* numeric.c (flo_round): [EXPERIMENTAL] adjust the case that the
receiver is close to the exact but unrepresentable middle value
of two values in the given precision.
http://d.hatena.ne.jp/hnw/20160702
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55604 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* io.c (rb_io_s_foreach, rb_io_s_readlines): convert arguments
just once before reading, instead of conversions for each lines.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55603 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Implement non-ASCII case conversion for ISO-8859-14, by Yutaro Tada.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55595 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Implement non-ASCII case conversion for ISO-8859-15, by Maho Harada.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55591 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Implement non-ASCII case conversion for ISO-8859-16, by Satoshi Kayama.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55590 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test/test_unicode_normalize.rb: Replace UNICODE_VERSION from
UnicodeNormalize with RbConfig::CONFIG['UNICODE_VERSION'] from
feature 12460.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
only if the URI has path-rootless, not path-empty.
[ruby-core:76055] [Bug #12498]
patched by Chris Heisterkamp <cheister@squareup.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Ruby's Regexp doesn't allow normal numbered groups if the regexp
has named groups. On such case it optimizes out related NT_ENCLOSE.
But even on the case it can use \g<0>.
This fix not to remove NT_ENCLOSE whose regnum is 0.
[ruby-core:75828] [Bug #12454]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Attempt to use independent strings for destructive tests that
directly modify values on memory by using Fiddle::Pointer.
[Bug #12537] [ruby-dev:49700]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55554 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/stringio/test_stringio.rb (test_overflow): reduce maximum
retry count to get rid of timeout on some platforms.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55544 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test_prepend_after_refine_wb_miss on ARM or MIPS.
[ruby-core:76031] [Bug #12491]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55532 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* proc.c (passed_block): convert passed block symbol to proc.
based on the patch by Daisuke Sato in [ruby-dev:49695].
[Bug #12531]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/enc/test_case_comprehensive.rb (CaseTest): move under
the test case not to pollute the global name space.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/enc/test_case_comprehensive.rb: noting to test if
Unicode data files are available.
[ruby-core:76160] [Bug #12433]
* test/test_unicode_normalize.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55521 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* compile.c (ADD_TRACE): ignore trace instruction on non-positive
line.
* parse.y (coverage): get rid of ArgumentError when the starting
line number is not positive. [ruby-core:76141] [Bug #12517]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55509 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_method.c (vm_respond_to): try method_missing if respond_to?
is undefined, as if it is the default definition.
[ruby-core:75377] [Bug #12353]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55500 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httprequest.rb (setup_forwarded_info): Use the first
value in X-Forwarded-Proto, if header contains multiple comma
separated values. Some middlewares may add these values to the
list, not replacing. [Fix GH-1386]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55484 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test_read_buffer_error, test_read_unlocktmp_ensure,
test_readpartial_unlocktmp_ensure, and
test_sysread_unlocktmp_ensure on cygwin,
because these tests repeatedly hang. This makes test_io.rb
complete in finite time on cygwin.
* ChangeLog: Fix test_in.rb -> test_io.rb (two instances).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55482 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
on cygwin. Fifos seem to work okay in cygwin, but this test repeatedly
hangs.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55468 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
partially to avoid "self has wrong type to call super in this
context" errors.
[ruby-core:72724] [Bug #11954]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55462 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/rubygems/test_gem_remote_fetcher.rb: OpenSSL::PKey::DH#priv_key=
is not defined when ext/openssl is built with OpenSSL 1.1.0.
