on cygwin. Fifos seem to work okay in cygwin, but this test repeatedly
hangs.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55468 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
partially to avoid "self has wrong type to call super in this
context" errors.
[ruby-core:72724] [Bug #11954]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55462 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/rubygems/test_gem_remote_fetcher.rb: OpenSSL::PKey::DH#priv_key=
is not defined when ext/openssl is built with OpenSSL 1.1.0.
https://github.com/rubygems/rubygems/pull/1648
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55460 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c: Add OCSP::SingleResponse that represents an
OCSP SingleResponse structure. Also add two new methods #responses
and #find_response to OCSP::BasicResponse. A BasicResponse has one or
more SingleResponse. We have OCSP::BasicResponse#status that returns
them as an array of arrays, each containing the content of a
SingleResponse, but this is not useful. When validating an OCSP
response, we need to look into the each SingleResponse and check their
validity but it is not simple. For example, when validating for a
certificate 'cert', the code would be like:
# certid_target is an OpenSSL::OCSP::CertificateId for cert
basic = res.basic
result = basic.status.any? do |ary|
ary[0].cmp(certid_target) &&
ary[4] <= Time.now && (!ary[5] || Time.now <= ary[5])
end
Adding OCSP::SingleResponse at the same time allows exposing
OCSP_check_validity(). With this, the code above can be rewritten as:
basic = res.basic
single = basic.find_response(certid_target)
result = single.check_validity
* test/openssl/test_ocsp.rb: Test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c,
ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement
initialize_copy method for OpenSSL::PKey::*.
[ruby-core:75504] [Bug #12381]
* test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they
actually copy the OpenSSL objects, and modifications to cloned object
don't affect the original object.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* variable.c (rb_path_to_class): consider the string length
instead of a terminator.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55449 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_expand_path_compose):
normalization is meaningless unless file system encoding is UTF.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55446 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_pkey_ec.rb (setup): Don't call EC#generate_key! for
Oakley-* curves. This causes an odd error on Ubuntu 16.04 with openssl
1.0.2g-1ubuntu4.1.
begin
OpenSSL::PKey::EC.new("Oakley-EC2N-4").generate_key
rescue
p $!
end
OpenSSL::PKey::RSA.new(512)
This sometimes causes:
#<OpenSSL::PKey::ECError: EC_KEY_generate_key: pairwise test failed>
fips.c(139): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE
[ruby-dev:49670] [Bug #12504]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55444 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
HEAD(2c6d256). It contains to update vendored Molinillo to 0.5.0.
https://github.com/rubygems/rubygems/pull/1638
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55441 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/stringio/test_stringio.rb (test_overflow): could occur only
on sizeof(long) >= sizeof(void*).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55440 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/stringio/test_stringio.rb (test_overflow): refine the
conditinon, try to allocate strings until the buffer is located
in higher half address.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55439 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspreq_sign, ossl_ocspbres_sign): Allow
specifying hash algorithm used in signing. They are hard coded to use
SHA-1.
Based on a patch provided by Tim Shirley <tidoublemy@gmail.com>.
[ruby-core:70915] [Feature #11552] [GH ruby/openssl#28]
* test/openssl/test_ocsp.rb: Test sign-verify works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/enc/test_case_comprehensive.rb
(TestComprehensiveCaseFold::read_data): use \A and \z instead of
^ and $ in regexp.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspcid_get_issuer_name_hash,
ossl_ocspcid_get_issuer_key_hash, ossl_ocspcid_get_hash_algorithm):
Add accessor methods OCSP::CertificateId#issuer_name_hash,
#issuer_key_hash, #hash_algorithm.
Based on a patch provided by Paul Kehrer <paul.l.kehrer@gmail.com>.
[ruby-core:48062] [Feature #7181]
* test/openssl/test_ocsp.rb: Test these new methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55411 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/date/date_strftime.c (date_strftime_with_tmx): reject too
large precision to get rid of buffer overflow.
reported by Guido Vranken <guido AT guidovranken.nl>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55410 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ocsp.c (ossl_ocspbres_to_der, ossl_ocspcid_to_der):
Implement #to_der methods for OCSP::BasicResponse and
OCSP::CertificateId.
(ossl_ocspreq_initialize, ossl_ocspres_initialize): Use GetOCSP*()
instead of raw DATA_PTR().
(ossl_ocspbres_initialize, ossl_ocspcid_initialize): Allow
initializing from DER string.
(Init_ossl_ocsp): Define new #to_der methods.
