ruby.git/ext/openssl/lib, branch v2_0_0_451 The Ruby Programming Language merge revision(s) r43750,r43940: 2014-02-19T17:14:45+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2014-02-19T17:14:45+00:00 b903bbe4bfd8c3b75cbfa231a6ee3d15ef1370d2 * ext/openssl/lib/openssl/buffering.rb: [DOC] Fix HEREDOC comment for OpenSSL::Buffering which breaks overview because of RDoc bug * ext/openssl/lib/openssl/buffering.rb: Fix warning in copyright git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@45053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/lib/openssl/buffering.rb: [DOC] Fix HEREDOC comment for
	  OpenSSL::Buffering which breaks overview because of RDoc bug

	* ext/openssl/lib/openssl/buffering.rb: Fix warning in copyright


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@45053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 41805: [Backport #8575] [Backport #8582] 2013-07-06T17:05:08+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-07-06T17:05:08+00:00 239d52c825f7b98d3aa4ae42cbc7034cbf8198cd * lib/openssl/ssl.rb: Fix SSL client connection crash for SAN marked critical. The patch for CVE-2013-4073 caused SSL crash when a SSL server returns the certificate that has critical SAN value. X509 extension could include 2 or 3 elements in it: [id, criticality, octet_string] if critical, [id, octet_string] if not. Making sure to pick the last element of X509 extension and use it as SAN value. [ruby-core:55685] [Bug #8575] Thank you @nahi for providing the patch! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* lib/openssl/ssl.rb: Fix SSL client connection crash for SAN marked
	  critical.
	  The patch for CVE-2013-4073 caused SSL crash when a SSL server returns
	  the certificate that has critical SAN value.  X509 extension could
	  include 2 or 3 elements in it:
	  [id, criticality, octet_string] if critical,
	  [id, octet_string] if not.
	  Making sure to pick the last element of X509 extension and use it as
	  SAN value.
	  [ruby-core:55685] [Bug #8575]
	  Thank you @nahi for providing the patch!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 41785: 2013-07-06T16:52:56+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-07-06T16:52:56+00:00 b4359a3a43389be5ebb0d7f6bdd3624c353e624f Fix comment typo by @parroty [fix GH-350] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	Fix comment typo by @parroty [fix GH-350]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 41671: 2013-06-27T11:11:11+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-06-27T11:11:11+00:00 8bbcbef83e1afe71fb49a098cbf7b9be62b1c47a * ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix hostname verification. Patched by nahi. * test/openssl/test_ssl.rb (test_verify_certificate_identity): test for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix
	  hostname verification. Patched by nahi.

	* test/openssl/test_ssl.rb (test_verify_certificate_identity): test for
	  above.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/ssl.rb: Enable insertion of empty fragments as a 2012-12-18T02:02:43+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-12-18T02:02:43+00:00 84f1dae9d637a2038d1b395bcc2f22404770d2d7 countermeasure for the BEAST attack by default. The default options of OpenSSL::SSL:SSLContext are now: OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS [Bug #5353] [ruby-core:39673] * test/openssl/test_ssl.rb: Adapt tests to new SSLContext default. * NEWS: Announce the new default. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  countermeasure for the BEAST attack by default. The default options
  of OpenSSL::SSL:SSLContext are now:
  OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
  [Bug #5353] [ruby-core:39673]

* test/openssl/test_ssl.rb: Adapt tests to new SSLContext default.

* NEWS: Announce the new default.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38433 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trailing spaces. 2012-09-04T00:57:31+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-04T00:57:31+00:00 af6c038b23c056fed1a8f5cbb8827b3a5061e893 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36895 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36895 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/digest.rb 2012-08-02T01:58:49+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-02T01:58:49+00:00 df05bd2c82386e5897c4125576199e18a13712a1 test/openssl/test_digest.rb: Add Digest module function to OpenSSL module and test it. Patch provided by Eric Hodel. [ruby-core:46908][Feature #6819] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  test/openssl/test_digest.rb: Add Digest module function to OpenSSL
  module and test it. Patch provided by Eric Hodel.
  [ruby-core:46908][Feature #6819]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/openssl/ssl.rb: Use a simple random number to generate the 2012-06-10T01:53:20+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-06-10T01:53:20+00:00 43759fc1ed8f10fff50b4239089d02c0fbe6895d session id. MD5, as was used before, causes problems when using a FIPS version of OpenSSL. Issue was found by Jared Jennings, thank you! [ruby-trunk - Bug #6137] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  session id. MD5, as was used before, causes problems when
  using a FIPS version of OpenSSL. Issue was found by Jared
  Jennings, thank you!
  [ruby-trunk - Bug #6137]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/ssl.rb: add hostname to "hostname does not 2012-04-30T00:11:44+00:00 ayumin ayumin@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-04-30T00:11:44+00:00 0456c36d03adcdc93893395b91c789c02b1b4917 match server cert." error. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35494 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  match server cert." error.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35494 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/lib/openssl/ssl.rb (class OpenSSL::SSL::SSLContext): 2011-11-09T23:45:39+00:00 drbrain drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-11-09T23:45:39+00:00 a5fc87bd5ba21f1704e566344653f6d9d381fa8f Document #set_params. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33695 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  Document #set_params.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33695 b2dd03c8-39d4-4d8f-98ff-823fe69b080e