call rb_sys_fail instead of rasing SSLError if SSL_ERROR_SYSCALL
occured.
* ext/openssl/lib/openssl/buffering.rb (Buffering#fill_rbuff):
should rescue Errno::EAGAIN.
* ext/openssl/lib/openssl/buffering.rb (Buffering#each): fix typo.
suggested by Brian Ollenberger.
* ext/openssl/lib/openssl/ssl.rb: set non-blocking flag to the
underlying IO.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7974 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to avoid SEGV.
* ext/openssl/ossl_asn1.c (ossl_asn1_traverse, ossl_asn1_decode,
ossl_asn1_decode_all): temporary value should be marked volatile.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7626 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ext/pty/pty.c, ext/io/wait/wait.c, ext/openssl/ossl_ssl.c:
Use own buffering mechanism instead of stdio.
* io.c, ext/stringio/stringio.c, test/ruby/ut_eof.rb:
EOF flag removed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7473 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ossl_rsa_public_decrypt, ossl_rsa_private_encrypt,
ossl_rsa_private_decrypt): should take an optional argument
to specify padding mode. [ruby-talk:122539]
* ext/openssl/ossl_pkey_rsa.c (Init_ossl_rsa): add new constants
PKCS1_PADDING, SSLV23_PADDING, NO_PADDING and PKCS1_OAEP_PADDING
under OpenSSL::PKey::RSA.
* test/openssl/test_pkey_rsa.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7465 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
[ruby-talk:117841]
* ruby.h (FL_ABLE): nodes are not subject for flag operations.
* io.c (ARGF_FORWARD): should have specified argv explicitly,
since we no longer have frame->argv saved. [ruby-dev:24602]
* string.c (RESIZE_CAPA): check string attribute before modifying
capacity member of string structure. [ruby-dev:24594]
* ext/zlib/zlib.c (gzreader_gets): use memchr() to to gain
performance. [ruby-talk:117701]
* sprintf.c (rb_f_sprintf): raise ArgumentError for extra
arguments, unless (digit)$ style used.
* io.c (rb_io_fptr_finalize): leave stdin/stdout/stderr open in
interpreter termination. [ruby-dev:24579]
* eval.c (frame_free): Guy Decoux solved the leak problem.
Thanks. [ruby-core:03549]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7121 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
second argument to specify the output format (see also
X509_NAME_print_ex).
* ext/openssl/ossl_x509name.c (ossl_x509name_init): new constants:
OpenSSL::X509::Name::COMPAT, OpenSSL::X509::Name::RFC2253,
OpenSSL::X509::ONELINE, OpenSSL::X509::MULTILINE.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name::RFC2253DN):
new module to provide the parse for RFC2253 DN format.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name.parse_rfc2253):
new method to parse RFC2253 DN format.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6902 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
functions may replace the pointer indicated by the first argument.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_initialize): ditto.
* ext/openssl/ossl_x509name.c (ossl_x509name_initialize): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
- should return an empty string if specified length to read is 0.
- should check for pending data and wait for fd before reading.
- call underlying IO's sysread if SSL session is not started.
[ruby-dev:24072], [ruby-dev:24075]
* ext/openssl/ossl_ssl.c (ossl_ssl_write):
- call underlying IO's syswrite if SSL session is not started.
* ext/openssl/ossl_ssl.c (ossl_ssl_pending): new method
OpenSSL::SSL#pending.
* ext/openssl/lib/openssl/buffering.rb: should not use select.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
re-implemnt (the arguments for this method is ).
* ext/openssl/ossl_cipher.c (ossl_cipher_pkcs5_keyivgen): new method
OpenSSL::Cipher::Cipher#pkcs5_keyivgen. it calls EVP_BytesToKey().
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key_length): new method
OpenSSL::Cipher::Cipher#key_len=.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): the type of
argument is changed from integer to boolean.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6549 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to specify a string to be written.
* ext/openssl/lib/openssl/buffering.rb (OpenSSL::Buffering#read):
take optional second argument to specify a string to be written.
* ext/openssl/lib/openssl/buffering.rb (OpenSSL::Buffering#gets):
refine regexp for end-of-line.
* ext/opnessl/lib/openssl/ssl.rb
(OpenSSL::SSL::SocketForwarder#listen): fix typo.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6411 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::Config#each. it iterates with section name, field name
and value.
* ext/openssl/ossl_config.c (Init_ossl_config): include Enumerable.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5813 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
argument become optional.
* ext/openssl/ossl_x509name.c (ossl_x509name_initialize): ditto.
* ext/openssl/ossl_x509name.c (Init_x509name): emailAddress and
domainComponent should be IA5String.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5549 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
second argument. it expected to be a Hash not an Integer.
