environment variables. based on a patch from funny-falcon at
https://gist.github.com/856296, but honors safe level.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31044 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
should reject indefinite length primitive encodings as that is
illegal. Patch by Martin Bosslet. See #4324.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30656 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
normal have_library, etc. Thanks Erik Hollensbe. [ruby-core:32406]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
implementation of `cleanup`.
* ext/openssl/lib/openssl/x509.rb: adding ruby implementation of
`cleanup`. OpenSSL::X509::StoreContext#cleanup is deprecated since
reusing the underlying struct doesn't make sense. [ruby-dev:42546]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add additional documentation for OpenSSL::SSL::SSLContext and
OpenSSL::SSL::SSLSocket.
Move "let rdoc know about mOSSL" comments so they don't show up in output.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30090 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
parameter may be used to specify the OpenSSL::OCSP::CertificateId on
initialization. Thanks Elise Huard! [ruby-core:32460]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29699 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
accepts only Strings, so call Integer#to_s(16).
16 is for an optimization. [ruby-dev:42336]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
with rb_scan_args. Before this fix, OpenSSL::BN#prime?
is fully broken.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
variable.
* test/openssl/*: less warnings while test running with -w.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29217 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
blocked on Windows while blocking call for SSLSocket. Need to
convert errno for letting rb_io_wait_readable detect EWOULDBLOCK.
Patch by arton. ref #3794.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29197 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ref #3400
The patch contains following comment:
This patch should avoid unnecessary incompatibility with future
versions of Openssl. Changes suggested by bmaher_at_amazon.com.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29190 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.c (obj_to_asn1bool): fixed ASN1::Boolean
encoding issue for OpenSSL 1.0.0 compatibility.
ASN1::Boolean.new(false).to_der wrongly generated "\1\1\377" which
means 'true'.
ASN1_TYPE_set of OpenSSL <= 0.9.8 treats value 0x100 as 'false'
but OpenSSL >= 1.0.0 treats it as 'true'. ruby-ossl was using
0x100 for 'false' for backward compatibility. Just use 0x0 for
the case OpenSSL >= OpenSSL 0.9.7.
* test/openssl/test_asn1.rb: test added.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29075 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_config.c, ext/openssl/lib/openssl/config.rb,
ext/openssl/lib/openssl.rb: reimplement OpenSSL::Config in Ruby.
Now it should work on windows.
* test/openssl/test_config.rb: added tests for OpenSSL::Config#dup.
* test/openssl/test_config.rb: added tests for Config#clone.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: use try_static_assert for version check.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28292 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
use sk_SSL_CIPHER_num and sk_SSL_CIPHER_value instead of cast.
patched by Takahiro Kambe [ruby-dev:41530]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
truncated with ec_key.group.order.size after openssl 0.9.8m for
FIPS 186-3 compliance.
WARNING: ruby-openssl aims to wrap an OpenSSL so when you're using
openssl 0.9.8l or earlier version, EC.dsa_sign_asn1 raises
OpenSSL::PKey::ECError as before and EC.dsa_verify_asn1 just returns
false when you pass dgst longer than expected (no truncation
performed).
* ext/openssl/ossl_pkey_ec.c: rdoc typo fixed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27645 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: check some functions added/removed at
OpenSSL 1.0.0.
* ext/openssl/ossl_engine.c (ossl_engine_s_load): use engines which
exists.
* ext/openssl/ossl_ssl_session (SSL_SESSION_cmp): removed at 1.0.0,
so implement compatible fuction here.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
which allows net/https to specify timeout. [ruby-core:24812]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
No need to define hexdigest() here because the super method is
properly defined to use digest() passing through arguments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26741 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
subclass of Digest::Class so it can take advantage of all those
utility methods such as base64digest.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26740 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::Digest class in place of where either an instance of
the class or the algorithm name was demanded. For example,
OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1, key, data) is now
accepted as well as the usual
OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, key, data) and
OpenSSL::HMAC.digest("SHA1", key, data).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26739 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
[ruby-core:22860]
* ext/openssl/ossl_engine.c (ossl_engine_s_by_id): suppress a
warning.
* ext/openssl/ossl_ssl.c (ossl_sslctx_flush_sessions): time_t may
be larger than long.
* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_get_time),
(ossl_ssl_session_get_timeout): use TIMET2NUM() to convert
time_t.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22925 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OPENSSL_free instead of free. a patch from Charlie Savage at
[ruby-core:22858].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22924 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* include/ruby/ruby.h (NUM2INT, rb_special_const_p): returns true
and false instead of Qtrue and Qfalse for platforms where VALUE
is bigger than int.
* gc.c (gc_stress_set), ext/openssl/ossl_asn1.c (decode_bool): got
rid of variables named `bool'.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22922 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG doesn't fit into Fixnum.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22916 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
returns positive value on success, not non-zero. [ruby-core:21762]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22440 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::SSL::SSLSocket should implement read_nonblock. a patch
from Aaron Patterson in [ruby-core:20277]. fix: #814 [ruby-core:20241]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20493 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ext/digest/md5/md5.c, ext/openssl/ossl.c (main),
ext/socket/extconf.rb (ipv6, wide-getaddrinfo): main should be int.
* main.c (main), win32/winmain.c, wince/wincemain.c (WinMain): envp is
no longer used so long time. based on a patch from Peter Bowen at
[ruby-core:18208]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18459 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add a null check for ssl; submitted by akira yamada
in [ruby-dev:34950].
