Граф коммитов

21 Коммитов

Автор SHA1 Сообщение Дата
rhe a0f292bbcd openssl: sync with upstream repository
Sync with the current tip of master branch, 62436385306c of
ruby/openssl.git. Changes can be found at:

	https://github.com/ruby/openssl/compare/v2.1.1...62436385306c

----------------------------------------------------------------
Brian Cunnie (1):
      Correctly verify abbreviated IPv6 SANs

Janko Marohnić (1):
      Reduce memory allocation when writing to SSLSocket

Jeremy Evans (1):
      Move rb_global_variable call to directly after assignment

Kazuki Yamaguchi (7):
      pkcs7: allow recipient's certificate to be omitted for PKCS7#decrypt
      pkey: resume key generation after interrupt
      tool/ruby-openssl-docker: update to latest versions
      test/test_ssl: fix test failure with TLS 1.3
      test/test_x509name: change script encoding to ASCII-8BIT
      x509name: refactor OpenSSL::X509::Name#to_s
      x509name: fix handling of X509_NAME_{oneline,print_ex}() return value

ahadc (1):
      Update CONTRIBUTING.md

nobu (6):
      no ID cache in Init functions
      search winsock libraries explicitly
      openssl: search winsock
      openssl_missing.h: constified
      reduce LibreSSL warnings
      openssl/buffering.rb: no RS when output

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64233 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-08-08 14:13:53 +00:00
rhe 609103dbb5 openssl: import v2.1.0.beta1
Import Ruby/OpenSSL 2.1.0.beta1. The full commit log since v2.0.5
(imported by r59567) can be found at:

	https://github.com/ruby/openssl/compare/v2.0.5...v2.1.0.beta1

----------------------------------------------------------------
Antonio Terceiro (1):
      test/test_ssl: explicitly accept TLS 1.1 in corresponding test

Colby Swandale (1):
      document using secure protocol to fetch git master in Bundler