* test/openssl/test_ocsp.rb: Test these changes. Also add missing tests
for OCSP::{Response,Request}#to_der.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* parse.y (reg_named_capture_assign_iter): remove named capture
conflict warnings. it is just annoying rather than useful.
[ruby-core:75416] [Bug #12359]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55396 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/objspace/test_objspace.rb (test_dump_all): dump to stdout
instead of a string, get rid of hung up.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55391 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_file_exhaustive.rb (test_expand_path_compose):
valid only on OS X.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55390 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/openssl/test_engine.rb (test_openssl_engine_builtin,
test_openssl_engine_by_id_string): Skip test if 'openssl' engine is
already loaded. And test the number increased by Engine.load{_by_id,},
not the total count of loaded engines. Previously, we called
OpenSSL::Engine.cleanup every time running a test case, but we no
longer can do it.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* file.c (append_fspath): normalize directory name to be appended
on OS X. [ruby-core:75957] [Ruby trunk Bug#12483]
https://github.com/rails/rails/issues/25303#issuecomment-224834804
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55385 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/forwardable.rb (_delegator_method): leave the backtrace
untouched during accessor. forwardable.rb does not appear in
the backtrace during delegated method because of tail-call
optimization.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_asn1.c (asn1integer_to_num): Use
ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN.
Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects
non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are
almost identical so they behaved in the same way in OpenSSL <= 1.0.2.
[ruby-core:75225] [Feature #12324]
* test/openssl/test_asn1.rb (test_decode_enumerated): Test that it
works.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55344 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Add define guards for OPENSSL_NO_EC.
SSL_CTX_set_ecdh_auto() is defined even when ECDH is disabled in
OpenSSL's configuration. This fixes r55214.
* test/openssl/test_pair.rb (test_ecdh_curves): Skip if the OpenSSL does
not support ECDH.
* test/openssl/utils.rb (start_server): Ignore error in
SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55342 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
CR or LF is included in a line, because they are not allowed in
RFC5321.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55324 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_proc.rb (test_lambda?): lambda-ness should be
preserved across proc, lambda, and Proc.new.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55321 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/rubygems/*_{cert,cert_32}.pem: Regenerate test certificates for
OpenSSL 1.1.0. This is already in upstream.
9be5c53939
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55317 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/open-uri/test_ssl.rb: Regenerate test certificates. The test CA
certificate was incorrectly generated. A CA certificate must have the
basic constraints extension with cA bit set to TRUE. OpenSSL <= 1.0.2
allowed the error when the certificate is in the trusted store but
OpenSSL 1.1.0 no longer does.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55315 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This fixes `make test-all TESTS=openssl` with OpenSSL master.
* test/openssl/test_x509name.rb: Don't register OID for 'emailAddress'
and 'serialNumber'. A recent change in OpenSSL made OBJ_create()
reject an already existing OID. They were needed to run tests with
OpenSSL 0.9.6 which is now unsupported.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25
[ruby-core:75225] [Feature #12324]
* test/openssl/test_ssl_session.rb (test_server_session): Duplicate
SSL::Session before re-adding to the session store. OpenSSL 1.1.0
starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session().
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75
* test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519
is new in OpenSSL 1.1.0 but this is for key agreement and not for
signing.
* test/openssl/test_pair.rb, test/openssl/test_ssl.rb,
test/openssl/utils.rb: Set security level to 0 when using aNULL cipher
suites.
* test/openssl/utils.rb: Use 1024 bits DSA key for client certificates.
* test/openssl/test_engine.rb: Run each test in separate process.
We can no longer cleanup engines explicitly as ENGINE_cleanup() was
removed.
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743
* ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the
RDoc for Engine.cleanup.
* ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS,
DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed.
* test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb,
test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb,
test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't
test unsupported hash functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
without any non-ASCII case conversions from ASCII-only test
to full test.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55311 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check for SSL_CTX_get_security_level().
OpenSSL 1.1.0 introduced "security level".
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c (ossl_sslctx_{get,set}_security_level): Add
SSLContext#security_level and #security_level=.
* test/openssl/test_ssl.rb (test_security_level): Add test. ...but this
doesn't actually test it. Because #security_level= is necessary in
order to run other tests on OpenSSL 1.1.0, go without tests for now.
Will fix after converting SSLContext#key= and #cert= to normal methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* vm_insnhelper.c (vm_throw_start): check if the iseq is symbol
proc, class definition should not be a symbol proc.
[ruby-core:75856] [Bug #12462]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55297 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
for Unicode case mapping.
* test/ruby/enc/test_case_comprehensive.rb: Tests for above
functionality; fixed an encoding issue in assertion error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
