Граф коммитов

46 Коммитов

Автор SHA1 Сообщение Дата
nobu e7440de279 test: use assert_include
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55757 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-07-26 13:02:33 +00:00
rhe dd05607f9a openssl: fix build with OPENSSL_NO_EC
* ext/openssl/ossl_ssl.c: Add define guards for OPENSSL_NO_EC.
  SSL_CTX_set_ecdh_auto() is defined even when ECDH is disabled in
  OpenSSL's configuration. This fixes r55214.

* test/openssl/test_pair.rb (test_ecdh_curves): Skip if the OpenSSL does
  not support ECDH.

* test/openssl/utils.rb (start_server): Ignore error in
  SSLContext#ecdh_curves=.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55342 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-09 10:46:46 +00:00
rhe b257af8859 openssl: adjust tests for OpenSSL 1.1.0
This fixes `make test-all TESTS=openssl` with OpenSSL master.

* test/openssl/test_x509name.rb: Don't register OID for 'emailAddress'
  and 'serialNumber'. A recent change in OpenSSL made OBJ_create()
  reject an already existing OID. They were needed to run tests with
  OpenSSL 0.9.6 which is now unsupported.
  https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25
  [ruby-core:75225] [Feature #12324]

* test/openssl/test_ssl_session.rb (test_server_session): Duplicate
  SSL::Session before re-adding to the session store. OpenSSL 1.1.0
  starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session().
  https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75

* test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519
  is new in OpenSSL 1.1.0 but this is for key agreement and not for
  signing.

* test/openssl/test_pair.rb, test/openssl/test_ssl.rb,
  test/openssl/utils.rb: Set security level to 0 when using aNULL cipher
  suites.

* test/openssl/utils.rb: Use 1024 bits DSA key for client certificates.

* test/openssl/test_engine.rb: Run each test in separate process.
  We can no longer cleanup engines explicitly as ENGINE_cleanup() was
  removed.
  https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743

* ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the
  RDoc for Engine.cleanup.

* ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS,
  DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed.

* test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb,
  test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb,
  test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't
  test unsupported hash functions.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-07 12:20:46 +00:00
rhe b9f3d4b836 openssl: fix test failure on Fedora 23
* test/openssl/test_pair.rb (test_ecdh_curves): Avoid P-224. The FIPS
  patch from RHEL disables it. The curve has to be chosen from: {
  secp256k1, secp384r1, secp521r1, prime256v1 }.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55224 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-30 16:52:10 +00:00
rhe f26f358930 openssl: add SSLContext#ecdh_curves=
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): Enable the automatic
  curve selection for ECDH by calling SSL_CTX_set_ecdh_auto(). With
  this a TLS server automatically selects a curve which both the client
  and the server support to use in ECDH. This changes the default
  behavior but users can still disable ECDH by excluding 'ECDH' cipher
  suites from the cipher list (with SSLContext#ciphers=). This commit
  also deprecate #tmp_ecdh_callback=. It was added in Ruby 2.3.0. It
  wraps SSL_CTX_set_tmp_ecdh_callback() which will be removed in OpenSSL
  1.1.0. Its callback receives two values 'is_export' and 'keylength'
  but both are completely useless for determining a curve to use in
  ECDH. The automatic curve selection was introduced to replace this.

  (ossl_sslctx_setup): Deprecate SSLContext#tmp_ecdh_callback=. Emit a
  warning if this is in use.

  (ossl_sslctx_set_ecdh_curves): Add SSLContext#ecdh_curves=. Wrap
  SSL_CTX_set1_curves_list(). If it is not available, this falls back
  to SSL_CTX_set_tmp_ecdh().

  (Init_ossl_ssl): Define SSLContext#ecdh_curves=.

* ext/openssl/extconf.rb: Check the existence of EC_curve_nist2nid(),
  SSL_CTX_set1_curves_list(), SSL_CTX_set_ecdh_auto() and
  SSL_CTX_set_tmp_ecdh_callback().

* ext/openssl/openssl_missing.[ch]: Implement EC_curve_nist2nid() if
  missing.

