ruby.git/ext/openssl/extconf.rb, branch v3_4_9

Update openssl gem to 3.3.1 for Ruby 3.4 (#14792)

2025-10-09T14:32:47+00:00

Update openssl gem to 3.3.1

[Backport #21631]

[ruby/openssl] [ruby/openssl] Run `have_func` with the header providing the declarations

2025-07-15T16:23:42+00:00

https://github.com/ruby/openssl/commit/b6f56c4540

https://github.com/ruby/openssl/commit/5277ca1431

[ruby/openssl] Set time directly on the x509 store

2024-07-24T16:51:00+00:00

(https://github.com/ruby/openssl/pull/770)

Instead of an ivar, so other ossl functions that take a store will use the correct time when verifying

https://github.com/ruby/openssl/commit/21aadc66ae

[ruby/openssl] Fix references to the license text

2024-06-08T10:59:17+00:00

Update the references to the file "LICENCE" with "COPYING".

The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has
been always the case since OpenSSL for Ruby 2 was merged to the ruby
tree as a standard library in 2003.

In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained
an old version of the Ruby License, identical to the COPYING file that
was in Ruby's tree at that time (r4128[2]).

[1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup
[2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING

https://github.com/ruby/openssl/commit/5bccf07d04

[ruby/openssl] Add X509::Certificate#tbs_bytes

2024-06-08T10:57:02+00:00

Ref https://github.com/ruby/openssl/issues/519

This makes verifying embedded certificate transparency signatures
significantly easier, as otherwise the alternative was manipulating the
ASN1 sequence, as in
https://github.com/segiddins/sigstore-cosign-verify/pull/2/commits/656d992fa816613fd9936f53ce30972c2f2f4957

https://github.com/ruby/openssl/commit/99128bea5d

[ruby/openssl] Revert "Always respect the openssl prefix chosen by truffle/openssl-prefix on TruffleRuby"

2024-03-20T11:44:13+00:00

* This reverts commit https://github.com/ruby/openssl/commit/ca738e7e1357.
* No longer needed since https://github.com/oracle/truffleruby/issues/3170 was fixed.

https://github.com/ruby/openssl/commit/1f641a5604

[ruby/openssl] Add support for IO#timeout.

2024-01-17T17:09:03+00:00

(https://github.com/ruby/openssl/pull/714)

* Add support for IO#timeout.

https://github.com/ruby/openssl/commit/3bbf5178a9

[ruby/openssl] Remove OSSL_DEBUG compile-time option

2023-09-06T10:20:57+00:00

Remove the OSSL_DEBUG flag and OpenSSL.mem_check_start which is only
compiled when the flag is given. They are meant purely for development
of Ruby/OpenSSL.

OpenSSL.mem_check_start helped us find memory leak bugs in past, but
it is no longer working with the recent OpenSSL versions. Let's just
remove it now.

https://github.com/ruby/openssl/commit/8c7a6a17e2

[ruby/openssl] Raise an error when the specified OpenSSL library directory doesn't exist.

2023-08-16T05:48:41+00:00

OpenSSL built from the source creates the library directory to the
`/path/to/openssl_dir/lib64` as a default.
In the case, the `bundle exec rake compile -- --with-openssl-dir=`
cannot compile with the lib64 directory, and may compile with system OpenSSL's
libraries unintentionally. This commit is to check this case to avoid linking
with an unintentional library directory.

https://github.com/ruby/openssl/commit/ca54087462

[ruby/openssl] Always respect the openssl prefix chosen by truffle/openssl-prefix on TruffleRuby

2023-07-24T06:08:54+00:00

* See https://github.com/ruby/openssl/issues/650#issuecomment-1645699608

https://github.com/ruby/openssl/commit/ca738e7e13