* ext/openssl/ossl_ocsp.c (ossl_ocspcid_get_issuer_name_hash,
ossl_ocspcid_get_issuer_key_hash, ossl_ocspcid_get_hash_algorithm):
Add accessor methods OCSP::CertificateId#issuer_name_hash,
#issuer_key_hash, #hash_algorithm.
Based on a patch provided by Paul Kehrer <paul.l.kehrer@gmail.com>.
[ruby-core:48062] [Feature #7181]
* test/openssl/test_ocsp.rb: Test these new methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55411 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/date/date_strftime.c (date_strftime_with_tmx): reject too
large precision to get rid of buffer overflow.
reported by Guido Vranken <guido AT guidovranken.nl>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55410 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspbres_to_der, ossl_ocspcid_to_der):
Implement #to_der methods for OCSP::BasicResponse and
OCSP::CertificateId.
(ossl_ocspreq_initialize, ossl_ocspres_initialize): Use GetOCSP*()
instead of raw DATA_PTR().
(ossl_ocspbres_initialize, ossl_ocspcid_initialize): Allow
initializing from DER string.
(Init_ossl_ocsp): Define new #to_der methods.
* test/openssl/test_ocsp.rb: Test these changes. Also add missing tests
for OCSP::{Response,Request}#to_der.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* parse.y (reg_named_capture_assign_iter): remove named capture
conflict warnings. it is just annoying rather than useful.
[ruby-core:75416] [Bug #12359]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55396 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/objspace/test_objspace.rb (test_dump_all): dump to stdout
instead of a string, get rid of hung up.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55391 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_expand_path_compose):
valid only on OS X.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55390 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_engine.rb (test_openssl_engine_builtin,
test_openssl_engine_by_id_string): Skip test if 'openssl' engine is
already loaded. And test the number increased by Engine.load{_by_id,},
not the total count of loaded engines. Previously, we called
OpenSSL::Engine.cleanup every time running a test case, but we no
longer can do it.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* file.c (append_fspath): normalize directory name to be appended
on OS X. [ruby-core:75957] [Ruby trunk Bug#12483]
https://github.com/rails/rails/issues/25303#issuecomment-224834804
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55385 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/forwardable.rb (_delegator_method): leave the backtrace
untouched during accessor. forwardable.rb does not appear in
the backtrace during delegated method because of tail-call
optimization.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.c (asn1integer_to_num): Use
ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN.
Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects
non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are
almost identical so they behaved in the same way in OpenSSL <= 1.0.2.
[ruby-core:75225] [Feature #12324]
* test/openssl/test_asn1.rb (test_decode_enumerated): Test that it
works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55344 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Add define guards for OPENSSL_NO_EC.
SSL_CTX_set_ecdh_auto() is defined even when ECDH is disabled in
OpenSSL's configuration. This fixes r55214.
* test/openssl/test_pair.rb (test_ecdh_curves): Skip if the OpenSSL does
not support ECDH.
* test/openssl/utils.rb (start_server): Ignore error in
SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55342 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
CR or LF is included in a line, because they are not allowed in
RFC5321.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55324 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_proc.rb (test_lambda?): lambda-ness should be
preserved across proc, lambda, and Proc.new.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55321 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/rubygems/*_{cert,cert_32}.pem: Regenerate test certificates for
OpenSSL 1.1.0. This is already in upstream.
9be5c53939
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55317 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/open-uri/test_ssl.rb: Regenerate test certificates. The test CA
certificate was incorrectly generated. A CA certificate must have the
basic constraints extension with cA bit set to TRUE. OpenSSL <= 1.0.2
allowed the error when the certificate is in the trusted store but
OpenSSL 1.1.0 no longer does.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55315 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This fixes `make test-all TESTS=openssl` with OpenSSL master.
* test/openssl/test_x509name.rb: Don't register OID for 'emailAddress'
and 'serialNumber'. A recent change in OpenSSL made OBJ_create()
reject an already existing OID. They were needed to run tests with
OpenSSL 0.9.6 which is now unsupported.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25
[ruby-core:75225] [Feature #12324]
* test/openssl/test_ssl_session.rb (test_server_session): Duplicate
SSL::Session before re-adding to the session store. OpenSSL 1.1.0
starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session().
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75
* test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519
is new in OpenSSL 1.1.0 but this is for key agreement and not for
signing.
* test/openssl/test_pair.rb, test/openssl/test_ssl.rb,
test/openssl/utils.rb: Set security level to 0 when using aNULL cipher
suites.