* test/openssl/test_pair.rb (test_ecdh_callback): Use
  EnvUtil.suppress_warning to suppress deprecated warning.

  (test_ecdh_curves): Test that SSLContext#ecdh_curves= works.

* test/openssl/utils.rb (start_server): Use SSLContext#ecdh_curves=.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-30 09:30:38 +00:00
rhe c8cb26252a openssl: clear OpenSSL error queue before return to Ruby
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
  family may put errors on 0 return (0 means verification failure).
  Clear OpenSSL error queue before return to Ruby. Since the queue is
  thread global, remaining errors in the queue can cause an unexpected
  error in the next OpenSSL operation.  [ruby-core:48284] [Bug #7215]

* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.

* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.

* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.

* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
  queue before re-raising exception.

* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.

* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.

* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.

* test/openssl: check that OpenSSL.errors is empty every time after
  running a test case.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-18 04:07:47 +00:00
normal 280f732215 openssl: accept moving write buffer for write_nonblock
By setting the SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER flag.
This flag was introduced at the same time as
SSL_MODE_ENABLE_PARTIAL_WRITE in OpenSSL 0.9.4 and makes usage
with non-blocking sockets much easier.

Before this, a Rubyist would need to remember the exact object
which failed to write and reuse it later when the socket became
writable again.  This causes problems when the buffer is given
by another layer of the application (e.g. a buffer is given
by a Rack middleware or application to a Rack web server).

* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc):
  enable SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER by default
  [Bug #12126]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-03-31 20:33:55 +00:00
naruse 3e92b635fb Add frozen_string_literal: false for all files
When you change this to true, you may need to add more tests.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16 05:07:31 +00:00
hsbt 6cf568f4b5 * bootstraptest/runner.rb: use safe navigation operator.
[fix GH-1142] Patch by @mlarraz
* test/openssl/test_pair.rb: ditto.
* test/ruby/test_econv.rb: ditto.
* test/ruby/test_settracefunc.rb: ditto.
* test/thread/test_queue.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-14 08:04:28 +00:00
hsbt a8438d3033 * test/openssl/test_pair.rb: skipped tests if openssl doesn't support
ECDH cipher.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52412 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-10-31 11:16:02 +00:00
normal 1e5a40ff18 openssl/buffering: fix gets on EOF with limit
* ext/openssl/lib/openssl/buffering.rb (gets):
  avoid comparing fixnum with nil
* test/openssl/test_pair.rb: test gets with limit when EOF is hit
  Thanks to Bar Hofesh <bar.hofesh@safe-t.com> for the bug report
  and testing.
  [ruby-core:70149] [Bug #11400]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-08-01 22:08:17 +00:00
nobu 176414dfa7 test_pair.rb: join client thread
* test/openssl/test_pair.rb (test_ecdh_callback): join client
  thread only when it started.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51446 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-30 04:43:23 +00:00
nobu b729e9278f test_pair.rb: thread leak
* test/openssl/test_pair.rb (test_ecdh_callback): join client
  thread before closing sockets.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-29 12:45:32 +00:00
nobu 621bf532fc test_pair.rb: thread leak
* test/openssl/test_pair.rb (test_ecdh_callback): fix thread leak.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-29 12:41:09 +00:00
tenderlove 486e6e02c2 * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): support
specifically setting the tmp_dh_callback to nil.

* ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto

* test/openssl/test_pair.rb (module OpenSSL): add a test

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51381 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-25 23:16:49 +00:00
tenderlove ab9cd02f25 * test/openssl/test_pair.rb: add a test ensuring that the default DH
callback is used when no DH callback is specified.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51379 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-25 21:23:22 +00:00
tenderlove 5326593a8b * ext/openssl/ossl_ssl.c: add ECDH callback support. [Feature #11356]
* test/openssl/test_pair.rb: test for ECDH callback support

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51348 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-07-22 18:34:45 +00:00
normal c18df6d87c connect_nonblock supports "exception: false"
This is for consistency with accept_nonblock arguments and gives a
minor speedup from avoiding exceptions.
[ruby-core:68838] [Feature #11024]

* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock):
  support `exception: false'
* (get_no_exception): move function location
* ext/socket/socket.c (sock_connect_nonblock):
  support `exception: false'
* test/openssl/test_pair.rb (test_connect_accept_nonblock_no_exception):
  test `exception: false' on connect,
  rename from `test_accept_nonblock_no_exception'
* test/socket/test_nonblock.rb (test_connect_nonblock_no_exception):
  new test

Benchmark results:

default            0.050000   0.100000   0.150000 (  0.151307)
exception: false   0.030000   0.080000   0.110000 (  0.108840)

----------------------------8<-----------------------
require 'socket'
require 'benchmark'
require 'io/wait'
require 'tmpdir'

host = '127.0.0.1'
serv = TCPServer.new(host, 0) # UNIX sockets may not hit EINPROGRESS

nr = 5000 # few iterations to avoid running out of ports

addr = serv.getsockname
pid = fork do
  begin
    serv.accept.close
  rescue => e
    warn "#$$: #{e.message} (#{e.class})"
  end while true
end
at_exit { Process.kill(:TERM, pid) }
serv.close

Benchmark.bmbm do |x|
  x.report("default") do
    nr.times do
      s = Socket.new(:INET, :STREAM)
      s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
      begin
        s.connect_nonblock(addr)
      rescue IO::WaitWritable
        s.wait_writable
      end
      s.close
    end
  end
  x.report("exception: false") do
    nr.times do
      s = Socket.new(:INET, :STREAM)
      s.setsockopt(:SOL_SOCKET, :SO_REUSEADDR, 1)
      case s.connect_nonblock(addr, exception: false)
      when :wait_writable
        s.wait_writable
      end
      s.close
    end
  end
end

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-12 01:41:51 +00:00
normal aaf2d070a8 accept_nonblock supports "exception: false"
This is analogous to functionality found in IO#read_nonblock and
IO#wait_nonblock.  Raising exceptions for common failures on
non-blocking servers is expensive and makes $DEBUG too noisy.

Benchmark results:
                                    user     system      total        real
default                         2.790000   0.870000   3.660000 (  3.671597)
exception: false                1.120000   0.800000   1.920000 (  1.922032)
exception: false (cached arg)   0.820000   0.770000   1.590000 (  1.589267)
--------------------- benchmark script ------------------------
require 'socket'
require 'benchmark'
require 'tmpdir'
nr = 1000000
Dir.mktmpdir('nb_bench') do |path|
  sock_path = "#{path}/test.sock"
  s = UNIXServer.new(sock_path)
  Benchmark.bmbm do |x|
    x.report("default") do
      nr.times do
        begin
          s.accept_nonblock
        rescue IO::WaitReadable
        end
      end
    end
    x.report("exception: false") do
      nr.times do
        begin
          s.accept_nonblock(exception: false)
        rescue IO::WaitReadable
          abort "should not raise"
        end
      end
    end
    x.report("exception: false (cached arg)") do
      arg = { exception: false }
      nr.times do
        begin
          s.accept_nonblock(arg)
        rescue IO::WaitReadable
          abort "should not raise"
        end
      end
    end
  end
end

* ext/socket/init.c (rsock_s_accept_nonblock):
  support exception: false
  [ruby-core:66385] [Feature #10532]
* ext/socket/init.c (rsock_init_socket_init): define new symbols
* ext/socket/rubysocket.h: adjust prototype
* ext/socket/socket.c (sock_accept_nonblock): support exception: false
* ext/openssl/ossl_ssl.c (ossl_ssl_accept_nonblock): ditto
* ext/socket/socket.c (Init_socket): adjust accept_nonblock definition
* ext/openssl/ossl_ssl.c (Init_ossl_ssl): ditto
* ext/socket/tcpserver.c (rsock_init_tcpserver): ditto
* ext/socket/unixserver.c (rsock_init_unixserver): ditto
* ext/socket/tcpserver.c (tcp_accept_nonblock): adjust
  rsock_s_accept_nonblock call
* ext/socket/unixserver.c (unix_accept_nonblock): ditto
* ext/openssl/ossl_ssl.c (ossl_start_ssl): support no_exception
* ext/openssl/ossl_ssl.c (ossl_ssl_connect): adjust ossl_start_ssl call
* ext/openssl/ossl_ssl.c (ossl_ssl_connect_nonblock): ditto
* ext/openssl/ossl_ssl.c (ossl_ssl_accept): ditto
* test/socket/test_nonblock.rb (test_accept_nonblock): test for
  "exception :false"
* test/socket/test_tcp.rb (test_accept_nonblock): new test
* test/socket/test_unix.rb (test_accept_nonblock): ditto
* test/openssl/test_pair.rb (test_accept_nonblock_no_exception): ditto