* ext/openssl/ossl_ssl.c (Init_ossl_ssl): Define OP_NO_TICKET if
SSL_OP_NO_TICKET is present; submitted by akira yamada
in [ruby-dev:34944].
* test/openssl/test_ssl.rb (OpenSSL#test_server_session): Add a
workaround for the case where OpenSSL is configured with
--enable-tlsext; submitted by akira yamada in [ruby-dev:34944].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16842 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ext/openssl/ossl_pkey_dh.c (ossl_dh_s_generate)
(ossl_dh_initialize),
ext/openssl/ossl_pkey_dsa.c (ossl_dsa_s_generate),
ext/openssl/ossl_rand.c (ossl_rand_bytes)
(ossl_rand_pseudo_bytes, ossl_rand_egd_bytes),
ext/openssl/ossl_x509store.c (ossl_x509stctx_set_error): Do not
use FIX2INT() without checking the value type. Use NUM2INT()
instead; found by akr in [ruby-dev:34890].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16689 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
of md; pointed out by Takahiro Kambe <taca at back-street.net>
in [ruby-dev:34748].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16478 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
prototype change in openssl bundled with newer OpenBSD.
a patch from Takahiro Kambe <taca at back-street.net> in
[ruby-dev:34691].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
GDBM#{each,each_pair,each_key,each_value}: Return an enumerator
if no block is given.
* ext/gdbm/gdbm.c (fgdbm_each_value, fgdbm_each_key,
fgdbm_each_pair): GDBM#{each,each_pair,each_key,each_value}:
Return an enumerator if no block is given.
* ext/openssl/ossl_config.c (ossl_config_each):
OpenSSL::Config#each: Return an enumerator if no block is given.
* ext/readline/readline.c (hist_each): Readline::HISTORY#each:
Return an enumerator if no block is given.
* ext/sdbm/init.c (fsdbm_each_value, fsdbm_each_key,
fsdbm_each_pair): SDBM#{each,each_pair,each_key,each_value}:
Return an enumerator if no block is given.
* ext/stringio/stringio.c (strio_each_byte, strio_each):
StringIO#{each,each_line,each_byte}: Return an enumerator if no
block is given.
* ext/stringio/stringio.c (Init_stringio): Add #lines and #bytes,
which are aliases to #each_line and #each_byte, respectively.
* ext/win32ole/win32ole.c (fole_each): WIN32OLE#each: Return an
enumerator if no block is given.
* ext/zlib/zlib.c (rb_gzreader_each_byte, rb_gzreader_each):
Zlib::GzipReader#{each,each_line,each_byte}: Return an
enumerator if no block is given.
* ext/zlib/zlib.c (Init_zlib): Add Zlib::GzipReader#lines and
#bytes, which are aliases to #each_line and #each_byte,
respectively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16125 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
New method SSLContext#setup to aid C extension writers.
* test/openssl/test_ssl.rb: Add tests for new method and sessions.
Use threads for ssl server instead of forking.
* ext/openssl/ossl_version.h: Bump version.
* ext/openssl/ossl_x509ext.c: Fix warnings.
* test/openssl/utils.rb: Fix warnings.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Commit patch #9280 from Akinori MUSHA.
Simplify the OpenSSL::Digest class and make use of the
existing Digest framework.
Enhance performance.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15602 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
new method which calls TCPSocket#shutdown of the underlying socket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14304 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
new method OpenSSL::SSL::SSLContext#ssl_version to wrap
SSL_CTX_set_ssl_version.
* ext/openssl/ossl_ssl.c (ossl_ssl_get_verify_result):
new method OpenSSL::SSL::SSLSocket#verify_result to wrap
SSL_get_verrify_result.
* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLContext.build):
new method to build OpenSSL::SSL::SSLContext with Hash parameters.
this method provides safety default parameters than SSLContext.new.
* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL.verify_cetificate_identity):
new module function: pull out identity verification process
from OpenSSL::SSL::SSLSocket#post_connection_check.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14270 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
be verified against server's indentity as persented in the server's
certificate. [ruby-dev:31960]
* ext/openssl/lib/net/telnets.rb, ext/openssl/lib/net/ftptls.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@13656 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
be matched with its certificate's commonName) is added.
this verification can be skipped by
"Net::HTTP#enable_post_connection_check=(false)".
suggested by Chris Clark <cclark at isecpartners.com>
* lib/net/open-uri.rb: use Net::HTTP#enable_post_connection_check to
perform SSL post connection check.
* ext/openssl/lib/openssl/ssl.c
(OpenSSL::SSL::SSLSocket#post_connection_check): refine error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@13499 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fix ruby-Bugs-11513.
* ext/openssl/ossl_pkey_ec.c
New methods EC::Point.[eql,make_affine!,invert!,on_curve?,infinity?]
By default output the same key form as the openssl command.
* ext/openssl/ossl_rand.c
New method Random.status?
* test/openssl/test_ec.rb
New tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12571 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ruby_missing.h: check per features instead by
checking version code. [ruby-core:10845]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12140 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
akr
matz
shyouhei
nobu
naruse
nahi
tenderlove
kosaki
usa
drbrain
wanabe
mame
knu
marcandre
technorama
ko1
gotoyuzo