* ext/openssl/ossl_x509name.c (ossl_x509name_add_entry): add new
function for OpenSSL::X509::Name#add_entry.
* ext/openssl/ossl_x509name.c (Init_ossl_x509name): add constants
OpenSSL::X509::Name::DEFAULT_OBJECT_TYPE and OBJECT_TYPE_TEMPLATE.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name#initialize):
second argument takes OBJECT_TYPE_TEMPLATE by default.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5544 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
public key only.
* ext/openssl/ossl_pkey_dh.c (ossl_dh_to_der): new function for
OpenSSL::PKey::DH#to_der.
* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_to_der): new function for
OpenSSL::PKey::DSA#to_der.
* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_to_der): new function for
OpenSSL::PKey::RSA#to_der.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5417 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
status by SSL_get_error().
* ext/openssl/ossl_ssl.c (ossl_ssl_write): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5278 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSL_connect and SSL_accept; if SSL_connect (or SSL_accept) returned
but not finished the handshake process, we should retry it.
* ext/openssl/ossl_ssl.c (ossl_ssl_connect): call ossl_start_ssl.
* ext/openssl/ossl_ssl.c (ossl_ssl_accept): ditto.
* ext/openssl/ossl_ssl.c (ossl_ssl_read): allow signal traps.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5127 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
if the specified value doesn't exist.
* lib/ext/openssl/ossl_conf.c (ossl_config_get_section): return
a empty hash if the specified section doesn't exist.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4933 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/https.rb (HTTPRequest#meta_vars): create
SSL_CLIENT_CERT_CHAIN_n from @client_cert_chain.
* ext/openssl/ossl_ssl.c (ossl_ssl_get_peer_cert_chain): return nil
if no cert-chain was given.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4897 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSLSocket#peer_cert_chain.
* ext/openssl/ossl_x509req.c (GetX509ReqPtr): new function
which returns underlying X509_REQ.
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_issuer_cert,
ossl_x509extfactory_set_subject_cert, ossl_x509extfactory_set_crl,
ossl_x509extfactory_set_subject_req, ossl_x509extfactory_set_config):
use underlying C struct without duplication not to leak momory.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
add new method to inherit @sync from @io.sync.
* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): no need to
set sync flag explicitly.
* ext/openssl/ossl_ssl.c (ossl_sslctx_initialize): call super.
* ext/openssl/ossl_ssl.c (ossl_sslctx_setup): set extra chain
certificates in @extra_chain_cert.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4859 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
optional argument to specify the DirectoryString type
(ASN1::UTF8STRING by default). RFC3280 deprecates PrintableString
for DirectoryString, and strongly requires to use UTF8String for
all certificates issued after December, 31 2003.
* ext/openssl/lib/openssl/x509.rb (X509::Name::parse): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4733 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
free function for ASN1_OBJECT.
* ext/openssl/ossl_asn1.c (ossl_asn1obj_get_sn): add new function for
ASN1::ObjectId#sn; it returns short name text representation of OID.
* ext/openssl/ossl_asn1.c (ossl_asn1obj_get_ln): add new function for
ASN1::ObjectId#ln; it returns long name text representation of OID.
* ext/openssl/ossl_asn1.c (ossl_asn1obj_get_oid): add new function for
ASN1::ObjectId#oid; it returns numerical representation of OID.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4709 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
for objects that cannot be dumped, if they traversed from
marshal_dump. they are just ignored.
* gc.c (Init_stack): cast "space" (doble value) into unsigned
int. should run on PowerPC.
* eval.c (rb_eval): should not execute else part if any exception
is caught. [ruby-dev:21482]
* parse.y (f_args): should allow unparenthesized block argument.
* parse.y (f_rest_arg): should allow unparenthesized rest
argument.
* lib/irb/ruby-lex.rb (RubyLex::identify_identifier): support
'class ::Foo' syntax. [ruby-talk:83514]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4680 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.h: add OpenSSL::ASN1 module.
* ext/openssl/ossl.c (Init_openssl): call Init_ossl_asn1.
* ext/openssl/ossl.h: include ossl_asn1.h.
* ext/openssl/extconf.rb: check if X509_ATTRIBUTE has field "single".
* ext/openssl/ossl_x509attr.c (ossl_x509attr_set_value): accept
DER encoded data argument.
* ext/openssl/ossl_x509attr.c (ossl_x509attr_get_value): return
DER encoded data in OpenSSL::ASN1 types.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4660 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ext/openssl/ossl_pkey_rsa.c, ext/bigdecimal/bigdecimal.h: must
not use C++ or C99 style comment yet. (ruby-bugs:PR#1184)
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4594 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: add check for assert.h.
