--
* etc/openssl/ossl_ssl.c (ossl_ssl_get_cert): raise exception if
pointer is invalid. Thanks Ippei Obayashi! [ruby-dev:42573]
--
STDIN is not valid when ruby doesn't have tty.
--
making ssl test a little better
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@30138 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
--
* ext/openssl/lib/openssl/bn.rb (Integer#to_bn): OpenSSL::BN.new
accepts only Strings, so call Integer#to_s(16).
16 is for an optimization. [ruby-dev:42336]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@30028 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
--
* ext/openssl/ossl_bn.c (ossl_bn_is_prime): fix comparison
with rb_scan_args. Before this fix, OpenSSL::BN#prime?
is fully broken.
--
Add ML ref [ruby-dev:42225] for r29237.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@29794 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
--
* backport r29071 from ruby_1_8;
* ext/openssl/ossl_asn1.c (obj_to_asn1bool): fixed ASN1::Boolean
encoding issue for OpenSSL 1.0.0 compatibility.
ASN1::Boolean.new(false).to_der wrongly generated "\1\1\377" which
means 'true'.
ASN1_TYPE_set of OpenSSL <= 0.9.8 treats value 0x100 as 'false'
but OpenSSL >= 1.0.0 treats it as 'true'. ruby-ossl was using
0x100 for 'false' for backward compatibility. Just use 0x0 for
the case OpenSSL >= OpenSSL 0.9.7.
* test/openssl/test_asn1.rb: test added.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@29389 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
needs an argument on it. When the maintainer returns, this test shall be
corrected.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@28140 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/zlib/test_zlib.rb (test_adler32_combine, test_crc32_combine): skip if
they are not implemented.
* test/socket/test_addrinfo.rb: ipaddr.rb defines Socket::AF_INET6 as an Object
if the constant is not available.
* test/logger/test_logger.rb: close logger (or logdevice) if it's related to
a file because some platforms such as Windows cannot remove opened files.
* test/openssl/test_ssl.rb (server_loop): treat Errno::ENOTSOCK just like as
Errno::EBADF and Errno::EINVAL.
* test/openssl/test_ssl.rb (test_client_auth): Errno::ECONNRESET is raised on
Windows.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@27885 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
truncated with ec_key.group.order.size after openssl 0.9.8m for
FIPS 186-3 compliance.
WARNING: ruby-openssl aims to wrap an OpenSSL so when you're using
openssl 0.9.8l or earlier version, EC.dsa_sign_asn1 raises
OpenSSL::PKey::ECError as before and EC.dsa_verify_asn1 just returns
false when you pass dgst longer than expected (no truncation
performed).
* ext/openssl/ossl_pkey_ec.c: rdoc typo fixed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27645 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test_x509req.rb}:
fix false positive tests because of OpenSSL spec change.
patched by originally Hongli Lai [ruby-core:27417],
and fixed by Motohiro KOSAKI [ruby-core:28063]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26780 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove false positive tests because of OpenSSL spec change.
patched by Motohiro KOSAKI [ruby-core:28063]
see also [ruby-dev:40077]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26779 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
OpenSSL::SSL::SSLSocket should implement read_nonblock. a patch
from Aaron Patterson in [ruby-core:20277]. fix: #814 [ruby-core:20241]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20493 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Debian's openssl 0.9.8g-13 failed at assert(ssl.session_reused?),
when use default SSLContext. [ruby-dev:36167]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19268 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add a null check for ssl; submitted by akira yamada
in [ruby-dev:34950].
* ext/openssl/ossl_ssl.c (Init_ossl_ssl): Define OP_NO_TICKET if
SSL_OP_NO_TICKET is present; submitted by akira yamada
in [ruby-dev:34944].
* test/openssl/test_ssl.rb (OpenSSL#test_server_session): Add a
workaround for the case where OpenSSL is configured with
--enable-tlsext; submitted by akira yamada in [ruby-dev:34944].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16842 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
New method SSLContext#setup to aid C extension writers.
* test/openssl/test_ssl.rb: Add tests for new method and sessions.
Use threads for ssl server instead of forking.
* ext/openssl/ossl_version.h: Bump version.
* ext/openssl/ossl_x509ext.c: Fix warnings.
* test/openssl/utils.rb: Fix warnings.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
new method OpenSSL::SSL::SSLContext#ssl_version to wrap
SSL_CTX_set_ssl_version.
* ext/openssl/ossl_ssl.c (ossl_ssl_get_verify_result):
new method OpenSSL::SSL::SSLSocket#verify_result to wrap
SSL_get_verrify_result.
* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLContext.build):
new method to build OpenSSL::SSL::SSLContext with Hash parameters.
this method provides safety default parameters than SSLContext.new.
* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL.verify_cetificate_identity):
new module function: pull out identity verification process
from OpenSSL::SSL::SSLSocket#post_connection_check.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14270 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fix ruby-Bugs-11513.
* ext/openssl/ossl_pkey_ec.c
New methods EC::Point.[eql,make_affine!,invert!,on_curve?,infinity?]
By default output the same key form as the openssl command.
* ext/openssl/ossl_rand.c
New method Random.status?
* test/openssl/test_ec.rb
New tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12571 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509ext.c (MakeX509ExtFactory): should use
OPENSSL_malloc to allocate X509V3_CTX.
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_create_ext): use
X509V3_EXT_nconf_nid to avoid SEGV (and to build extensions which
values are placed in separate section).
* test/openssl/test_x509ext.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
not be empty. [ruby-talk:161220]
* test/openssl/test_cipher.rb: add test for Cipher#update("").
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
an instance variable "private" is added to OpenSSL::PKey class.
this ivar is a flag that shows whether there is a private key
in the instance.
* ext/openssl/ossl_engine.c: (ossl_engine_load_privkey): set private
key flag.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9218 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to avoid a bug of PKCS7_enctypt() (only if ext/openssl is
compiled with OpenSSL-0.9.7d or earlier versions).
http://www.mail-archive.com/openssl-dev@openssl.org/msg17376.html
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkcs7.c: new class OpenSSL::PKCS7::RecipientInfo.
this class wraps PKCS7_RECIP_INFO struct.
* ext/openssl/ossl_pkcs7.c: OpenSSL::PKCS7::Signer is renamed to
OpenSSL::PKCS7::SignerInfo. ("Signer" remains as an alias of
SignerInfo.)
* test/openssl/test_pkcs7.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9094 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
the argument as a string.
* ext/openssl/ossl_ns_pki.c (ossl_spki_to_der): new method.
* ext/openssl/ossl_x509store.c (ossl_x509store_initialize): should
set @time to avoid warning.
* ext/openssl/ossl_x509store.c (ossl_x509store_set_default_paths,
X509_STORE_add_cert, X509_STORE_add_crl): should raise error if
wrapped functions fails.
* ext/openssl/ossl_ssl.c (ossl_sslctx_set_ciphers): fix error message.
* ext/openssl/ossl_x509req.c (ossl_x509req_set_attributes): get rid
of unused variable.
* test/openssl/test_ns_spki.rb: add new file.
* test/openssl/test_x509store.rb: add test for error.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9021 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