Colton Jenkins (1):
      Add fips_mode_get to return fips_mode

Kazuki Yamaguchi (85):
      Start preparing for 2.1.0
      Remove support for OpenSSL 0.9.8 and 1.0.0
      bn: refine tests
      bn: implement unary {plus,minus} operators for OpenSSL::BN
      bn: implement OpenSSL::BN#negative?
      Don't define main() when built with --enable-debug
      test: let OpenSSL::TestCase include OpenSSL::TestUtils
      test: prepare test PKey instances on demand
      Add OpenSSL.print_mem_leaks
      Enable OSSL_MDEBUG on CI builds
      ssl: move default DH parameters from OpenSSL::PKey::DH
      Make exceptions with the same format regardless of OpenSSL.debug
      ssl: show reason of 'certificate verify error' in exception message
      ssl: remove OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384
      ssl: do not confuse different ex_data index registries
      ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object
      Fix RDoc markup
      ssl: suppress compiler warning
      ext/openssl/deprecation.rb: remove broken-apple-openssl
      extconf.rb: print informative message if OpenSSL can't be found
      Rakefile: compile the extension before test
      kdf: introduce OpenSSL::KDF module
      ossl.h: add NUM2UINT64T() macro
      kdf: add scrypt
      Expand rb_define_copy_func() macro
      Expand FPTR_TO_FD() macro
      Remove SafeGet*() macros
      cipher: rename GetCipherPtr() to ossl_evp_get_cipherbyname()
      digest: rename GetDigestPtr() to ossl_evp_get_digestbyname()
      Add ossl_str_new(), an exception-safe rb_str_new()
      bio: simplify ossl_membio2str() using ossl_str_new()
      Remove unused functions and macros
      Drop support for LibreSSL 2.3
      ocsp: add OpenSSL::OCSP::Request#signed?
      asn1: infinite length -> indefinite length
      asn1: rearrange tests
      ssl: remove a needless NULL check in SSL::SSLContext#ciphers
      ssl: return nil in SSL::SSLSocket#cipher if session is not started
      asn1: remove an unnecessary function prototype
      asn1: require tag information when instantiating generic type
      asn1: initialize 'unused_bits' attribute of BitString with 0
      asn1: check for illegal 'unused_bits' value of BitString
      asn1: disallow NULL to be passed to asn1time_to_time()
      asn1: avoid truncating OID in OpenSSL::ASN1::ObjectId#oid
      asn1: allow constructed encoding with definite length form
      asn1: prohibit indefinite length form for primitive encoding
      asn1: allow tag number to be >= 32 for universal tag class
      asn1: use ossl_asn1_tag()
      asn1: clean up OpenSSL::ASN1::Constructive#to_der
      asn1: harmonize OpenSSL::ASN1::*#to_der
      asn1: prevent EOC octets from being in the middle of the content
      asn1: do not treat EOC octets as part of content octets
      x509name: add 'loc' and 'set' kwargs to OpenSSL::X509::Name#add_entry
      ssl: do not call session_remove_cb during GC
      Backport "Merge branch 'topic/test-memory-leak'" to maint
      cipher: update the documentation for Cipher#auth_tag=
      Rakefile: let sync:to_ruby know about test/openssl/fixtures
      test: fix formatting
      test/utils: remove OpenSSL::TestUtils.silent
      test/utils: add SSLTestCase#tls12_supported?
      test/utils: have start_server yield only the port number
      test/utils: do not set ecdh_curves in start_server
      test/utils: let server_loop close socket
      test/utils: improve error handling in start_server
      test/utils: add OpenSSL::TestUtils.openssl? and .libressl?
      test/utils: do not use DSA certificates in SSL tests
      test/test_ssl: remove test_invalid_shutdown_by_gc
      test/test_ssl: move test_multibyte_read_write to test_pair
      test/test_ssl_session: rearrange tests
      test/test_pair, test/test_ssl: fix for TLS 1.3
      ssl: remove useless call to rb_thread_wait_fd()
      ssl: fix NPN support
      ssl: mark OpenSSL::SSL::SSLContext::DEFAULT_{1024,2048} as private
      ssl: use 2048-bit group in the default tmp_dh_cb
      ssl: ensure that SSL option flags are non-negative
      ssl: update OpenSSL::SSL::OP_* flags
      ssl: prefer TLS_method() over SSLv23_method()
      ssl: add SSLContext#min_version= and #max_version=
      ssl: rework SSLContext#ssl_version=
      test/test_x509name: change script encoding to ASCII-8BIT
      x509name: refactor OpenSSL::X509::Name#to_s
      x509name: add OpenSSL::X509::Name#to_utf8
      x509name: add OpenSSL::X509::Name#inspect
      x509name: update regexp in OpenSSL::X509::Name.parse
      Ruby/OpenSSL 2.1.0.beta1

Marcus Stollsteimer (1):
      Fix rdoc for core Integer class

nobu (4):
      [DOC] {read,write}_nonblock with exception: false
      [DOC] keyword argument _exception_
      [DOC] mark up literals
      Revert r57690 except for read_nonblock

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59734 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-09-03 12:35:27 +00:00
rhe 9eb92007b6 openssl: import v2.0.4
Import Ruby/OpenSSL 2.0.4. Only bug (and typo) fixes. The full commit
history since v2.0.3 (imported at r57482) can be found at:

  https://github.com/ruby/openssl/compare/v2.0.3...v2.0.4

This contains the fix for [Bug #11033].

----------------------------------------------------------------
Jun Aruga (1):
      Update .travis.yml and Dockerfile

Kazuki Yamaguchi (9):
      test/test_pkey_ec: do not use dummy 0 order
      test/test_ssl: fix typo in test_sysread_and_syswrite
      ssl: check return value of SSL_set_fd()
      Fix typos
      test/test_x509store: skip OpenSSL::TestX509Store#test_set_errors
      tool/sync-with-trunk: 'LASY' -> 'LAST'
      x509store: clear error queue after calling X509_LOOKUP_load_file()
      extconf.rb: simplify searching libraries logic
      Ruby/OpenSSL 2.0.4

