Граф коммитов

249 Коммитов

Автор SHA1 Сообщение Дата
Kazuki Yamaguchi 01d368e7b0 [ruby/openssl] ssl: raise SSLError if loading ca_file or ca_path fails
When compiled with OpenSSL <= 1.1.1, OpenSSL::SSL::SSLContext#setup
does not raise an exception on an error return from
SSL_CTX_load_verify_locations(), but instead only prints a verbose-mode
warning. This is not helpful since it very likely indicates an actual
error, such as the specified file not being readable.

Also, OpenSSL's error queue is not correctly cleared:

	$ ruby -w -ropenssl -e'OpenSSL.debug=true; ctx=OpenSSL::SSL::SSLContext.new; ctx.ca_file="bad-path"; ctx.setup; pp OpenSSL.errors'
	-e:1: warning: can't set verify locations
	["error:02001002:system library:fopen:No such file or directory",
	 "error:2006D080:BIO routines:BIO_new_file:no such file",
	 "error:0B084002:x509 certificate routines:X509_load_cert_crl_file: system lib"]

The behavior is currently different when compiled with OpenSSL >= 3.0:
SSLError is raised if SSL_CTX_load_verify_file() or
SSL_CTX_load_verify_dir() fails.

This inconsistency was unintentionally introduced by commit https://github.com/ruby/openssl/commit/5375a55ffc35
("ssl: use SSL_CTX_load_verify_{file,dir}() if available", 2020-02-22).
However, raising SSLError seems more appropriate in this situation.
Let's adjust the OpenSSL <= 1.1.1 code so that it behaves the same way
as the OpenSSL >= 3.0 code currently does.

Fixes: https://github.com/ruby/openssl/issues/649

https://github.com/ruby/openssl/commit/7eb10f7b75
2023-08-16 14:48:41 +09:00
Kazuki Yamaguchi cb344e4e25 [ruby/openssl] ssl: adjust "certificate verify failed" error on SSL_ERROR_SYSCALL
Enrich SSLError's message with the low-level certificate verification
result, even if SSL_get_error() returns SSL_ERROR_SYSCALL. This is
currently done on SSL_ERROR_SSL only.

According to the man page of SSL_get_error(), SSL_ERROR_SYSCALL may be
returned for "other errors, check the error queue for details". This
apparently means we have to treat SSL_ERROR_SYSCALL, if errno is not
set, as equivalent to SSL_ERROR_SSL.

https://github.com/ruby/openssl/commit/5113777e82
2023-08-16 14:48:39 +09:00
Kazuki Yamaguchi 66a70582f4 [ruby/openssl] ssl: adjust styles of ossl_start_ssl()
Expand tabs, insert some spaces, and adjust indentation of switch-case
to match Ruby's style.

https://github.com/ruby/openssl/commit/10833aa8f6
2023-08-16 14:48:39 +09:00
Jean Boussier 1965c09ee5 [ruby/openssl] Implement Write Barrier for all OpenSSL types
The vast majority have no reference so it's just a matter of setting the flags.

For the couple exception, they have very little references so it's
easy.

https://github.com/ruby/openssl/commit/2c7c6de69e
2023-06-19 01:57:09 +09:00
Samuel Williams 98f500d095
[ruby/openssl] Remove usage of IO internals. 2023-05-29 22:01:58 +09:00
Yuta Saito 782777a803 [ruby/openssl] Undefine `OpenSSL::SSL` for no socket platforms
This fixes a linkage error about `ossl_ssl_type` on platforms which do
not have socket, like WASI.

Even before this patch, some items are disabled under `OPENSSL_NO_SOCK` since
ee22fad45d
However, due to some new use of OpenSSL::SSL::Socket over the past few years,
the build under `OPENSSL_NO_SOCK` had been broken.

This patch guards whole `OpenSSL::SSL` items by `OPENSSL_NO_SOCK`.

[ky: adjusted to apply on top of my previous commit that removed the
OpenSSL::ExtConfig, and added a guard to lib/openssl/ssl.rb.]

https://github.com/ruby/openssl/commit/b0cfac6a96
2022-12-23 09:39:15 +09:00
Kazuki Yamaguchi e6ca644329 [ruby/openssl] ssl: remove OpenSSL::ExtConfig
This module was introduced in 2015 for internal use within this library.
Neither of the two constants in it is used anymore. I don't think we
will be adding a new constant in the foreseeable future, either.