https://github.com/rubygems/rubygems/pull/1648
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55460 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c: Add OCSP::SingleResponse that represents an
OCSP SingleResponse structure. Also add two new methods #responses
and #find_response to OCSP::BasicResponse. A BasicResponse has one or
more SingleResponse. We have OCSP::BasicResponse#status that returns
them as an array of arrays, each containing the content of a
SingleResponse, but this is not useful. When validating an OCSP
response, we need to look into the each SingleResponse and check their
validity but it is not simple. For example, when validating for a
certificate 'cert', the code would be like:
# certid_target is an OpenSSL::OCSP::CertificateId for cert
basic = res.basic
result = basic.status.any? do |ary|
ary[0].cmp(certid_target) &&
ary[4] <= Time.now && (!ary[5] || Time.now <= ary[5])
end
Adding OCSP::SingleResponse at the same time allows exposing
OCSP_check_validity(). With this, the code above can be rewritten as:
basic = res.basic
single = basic.find_response(certid_target)
result = single.check_validity
* test/openssl/test_ocsp.rb: Test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c,
ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement
initialize_copy method for OpenSSL::PKey::*.
[ruby-core:75504] [Bug #12381]
* test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they
actually copy the OpenSSL objects, and modifications to cloned object
don't affect the original object.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* variable.c (rb_path_to_class): consider the string length
instead of a terminator.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55449 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_expand_path_compose):
normalization is meaningless unless file system encoding is UTF.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55446 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (setup): Don't call EC#generate_key! for
Oakley-* curves. This causes an odd error on Ubuntu 16.04 with openssl
1.0.2g-1ubuntu4.1.
begin
OpenSSL::PKey::EC.new("Oakley-EC2N-4").generate_key
rescue
p $!
end
OpenSSL::PKey::RSA.new(512)
This sometimes causes:
#<OpenSSL::PKey::ECError: EC_KEY_generate_key: pairwise test failed>
fips.c(139): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE
[ruby-dev:49670] [Bug #12504]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55444 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
HEAD(2c6d256). It contains to update vendored Molinillo to 0.5.0.
https://github.com/rubygems/rubygems/pull/1638
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55441 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/stringio/test_stringio.rb (test_overflow): could occur only
on sizeof(long) >= sizeof(void*).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55440 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/stringio/test_stringio.rb (test_overflow): refine the
conditinon, try to allocate strings until the buffer is located
in higher half address.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55439 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspreq_sign, ossl_ocspbres_sign): Allow
specifying hash algorithm used in signing. They are hard coded to use
SHA-1.
Based on a patch provided by Tim Shirley <tidoublemy@gmail.com>.
[ruby-core:70915] [Feature #11552] [GH ruby/openssl#28]
* test/openssl/test_ocsp.rb: Test sign-verify works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/enc/test_case_comprehensive.rb
(TestComprehensiveCaseFold::read_data): use \A and \z instead of
^ and $ in regexp.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspcid_get_issuer_name_hash,
ossl_ocspcid_get_issuer_key_hash, ossl_ocspcid_get_hash_algorithm):
Add accessor methods OCSP::CertificateId#issuer_name_hash,
#issuer_key_hash, #hash_algorithm.
Based on a patch provided by Paul Kehrer <paul.l.kehrer@gmail.com>.
[ruby-core:48062] [Feature #7181]
* test/openssl/test_ocsp.rb: Test these new methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55411 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/date/date_strftime.c (date_strftime_with_tmx): reject too
large precision to get rid of buffer overflow.
reported by Guido Vranken <guido AT guidovranken.nl>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55410 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspbres_to_der, ossl_ocspcid_to_der):
Implement #to_der methods for OCSP::BasicResponse and
OCSP::CertificateId.
(ossl_ocspreq_initialize, ossl_ocspres_initialize): Use GetOCSP*()
instead of raw DATA_PTR().
(ossl_ocspbres_initialize, ossl_ocspcid_initialize): Allow
initializing from DER string.
(Init_ossl_ocsp): Define new #to_der methods.
* test/openssl/test_ocsp.rb: Test these changes. Also add missing tests
for OCSP::{Response,Request}#to_der.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* parse.y (reg_named_capture_assign_iter): remove named capture
conflict warnings. it is just annoying rather than useful.
