            }
+        }
         return null; // Collections.emptyList();
     }
 

src/main/java/org/jruby/ext/openssl/SSLContext.java

@@ -518,7 +518,11 @@ else if ( ciphers instanceof RubyArray ) {
             StringBuilder cipherStr = new StringBuilder();
             String sep = "";
             for ( int i = 0; i < ciphs.size(); i++ ) {
-                cipherStr.append(sep).append( ciphs.eltInternal(i).toString() );
+                IRubyObject elem = ciphs.eltInternal(i);
+                if (elem instanceof RubyArray) {
+                    elem = ((RubyArray) elem).eltInternal(0);
+                }
+                cipherStr.append(sep).append( elem.toString() );
                 sep = ":";
             }
             this.ciphers = cipherStr.toString();

src/test/ruby/ssl/test_context.rb

@@ -184,6 +184,39 @@ def test_context_ciphers
     assert_equal [], diff
   end unless java7? # would need to filter out stuff such as ECDHE-RSA-AES128-GCM-SHA256
 
+  def test_set_ciphers_by_group_name
+    context = OpenSSL::SSL::SSLContext.new
+    context.ciphers = "AES"
+
+    actual = context.ciphers.map { |cipher| cipher[0]}
+    assert actual.include?("ECDHE-RSA-AES128-SHA")
+    assert actual.include?("ECDHE-ECDSA-AES128-SHA")
+    assert actual.include?("AES128-SHA")
+  end
+
+  def test_set_ciphers_by_cipher_name
+    context = OpenSSL::SSL::SSLContext.new
+    context.ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384"
+    actual = context.ciphers.map { |cipher| cipher[0]}
+    assert actual.include?("ECDHE-ECDSA-AES128-GCM-SHA256")
+    assert actual.include?("ECDHE-ECDSA-AES256-GCM-SHA384")
+  end
+
+  def test_set_ciphers_by_array_of_names
+    context = OpenSSL::SSL::SSLContext.new
+    context.ciphers = ["ECDHE-ECDSA-AES128-GCM-SHA256", "ECDHE-ECDSA-AES256-GCM-SHA384"]
+    actual = context.ciphers.map { |cipher| cipher[0]}
+    assert actual.include?("ECDHE-ECDSA-AES128-GCM-SHA256")
+    assert actual.include?("ECDHE-ECDSA-AES256-GCM-SHA384")
+  end
+
+  def test_set_ciphers_by_array_of_name_version_bits
+    context = OpenSSL::SSL::SSLContext.new
+    context.ciphers = [["ECDHE-ECDSA-AES128-GCM-SHA256", "TLSv1.2", 128, 128]]
+    actual = context.ciphers.map { |cipher| cipher[0]}
+    assert actual.include?("ECDHE-ECDSA-AES128-GCM-SHA256")
+  end
+
   def test_set_ciphers_empty_array
     context = OpenSSL::SSL::SSLContext.new
     ex = assert_raise(OpenSSL::SSL::SSLError) do