OPENSSL_NO_SOCK is unused since commit https://github.com/ruby/openssl/commit/998d66712a78 (r55191).
HAVE_TLSEXT_HOST_NAME is unused since commit https://github.com/ruby/openssl/commit/4eb4b3297a92.

https://github.com/ruby/openssl/commit/eed3894bda
2022-12-23 09:39:15 +09:00
Kazuki Yamaguchi dd6f3276e0 [ruby/openssl] ssl: disable NPN support on LibreSSL
As noted in commit https://github.com/ruby/openssl/commit/a2ed156cc9f1 ("test/test_ssl: do not run NPN tests
for LibreSSL >= 2.6.1", 2017-08-13), NPN is known not to work properly
on LibreSSL.

Disable NPN support on LibreSSL, whether OPENSSL_NO_NEXTPROTONEG is
defined or not.

NPN is less relevant today anyway. Let's also silence test suite when
it's not available.

https://github.com/ruby/openssl/commit/289f6e0e1f
2022-12-23 09:39:15 +09:00
Kazuki Yamaguchi d6c16dd3e6 [ruby/openssl] ssl: update TLS1_3_VERSION workaround for older LibreSSL versions
The macro is now defined by default in LibreSSL 3.4+. Let's document it
for future readers.

https://github.com/ruby/openssl/commit/935698e9f9
2022-12-23 09:39:15 +09:00
Nobuyoshi Nakada d7d1bb3e87 [ruby/openssl] Constify when building with OpenSSL 3
https://github.com/ruby/openssl/commit/c0023822fe
2022-12-23 09:39:15 +09:00
Samuel Williams aecc470a33 [ruby/openssl] Use default `IO#timeout` if possible.
https://github.com/ruby/openssl/commit/471340f612
2022-10-17 16:35:35 +09:00
Christophe De La Fuente 17998ad3bb [ruby/openssl] Add support to SSL_CTX_set_keylog_callback
- This callback is invoked when TLS key material is generated or
  received, in order to allow applications to store this keying material
  for debugging purposes.
- It is invoked with an `SSLSocket` and a string containing the key
  material in the format used by NSS for its SSLKEYLOGFILE debugging
  output.
- This commit adds the Ruby binding `keylog_cb` and the related tests
- It is only compatible with OpenSSL >= 1.1.1. Even if LibreSSL implements
  `SSL_CTX_set_keylog_callback()` from v3.4.2, it does nothing (see
  648d39f0f0)

https://github.com/ruby/openssl/commit/3b63232cf1
2022-10-17 16:35:35 +09:00
Kazuki Yamaguchi e4b1627983 [ruby/openssl] ssl: fix "warning: ‘ctx’ may be used uninitialized"
The code was introduced by https://github.com/ruby/openssl/commit/65530b887e54 ("ssl: enable generating keying
material from SSL sessions", 2022-08-03).

This is harmless, but we should avoid it.

https://github.com/ruby/openssl/commit/f5b82e814b
2022-10-17 16:35:35 +09:00
madblobfish 79543b9a53 [ruby/openssl] ssl: enable generating keying material from SSL sessions
Add OpenSSL::SSL::SSLSocket#export_keying_material to support RFC 5705

https://github.com/ruby/openssl/commit/65530b887e
2022-10-17 16:35:35 +09:00
Samuel Williams a081fe76de
Simplify default argument specification. (#6507) 2022-10-07 22:51:27 +13:00
Samuel Williams e4f91bbdba
Add IO#timeout attribute and use it for blocking IO operations. (#5653) 2022-10-07 21:48:38 +13:00
卜部昌平 7060b23ffa proper function prototypes for openssl
Just to reroute compiler warnings.
2022-09-21 11:44:09 +09:00
twkmd12 09daf78fb5 [ruby/openssl] Add 'ciphersuites=' method to allow setting of TLSv1.3 cipher suites along with some unit tests (https://github.com/ruby/openssl/pull/493)
Add OpenSSL::SSL::SSLContext#ciphersuites= method along with unit tests.