[ruby-core:75416] [Bug #12359]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55396 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/objspace/test_objspace.rb (test_dump_all): dump to stdout
instead of a string, get rid of hung up.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55391 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_expand_path_compose):
valid only on OS X.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55390 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_engine.rb (test_openssl_engine_builtin,
test_openssl_engine_by_id_string): Skip test if 'openssl' engine is
already loaded. And test the number increased by Engine.load{_by_id,},
not the total count of loaded engines. Previously, we called
OpenSSL::Engine.cleanup every time running a test case, but we no
longer can do it.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* file.c (append_fspath): normalize directory name to be appended
on OS X. [ruby-core:75957] [Ruby trunk Bug#12483]
https://github.com/rails/rails/issues/25303#issuecomment-224834804
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55385 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/forwardable.rb (_delegator_method): leave the backtrace
untouched during accessor. forwardable.rb does not appear in
the backtrace during delegated method because of tail-call
optimization.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.c (asn1integer_to_num): Use
ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN.
Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects
non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are
almost identical so they behaved in the same way in OpenSSL <= 1.0.2.
[ruby-core:75225] [Feature #12324]
* test/openssl/test_asn1.rb (test_decode_enumerated): Test that it
works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55344 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Add define guards for OPENSSL_NO_EC.
SSL_CTX_set_ecdh_auto() is defined even when ECDH is disabled in
OpenSSL's configuration. This fixes r55214.
* test/openssl/test_pair.rb (test_ecdh_curves): Skip if the OpenSSL does
not support ECDH.
* test/openssl/utils.rb (start_server): Ignore error in
SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55342 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
CR or LF is included in a line, because they are not allowed in
RFC5321.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55324 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_proc.rb (test_lambda?): lambda-ness should be
preserved across proc, lambda, and Proc.new.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55321 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/rubygems/*_{cert,cert_32}.pem: Regenerate test certificates for
OpenSSL 1.1.0. This is already in upstream.
9be5c53939
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55317 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/open-uri/test_ssl.rb: Regenerate test certificates. The test CA
certificate was incorrectly generated. A CA certificate must have the
basic constraints extension with cA bit set to TRUE. OpenSSL <= 1.0.2
allowed the error when the certificate is in the trusted store but
OpenSSL 1.1.0 no longer does.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55315 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This fixes `make test-all TESTS=openssl` with OpenSSL master.
* test/openssl/test_x509name.rb: Don't register OID for 'emailAddress'
and 'serialNumber'. A recent change in OpenSSL made OBJ_create()
reject an already existing OID. They were needed to run tests with
OpenSSL 0.9.6 which is now unsupported.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25
[ruby-core:75225] [Feature #12324]
* test/openssl/test_ssl_session.rb (test_server_session): Duplicate
SSL::Session before re-adding to the session store. OpenSSL 1.1.0
starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session().
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75
* test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519
is new in OpenSSL 1.1.0 but this is for key agreement and not for
signing.
* test/openssl/test_pair.rb, test/openssl/test_ssl.rb,
test/openssl/utils.rb: Set security level to 0 when using aNULL cipher
suites.
* test/openssl/utils.rb: Use 1024 bits DSA key for client certificates.
* test/openssl/test_engine.rb: Run each test in separate process.
We can no longer cleanup engines explicitly as ENGINE_cleanup() was
removed.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743
* ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the
RDoc for Engine.cleanup.
* ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS,
DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed.
* test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb,
test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't
test unsupported hash functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
without any non-ASCII case conversions from ASCII-only test
to full test.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55311 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check for SSL_CTX_get_security_level().
OpenSSL 1.1.0 introduced "security level".
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c (ossl_sslctx_{get,set}_security_level): Add
SSLContext#security_level and #security_level=.
* test/openssl/test_ssl.rb (test_security_level): Add test. ...but this
doesn't actually test it. Because #security_level= is necessary in
order to run other tests on OpenSSL 1.1.0, go without tests for now.
Will fix after converting SSLContext#key= and #cert= to normal methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_insnhelper.c (vm_throw_start): check if the iseq is symbol
proc, class definition should not be a symbol proc.