* test/openssl/utils.rb: Use 1024 bits DSA key for client certificates.
* test/openssl/test_engine.rb: Run each test in separate process.
We can no longer cleanup engines explicitly as ENGINE_cleanup() was
removed.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743
* ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the
RDoc for Engine.cleanup.
* ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS,
DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed.
* test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb,
test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't
test unsupported hash functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
without any non-ASCII case conversions from ASCII-only test
to full test.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55311 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check for SSL_CTX_get_security_level().
OpenSSL 1.1.0 introduced "security level".
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c (ossl_sslctx_{get,set}_security_level): Add
SSLContext#security_level and #security_level=.
* test/openssl/test_ssl.rb (test_security_level): Add test. ...but this
doesn't actually test it. Because #security_level= is necessary in
order to run other tests on OpenSSL 1.1.0, go without tests for now.
Will fix after converting SSLContext#key= and #cert= to normal methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_insnhelper.c (vm_throw_start): check if the iseq is symbol
proc, class definition should not be a symbol proc.
[ruby-core:75856] [Bug #12462]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55297 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
for Unicode case mapping.
* test/ruby/enc/test_case_comprehensive.rb: Tests for above
functionality; fixed an encoding issue in assertion error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of accessor functions that
don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its
structures opaque and requires use of these accessor functions.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.[ch]: Implement them if missing.
* ext/openssl/ossl*.c: Use these accessor functions.
* test/openssl/test_hmac.rb: Add missing test for HMAC#reset.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
{RSA,DSA,EC_KEY,DH}_get0_*() functions.
OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
setter methods for each parameter of each PKey type, for example
PKey::RSA#e=, but this is no longer possible because the new API
RSA_set0_key() requires the 'n' at the same time. This commit adds
deprecation warning to them and adds PKey::*#set_* methods as direct
wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
Emit a warning with rb_warning() when old setter methods are used.
* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
object that are used in tmp_dh_callback. Generating a new key pair
every time should be fine - actually the private exponent is ignored
in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
https://www.openssl.org/news/secadv/20160128.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check if RAND_pseudo_bytes() is usable. It is
marked as deprecated in OpenSSL 1.1.0.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_rand.c: Disable Random.pseudo_bytes if
RAND_pseudo_bytes() is unavailable.
* test/openssl/test_random.rb: Don't test Random.pseudo_bytes if not
defined.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
case mapping methods.
* enc/unicode.c: Check for invalid string and signal with negative
length value.
* test/ruby/enc/test_case_mapping.rb: Add tests for above.
* test/ruby/test_m17n_comb.rb: Add a message to clarify test failure.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55253 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_asn1.rb: Add missing regression test for r55219. It
fixed the year 2038 issue but the test code was missing.
[ruby-core:45552] [Bug #6571]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55229 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/optparse.rb (OptionParser::Completion.candidate): get rid of
nil as key names. [ruby-core:75773] [Bug #12438]
* lib/optparse.rb (OptionParser#make_switch): char class option
cannot be NoArgument, default to RequiredArgument.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55228 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
the protective check for the presence of an option.
Update documentation.
* test/ruby/enc/test_case_comprehensive.rb: Adjust tests for above change.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pair.rb (test_ecdh_curves): Avoid P-224. The FIPS
patch from RHEL disables it. The curve has to be chosen from: {
secp256k1, secp384r1, secp521r1, prime256v1 }.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55224 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
instead of (Safe)StringValue, to detect NUL byte in the string.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_flock_shared): open
in writable mode for exclusive lock.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55221 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test logic depended on platform specific implementation. use more portable
logic. this fixes a test failure on Windows.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55218 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/socket/test_addrinfo.rb (test_addrinfo_ip): use single
digit address so that the values are same in both decimal and
octal. some platform zero-prefixed dotted-decimal is parsed as
an octal value.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55216 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): Enable the automatic
curve selection for ECDH by calling SSL_CTX_set_ecdh_auto(). With
this a TLS server automatically selects a curve which both the client
and the server support to use in ECDH. This changes the default
behavior but users can still disable ECDH by excluding 'ECDH' cipher
suites from the cipher list (with SSLContext#ciphers=). This commit
also deprecate #tmp_ecdh_callback=. It was added in Ruby 2.3.0. It
wraps SSL_CTX_set_tmp_ecdh_callback() which will be removed in OpenSSL
1.1.0. Its callback receives two values 'is_export' and 'keylength'
but both are completely useless for determining a curve to use in
ECDH. The automatic curve selection was introduced to replace this.