https://github.com/ruby/openssl/commit/12250c7cef
2022-07-08 23:18:11 +09:00
Kazuki Yamaguchi 0b3482c0e7 [ruby/openssl] ssl: add constants for new SSL_OP_* flags
Add all SSL_OP_* constants defined in OpenSSL 3.0.0 which are not
specific to DTLS.

https://github.com/ruby/openssl/commit/b1ee2f23b2
2021-12-20 23:42:03 +09:00
Kazuki Yamaguchi 1ac7f23bb8 [ruby/openssl] ssl: disallow reading/writing to unstarted SSL socket
OpenSSL::SSL::SSLSocket allowed #read and #write to be called before an
SSL/TLS handshake is completed. They passed unencrypted data to the
underlying socket.

This behavior is very odd to have in this library. A verbose mode
warning "SSL session is not started yet" was emitted whenever this
happened. It also didn't behave well with OpenSSL::Buffering. Let's
just get rid of it.

Fixes: https://github.com/ruby/openssl/issues/9

https://github.com/ruby/openssl/commit/bf780748b3
2021-11-01 17:48:02 +09:00
Kazuki Yamaguchi 1b5ccc8a0c [ruby/openssl] pkey, ssl: use EVP_PKEY_eq() instead of EVP_PKEY_cmp()
OpenSSL 3.0 renamed EVP_PKEY_cmp() to EVP_PKEY_eq() because that was a
confusing name.

https://github.com/ruby/openssl/commit/d42bd7fcdb
2021-10-25 00:40:47 +09:00
Kazuki Yamaguchi fa24e7a57e [ruby/openssl] ssl: use SSL_get_rbio() to check if SSL is started or not
Use SSL_get_rbio() instead of SSL_get_fd(). SSL_get_fd() internally
calls SSL_get_rbio() and it's enough for our purpose.

In OpenSSL 3.0, SSL_get_fd() leaves an entry in the OpenSSL error queue
if BIO has not been set up yet, and we would have to clean it up.

https://github.com/ruby/openssl/commit/e95ee24867
2021-10-25 00:40:44 +09:00
Kazuki Yamaguchi d5aa3fcae6 [ruby/openssl] ssl: use SSL_CTX_load_verify_{file,dir}() if available
SSL_CTX_load_verify_locations() is deprecated in OpenSSL 3.0 and
replaced with those two separate functions. Use them if they exist.

https://github.com/ruby/openssl/commit/5375a55ffc
2021-10-25 00:40:44 +09:00
Aaron Patterson 35b9d8d393 [ruby/openssl] Raise an exception if the IO object passed to SSLSocket isn't a file
SSLSocket#connect eventually calls `GetOpenFile` in order to get the
underlying file descriptor for the IO object passed in on
initialization.  `GetOpenFile` assumes that the Ruby object passed in is
a T_FILE object and just casts it to a T_FILE without any checks.  If
you pass an object that *isn't* a T_FILE to that function, the program
will segv.

Since we assume the IO object is a file in the `connect` method, this
commit adds a `CheckType` in the initialize method to ensure that the IO
object is actually a T_FILE.  If the object *isn't* a T_FILE, this class
will segv on `connect`, so I think this is a backwards compatible
change.

https://github.com/ruby/openssl/commit/919fa44ec2
2021-10-23 13:38:40 +09:00
Kazuki Yamaguchi c1147f7f71 [ruby/openssl] ssl: avoid directly storing String object in NPN callback
On the server side, the serialized list of protocols is stored in
SSL_CTX as a String object reference. We utilize a hidden instance
variable to prevent it from being GC'ed, but this is not enough because
it can also be relocated by GC.compact.

https://github.com/ruby/openssl/commit/5eb68ba778
2021-10-16 18:34:35 +09:00
Kazuki Yamaguchi ca28545b51 [ruby/openssl] ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
We store the reverse reference to the Ruby object in the OpenSSL
struct for use from OpenSSL callback functions. To prevent the Ruby
object from being relocated by GC.compact, we must "pin" it by calling
rb_gc_mark().

https://github.com/ruby/openssl/commit/022b7ceada
2021-10-16 18:34:35 +09:00
Kazuki Yamaguchi daeb914a52 [ruby/openssl] ssl: temporary lock string buffer while reading
Similarly to SSLSocket#syswrite, the blocking SSLSocket#sysread allows
context switches. We must prevent other threads from modifying the
string buffer.

