ruby.git/ext/openssl/History.md, branch v3_0_4 The Ruby Programming Language openssl: import v2.2.1 2021-10-30T11:22:06+00:00 Kazuki Yamaguchi k@rhe.jp 2021-09-28T09:03:24+00:00 00e89fe36b57e2d7c4ea269bc827d9806edef5ed Bring the local copy of ruby/openssl in sync with the upstream gem release v2.2.1. The commits happened in the upstream repository can be found at: https://github.com/ruby/openssl/compare/v2.2.0...v2.2.1 Note that many of these have already been applied to ruby.git and don't appear in the file changes of this commit. 
Bring the local copy of ruby/openssl in sync with the upstream gem
release v2.2.1. The commits happened in the upstream repository can be
found at:

	https://github.com/ruby/openssl/compare/v2.2.0...v2.2.1

Note that many of these have already been applied to ruby.git and don't
appear in the file changes of this commit.
[ruby/openssl] Ruby/OpenSSL 2.2.0 2020-05-13T06:47:51+00:00 Kazuki Yamaguchi k@rhe.jp 2020-05-13T05:55:35+00:00 87662134b5351bd750e50bc6e9ff2a6ffe9b1f68 https://github.com/ruby/openssl/commit/41587f69e1 
https://github.com/ruby/openssl/commit/41587f69e1
[ruby/openssl] Add Marshal support to PKey objects 2020-05-13T06:47:51+00:00 Bart de Water bartdewater@gmail.com 2020-04-19T21:00:01+00:00 3f8665fe0ed5331aa723ddecbf6ad3728931c08d https://github.com/ruby/openssl/commit/c4374ff041 
https://github.com/ruby/openssl/commit/c4374ff041
openssl: sync with upstream repository 2020-03-10T08:41:01+00:00 Kazuki Yamaguchi k@rhe.jp 2020-03-09T09:26:19+00:00 e4a26cd4f8e74e5d29de10a3a0ce5829829301b0 Import current master (2c43241dc0ed) of ruby/openssl.git. Below are the commits that were made since the last batch at commit b99775b163ce (ruby/openssl.git commit f49e7110ca1e). Note that some of them have been applied already. ---------------------------------------------------------------- Benoit Daloze (1): Remove redundant and ignored workflow file DBL-Lee (1): add support for SHA512_256/SHA512_224 Hiroshi SHIBATA (2): Guard for OpenSSL::PKey::EC::Group::Error with unsupported platforms Fixed inconsistency directory structure with ruby/ruby repo Jeremy Evans (2): Fix keyword argument separation issues in OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock Remove taint support Kazuki Yamaguchi (26): config: support .include directive random: make OpenSSL::Random.pseudo_bytes alias of .random_bytes extconf.rb: get rid of -Werror=deprecated-declarations test/openssl/test_ssl: skip test_fallback_scsv if necessary ts: simplify OpenSSL::Timestamp::Request#algorithm History.md: add missing references to GitHub issues config: deprecate OpenSSL::Config#add_value and #[]= test/openssl/test_ssl: remove sleep from test_finished_messages test/openssl/test_ssl: fix random failure in SSLSocket.open test test/openssl/test_ssl: avoid explicitly-sized private keys test/openssl/test_ssl: remove commented-out test case test/openssl/test_ssl: allow kRSA tests to fail ssl: avoid declarations after statements engine: revert OpenSSL::Engine.load changes for cloudhsm engine: remove really outdated static engines engine: do not check for ENGINE_load_builtin_engines() engine: fix guards for 'dynamic' and 'cryptodev' engines lib/openssl.rb: require openssl/version.rb x509: add error code and verify flags constants ssl: set verify error code in the case of verify_hostname failure .github/workflows: merge CI jobs into a single workflow .github/workflows: test against different OpenSSL versions .travis.yml: fully migrate to GitHub Actions ssl: suppress test failure with SSLContext#add_certificate_chain_file ssl: remove test case test_puts_meta from test_pair Revert "Use version.rb in gemspec" MSP-Greg (2): .travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2 Use version.rb in gemspec Samuel Williams (1): Restore compatibility with older versions of Ruby. Yusuke Endoh (1): Make OpenSSL::OSSL#test_memcmp_timing robust 
Import current master (2c43241dc0ed) of ruby/openssl.git.

Below are the commits that were made since the last batch at commit
b99775b163ce (ruby/openssl.git commit f49e7110ca1e). Note that some of
them have been applied already.