[ruby-core:75856] [Bug #12462]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55297 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
for Unicode case mapping.
* test/ruby/enc/test_case_comprehensive.rb: Tests for above
functionality; fixed an encoding issue in assertion error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of accessor functions that
don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its
structures opaque and requires use of these accessor functions.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.[ch]: Implement them if missing.
* ext/openssl/ossl*.c: Use these accessor functions.
* test/openssl/test_hmac.rb: Add missing test for HMAC#reset.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
{RSA,DSA,EC_KEY,DH}_get0_*() functions.
OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
setter methods for each parameter of each PKey type, for example
PKey::RSA#e=, but this is no longer possible because the new API
RSA_set0_key() requires the 'n' at the same time. This commit adds
deprecation warning to them and adds PKey::*#set_* methods as direct
wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
Emit a warning with rb_warning() when old setter methods are used.
* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
object that are used in tmp_dh_callback. Generating a new key pair
every time should be fine - actually the private exponent is ignored
in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
https://www.openssl.org/news/secadv/20160128.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check if RAND_pseudo_bytes() is usable. It is
marked as deprecated in OpenSSL 1.1.0.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_rand.c: Disable Random.pseudo_bytes if
RAND_pseudo_bytes() is unavailable.
* test/openssl/test_random.rb: Don't test Random.pseudo_bytes if not
defined.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
case mapping methods.
* enc/unicode.c: Check for invalid string and signal with negative
length value.
* test/ruby/enc/test_case_mapping.rb: Add tests for above.
* test/ruby/test_m17n_comb.rb: Add a message to clarify test failure.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55253 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_asn1.rb: Add missing regression test for r55219. It
fixed the year 2038 issue but the test code was missing.
[ruby-core:45552] [Bug #6571]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55229 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/optparse.rb (OptionParser::Completion.candidate): get rid of
nil as key names. [ruby-core:75773] [Bug #12438]
* lib/optparse.rb (OptionParser#make_switch): char class option
cannot be NoArgument, default to RequiredArgument.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55228 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
the protective check for the presence of an option.
Update documentation.
* test/ruby/enc/test_case_comprehensive.rb: Adjust tests for above change.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pair.rb (test_ecdh_curves): Avoid P-224. The FIPS
patch from RHEL disables it. The curve has to be chosen from: {
secp256k1, secp384r1, secp521r1, prime256v1 }.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55224 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
instead of (Safe)StringValue, to detect NUL byte in the string.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_flock_shared): open
in writable mode for exclusive lock.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55221 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test logic depended on platform specific implementation. use more portable
logic. this fixes a test failure on Windows.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55218 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/socket/test_addrinfo.rb (test_addrinfo_ip): use single
digit address so that the values are same in both decimal and
octal. some platform zero-prefixed dotted-decimal is parsed as
an octal value.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55216 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): Enable the automatic
curve selection for ECDH by calling SSL_CTX_set_ecdh_auto(). With
this a TLS server automatically selects a curve which both the client
and the server support to use in ECDH. This changes the default
behavior but users can still disable ECDH by excluding 'ECDH' cipher
suites from the cipher list (with SSLContext#ciphers=). This commit
also deprecate #tmp_ecdh_callback=. It was added in Ruby 2.3.0. It
wraps SSL_CTX_set_tmp_ecdh_callback() which will be removed in OpenSSL
1.1.0. Its callback receives two values 'is_export' and 'keylength'
but both are completely useless for determining a curve to use in
ECDH. The automatic curve selection was introduced to replace this.
(ossl_sslctx_setup): Deprecate SSLContext#tmp_ecdh_callback=. Emit a
warning if this is in use.
(ossl_sslctx_set_ecdh_curves): Add SSLContext#ecdh_curves=. Wrap
SSL_CTX_set1_curves_list(). If it is not available, this falls back
to SSL_CTX_set_tmp_ecdh().
(Init_ossl_ssl): Define SSLContext#ecdh_curves=.