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49948 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-03-12 03:03:04 +00:00
nobu af06381332 test/openssl: skip old OpenSSL
* test/openssl/utils.rb (OpenSSL::TestUtils): ignore out-of-date
  OpenSSL before 1.0.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-12-13 03:05:43 +00:00
akr 971df741b9 Close fds.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46216 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-28 15:06:39 +00:00
hsbt 6eb8acae90 * test/openssl/test_pair.rb: Modify TestSSL#test_read_and_write
to handle partial sysreads. [Bug #7398][ruby-core:49563]
* test/openssl/test_ssl.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46164 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-27 10:03:09 +00:00
akr 504453d929 * test/openssl: Join threads.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46108 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-25 05:22:49 +00:00
akr b9f770ae8f refactored to test Socket and TCPSocket/TCPServer more consistently.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-07 23:21:10 +00:00
akr 2dbae9b1f1 * ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLServer#accept):
Consider Socket#accept as well as TCPServer#accept.
  Reported by Sam Stelfox.  [ruby-core:62064] [Bug #9750]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45863 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-07 12:48:27 +00:00
akr 1386a2303f refactoring to extract tcp_pair.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45862 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-07 12:22:02 +00:00
naruse 8db313151d wait until the shutdowning message reaches to the server
see #8831

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42838 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-09-04 18:46:16 +00:00
usa 6d18cc288a * test/openssl/test_pair.rb
(OpenSSL::TestPair#test_write_nonblock_no_exceptions): on some CIs
  such as Debian 6.0, Ubuntu 10.04, CentOS and vc10-x64 (maybe depend
  on OpenSSL version), writing to SSLSocket after SSL_ERROR_WANT_WRITE
  causes SSL_ERROR_SSL "bad write retry".


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42790 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-09-03 01:08:09 +00:00
tenderlove 988ca60565 * io.c (io_read_nonblock): support non-blocking reads without raising
exceptions. As in: `io.read_nonblock(size, exception: false)`
  [ruby-core:38666] [Feature #5138]
* ext/openssl/ossl_ssl.c (ossl_ssl_read_internal): ditto
* ext/stringio/stringio.c (strio_sysread): ditto
* io.c (rb_io_write_nonblock): support non-blocking writes without
  raising an exception.
* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): ditto
* test/openssl/test_pair.rb (class OpenSSL): tests
* test/ruby/test_io.rb (class TestIO): ditto
* test/socket/test_nonblock.rb (class TestSocketNonblock): ditto
* test/stringio/test_stringio.rb (class TestStringIO): ditto

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42695 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-08-26 22:41:44 +00:00
headius 0626d9b91c Fix #6154 by introducing new EAGAIN/EWOULDBLOCK/EINPROGRESS
subclasses that include WaitReadable or WaitWritable rather than
extending them into the exception object each time.