We can use rb_str_locktmp() and rb_str_unlocktmp() to temporarily
prohibit modification of the string.

https://github.com/ruby/openssl/commit/d38274949f
2021-10-16 18:34:35 +09:00
Kazuki Yamaguchi 5828807626 [ruby/openssl] ssl: create a temporary frozen string buffer when writing
Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.

Reference: https://github.com/ruby/openssl/issues/452

https://github.com/ruby/openssl/commit/aea874bc6e
2021-10-16 18:25:28 +09:00
Kazuki Yamaguchi 6105ef7629 [ruby/openssl] ssl: add SSLContext#tmp_dh=
Provide a wrapper of SSL_set0_tmp_dh_pkey()/SSL_CTX_set_tmp_dh(), which
sets the DH parameters used for ephemeral DH key exchange.

SSLContext#tmp_dh_callback= already exists for this purpose, as a
wrapper around SSL_CTX_set_tmp_dh_callback(), but it is considered
obsolete and the OpenSSL API is deprecated for future removal. There is
no practical use case where an application needs to use different DH
parameters nowadays. This was originally introduced to support export
grade ciphers.

RDoc for #tmp_dh_callback= is updated to recommend the new #tmp_dh=.

Note that current versions of OpenSSL support automatic ECDHE curve
selection which is enabled by default. SSLContext#tmp_dh= should only be
necessary if you must allow ancient clients which don't support ECDHE.

https://github.com/ruby/openssl/commit/aa43da4f04
2021-10-16 18:19:52 +09:00
Nobuyoshi Nakada 289f3a79b5 [ruby/openssl] Add fallthrough comments
https://github.com/ruby/openssl/commit/258e30b640
2021-09-12 22:49:07 +09:00
Nobuyoshi Nakada 6920f3dc96 [ruby/openssl] Suppress cast-function-type warnings
https://github.com/ruby/openssl/commit/0f91e2a6ee
2021-09-12 22:49:05 +09:00
Kazuki Yamaguchi bd356c6899 [ruby/openssl] Strip trailing spaces
https://github.com/ruby/openssl/commit/68fa9c86f1
2021-07-18 18:04:50 +09:00
Samuel Williams 3f1d8a18ea [ruby/openssl] Deprecate and rework old (fd) centric functions
[ky: fixed compatibility with older versions of Ruby]

(cherry picked from commit ruby/ruby@45e65f302b)

https://github.com/ruby/openssl/commit/8d928e0fb9
2021-07-18 17:48:49 +09:00
Benoit Daloze 3975840780 [ruby/openssl] Use rb_block_call() instead of the deprecated rb_iterate() in OpenSSL
* See https://bugs.ruby-lang.org/issues/18025
  and https://github.com/ruby/ruby/pull/4629

https://github.com/ruby/openssl/commit/b8e4852dcc
2021-07-18 17:48:49 +09:00
Vinicius Stock 4f7c3f631a [ruby/openssl] Include peer socket IP address in errors
https://github.com/ruby/openssl/commit/8a1e3f5085
2021-07-18 17:45:03 +09:00
Ryuta Kamizono 29ad4ab3d0 [ruby/openssl] Fix some typos [ci skip]
https://github.com/ruby/openssl/commit/51b3030b2b
2021-07-18 17:44:54 +09:00
Kazuki Yamaguchi 88d64418dd [ruby/openssl] ssl: use TLS_method() instead of SSLv23_method() for LibreSSL
LibreSSL 2.2.2 introduced TLS_method(), but with different semantics
from OpenSSL: TLS_method() enabled TLS >= 1.0 while SSLv23_method()
enabled all available versions, which included SSL 3.0 in addition.