* ext/openssl/extconf.rb: Check the existence of EC_curve_nist2nid(),
SSL_CTX_set1_curves_list(), SSL_CTX_set_ecdh_auto() and
SSL_CTX_set_tmp_ecdh_callback().
* ext/openssl/openssl_missing.[ch]: Implement EC_curve_nist2nid() if
missing.
* test/openssl/test_pair.rb (test_ecdh_callback): Use
EnvUtil.suppress_warning to suppress deprecated warning.
(test_ecdh_curves): Test that SSLContext#ecdh_curves= works.
* test/openssl/utils.rb (start_server): Use SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/socket/raddrinfo.c (host_str, port_str): use RSTRING_LEN
instead of strlen, since RSTRING_PTR StringValueCStr may not be
NUL-terminated when SHARABLE_MIDDLE_SUBSTRING=1. reported by
@tmtms, http://twitter.com/tmtms/status/736910516229005312
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/socket/test_addrinfo.rb (test_addrinfo_ip): add tests for
special hostnames, <any> and <broadcast>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55211 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Unicode data file; refactoring; fix an error with tests for destructive
method (unicode_normalize!).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* transcode.c (str_transcode0): scrub in the given encoding when
the source encoding is given, not in the encoding of the
receiver. [ruby-core:75732] [Bug #12431]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(across most Unicode characters; later across most character encodings)
tests for case mapping.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ec_key_new_from_group): Create a new
EC_KEY on given EC group. Extracted from ossl_ec_key_initialize().
(ossl_ec_key_s_generate): Added. Create a new EC instance and
generate a random private and public key.
(ossl_ec_key_initialize): Use ec_key_new_from_group().
(Init_ossl_ec): Define the new method EC.generate. This change is
for consistency with other PKey types. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb: Test that EC.generate works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_generate_key): Fix up RDoc.
(Init_ossl_ec): Rename EC#generate_key to EC#generate_key!. Make the
old name an alias of #generate_key!. This change is for consistency
with other PKey types. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb: Use EC#generate_key! instead of
EC#generate_key.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55151 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
Reject too long values as well as too short ones. Currently they
just truncate the input but this would hide bugs and lead to
unexpected encryption/decryption results.
* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
Strings with invalid length.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_bignum.rb (test_pow): just assert to be an
Integer.
* test/ruby/test_integer_comb.rb (check_class): ditto.
* test/ruby/test_numeric.rb (test_coerce): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55108 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_{complex,range,rational,struct}.rb (test_hash):
hash values should be an Integer, not only a Fixnum.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55107 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_ssl_stop): Don't free the SSL struct
here. Since some methods such as SSLSocket#connect releases GVL,
there is a chance of use after free if we free the SSL from another
thread. SSLSocket#stop was documented as "prepares it for another
connection" so this is a slightly incompatible change. However when
this sentence was added (r30090, Add toplevel documentation for
OpenSSL, 2010-12-06), it didn't actually. The current behavior is
from r40304 (Correct shutdown behavior w.r.t GC., 2013-04-15).
[ruby-core:74978] [Bug #12292]
* ext/openssl/lib/openssl/ssl.rb (sysclose): Update doc.
* test/openssl/test_ssl.rb: Test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55100 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and
#public_key? to #private? and #public? for consistency with other
PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb (test_check_key): check private? and
public? works correctly.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_pem_passwd_value): Added. Convert the
argument to String with StringValue() and validate the length is in
4..PEM_BUFSIZE. PEM_BUFSIZE is a macro defined in OpenSSL headers.
(ossl_pem_passwd_cb): When reading/writing encrypted PEM format, we
used to pass the password to PEM_def_callback() directly but it was
problematic. It is not NUL character safe. And surprisingly, it
silently truncates the password to 1024 bytes. [GH ruby/openssl#51]
* ext/openssl/ossl.h: Add function prototype declaration of newly
added ossl_pem_passwd_value().
* ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): Use
ossl_pem_passwd_value() to validate the password String.
* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize, ossl_dsa_export):
ditto.
* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize,
ossl_ec_key_to_string): ditto.
* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_initialize, ossl_rsa_export):
ditto.
* test/openssl/test_pkey_{dsa,ec,rsa}.rb: test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL's default session timeout for TLS v1.0 method is not 300 seconds
but 7200. The TLS v1.0 specification[1] mentions about it as just "An
upper limit of 24 hours is suggested for session ID lifetimes,". And
according to OpenSSL 1.0.2h source comment[2], the value 7200 is decided
just because "the 24 hours mentioned in the TLSv1 spec is way too long
for http, the cache would over fill".
The reason why the default lifetime is set to 300 is maybe an OpenSSL
bug. We always call SSL_CTX_new() with SSLv23_method(), and this set
ssl_ctx->session to 300, the default value for SSLv23_method(). But the
following SSL_set_ssl_method() call does not update it. By the way this
will be fixed in OpenSSL 1.1.0.
[1] https://tools.ietf.org/html/rfc2246#appendix-F.1.4
[2] https://git.openssl.org/?p=openssl.git;a=blob;f=ssl/t1_lib.c;h=dd5bd0050d89f5585c1b06a227eb8221ebf984f1;hb=5dd94f1847c744929a3bd24819f1c99644bb18c7#l193
* test/openssl/test_ssl_session.rb (test_session): remove assertion of
the default session timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55078 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): [DOC] fix return value in rdoc.
* test/ruby/test_regexp.rb (TestRegexp#test_match_p): add some
tests from document.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55075 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509attr.c (ossl_x509attr_set_value): check that the
argument is an OpenSSL::ASN1::Data before converting to ASN1_TYPE.
This fixes SEGV on OpenSSL::X509::Attribute#value=(non-asn1-value).
* test/openssl/test_x509attr.rb: add tests for OpenSSL::X509::Attribute.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55071 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/lib/test/unit/assertions.rb (assert_separately): leave
timeout to invoke_ruby, which handles outputs and status of the
target process since r51539.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55070 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): fix match against empty string.
rb_str_offset returns the end when the position exceeds the
length. fix the range parameter of onig_search.
[ruby-core:75604] [Bug #12394]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55069 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): should return nil if no match, as the
document says. [Feature #8110]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55067 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): My previous commit
r55059 was broken. I should have been more careful. Sorry.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): CentOS 7 patches
OpenSSL to reject curves defined over a small field.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55059 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_random.rb (OpenSSL::TestRandom): ignore
out-of-date OpenSSL before 1.0, as well as other tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55058 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
temporary array.
* re.c (match_ary_aref): get element(s) of match array without creating
temporary array.
* re.c (match_aref): Use match_ary_subseq with handling irregulars.
* re.c (match_values_at): Use match_ary_aref.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
family may put errors on 0 return (0 means verification failure).
Clear OpenSSL error queue before return to Ruby. Since the queue is
thread global, remaining errors in the queue can cause an unexpected
error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215]
* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.
* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.
* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
queue before re-raising exception.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.
* test/openssl: check that OpenSSL.errors is empty every time after
running a test case.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): Validate the
arguments before passing to EC_POINT(s)_mul(). Add description of this
method. [ruby-core:65152] [Bug #10268]
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): Test that
OpenSSL::PKey::EC::Point#mul works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from
GetBNPtr(). This doesn't raise exception but returns NULL on error.
(GetBNPtr): Raise TypeError if conversion fails.
(ossl_bn_eq): Implement BN#==.
(ossl_bn_eql): #eql? should not raise TypeError even if the argument
is not compatible with BN.
(ossl_bn_hash): Implement BN#hash.
* ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash.
* test/openssl/test_bn.rb: Test BN#eql?, #== and #hash
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55047 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
nobu
naruse
duerst
shugo
hsbt
ngoto
rhe
kazu
mrkn
svn
usa
seki