----------------------------------------------------------------
Benoit Daloze (1):
      Remove redundant and ignored workflow file

DBL-Lee (1):
      add support for SHA512_256/SHA512_224

Hiroshi SHIBATA (2):
      Guard for OpenSSL::PKey::EC::Group::Error with unsupported platforms
      Fixed inconsistency directory structure with ruby/ruby repo

Jeremy Evans (2):
      Fix keyword argument separation issues in OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock
      Remove taint support

Kazuki Yamaguchi (26):
      config: support .include directive
      random: make OpenSSL::Random.pseudo_bytes alias of .random_bytes
      extconf.rb: get rid of -Werror=deprecated-declarations
      test/openssl/test_ssl: skip test_fallback_scsv if necessary
      ts: simplify OpenSSL::Timestamp::Request#algorithm
      History.md: add missing references to GitHub issues
      config: deprecate OpenSSL::Config#add_value and #[]=
      test/openssl/test_ssl: remove sleep from test_finished_messages
      test/openssl/test_ssl: fix random failure in SSLSocket.open test
      test/openssl/test_ssl: avoid explicitly-sized private keys
      test/openssl/test_ssl: remove commented-out test case
      test/openssl/test_ssl: allow kRSA tests to fail
      ssl: avoid declarations after statements
      engine: revert OpenSSL::Engine.load changes for cloudhsm
      engine: remove really outdated static engines
      engine: do not check for ENGINE_load_builtin_engines()
      engine: fix guards for 'dynamic' and 'cryptodev' engines
      lib/openssl.rb: require openssl/version.rb
      x509: add error code and verify flags constants
      ssl: set verify error code in the case of verify_hostname failure
      .github/workflows: merge CI jobs into a single workflow
      .github/workflows: test against different OpenSSL versions
      .travis.yml: fully migrate to GitHub Actions
      ssl: suppress test failure with SSLContext#add_certificate_chain_file
      ssl: remove test case test_puts_meta from test_pair
      Revert "Use version.rb in gemspec"

MSP-Greg (2):
      .travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2
      Use version.rb in gemspec

Samuel Williams (1):
      Restore compatibility with older versions of Ruby.

Yusuke Endoh (1):
      Make OpenSSL::OSSL#test_memcmp_timing robust
Import openssl-2.2.0 (#2693) 2020-02-16T06:21:29+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2020-02-16T06:21:29+00:00 b99775b163ce44079c1f8727ce9b4ed8bb03489d Import the master branch of ruby/openssl for preparing to release openssl-2.2.0 
Import the master branch of ruby/openssl for preparing to release openssl-2.2.0
openssl: sync with upstream repository 2018-10-18T00:24:49+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-10-18T00:24:49+00:00 93bc10272734cbbb9197470ca629cc4ea019f6f0 Import current master (01b23fa8eee2) of ruby/openssl.git. ---------------------------------------------------------------- Kazuki Yamaguchi (3): x509name: fix OpenSSL::X509::Name#{cmp,<=>} Ruby/OpenSSL 2.0.9 Ruby/OpenSSL 2.1.2 nobu (2): needs openssl/opensslv.h Remove -Wno-parentheses flag. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65139 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Import current master (01b23fa8eee2) of ruby/openssl.git.

----------------------------------------------------------------
Kazuki Yamaguchi (3):
      x509name: fix OpenSSL::X509::Name#{cmp,<=>}
      Ruby/OpenSSL 2.0.9
      Ruby/OpenSSL 2.1.2

nobu (2):
      needs openssl/opensslv.h
      Remove -Wno-parentheses flag.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65139 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
openssl: merge changes in v2.1.1 2018-05-12T07:33:53+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-05-12T07:33:53+00:00 961cbe5262946732e47182714ea3b4395a71227d Commits in upstream repository since v2.1.0 can be found at: https://github.com/ruby/openssl/compare/v2.1.0...v2.1.1 ---------------------------------------------------------------- Kazuki Yamaguchi (7): test/utils: disable Thread's report_on_exception in start_server cipher: validate iterations argument for Cipher#pkcs5_keyivgen extconf.rb: fix build with LibreSSL 2.7.0 test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1 test/test_ssl_session: set client protocol version explicitly Ruby/OpenSSL 2.0.8 Ruby/OpenSSL 2.1.1 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63406 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Commits in upstream repository since v2.1.0 can be found at:

	https://github.com/ruby/openssl/compare/v2.1.0...v2.1.1

----------------------------------------------------------------
Kazuki Yamaguchi (7):
      test/utils: disable Thread's report_on_exception in start_server
      cipher: validate iterations argument for Cipher#pkcs5_keyivgen
      extconf.rb: fix build with LibreSSL 2.7.0
      test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
      test/test_ssl_session: set client protocol version explicitly
      Ruby/OpenSSL 2.0.8
      Ruby/OpenSSL 2.1.1