(ossl_sslctx_setup): Deprecate SSLContext#tmp_ecdh_callback=. Emit a
warning if this is in use.
(ossl_sslctx_set_ecdh_curves): Add SSLContext#ecdh_curves=. Wrap
SSL_CTX_set1_curves_list(). If it is not available, this falls back
to SSL_CTX_set_tmp_ecdh().
(Init_ossl_ssl): Define SSLContext#ecdh_curves=.
* ext/openssl/extconf.rb: Check the existence of EC_curve_nist2nid(),
SSL_CTX_set1_curves_list(), SSL_CTX_set_ecdh_auto() and
SSL_CTX_set_tmp_ecdh_callback().
* ext/openssl/openssl_missing.[ch]: Implement EC_curve_nist2nid() if
missing.
* test/openssl/test_pair.rb (test_ecdh_callback): Use
EnvUtil.suppress_warning to suppress deprecated warning.
(test_ecdh_curves): Test that SSLContext#ecdh_curves= works.
* test/openssl/utils.rb (start_server): Use SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/socket/raddrinfo.c (host_str, port_str): use RSTRING_LEN
instead of strlen, since RSTRING_PTR StringValueCStr may not be
NUL-terminated when SHARABLE_MIDDLE_SUBSTRING=1. reported by
@tmtms, http://twitter.com/tmtms/status/736910516229005312
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/socket/test_addrinfo.rb (test_addrinfo_ip): add tests for
special hostnames, <any> and <broadcast>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55211 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Unicode data file; refactoring; fix an error with tests for destructive
method (unicode_normalize!).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* transcode.c (str_transcode0): scrub in the given encoding when
the source encoding is given, not in the encoding of the
receiver. [ruby-core:75732] [Bug #12431]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(across most Unicode characters; later across most character encodings)
tests for case mapping.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ec_key_new_from_group): Create a new
EC_KEY on given EC group. Extracted from ossl_ec_key_initialize().
(ossl_ec_key_s_generate): Added. Create a new EC instance and
generate a random private and public key.
(ossl_ec_key_initialize): Use ec_key_new_from_group().
(Init_ossl_ec): Define the new method EC.generate. This change is
for consistency with other PKey types. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb: Test that EC.generate works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_generate_key): Fix up RDoc.
(Init_ossl_ec): Rename EC#generate_key to EC#generate_key!. Make the
old name an alias of #generate_key!. This change is for consistency
with other PKey types. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb: Use EC#generate_key! instead of
EC#generate_key.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55151 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
Reject too long values as well as too short ones. Currently they
just truncate the input but this would hide bugs and lead to
unexpected encryption/decryption results.
* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
Strings with invalid length.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_bignum.rb (test_pow): just assert to be an
Integer.
* test/ruby/test_integer_comb.rb (check_class): ditto.
* test/ruby/test_numeric.rb (test_coerce): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55108 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_{complex,range,rational,struct}.rb (test_hash):
hash values should be an Integer, not only a Fixnum.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55107 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_ssl_stop): Don't free the SSL struct
here. Since some methods such as SSLSocket#connect releases GVL,
there is a chance of use after free if we free the SSL from another
thread. SSLSocket#stop was documented as "prepares it for another
connection" so this is a slightly incompatible change. However when
this sentence was added (r30090, Add toplevel documentation for
OpenSSL, 2010-12-06), it didn't actually. The current behavior is
from r40304 (Correct shutdown behavior w.r.t GC., 2013-04-15).
[ruby-core:74978] [Bug #12292]
* ext/openssl/lib/openssl/ssl.rb (sysclose): Update doc.
* test/openssl/test_ssl.rb: Test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55100 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and
#public_key? to #private? and #public? for consistency with other
PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567]
* test/openssl/test_pkey_ec.rb (test_check_key): check private? and
public? works correctly.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_pem_passwd_value): Added. Convert the
argument to String with StringValue() and validate the length is in
4..PEM_BUFSIZE. PEM_BUFSIZE is a macro defined in OpenSSL headers.
(ossl_pem_passwd_cb): When reading/writing encrypted PEM format, we
used to pass the password to PEM_def_callback() directly but it was
problematic. It is not NUL character safe. And surprisingly, it
silently truncates the password to 1024 bytes. [GH ruby/openssl#51]
* ext/openssl/ossl.h: Add function prototype declaration of newly
added ossl_pem_passwd_value().
* ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): Use
ossl_pem_passwd_value() to validate the password String.
* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize, ossl_dsa_export):
ditto.
* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize,
ossl_ec_key_to_string): ditto.
* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_initialize, ossl_rsa_export):
ditto.
* test/openssl/test_pkey_{dsa,ec,rsa}.rb: test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL's default session timeout for TLS v1.0 method is not 300 seconds
but 7200. The TLS v1.0 specification[1] mentions about it as just "An
upper limit of 24 hours is suggested for session ID lifetimes,". And
according to OpenSSL 1.0.2h source comment[2], the value 7200 is decided
just because "the 24 hours mentioned in the TLSv1 spec is way too long
for http, the cache would over fill".
The reason why the default lifetime is set to 300 is maybe an OpenSSL
bug. We always call SSL_CTX_new() with SSLv23_method(), and this set
ssl_ctx->session to 300, the default value for SSLv23_method(). But the
following SSL_set_ssl_method() call does not update it. By the way this
will be fixed in OpenSSL 1.1.0.
[1] https://tools.ietf.org/html/rfc2246#appendix-F.1.4
[2] https://git.openssl.org/?p=openssl.git;a=blob;f=ssl/t1_lib.c;h=dd5bd0050d89f5585c1b06a227eb8221ebf984f1;hb=5dd94f1847c744929a3bd24819f1c99644bb18c7#l193
* test/openssl/test_ssl_session.rb (test_session): remove assertion of
the default session timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55078 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): [DOC] fix return value in rdoc.
* test/ruby/test_regexp.rb (TestRegexp#test_match_p): add some
tests from document.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55075 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509attr.c (ossl_x509attr_set_value): check that the
argument is an OpenSSL::ASN1::Data before converting to ASN1_TYPE.
This fixes SEGV on OpenSSL::X509::Attribute#value=(non-asn1-value).
* test/openssl/test_x509attr.rb: add tests for OpenSSL::X509::Attribute.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55071 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/lib/test/unit/assertions.rb (assert_separately): leave
timeout to invoke_ruby, which handles outputs and status of the
target process since r51539.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55070 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): fix match against empty string.
rb_str_offset returns the end when the position exceeds the
length. fix the range parameter of onig_search.
[ruby-core:75604] [Bug #12394]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55069 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* re.c (rb_reg_match_m_p): should return nil if no match, as the
document says. [Feature #8110]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55067 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): My previous commit
r55059 was broken. I should have been more careful. Sorry.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55060 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): CentOS 7 patches
OpenSSL to reject curves defined over a small field.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55059 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_random.rb (OpenSSL::TestRandom): ignore
out-of-date OpenSSL before 1.0, as well as other tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55058 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
temporary array.
* re.c (match_ary_aref): get element(s) of match array without creating
temporary array.
* re.c (match_aref): Use match_ary_subseq with handling irregulars.
* re.c (match_values_at): Use match_ary_aref.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
family may put errors on 0 return (0 means verification failure).
Clear OpenSSL error queue before return to Ruby. Since the queue is
thread global, remaining errors in the queue can cause an unexpected
error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215]
* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.
* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.
* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
queue before re-raising exception.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.
* test/openssl: check that OpenSSL.errors is empty every time after
running a test case.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): Validate the
arguments before passing to EC_POINT(s)_mul(). Add description of this
method. [ruby-core:65152] [Bug #10268]
* test/openssl/test_pkey_ec.rb (test_ec_point_mul): Test that
OpenSSL::PKey::EC::Point#mul works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from
GetBNPtr(). This doesn't raise exception but returns NULL on error.
(GetBNPtr): Raise TypeError if conversion fails.
(ossl_bn_eq): Implement BN#==.
(ossl_bn_eql): #eql? should not raise TypeError even if the argument
is not compatible with BN.
(ossl_bn_hash): Implement BN#hash.
* ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash.
* test/openssl/test_bn.rb: Test BN#eql?, #== and #hash
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55047 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* enum.c (enum_sum): Optimize for a range from int to int.
* test/ruby/test_enum.rb (test_range_sum): Move from test_range.rb,
and add assertions for some conditions.
* test/ruby/test_enum.rb (test_hash_sum): Move from test_hash.rb.
* test/ruby/test_hash.rb, test/ruby/test_range.rb: Remove test_sum.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55034 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* enum.c (enum_sum): Implement Enumerable#sum.
* test/ruby/test_enum.rb (test_sum): Test sum for Enumerable.
* test/ruby/test_hash.rb (test_sum): Test sum for Hash.