SHIBATA Hiroshi (1):
      Fix typos

Vladimir Rybas (1):
      Fix documentation for OpenSSL::Cipher#final

nobu (2):
      openssl: fix broken openssl check
      openssl: fix broken openssl check

usa (1):
      Search SSL libraries by testing various filename patterns

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59081 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-06-14 09:49:09 +00:00
rhe 0c83666c6c openssl: import v2.0.1
Import Ruby/OpenSSL 2.0.1. The full commit history since 2.0.0 (imported
at r56946) can be found at:

  https://github.com/ruby/openssl/compare/v2.0.0...v2.0.1

This release contains only bug fixes. Note, the first two commits since
v2.0.0 are already imported at r56953 to make Travis and RubyCI green.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57041 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-12-10 08:12:02 +00:00
rhe aab0d67a1f openssl: import v2.0.0
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2
(imported at r56098) can be found at:

  https://github.com/ruby/openssl/compare/v2.0.0.beta.2...v2.0.0

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56946 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-11-30 14:41:46 +00:00
rhe cf2792d591 openssl: drop OpenSSL 0.9.6/0.9.7 support
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-25 08:50:03 +00:00
rhe c8cb26252a openssl: clear OpenSSL error queue before return to Ruby
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
  family may put errors on 0 return (0 means verification failure).
  Clear OpenSSL error queue before return to Ruby. Since the queue is
  thread global, remaining errors in the queue can cause an unexpected
  error in the next OpenSSL operation.  [ruby-core:48284] [Bug #7215]

* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.

* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.

* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.

* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
  queue before re-raising exception.

* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.

* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.

* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.

* test/openssl: check that OpenSSL.errors is empty every time after
  running a test case.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-18 04:07:47 +00:00
naruse 3e92b635fb Add frozen_string_literal: false for all files
When you change this to true, you may need to add more tests.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16 05:07:31 +00:00
nobu af06381332 test/openssl: skip old OpenSSL
* test/openssl/utils.rb (OpenSSL::TestUtils): ignore out-of-date
  OpenSSL before 1.0.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-12-13 03:05:43 +00:00
kou bef1b7f1ca * test/openssl/test_pkcs7.rb: Fix inverted expected and actual values.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46169 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-27 11:57:41 +00:00
svn 08e9b7d66c * remove trailing spaces.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46163 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-27 09:48:30 +00:00
hsbt bab55ed3f5 * test/openssl/test_pkcs7.rb: Add tests for PKCS7#type= and add_data.
[Feature #7399][ruby-core:49565]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-05-27 09:48:27 +00:00
nobu d059d718b5 remove trainling spaces.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-08-21 04:50:18 +00:00
emboss aad347f5ec * ext/openssl/ossl_pkcs7.c: fix crash when parsing garbage data.
* test/openssl/test_pkcs7.rb: assert correct behavior for it.
  Thanks to Matt Venables for reporting the issue.
  [ruby-core:43250][Bug #6134]



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-03-29 01:27:17 +00:00
tenderlove 033cea7d8e drying up the requires in the openssl tests
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30220 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-12-15 19:50:00 +00:00
nahi 7f438d8402 * ext/openssl/lib/openssl/x509-internal.rb: removed unused local
variable.

        * test/openssl/*: less warnings while test running with -w.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29217 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-09-10 08:54:50 +00:00
akr 48d402db88 use require_relative.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26542 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-02-02 13:58:56 +00:00
nobu 287a34ae0d * {ext,lib,test}/**/*.rb: removed trailing spaces.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-06 03:56:38 +00:00
gotoyuzo cf95a55cc9 * test/openssl/test_pkcs7.rb: Remove redundant module namespace.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14135 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2007-12-08 08:23:07 +00:00
gotoyuzo 7877b56572 * test/openssl/test_pkcs7.rb (test_enveloped): skip this test
to avoid a bug of PKCS7_enctypt() (only if ext/openssl is
  compiled with OpenSSL-0.9.7d or earlier versions).
  http://www.mail-archive.com/openssl-dev@openssl.org/msg17376.html


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-09-12 11:55:25 +00:00
gotoyuzo 9147e519ba * ext/openssl/ossl_asn1.c (asn1str_to_str): new function.
* ext/openssl/ossl_pkcs7.c: new class OpenSSL::PKCS7::RecipientInfo.
  this class wraps PKCS7_RECIP_INFO struct.

* ext/openssl/ossl_pkcs7.c: OpenSSL::PKCS7::Signer is renamed to
  OpenSSL::PKCS7::SignerInfo. ("Signer" remains as an alias of
  SignerInfo.)

* test/openssl/test_pkcs7.rb: new file.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9094 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-09-07 07:40:55 +00:00