However, LibreSSL 2.3.0 removed SSL 3.0 support completely and now
TLS_method() and SSLv23_method() are equivalent.

https://github.com/ruby/openssl/commit/3b7d7045b8
2021-07-18 17:44:43 +09:00
Kazuki Yamaguchi 50332c4071 [ruby/openssl] ssl: call SSL_CTX_set_ecdh_auto() on OpenSSL 1.0.2 only
SSL_CTX_set_ecdh_auto() exists in OpenSSL 1.1.0 and LibreSSL 2.6.1, but
it is made no-op and the automatic curve selection cannot be disabled.
Wrap it with ifdef to make it clear that it is safe to remove it
completely when we drop support for OpenSSL 1.0.2.

https://github.com/ruby/openssl/commit/2ae8f21234
2021-07-18 17:44:42 +09:00
Kazuki Yamaguchi cd002305f0 [ruby/openssl] require OpenSSL >= 1.0.2 and LibreSSL >= 3.1
Clean up old version guards in preparation for the upcoming OpenSSL 3.0
support.

OpenSSL 1.0.1 reached its EOL on 2016-12-31. At that time, we decided
to keep 1.0.1 support because many major Linux distributions were still
shipped with 1.0.1. Now, nearly 4 years later, most Linux distributions
are reaching their EOL and it should be safe to assume nobody uses them
anymore. Major ones that were using 1.0.1:

 - Ubuntu 14.04 is EOL since 2019-04-30
 - RHEL 6 will reach EOL on 2020-11-30

LibreSSL 3.0 and older versions are no longer supported by the LibreSSL
team as of October 2020.

Note that OpenSSL 1.0.2 also reached EOL on 2019-12-31 and 1.1.0 also
did on 2018-08-31.

https://github.com/ruby/openssl/commit/c055938f4b
2021-07-18 17:44:41 +09:00
Samuel Williams 45e65f302b Deprecate and rework old (fd) centric functions. 2021-06-22 22:48:57 +12:00
Jeremy Evans e2ce383044 [ruby/openssl] Enhance TLS 1.3 support on LibreSSL 3.2/3.3
This defines TLS1_3_VERSION when using LibreSSL 3.2+.  LibreSSL 3.2/3.3
doesn't advertise this by default, even though it will use TLS 1.3
in both client and server modes.

Changes between LibreSSL 3.1 and 3.2/3.3 broke a few tests, Defining
TLS1_3_VERSION by itself fixes 1 test failure.  A few tests now
fail on LibreSSL 3.2/3.3 unless TLS 1.2 is set as the maximum version,
and this adjusts those tests.  The client CA test doesn't work in
LibreSSL 3.2+, so I've marked that as pending.

For the hostname verification, LibreSSL 3.2.2+ has a new stricter
hostname verifier that doesn't like subjectAltName such as
c*.example.com and d.*.example.com, so adjust the related tests.

With these changes, the tests pass on LibreSSL 3.2/3.3.

https://github.com/ruby/openssl/commit/a0e98d48c9
2021-03-16 19:37:06 +09:00
Kazuki Yamaguchi d47210b113 [ruby/openssl] ssl: remove SSL::SSLContext#tmp_ecdh_callback
The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by
LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not
supported by any non-EOL versions of OpenSSL.

The wrapper was initially implemented in Ruby 2.3 and has been
deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit
warning with rb_warn().

https://github.com/ruby/openssl/commit/ee037e1460
2021-03-16 19:16:11 +09:00
Kazuki Yamaguchi 945ed40862 [ruby/openssl] ssl: retry write on EPROTOTYPE on macOS
Errno::EPROTOTYPE is not supposed to be raised by SSLSocket#write.
However, on macOS, send(2) which is called via SSL_write() can
occasionally return EPROTOTYPE. Retry SSL_write() so that we get a
proper error, just as ext/socket does.

Reference: https://bugs.ruby-lang.org/issues/14713
Reference: https://github.com/ruby/openssl/issues/227

https://github.com/ruby/openssl/commit/2e700c80bf
2021-03-16 19:16:11 +09:00
Stefan Stüben 8c2e5bbf58 Don't redefine #rb_intern over and over again 2020-10-21 12:45:18 +09:00
Kazuki Yamaguchi cc26638cae [ruby/openssl] ssl: temporarily remove SSLContext#add_certificate_chain_file
Let's revert the changes for now, as it cannot be included in the 2.2.0
release.