* error.c: Capture EGAIN, EWOULDBLOCK, EINPROGRESS exceptions and
  export them for use in WaitReadable/Writable exceptions.
* io.c: Create versions of EAGAIN, EWOULDBLOCK, EINPROGRESS that
  include WaitReadable and WaitWritable. Add rb_readwrite_sys_fail
  for nonblocking failures using those exceptions. Use that
  function in io_getpartial and io_write_nonblock instead of
  rb_mod_sys_fail
* ext/openssl/ossl_ssl.c: Add new SSLError subclasses that include
  WaitReadable and WaitWritable. Use those classes for
  write_would_block and read_would_block instead of rb_mod_sys_fail.
* ext/socket/ancdata.c: Use rb_readwrite_sys_fail instead of
  rb_mod_sys_fail in bsock_sendmsg_internal and
  bsock_recvmsg_internal.
* ext/socket/init.c: Use rb_readwrite_sys_fail instead of
  rb_mod_sys_fail in rsock_s_recvfrom_nonblock and
  rsock_s_connect_nonblock.
* ext/socket/socket.c: Use rb_readwrite_sys_fail instead of
  rb_mod_sys_fail in sock_connect_nonblock.
* include/ruby/ruby.h: Export rb_readwrite_sys_fail for use instead
  of rb_mod_sys_fail. Introduce new constants RB_IO_WAIT_READABLE and
  RB_IO_WAIT_WRITABLE for first arg to rb_readwrite_sys_fail.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-04-08 19:58:55 +00:00
emboss 9871dd5783 * test/openssl/utils.rb
test/openssl/test_pair.rb
  test/openssl/test_pkey_dh.rb: Use 1024 bit DH parameters to satisfy
  OpenSSL FIPS requirements. Patch by Vit Ondruch.
  [Bug #6938] [ruby-core:47326]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-08-28 20:03:32 +00:00
nahi ab86f1cffb * ext/openssl/ossl.c (ossl_verify_cb): trap the exception from
verify callback of SSLContext and X509Store and make the 
  verification fail normally. Raising exception directly from callback
  causes orphan resouces in OpenSSL stack. Patched by Ippei Obayashi. 
  See #4445.

* test/openssl/test_ssl.rb
  (test_exception_in_verify_callback_is_ignored): test it.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-14 05:41:05 +00:00
tenderlove e1e671d60d refactor load error rescue to the openssl util file
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30176 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-12-11 01:25:25 +00:00
naruse 7fd6016e1c Set DH Parameter for SSLContext to clean warnings.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30123 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-12-07 14:24:40 +00:00
nahi 7f438d8402 * ext/openssl/lib/openssl/x509-internal.rb: removed unused local
variable.

        * test/openssl/*: less warnings while test running with -w.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29217 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-09-10 08:54:50 +00:00
naruse 6bbed0e31b * test: use require_relative.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@24878 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-09-12 17:00:51 +00:00
akr 7fd155cf0f * ext/openssl/ossl_ssl.c (write_would_block): defined.
(read_would_block): defined.
  (ossl_start_ssl): add nonblock argument.
  (ossl_ssl_connect): follow ossl_start_ssl change.
  (ossl_ssl_connect_nonblock): new method.
  (ossl_ssl_accept): follow ossl_start_ssl change.
  (ossl_ssl_accept_nonblock): new method.
  (ossl_ssl_read_internal): use write_would_block and
  read_would_block.
  (ossl_ssl_write_internal): ditto.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23029 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-21 06:56:33 +00:00
akr 17a085ea8c * ext/openssl/lib/openssl/buffering.rb
(OpenSSL::Buffering#write_nonblock): new method.

* ext/openssl/ossl_ssl.c (ossl_ssl_write_nonblock): new method.
  (ossl_ssl_write_internal): defined.
  (ossl_ssl_write): use ossl_ssl_write_internal.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23020 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-20 17:39:44 +00:00
akr c4049f4cb6 * io.c (rb_mWaitReadable): defined.
(rb_mWaitWritable): defined.
  (io_getpartial): extend IO::WaitReadable on EWOULDBLOCK and EAGAIN.
  (rb_io_write_nonblock): extend IO::WaitWritable on EWOULDBLOCK and
  EAGAIN.

* error.c (make_errno_exc): extracted from rb_sys_fail.
  (rb_mod_sys_fail): new function.

* include/ruby/ruby.h (rb_mod_sys_fail): declared.
  (rb_mWaitReadable): declared.
  (rb_mWaitWritable): declared.

* ext/socket/init.c (rsock_s_recvfrom_nonblock): extend
  IO::WaitReadable on EWOULDBLOCK and EAGAIN.
  (rsock_s_accept_nonblock): extend IO::WaitReadable on EWOULDBLOCK,
  EAGAIN, ECONNABORTED and EPROTO.

