* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
{RSA,DSA,EC_KEY,DH}_get0_*() functions.
OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
setter methods for each parameter of each PKey type, for example
PKey::RSA#e=, but this is no longer possible because the new API
RSA_set0_key() requires the 'n' at the same time. This commit adds
deprecation warning to them and adds PKey::*#set_* methods as direct
wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
Emit a warning with rb_warning() when old setter methods are used.
* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
object that are used in tmp_dh_callback. Generating a new key pair
every time should be fine - actually the private exponent is ignored
in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
https://www.openssl.org/news/secadv/20160128.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check absence of CRYPTO_lock() to see if the
OpenSSL has the new threading API. In OpenSSL <= 1.0.2, an application
had to set locking callbacks to use OpenSSL in a multi-threaded
environment. OpenSSL 1.1.0 now finds pthreads or Windows threads so we
don't need to do something special.
[ruby-core:75225] [Feature #12324]
Also check existence of *_up_ref(). Some structures in OpenSSL have
a reference counter. We used to increment it with CRYPTO_add() which
is a part of the old API.
* ext/openssl/openssl_missing.h: Implement *_up_ref() if missing.
* ext/openssl/ossl.c: Don't set locking callbacks if unneeded.
* ext/openssl/ossl_pkey.c, ext/openssl/ossl_ssl.c,
ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509store.c: Use *_up_ref() instead of CRYPTO_add().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55283 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check if RAND_pseudo_bytes() is usable. It is
marked as deprecated in OpenSSL 1.1.0.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_rand.c: Disable Random.pseudo_bytes if
RAND_pseudo_bytes() is unavailable.
* test/openssl/test_random.rb: Don't test Random.pseudo_bytes if not
defined.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* defs/gmake.mk (missing/des_tables.c): move the recipe from
common.mk. this is less common.
* missing/crypt.c (init_des): if des_tables.c is empty, initialize
DES tables at runtime.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55274 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_bn.c (ossl_bn_s_generate_prime, ossl_bn_is_prime,
ossl_bn_is_prime_fasttest): Avoid deprecated BN_generate_prime(),
BN_is_prime{,_fasttest}(). They are deprecated because they expect an
old style callback function (we don't use it here). They can be simply
replaced by _ex suffixed functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55273 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* missing/crypt.h (struct crypt_data): remove unnecessary member
"initialized".
* missing/crypt.c (des_setkey_r): nothing to be initialized in
crypt_data.
* configure.in (struct crypt_data): check for "initialized" in
struct crypt_data, which may be only in glibc, and isn't on AIX
at least.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55272 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32/win32.c: unify MAX_PATH, _MAX_PATH, and MAXPATHLEN to
PATH_MAX, except for MAX_PATH in get_special_folder for an API
limit.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55270 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32/win32.c (get_special_folder): fail before getting
ITEMIDLIST if the buffer is less than 260 word which
SHGetPathFromIDListW requires.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55269 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.c (process_options): rb_str_conv_enc() never set encoding
of the source string, but returns the string itself if the
conversion failed. then the instance variable does not need to
be set again.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55268 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
rb_str_conv_enc() because the function might call rb_enc_associate()
internally. this fixes test failures on Windows introduced at r55260.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55267 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/mkmf.rb (create_makefile): sort lists of source and object
files in generated Makefile, unless given by extconf.rb.
[Fix GH-1367]
Without sorting the list of object files explicitely, its order is
indeterministic, because readdir() is also not deterministic.
When the list of object files varies between builds, they are
linked in a different order, which results in an unreproducible
build.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55265 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/etc/etc.c (etc_systmpdir): retry with allocated string
buffer if static buffer size is not enough.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32/win32.c (get_special_folder): use SHGetPathFromIDListEx if
available instead of old SHGetPathFromIDListW, to check the
buffer size.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55261 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* missing/crypt.c (SPE): make unsigned so that literal integers do
not exceed 32bit signed integer limit.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55257 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* missing/crypt.c (constdatablock): fix error on mswin. Visual C
does not accept an empty initializer.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55256 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
case mapping methods.
* enc/unicode.c: Check for invalid string and signal with negative
length value.
* test/ruby/enc/test_case_mapping.rb: Add tests for above.
* test/ruby/test_m17n_comb.rb: Add a message to clarify test failure.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55253 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* string.c: prefer crypt_r to crypt iff system crypt nor crypt_r
are not provided.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55250 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
r55219 didn't fix the entire issue. It only fixed the issue on
environment with sizeof(time_t) == 8 && sizeof(long) == 4.
* ext/openssl/extconf.rb: Check existence of ASN1_TIME_adj(). The old
ASN1_TIME_set() is not Year 2038 ready on sizeof(time_t) == 4
environment. This function was added in OpenSSL 1.0.0.
[ruby-core:45552] [Bug #6571]
* ext/openssl/ossl_asn1.c (ossl_time_split): Added. Split the argument
(Time) into the number of days elapsed since the epoch and the
remainder seconds to conform to ASN1_TIME_adj().
(obj_to_asn1utime, obj_to_asn1gtime): Use ossl_time_split() and
ASN1_*TIME_adj().
* ext/openssl/ossl_asn1.h: Add the function prototype for
ossl_time_split().
* ext/openssl/ossl_x509.[ch]: Add ossl_x509_time_adjust(). Similarly to
obj_to_asn1*time(), use X509_time_adj_ex() instead of X509_time_adj().
* ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509revoked.c: Use ossl_x509_time_adjust().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55249 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* missing/crypt.h: move crypt.h to get rid of conflict with the
system header.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55247 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* configure.in: revert r55237. replace crypt, not crypt_r, and
check if crypt is broken more.
* missing/crypt.c: move crypt_r.c
* string.c (rb_str_crypt): use crypt_r if provided by the system.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55245 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* missing/crypt_r.c (a64toi): initialize statically and fix out of
bounds access when salt is not 7bit clean.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55243 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* common.mk (string.o): now depends on crypt.h for crypt_r and
struct crypt_data.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55240 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
svn
rhe
mrkn
duerst
nobu
usa
naruse