ruby.git/ext/openssl/ossl_ssl.c, branch ruby_2_7

openssl: import v2.1.3

2021-11-24T07:45:46+00:00

Bring the local copy of ruby/openssl in sync with the upstream gem
release v2.1.3. The commits happened in the upstream repository can be
found at:

	https://github.com/ruby/openssl/compare/v2.1.2...v2.1.3

Note that many of these have already been applied to ruby.git and don't
appear in the file changes of this commit.

[ruby/openssl] Remove taint support

2019-11-17T23:00:25+00:00

Ruby 2.7 deprecates taint and it no longer has an effect.
The lack of taint support should not cause a problem in
previous Ruby versions.

ext/openssl/ossl_ssl.c: Use const declaration if LibreSSL >= 2.8.0

2019-10-05T10:08:23+00:00

to suppress a warning in OpenBSD.

```
ossl_ssl.c:938:31: warning: incompatible pointer types passing 'SSL_SESSION *(SSL *, unsigned char *, int, int *)' (aka 'struct ssl_session_st *(struct ssl_st *, unsigned char *, int, int *)') to parameter of type 'SSL_SESSION *(*)(struct ssl_st *, const unsigned char *, int, int *)' (aka 'struct ssl_session_st *(*)(struct ssl_st *, const unsigned char *, int, int *)') [-Wincompatible-pointer-types]
        SSL_CTX_sess_set_get_cb(ctx, ossl_sslctx_session_get_cb);
                                     ^~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/include/openssl/ssl.h:738:20: note: passing argument to parameter 'get_session_cb' here
    SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
                   ^
1 warning generated.
```

Fix keyword argument separation issues in OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock

2019-09-26T15:01:53+00:00

It's unlikely anyone would actually hit these.  The methods are
private, you only hit this code path if calling these methods
before performing the SSL connection, and there is already a
verbose warning issued.

rb_iterate now takes rb_block_call_func_t

2019-08-27T06:52:26+00:00

After 5e86b005c0f2ef30df2f9906c7e2f3abefe286a2, I now think ANYARGS is
dangerous and should be extinct.  This commit makes rb_iterate free
from ANYARGS.

Add a /* fall through */ comment

2019-07-14T14:36:23+00:00

Suppress more -Wparentheses warnings

2018-09-21T10:31:11+00:00

[Fix GH-1958]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

openssl: import v2.1.0

2017-12-14T11:19:16+00:00

Import Ruby/OpenSSL 2.1.0. Commits since v2.1.0.beta2 can be found at:

	https://github.com/ruby/openssl/compare/v2.1.0.beta2...v2.1.0

----------------------------------------------------------------
Kazuki Yamaguchi (8):
      test/test_ssl: prevent changing default internal encoding
      ssl: remove a misleading comment
      pkey/ec: rearrange PKey::EC::Point#initialize
      ssl: remove unreachable code
      asn1: fix docs
      pkey/ec: add support for octet string encoding of EC point
      Ruby/OpenSSL 2.0.7
      Ruby/OpenSSL 2.1.0

eregon (1):
      Fix test-all tests to avoid creating report_on_exception warnings

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61235 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

openssl: import v2.1.0.beta2

2017-11-25T14:12:08+00:00

Import Ruby/OpenSSL 2.1.0.beta2. The full commit log since commit
e72d960db262 which was imported by r60013 can be found at:

	https://github.com/ruby/openssl/compare/e72d960db262...v2.1.0.beta2

----------------------------------------------------------------
Kazuki Yamaguchi (26):
      bn: use ALLOCV() macro instead of xmalloc()
      appveyor.yml: remove 'openssl version' line
      test/test_ssl_session: skip tests for session_remove_cb
      x509ext: implement X509::Extension#==
      x509attr: implement X509::Attribute#==
      x509cert: implement X509::Certificate#==
      x509revoked: add missing X509::Revoked#to_der
      x509crl, x509revoked: implement X509::{CRL,Revoked}#==
      x509req: implement X509::Request#==
      ssl: extract rb_intern("call")
      cipher: disallow setting AAD for non-AEAD ciphers
      test/test_cipher: fix test_non_aead_cipher_set_auth_data failure
      ssl: fix conflict of options in SSLContext#set_params
      buffering: let #write accept multiple arguments
      pkey: make pkey_check_public_key() non-static
      x509cert, x509crl, x509req, ns_spki: check sanity of public key
      test/envutil: port assert_warning from Ruby trunk
      test/utils: remove a pointless .public_key call in issue_cert
      ssl: add SSLContext#add_certificate
      test/test_ssl: fix test_security_level
      Drop support for LibreSSL 2.4
      kdf: add HKDF support
      test/test_x509cert: fix flaky test
      test/test_x509crl: fix random failure
      History.md: fix a typo
      Ruby/OpenSSL 2.1.0.beta2

Mark Wright (1):
      Fix build failure against OpenSSL 1.1 built with no-deprecated Thanks rhenium for the code review and fixes.

Peter Karman (1):
      Add RSA sign_pss() and verify_pss() methods

aeris (1):
      TLS Fallback Signaling Cipher Suite Value

kazu (1):
      Use caller with length to reduce unused strings

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60907 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

openssl: merge test fix from upstream

2017-10-21T20:26:26+00:00

Merge a commit from upstream:

	d1cbf6d75280 test/test_ssl_session: skip tests for session_remove_cb

Tests using SSL::SSLContext#session_remove_cb= are now skipped.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60318 b2dd03c8-39d4-4d8f-98ff-823fe69b080e