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63406 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
openssl: import v2.1.0 2017-12-14T11:19:16+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-14T11:19:16+00:00 ed2b4d0a42d47f8105ec9c1199dcda0e74a2cd29 Import Ruby/OpenSSL 2.1.0. Commits since v2.1.0.beta2 can be found at: https://github.com/ruby/openssl/compare/v2.1.0.beta2...v2.1.0 ---------------------------------------------------------------- Kazuki Yamaguchi (8): test/test_ssl: prevent changing default internal encoding ssl: remove a misleading comment pkey/ec: rearrange PKey::EC::Point#initialize ssl: remove unreachable code asn1: fix docs pkey/ec: add support for octet string encoding of EC point Ruby/OpenSSL 2.0.7 Ruby/OpenSSL 2.1.0 eregon (1): Fix test-all tests to avoid creating report_on_exception warnings git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61235 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Import Ruby/OpenSSL 2.1.0. Commits since v2.1.0.beta2 can be found at:

	https://github.com/ruby/openssl/compare/v2.1.0.beta2...v2.1.0

----------------------------------------------------------------
Kazuki Yamaguchi (8):
      test/test_ssl: prevent changing default internal encoding
      ssl: remove a misleading comment
      pkey/ec: rearrange PKey::EC::Point#initialize
      ssl: remove unreachable code
      asn1: fix docs
      pkey/ec: add support for octet string encoding of EC point
      Ruby/OpenSSL 2.0.7
      Ruby/OpenSSL 2.1.0

eregon (1):
      Fix test-all tests to avoid creating report_on_exception warnings

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61235 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
openssl: import v2.1.0.beta2 2017-11-25T14:12:08+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-11-25T14:12:08+00:00 a55320b0933cbcfd05d427fe3712bc519c713deb Import Ruby/OpenSSL 2.1.0.beta2. The full commit log since commit e72d960db262 which was imported by r60013 can be found at: https://github.com/ruby/openssl/compare/e72d960db262...v2.1.0.beta2 ---------------------------------------------------------------- Kazuki Yamaguchi (26): bn: use ALLOCV() macro instead of xmalloc() appveyor.yml: remove 'openssl version' line test/test_ssl_session: skip tests for session_remove_cb x509ext: implement X509::Extension#== x509attr: implement X509::Attribute#== x509cert: implement X509::Certificate#== x509revoked: add missing X509::Revoked#to_der x509crl, x509revoked: implement X509::{CRL,Revoked}#== x509req: implement X509::Request#== ssl: extract rb_intern("call") cipher: disallow setting AAD for non-AEAD ciphers test/test_cipher: fix test_non_aead_cipher_set_auth_data failure ssl: fix conflict of options in SSLContext#set_params buffering: let #write accept multiple arguments pkey: make pkey_check_public_key() non-static x509cert, x509crl, x509req, ns_spki: check sanity of public key test/envutil: port assert_warning from Ruby trunk test/utils: remove a pointless .public_key call in issue_cert ssl: add SSLContext#add_certificate test/test_ssl: fix test_security_level Drop support for LibreSSL 2.4 kdf: add HKDF support test/test_x509cert: fix flaky test test/test_x509crl: fix random failure History.md: fix a typo Ruby/OpenSSL 2.1.0.beta2 Mark Wright (1): Fix build failure against OpenSSL 1.1 built with no-deprecated Thanks rhenium for the code review and fixes. Peter Karman (1): Add RSA sign_pss() and verify_pss() methods aeris (1): TLS Fallback Signaling Cipher Suite Value kazu (1): Use caller with length to reduce unused strings git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60907 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Import Ruby/OpenSSL 2.1.0.beta2. The full commit log since commit
e72d960db262 which was imported by r60013 can be found at:

	https://github.com/ruby/openssl/compare/e72d960db262...v2.1.0.beta2

----------------------------------------------------------------
Kazuki Yamaguchi (26):
      bn: use ALLOCV() macro instead of xmalloc()
      appveyor.yml: remove 'openssl version' line
      test/test_ssl_session: skip tests for session_remove_cb
      x509ext: implement X509::Extension#==
      x509attr: implement X509::Attribute#==
      x509cert: implement X509::Certificate#==
      x509revoked: add missing X509::Revoked#to_der
      x509crl, x509revoked: implement X509::{CRL,Revoked}#==
      x509req: implement X509::Request#==
      ssl: extract rb_intern("call")
      cipher: disallow setting AAD for non-AEAD ciphers
      test/test_cipher: fix test_non_aead_cipher_set_auth_data failure
      ssl: fix conflict of options in SSLContext#set_params
      buffering: let #write accept multiple arguments
      pkey: make pkey_check_public_key() non-static
      x509cert, x509crl, x509req, ns_spki: check sanity of public key
      test/envutil: port assert_warning from Ruby trunk
      test/utils: remove a pointless .public_key call in issue_cert
      ssl: add SSLContext#add_certificate
      test/test_ssl: fix test_security_level
      Drop support for LibreSSL 2.4
      kdf: add HKDF support
      test/test_x509cert: fix flaky test
      test/test_x509crl: fix random failure
      History.md: fix a typo
      Ruby/OpenSSL 2.1.0.beta2

Mark Wright (1):
      Fix build failure against OpenSSL 1.1 built with no-deprecated Thanks rhenium for the code review and fixes.

Peter Karman (1):
      Add RSA sign_pss() and verify_pss() methods

aeris (1):
      TLS Fallback Signaling Cipher Suite Value

kazu (1):
      Use caller with length to reduce unused strings

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60907 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
openssl: import e72d960db262 2017-09-24T16:26:22+00:00 rhe rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-24T16:26:22+00:00 fdd01b5356cca8da76ee32270969588dfdf9340c Sync with master branch of ruby/openssl.git to import changes in v2.1.0.beta1..v2.0.6. The commit log since v2.1.0.beta1 which was imported by r59734 can be found at: https://github.com/ruby/openssl/compare/v2.1.0.beta1...e72d960db262 ---------------------------------------------------------------- Kazuki Yamaguchi (16): test/test_pair: fix test_write_nonblock{,_no_exceptions} x509name: fix a typo in docs test/test_fips: skip if setting FIPS mode fails test/test_asn1: fix possible failure in test_utctime test/test_ssl: suppress warning in test_alpn_protocol_selection_cancel test/test_pair: disable compression test/test_ssl: skip tmp_ecdh_callback test for LibreSSL >= 2.6.1 test/test_ssl: do not run NPN tests for LibreSSL >= 2.6.1 tool/ruby-openssl-docker: update test/test_pair: replace sleep with IO.select ssl: prevent SSLSocket#sysread* from leaking uninitialized data ossl.c: use struct CRYPTO_dynlock_value for non-dynamic locks ossl.c: make legacy locking callbacks reentrant test/test_engine: suppress stderr test/test_engine: check if RC4 is supported Ruby/OpenSSL 2.0.6 SHIBATA Hiroshi (1): To use upstream url of github nobu (1): ruby.h: unnormalized Fixnum value git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60013 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Sync with master branch of ruby/openssl.git to import changes in
v2.1.0.beta1..v2.0.6. The commit log since v2.1.0.beta1 which was
imported by r59734 can be found at:

	https://github.com/ruby/openssl/compare/v2.1.0.beta1...e72d960db262

----------------------------------------------------------------
Kazuki Yamaguchi (16):
      test/test_pair: fix test_write_nonblock{,_no_exceptions}
      x509name: fix a typo in docs
      test/test_fips: skip if setting FIPS mode fails
      test/test_asn1: fix possible failure in test_utctime
      test/test_ssl: suppress warning in test_alpn_protocol_selection_cancel
      test/test_pair: disable compression
      test/test_ssl: skip tmp_ecdh_callback test for LibreSSL >= 2.6.1
      test/test_ssl: do not run NPN tests for LibreSSL >= 2.6.1
      tool/ruby-openssl-docker: update
      test/test_pair: replace sleep with IO.select
      ssl: prevent SSLSocket#sysread* from leaking uninitialized data
      ossl.c: use struct CRYPTO_dynlock_value for non-dynamic locks
      ossl.c: make legacy locking callbacks reentrant
      test/test_engine: suppress stderr
      test/test_engine: check if RC4 is supported
      Ruby/OpenSSL 2.0.6

SHIBATA Hiroshi (1):
      To use upstream url of github

nobu (1):
      ruby.h: unnormalized Fixnum value

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60013 b2dd03c8-39d4-4d8f-98ff-823fe69b080e