* test/ruby/test_range.rb (test_sum): Test sum for Range.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55032 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* [Feature #12005] Unify Fixnum and Bignum into Integer
* include/ruby/ruby.h (rb_class_of): Return rb_cInteger for fixnums.
* insns.def (INTEGER_REDEFINED_OP_FLAG): Unified from
FIXNUM_REDEFINED_OP_FLAG and BIGNUM_REDEFINED_OP_FLAG.
* vm_core.h: Ditto.
* vm_insnhelper.c (opt_eq_func): Use INTEGER_REDEFINED_OP_FLAG instead
of FIXNUM_REDEFINED_OP_FLAG.
* vm.c (vm_redefinition_check_flag): Use rb_cInteger instead of
rb_cFixnum and rb_cBignum.
(C): Use Integer instead of Fixnum and Bignum.
* numeric.c (fix_succ): Removed.
(Init_Numeric): Define Fixnum as Integer.
* bignum.c (bignew): Use rb_cInteger instead of Rb_cBignum.
(rb_int_coerce): replaced from rb_big_coerce and return fixnums
as-is.
(Init_Bignum): Define Bignum as Integer.
Don't define ===.
* error.c (builtin_class_name): Return "Integer" for fixnums.
* sprintf.c (ruby__sfvextra): Use rb_cInteger instead of rb_cFixnum.
* ext/-test-/testutil: New directory to test.
Currently it provides utilities for fixnum and bignum.
* ext/json/generator/generator.c: Define mInteger_to_json.
* lib/mathn.rb (Fixnum#/): Redefinition removed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55024 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/fiddle/test_handle.rb (test_fallback_to_ansi): ensure that
the fallback result equals to ANSI version.
[ruby-core:75494] [Bug #12377]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55016 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* configure.in (FUNC_STDCALL, FUNC_CDECL, FUNC_FASTCALL): set
macro names explicitly to the old names, which are accidentally
changed at r54985, for backward compatibilities.
fiddle also depends on these names to fallback to ANSI names.
[ruby-core:75494] [Bug #12377]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55015 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_insnhelper.c (vm_get_ev_const): warn deprecated constant even
in the class context. [ruby-core:75505] [Bug #12382]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_rand.rb: tests for Random.raw_seed and
Random.new_seed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54998 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/minitest/test_minitest_unit.rb (test_test_methods_random):
hack to fix the order by avoiding duplicate keys.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54975 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
superclass of a class as Object and it has another superclass.
[Bug #12367] [ruby-core:75446]
* test/ruby/test_class.rb: test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (obj_random_bytes): base on bytes method instead of
rand method, not to call toplevel rand method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* file.c (rb_home_dir_of): return the default home path if the
user name is the current user name, on platforms where struct
pwd is not supported. a temporary measure against
[Bug #12226].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54947 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to invoke ssl server with command line.
[fix GH-1329] Patch by @kerlin
* test/webrick/test_ssl_server.rb: Added test for GH-1329
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* process.c (rb_exec_getargs): honor the expected argument types
over the conversion method. the basic language functionality
should be robust. [ruby-core:75388] [Bug #12355]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54934 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* parse.y (new_if_gen): set newline flag to NODE_IF to trace all
if/elsif statements. [ruby-core:67720] [Bug #10763]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54893 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
too many shifting. the last shifting created logs named as `*.3`, and
they were never unlinked.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54869 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
if both positives and negatives were specified, postives had to
be spcicifed from the beginning.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54868 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/stringio/stringio.c (strio_s_new): warn if a block is given,
as well as IO.new.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54792 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.c (process_options): convert -e script to the encoding
given by a command line option on Windows. assume it is the
expected encoding. [ruby-dev:49461] [Bug #11900]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54785 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.c: cygwin does not use w32_cmdvector, command line can be
other than UTF-8. [ruby-dev:49519] [Bug #12184]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54720 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to avoid test failures due to the tzdata change.
8ee11a301c
Found by naruse.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54706 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* eval_jump.c (exec_end_procs_chain): restore previous error info
for each end procs. [ruby-core:75038] [Bug #12302]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54681 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/cgi/escape/escape.c (cgiesc_unescape): define unescape
method instead of _unescape, and should pass the optional
argument to the super method.
