* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLServer#accept):
Consider Socket#accept as well as TCPServer#accept.
Reported by Sam Stelfox. [ruby-core:62064] [Bug #9750]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@46613 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.c (ossl_asn1_initialize): SYMID on a value
other than Symbol is an undefined behavior. fix up r31699.
[ruby-core:62142] [Bug #9771]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@46214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey.c (ossl_pkey_verify): as EVP_VerifyFinal()
finalizes only a copy of the digest context, the context must be
cleaned up after initialization by EVP_MD_CTX_cleanup() or a
memory leak will occur. [ruby-core:62038] [Bug #9743]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@45821 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_make_error): check NULL for unknown
error reasons with old OpenSSL, and insert a colon iff formatted
message is not empty.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@45778 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ext: use rb_sprintf() and rb_vsprintf() with PRIsVALUE
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@44903 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (Init_ossl_ssl): Declare a constant
`OP_MSIE_SSLV2_RSA_PADDING` only if the macro is defined. The
`SSL_OP_MSIE_SSLV2_RSA_PADDING` has been removed from latest
snapshot of OpenSSL 1.0.1. [Fixes GH-488]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@44710 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/digest.rb (digest, hexdigest): create
new instance and call on it directly, to get rid of deprecated
class OpenSSL::Digest::Digest.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44115 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSLSocket methods. [ruby-trunk - Bug #9028]
* test/openssl/test_ssl.rb: Test for the above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43964 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* include/ruby/ruby.h (RB_BLOCK_CALL_FUNC_ARGLIST): for declaration
argument list of rb_block_call_func.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43910 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/buffering.rb (OpenSSL::Buffering#initialize):
initialize of a module should pass arguments to super.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43774 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::Buffering which breaks overview because of RDoc bug
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43750 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This patch is based off work by @vbatts in GH-436 completing the
documentation for this class and its methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43742 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::ASN1::ObjectId included a fix for the class overview, which
previously showed the documentation for Constructive due to missing
ObjectId overview. This patch also includes a note for Primative.
Based on a patch by @vbatts via GH-436
https://github.com/ruby/ruby/pull/436
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43666 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
- Integer#to_bn
- OpenSSL::Buffering module
- Document deprecated OpenSSL::Digest::Digest compatibility class
- OpenSSL::Config
These changes were based on a patch by @vbatts via GH-436
https://github.com/ruby/ruby/pull/436
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43663 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/depend (ossl.o): work around of dependency of
thread_native.h, which depends on headers by THREAD_MODEL.
[ruby-dev:47777]
* ext/openssl/extconf.rb: need THREAD_MODEL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43451 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (Init_ossl_locks): to suppress shorten-64-to-32
warning, re-apply part of r41879.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (ossl_thread_id): use rb_nativethread_self()
implemented at r42137 to allow threads which doesn't associated with
Ruby thread to use openssl functions.
* ext/openssl/ossl.c (Init_ossl_locks): If CRYPTO_THREADID is defined
(OpenSSL 1.0.0 or later has it) use CRYPTO_THREADID_set_callback()
instead of CRYPTO_set_id_callback() because its argument is
unsigned long; it may cause id collision on mswin64
whose sizeof(unsigned long) < sizeof(void*).
http://www.openssl.org/docs/crypto/threads.html
* ext/openssl/ossl.c (ossl_threadid_func): defined for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
thread locking APIs added by last commit.
This patch fixes [Bug #8386].
"rb_mutex_*" APIs control only "Ruby" threads.
Not for native threads.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42135 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
format for ASN.1 UTCTime. [ruby-trunk - Bug #8664]
* test/openssl/test_asn1.rb: Test for the above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42126 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl.c (Init_ossl_locks): use rb_gc_register_mark_object
instead of rb_global_variable. probably RArray may be used.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL with OPENSSL_NO_EC2M defined, but OPENSSL_NO_EC not
defined.
* test/openssl/test_pkey_ec.rb: Iterate over built-in curves
(and assert their non-emptiness!) instead of hard-coding them, as
this may cause problems with respect to the different availability
of individual curves in individual OpenSSL builds.
[ruby-core:54881] [Bug #8384]
Thanks to Vit Ondruch for providing the patch!
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
CRYPTO_set_id_callback() callback functions ossl_thread_id and
ossl_lock_callback to ensure the OpenSSL extension is usable in
multi-threaded environments.
[ruby-core:54900] [Bug #8386]
Thanks, Dirkjan Bussink, for the patch!
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
critical.
The patch for CVE-2013-4073 caused SSL crash when a SSL server returns
the certificate that has critical SAN value. X509 extension could
include 2 or 3 elements in it:
[id, criticality, octet_string] if critical,
[id, octet_string] if not.
Making sure to pick the last element of X509 extension and use it as
SAN value.
[ruby-core:55685] [Bug #8575]
Thank you @nahi for providing the patch!
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41805 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
hostname verification. Patched by nahi.
* test/openssl/test_ssl.rb (test_verify_certificate_identity): test for
above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41671 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(BDIGIT_MSB): Defined using BIGRAD_HALF.
(bary_2comp): Apply BIGLO after possible over flow of BDIGIT.
(get2comp): Ditto.
(bary_unpack_internal): Use BDIGIT_MSB.
Apply BIGLO after possible over flow of BDIGIT.
(rb_integer_unpack): Use BDIGIT_MSB.
(calc_hbase): Use BDIGMAX.
(big2dbl): Use BDIGMAX.
Apply BIGLO after possible over flow of BDIGIT.
(rb_big_neg): Apply BIGLO after possible over flow of BDIGIT.
(biglsh_bang): Ditto.
(bigrsh_bang): Ditto.
(bary_divmod): Use BDIGIT_MSB.
(bigdivrem): Ditto.
(bigxor_int): Apply BIGLO after possible over flow of BDIGIT.
* marshal.c (shortlen): Use SIZEOF_BDIGITS instead of sizeof(BDIGIT).
* ext/openssl/ossl_bn.c (ossl_bn_initialize): Use SIZEOF_BDIGITS
instead of sizeof(BDIGIT).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41613 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OSSL_X509ATTR_SET_SINGLE macros to use ->value.set rather than
->set to fix compile failure
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41527 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
