Just append OpenSSL error reason to the given message string
object, which would be alreadly formatted.
Suppress -Wformat-security warning in `ossl_tsfac_create_ts`.
11b1d8a6b8
* Add `printf` format attribute to `ossl_raise`.
* Fix a format specifier in `config_load_bio`.
* Use `ASSUME` for the unreachable condition.
41da2955db
This prevents early collection of the array. The GC doesn't see the
array on the stack when Ruby is compiled with optimizations enabled
Thanks @jhaberman for the test case
[ruby-core:105099] [Bug #18140]
'y' and 'n' are kind of ambiguous. Syck treated y and n literals in
YAML documents as strings. But this is not what the YAML 1.1 spec says.
YAML 1.1 says they should be treated as booleans. When we're dumping
documents, we know it's a string, so adding quotes will eliminate the
"ambiguity" in the emitted document
Fixes#4436a1c30634e
Previously, `+.inf` was not handled correctly. Additionally, the regexp
was checking for inf and NaN, even though these cases are handled earlier
in the condition. Added a few tests to ensure handling some missing
cases.
6e0e7a1e9f
Currently when calling any of the "FileUtils" methods on pathname `require` is called every time even though that library might already be loaded. This is slow:
We can speed it up by either checking first if the constant is already defined, or by using autoload.
Using defined speeds up the action by about 300x and using autoload is about twice as fast as that (600x faster than current require method).
I'm proposing we use autoload:
```ruby
require 'benchmark/ips'
Benchmark.ips do |x|
autoload(:FileUtils, "fileutils")
x.report("require") { require 'fileutils' }
x.report("defined") { require 'fileutils' unless defined?(FileUtils) }
x.report("autoload") { FileUtils }
x.compare!
end
# Warming up --------------------------------------
# require 3.624k i/100ms
# defined 1.465M i/100ms
# autoload 2.320M i/100ms
# Calculating -------------------------------------
# require 36.282k (± 2.4%) i/s - 184.824k in 5.097153s
# defined 14.539M (± 2.0%) i/s - 73.260M in 5.041161s
# autoload 23.100M (± 1.9%) i/s - 115.993M in 5.023271s
# Comparison:
# autoload: 23099779.2 i/s
# defined: 14538544.9 i/s - 1.59x (± 0.00) slower
# require: 36282.3 i/s - 636.67x (± 0.00) slower
```
Because this autoload is scoped to Pathname it will not change the behavior of existing programs that are not expecting FileUtils to be loaded yet:
```
ruby -rpathname -e "class Pathname; autoload(:FileUtils, 'fileutils'); end; puts FileUtils.exist?"
Traceback (most recent call last):
-e:1:in `<main>': uninitialized constant FileUtils (NameError)
```
This commit removes T_PAYLOAD since the new VWA implementation no longer
requires T_PAYLOAD types.
Co-authored-by: Aaron Patterson <tenderlove@ruby-lang.org>
This commit removes T_PAYLOAD since the new VWA implementation no longer
requires T_PAYLOAD types.
Co-authored-by: Aaron Patterson <tenderlove@ruby-lang.org>
LibYAML has moved from their previous Mercurial based hosting on BitBucket to a git repository on GitHub. This commit updates the `Psych` module's documentation to point to this new repository, instead of the old one which is now a 404.
947a84d0dd
I'm not sure whether this handles all multithreaded use cases,
but this handles the example that crashes almost immediately
and does 10,000,000 total deflates using 100 separate threads.
To prevent the tests from taking forever, the committed test
for this uses only 10,000 deflates across 10 separate threads,
which still causes a segfault in the previous implementation
almost immediately.
Fixes [Bug #17803]
4b1023b3f2
* It used to be hardcoded since 0affbf9d2c7c5c618b8d3fe191e74d9ae8ad22fc
but got removed in 23abf3d3fb82afcc26d35769f0dec59dd46de4bb
* This means that since that second commit, rb_iterate() was used unintentionally.
8816ced525
Back in 2016, we chose not to use Bundler in Ruby/OpenSSL development
because Bundler depended on openssl and could not be used for testing
openssl itself - "bundle exec rake test" would end up with loading two
different versions of openssl at the same time.
This has been resolved long time ago. We can now safely use it for
development dependency management and for Rake tasks.
47283d9161
Also, OpenSSL::BN::CONSTTIME is added.
OpenSSL itself had a feature that was vulnerable against a side-channel
attack. The OpenSSL authors determined that it was not a security issue,
and they have already fixed the issue by using BN_set_flags.
https://github.com/openssl/openssl/pull/13888
If a Ruby OpenSSL user was faced with a similar issue, they couldn't
prevent the issue because Ruby OpenSSL lacks a wrapper to BN_set_flags.
For the case, this change introduces the wrapper.
1e565eba89