* lib/cgi/util.rb (CGI::Util#_unescape): remove intermediate
method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54655 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/lib/test/unit/assertions.rb (assert_syntax_error): return
the rescued exception object as well as assert_raise.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54653 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
backward compatibilities, and it is documented that
Time.parse does not take into account time zone
abbreations other than ones described in RFC 822
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54647 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/logger/test_logdevice.rb: use assert_predicate,
assert_not_predicate, and assert_file instead of bare assert.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54646 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* compile.c (iseq_peephole_optimize): should not replace the
current target INSN, not to follow the replaced dangling link in
the caller. [ruby-core:74993] [Bug #11816]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54628 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (flo_truncate): add an optional parameter, digits, as
well as Float#round. [Feature #12245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54625 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (int_truncate): add an optional parameter, digits, as
well as Integer#round. [Feature #12245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54624 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* struct.c (struct_make_members_list, rb_struct_s_def): member
names should be unique. [ruby-core:74971] [Bug #12291]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54612 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* array.c (rb_ary_sum): apply the precision compensated algorithm
for an array in which Rational and Float values are mixed.
* test/ruby/test_array.rb (test_sum): add assertions for the above
change.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54601 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* thread.c (rb_thread_setname): defer setting native thread name
set in initialize until the native thread is created.
[ruby-core:74963] [Bug #12290]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54600 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* thread.c (get_initialized_threadptr): extract ensuring that the
thread is initialized.
* thread.c (rb_thread_setname): thread must be initialized to set
the name. [ruby-core:74963] [Bug #12290]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54598 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/io/console/console.c (console_key_pressed_p): raise the same
exception, "unknown virtual key code", for names with nul chars.
though console_win32_vk() considers the length and can deal with
nul chars, rb_sprintf() raised at PRIsVALUE previously, so quote
it if it is unprintable.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54589 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/io/console/test_io_console.rb: move conditions for method
definitions before the bodies.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54588 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Kahan's compensated summation algorithm for precise sum of float
numbers is moved from ary_inject_op in enum.c.
* enum.c (ary_inject_op): Don't specialize for float numbers.
[ruby-core:74569] [Feature#12217] proposed by mrkn.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54565 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (flo_ceil): add an optional parameter, digits, as
well as Float#round. [Feature #12245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54564 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (flo_floor): add an optional parameter, digits, as
well as Integer#floor. [Feature #12245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (int_ceil): add an optional parameter, digits, as
well as Integer#round. [Feature #12245]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* numeric.c (int_floor): add an optional parameter, digits, as
well as Integer#round.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54561 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
instance variables on special const objects.
All of such objects are frozen, so that we can not set instance
variables for them. But we can read instance variables and return
default value (nil).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54556 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/lib/test/unit.rb (ExcludedMethods.load): supply the path to
show the warning locations.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54540 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_whileuntil.rb (test_while): fix old behavior.
mere numeric literal in condition no longer matches $. global
variable.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54539 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/lib/test/unit/assertions.rb (assert_raise_with_message):
set default internal encoding to the excpected message, which
affects String#inspect in messages.
* test/lib/test/unit/assertions.rb (assert_warning): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* bignum.c (rb_cstr_parse_inum): [EXPERIMENTAL] new function to
parse integer in C-string with length. the name and the
arguments may be changed in the future.
* bignum.c (rb_str_to_inum): preserve encoding of the argument in
error messages, and no longer needs to copy non-terminated
strings.
* bignum.c (rb_str2big_{poweroftwo,normal,karatsuba,gmp}): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54518 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
It was returning old file coverages as empty arrays to the user.
[ruby-core:74596] [Bug #12220]
* ext/coverage/coverage.c (rb_coverages): remove unused static state.
* thread.c: Moved and renamed coverage_clear_result_i to reset_coverage_i.
* test/coverage/test_coverage.rb: improve precision of tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54504 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_ssl.rb (test_get_ephemeral_key): should use
assert_instance_of instead of comparison of classes.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54487 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
TLS session key in case of forward secrecy cipher. Only
available since OpenSSL 1.0.2. [Fix GH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_core.h (rb_vm_struct): make at_exit a single linked list but
not RArray, not to mark the registered functions by the write
barrier. based on the patches by Evan Phoenix.
[ruby-core:73908] [Bug #12095]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54484 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
swapcase functionality for titlecase characters. Swapcase isn't defined
by Unicode, because the purpose/usage of swapcase is unclear anyway.
The implementation follows a proposal from Nobu, swaping the case of
each component of a titlecase character individually.
This means that the titlecase characters have to be decomposed.
* enc/unicode.c: Code using the above data.
* test/ruby/enc/test_case_mapping.rb: Tests for the above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54469 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
rhe
nobu
naruse
mrkn
duerst
shugo
svn
usa
seki
kazu
akr
hsbt
eregon
yui-knk
ktsj
sonots
ko1