My comment on #257:

> A blocker is OpenSSL::SSL::SSLContext#add_certificate_chain_file. It
> has a pending change and I don't want to include it in an incomplete
> state.
>
> The initial implementation in commit 46e4bdba40c5 was not really
> useful. The issue is described in #305. #309 extended it
> to take the corresponding private key together. However, the new
> implementation was incompatible on Windows and was reverted by #320 to
> the initial one.
>
> (The prerequisite to implement it in) an alternative way is #288, and
> it's still cooking.

This effectively reverts the following commits:

 - dacd08937ccd ("ssl: suppress test failure with SSLContext#add_certificate_chain_file", 2020-03-09)
 - 46e4bdba40c5 ("Add support for SSL_CTX_use_certificate_chain_file. Fixes #254.", 2019-06-13)

https://github.com/ruby/openssl/commit/ea925619a9
2020-05-13 15:47:51 +09:00
Nobuyoshi Nakada d8720eb7de
Suppress -Wshorten-64-to-32 warnings 2020-04-08 16:28:38 +09:00
Kazuki Yamaguchi e4a26cd4f8 openssl: sync with upstream repository
Import current master (2c43241dc0ed) of ruby/openssl.git.

Below are the commits that were made since the last batch at commit
b99775b163 (ruby/openssl.git commit f49e7110ca1e). Note that some of
them have been applied already.

----------------------------------------------------------------
Benoit Daloze (1):
      Remove redundant and ignored workflow file

DBL-Lee (1):
      add support for SHA512_256/SHA512_224

Hiroshi SHIBATA (2):
      Guard for OpenSSL::PKey::EC::Group::Error with unsupported platforms
      Fixed inconsistency directory structure with ruby/ruby repo

Jeremy Evans (2):
      Fix keyword argument separation issues in OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock
      Remove taint support

Kazuki Yamaguchi (26):
      config: support .include directive
      random: make OpenSSL::Random.pseudo_bytes alias of .random_bytes
      extconf.rb: get rid of -Werror=deprecated-declarations
      test/openssl/test_ssl: skip test_fallback_scsv if necessary
      ts: simplify OpenSSL::Timestamp::Request#algorithm
      History.md: add missing references to GitHub issues
      config: deprecate OpenSSL::Config#add_value and #[]=
      test/openssl/test_ssl: remove sleep from test_finished_messages
      test/openssl/test_ssl: fix random failure in SSLSocket.open test
      test/openssl/test_ssl: avoid explicitly-sized private keys
      test/openssl/test_ssl: remove commented-out test case
      test/openssl/test_ssl: allow kRSA tests to fail
      ssl: avoid declarations after statements
      engine: revert OpenSSL::Engine.load changes for cloudhsm
      engine: remove really outdated static engines
      engine: do not check for ENGINE_load_builtin_engines()
      engine: fix guards for 'dynamic' and 'cryptodev' engines
      lib/openssl.rb: require openssl/version.rb
      x509: add error code and verify flags constants
      ssl: set verify error code in the case of verify_hostname failure
      .github/workflows: merge CI jobs into a single workflow
      .github/workflows: test against different OpenSSL versions
      .travis.yml: fully migrate to GitHub Actions
      ssl: suppress test failure with SSLContext#add_certificate_chain_file
      ssl: remove test case test_puts_meta from test_pair
      Revert "Use version.rb in gemspec"

MSP-Greg (2):
      .travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2
      Use version.rb in gemspec

Samuel Williams (1):
      Restore compatibility with older versions of Ruby.

Yusuke Endoh (1):
      Make OpenSSL::OSSL#test_memcmp_timing robust
2020-03-10 17:41:01 +09:00
Hiroshi SHIBATA b99775b163
Import openssl-2.2.0 (#2693)
Import the master branch of ruby/openssl for preparing to release openssl-2.2.0
2020-02-16 15:21:29 +09:00
Hiroshi SHIBATA 2ef8d5beee
ext/openssl/ossl_ssl.c: nodoc for private methods
[Misc #11712][ruby-core:71565]
2019-12-29 21:09:15 +08:00
Jeremy Evans afbd8f384a [ruby/openssl] Remove taint support
Ruby 2.7 deprecates taint and it no longer has an effect.
The lack of taint support should not cause a problem in
previous Ruby versions.
2019-11-18 01:00:25 +02:00