* ext/socket/socket.c (sock_connect_nonblock): extend IO::WaitWritable
  on EINPROGRESS.

* ext/socket/ancdata.c (bsock_sendmsg_internal): extend
  IO::WaitWritable on EWOULDBLOCK and EAGAIN.
  (bsock_recvmsg_internal): extend IO::WaitReadable on EWOULDBLOCK and
  EAGAIN.

* ext/openssl/ossl_ssl.c (ossl_ssl_read_internal): raise SSLError
  extended by IO::WaitReadable/IO::WaitWritable on
  SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.

* ext/openssl/ossl.c (ossl_make_error): extracted from ossl_raise.
  (ossl_exc_new): new function.

* ext/openssl/ossl.h (ossl_exc_new): declared.

* lib/net/protocol.rb (rbuf_fill): rescue IO::WaitReadable and
  IO::WaitWritable.

  [ruby-core:22539], [ruby-dev:38140] 



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23006 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-19 11:40:38 +00:00
nobu 287a34ae0d * {ext,lib,test}/**/*.rb: removed trailing spaces.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-06 03:56:38 +00:00
akr 6294d065bb select before read_nonblock.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22117 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-02-08 02:01:22 +00:00
akr 021aaa70d6 * ext/openssl/ossl_ssl.c (ossl_ssl_read_internal): show openssl error
code in EWOULDBLOCK error.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21210 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-12-31 08:18:12 +00:00
akr 8cc42bc701 add a test for OpenSSL::SSL::SSLSocket#read_nonblock.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-12-28 16:09:59 +00:00
akr c8c709ddfa * test/openssl/test_pair.rb (SSLPair#ssl_pair): join the thread, even
on an error.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14246 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2007-12-15 15:00:52 +00:00
gotoyuzo 5505449793 * ext/openssl/ossl_ssl.c: OpenSSL::SSL::SSLContexts suports callbacks:
- SSLContext#client_cert_cb is a Proc. it is called when a client
    certificate is requested by a server and no certificate was yet
    set for the SSLContext. it must return an Array which includes
    OpenSSL::X509::Certificate and OpenSSL::PKey::RSA/DSA objects.
  - SSLContext#tmp_dh_callback is called in key exchange with DH
    algorithm. it must return an OpenSSL::PKey::DH object.

* ext/openssl/ossl_ssl.c:
  (ossl_sslctx_set_ciphers): ignore the argument if it's nil.
  (ossl_start_ssl, ossl_ssl_write): call rb_sys_fail if errno isn't 0.
  [ruby-dev:25831]

* ext/openssl/ossl_pkey.c
  (GetPrivPKeyPtr, ossl_pkey_sign): should call rb_funcall first.
  (DupPrivPKeyPtr): new function.

* ext/openssl/ossl_pkey_dh.c: add default DH parameters.

* ext/openssl/ossl_pkey.h: ditto.

* ext/openssl/lib/openssl/cipher.rb: fix typo. [ruby-dev:24285]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8129 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-03-09 10:45:42 +00:00
gotoyuzo a9fb0817a1 * ext/openssl/ossl_ssl.c (ossl_start_ssl): should wait for that
the underlying IO become readable or writable if the error was
  SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. [ruby-dev:25795]

* ext/openssl/ossl_ssl.c (ossl_ssl_read, ossl_ssl_write): ditto.

* ext/openssl/lib/openssl/buffering.rb
  (Buffering#consume_rbuf): pointless eof flag resetting is deleted.
  (Buffering#read): should return an empty string if the specified
  size is zero.
  (Buffering#readpartial): new method.
  (Buffering#readline): fix typo.
  (Buffering#getc): return the first character of string correctly.
  (Buffering#readchar): fix typo.
  (Buffering#eof?): should read again it the input buffer is empty.
  (Buffering#do_write): should rescue Errno::EAGAIN.
  (Buffering#puts): use "\n" as the output field separator.

* ext/openssl/extconf.rb: get rid of GNUmakefile generation.

* text/openssl/test_pair.rb: test for IO like methods.

* test/ruby/ut_eof.rb: test about empty file.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8081 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-03-05 21:36:11 +00:00