The .include directive was initially added by OpenSSL 1.1.1, but the
syntax was later modified in 1.1.1b to improve compatibility with the
parser in <= 1.1.0. The test case expects 1.1.1b's parser.
95f59d398c
The test case is failing on Ubuntu 18.04 because it still uses the
initial 1.1.1 release:
http://rubyci.s3.amazonaws.com/graviton2/ruby-master/log/20210316T120003Z.fail.html.gz
LibreSSL 3.2.4 made the certificate verification logic back closer to
pre-3.2.2 one, which is more compatible with OpenSSL.
Part of the fixes added by commit a0e98d48c91f ("Enhance TLS 1.3 support
on LibreSSL 3.2/3.3", 2020-12-03) is required for 3.2.2 and 3.2.3 only
(and ~3.3.1, however 3.3 does not have a stable release yet). Since both
releases are security fix, it should be safe to remove those special
treatment from our test suite.
While we are at it, TestSSL#test_ecdh_curves is split into TLS 1.2 and
TLS 1.3 variants for clarity.
https://github.com/ruby/openssl/commit/a9954bac22
Although the manpage says that BIGNUM functions return 0 on error,
OpenSSL versions before 1.0.2n and current LibreSSL versions may return
-1 instead.
Note that the implementation of OpenSSL::BN#mod_inverse is extracted
from BIGNUM_2c() macro as it didn't really share the same function
signature with others.
https://github.com/ruby/openssl/commit/9b59f34345
This defines TLS1_3_VERSION when using LibreSSL 3.2+. LibreSSL 3.2/3.3
doesn't advertise this by default, even though it will use TLS 1.3
in both client and server modes.
Changes between LibreSSL 3.1 and 3.2/3.3 broke a few tests, Defining
TLS1_3_VERSION by itself fixes 1 test failure. A few tests now
fail on LibreSSL 3.2/3.3 unless TLS 1.2 is set as the maximum version,
and this adjusts those tests. The client CA test doesn't work in
LibreSSL 3.2+, so I've marked that as pending.
For the hostname verification, LibreSSL 3.2.2+ has a new stricter
hostname verifier that doesn't like subjectAltName such as
c*.example.com and d.*.example.com, so adjust the related tests.
With these changes, the tests pass on LibreSSL 3.2/3.3.
https://github.com/ruby/openssl/commit/a0e98d48c9
The form created an empty EC_GROUP object with the specified EC_METHOD.
However, the feature was unfinished and not useful in any way because
OpenSSL::PKey::EC::Group did not implement wrappers for necessary
functions to set actual parameters for the group, namely
EC_GROUP_set_curve() family.
EC_GROUP object creation with EC_METHOD explicitly specified is
deprecated in OpenSSL 3.0, as it was apparently not intended for use
outside OpenSSL.
It is still possible to create EC_GROUP, but without EC_METHOD
explicitly specified - OpenSSL chooses the appropriate EC_METHOD for
the curve type. The OpenSSL::PKey::EC::Group.new(<:GFp|:GF2m>, p, a, b)
form will continue to work.
https://github.com/ruby/openssl/commit/df4bec841f
The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by
LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not
supported by any non-EOL versions of OpenSSL.
The wrapper was initially implemented in Ruby 2.3 and has been
deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit
warning with rb_warn().
https://github.com/ruby/openssl/commit/ee037e1460
Undo special treatment of nil and simply pass the value to
StringValueCStr().
nil was never a valid argument for the method; OpenSSL::X509::StoreError
with an unhelpful error message "system lib" was raised in that case.
https://github.com/ruby/openssl/commit/fb2fcbb137
SSLContext's verify_mode expects an SSL_VERIFY_* constant (an integer)
and verify_hostname expects either true or false. However, they are set
to nil after calling OpenSSL::SSL::SSLContext.new, which is surprising.
Set a proper value to them by default: verify_mode is set to
OpenSSL::SSL::VERIFY_NONE and verify_hostname is set to false by
default.
Note that this does not change the default behavior. The certificate
verification was never performed unless verify_mode is set to
OpenSSL::SSL::VERIFY_PEER by a user. The same applies to
verify_hostname.
https://github.com/ruby/openssl/commit/87d869352c
Add explicit test cases for the behaviors with different verify_mode.
If we made a bug in verify_mode, we would notice it by failures of other
test cases, but there were no dedicated test cases for verify_mode.
https://github.com/ruby/openssl/commit/1ccdc05662
The current test_client_auth_public_key test case checks that supplying
a PKey containing only public components through client_cert_cb will
cause handshake to fail. While this is a correct behavior as a whole,
the assertions are misleading in the sense that giving a public key is
causing the failure. Actually, the handshake fails because a client
certificate is not supplied at all, as a result of ArgumentError that is
silently ignored.
Rename the test case to test_client_cert_cb_ignore_error and simplify it
to clarify what it is testing.
https://github.com/ruby/openssl/commit/785b5569fc
Explicitly check for type given some conflicting statements within openssl's
documentation around EVP_PKEY_cmp and EVP_PKEY_ASN1_METHOD(3).
Add documentation with an example for compare?
https://github.com/ruby/openssl/commit/0bf51da6e2
Use the EVP API instead of the low-level HMAC API. Use of the HMAC API
has been discouraged and is being marked as deprecated starting from
OpenSSL 3.0.0.
The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest
are now in lib/openssl/hmac.rb.
https://github.com/ruby/openssl/commit/0317e2fc02
Deprecate it for future removal. However, I do not expect any
application is affected by this.
The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains
untouched.
PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs
are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the
feature and OpenSSL 3.0 which is planned to be released in 2020 will
also deprecate the function as there is no real use-case.
https://github.com/ruby/openssl/commit/812de4253d
Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive().
This is useful for pkey types that we don't have dedicated classes, such
as X25519.
https://github.com/ruby/openssl/commit/28f0059bea
OpenSSL 1.1.1 added EVP_DigestSign() and EVP_DigestVerify() functions
to the interface. Some EVP_PKEY methods such as PureEdDSA algorithms
do not support the streaming mechanism and require us to use them.
https://github.com/ruby/openssl/commit/ae19454592
Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the
old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL
1.0.0.
Also, allow the digest to be specified as nil, as certain EVP_PKEY types
don't expect a digest algorithm.
https://github.com/ruby/openssl/commit/9ff6e5143b
Fix test_socket_open_with_local_address_port_context.
Often with MinGW, it seems EACCES is returned on bind when the port
number is unavailable. Ignore it just as we do for EADDRINUSE and
continue searching free port number.
Fixes: 98f8787b4687 ("test/openssl/test_ssl: fix random failure in
SSLSocket.open test", 2020-02-17)
https://github.com/ruby/openssl/commit/413b15526e
The EVP interface cannot tell whether if a pkey contains the private
components or not. Assume it does if it does not respond to #private?.
This fixes the NoMethodError on calling #sign on a generic PKey.
https://github.com/ruby/openssl/commit/f4c717bcb2
Merge the code into the callers so that the wrapping Ruby object is
allocated before the raw key object is allocated. This prevents possible
memory leak on Ruby object allocation failure, and also reduces the
lines of code.
https://github.com/ruby/openssl/commit/1eb1366615
Sorah Fukumori
Matt Valentine-House
git
Nobuyoshi Nakada
Kazuki Yamaguchi
Yusuke Endoh
Jeremy Evans
Nobuhiro IMAI
Claus Lensbøl
Colton Jenkins
Bart de Water