* ext/openssl/ossl.c (ossl_buf2str): new function to convert
C buffer to String and free buffer.
* ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert
Array of OpenSSL::X509 to STACK_OF(X509) with exception safe.
* ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new
functions to convert object to DER string.
* ext/openssl/ossl.h: ditto.
* ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert
BIO to String object and free BIO.
* ext/openssl/ossl_bio.h: ditto.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der".
* ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto.
* ext/openssl/ossl_x509ext.c (create_ext_from_array): removed
and reimplement in openssl/x509.rb.
* ext/openssl/ossl_x509attr.c: reimplemented and disable some
method temporarily. this class doesn't work fine without ASN.1
data support;-) I'll rewrite in near future.
* ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off
unused code.
* ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
libeay32.dll doesn't export functions defined in conf_api.h.
this workaround is to avoid link error.
* ext/openssl/ossl_config.c (ossl_config_initialize): ditto.
* ext/openssl/ossl_config.c (ossl_config_add_value): ditto.
* ext/openssl/ossl_config.c (set_conf_section_i): should check
if the argument is Array.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4544 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_config.c: refine all with backward compatibility.
* ext/openssl/ossl_config.h: export GetConfigPtr() and DupConfigPtr().
* ext/openssl/ossl_x509.c: added new constants under X509 module.
DEFAULT_CERT_AREA, DEFAULT_CERT_DIR, DEFAULT_CERT_FILE,
DEFAULT_CERT_DIR_ENV, DEFAULT_CERT_FILE_ENV and DEFAULT_PRIVATE_DIR.
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_free): don't free
the members of the struct. it's left to GC.
* ext/openssl/ossl_x509ext.c (ossl_x509_set_config): add for config=.
* ext/openssl/ossl_x509ext.c (Xossl_x509extfactory_initialize):
add attr readers: issuer_certificate, subject_certificate,
subject_request, crl and config.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
compatibility stuff. and remove DEFINE_ALLOC_WRAPPER from
all sources.
* ext/openssl/ossl_x509ext.c (X509::Extension.new): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#oid=): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#value=): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#critical=): new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/https.rb: SSLSocket handling is moved to webrick/ssl.rb.
* lib/webrick/compat.rb (File::fnmatch): remove old migration code.
* lib/webrick/httpserver.rb (HTTPServer#run): ditto.
* lib/webrick/server.rb (GenericServer#listen): the body of this
method is pull out as Utils::create_lisnteners.
* lib/webrick/utils.rb (Utils::create_lisnteners): new method.
* lib/webrick/server.rb (GenericServer#start): should not
through unknown errors. and refine comments.
* ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): should close
socket if SSLSocket raises error.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
a builtin.
* ext/openssl/lib/openssl/buffering.rb (Buffering#close): ditto.
* ext/openssl/lib/openssl/buffering.rb (Buffering#puts): should
add a return to the tails of each line.
* ext/openssl/lib/openssl/ssl.rb: new class OpenSSL::SSL::SSLServer.
* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): use sync_close.
* ext/openssl/sample/echo_svr.rb: use SSLServer.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
method to specify if the underlying IO will be closed in
SSLSocket#close.
* ext/openssl/lib/openssl/buffering.rb: add forwarders to
setsockopt, getsockopt and fcntl.
* ext/openssl/lib/net/protocols.rb: enable sync for SSLSocket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4400 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
from 1k to 16k bytes. [ruby-talk:78603]
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): enable
partial write to allow interruption in SSLSocket#sysread.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (TO_SOCKET): define special version when
_WIN32 is defined. this is ruby's problem, not OpenSSL.
* win32/win32.c: remove some old comments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4172 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_debug): should enable if no va-args
macro supplied.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4165 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
- cert2text.rb: Dump certificate file as text.
- crlstore.rb: CRL store implementation. Fetch CRL via HTTP when
http-access2 is installed.
- certstore.rb: Certificate store implementation.
- cert_store_view.rb: Certificate store viewer with FXRuby. Uses
c_rehash.rb, crlstore.rb and certstore.rb.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4160 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
BN_pseudo_rand_range().
* ext/openssl/ossl_bn.c (ossl_bn_s_rand_range): should raise
NotImplementedError if BN_rand_range() wan not defined.
* ext/openssl/ossl_bn.c (ossl_bn_s_pseudo_rand_range): should raise
NotImplementedError if BN_pseudo_rand_range() wan not defined.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_s_encrypt): avoid compiler
warning for OpenSSL-0.9.6.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7si_initialize): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4159 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: use pkg-config to build CFLAGS and LDFLAGS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4150 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
gotoyuzo
matz
akr
eban
nobu
aamine
usa
michal
nahi