ruby.git/ext/openssl/ossl_ssl.c, branch v2_0_0_451 The Ruby Programming Language merge revision(s) r44402: [Backport #9460] 2014-01-30T15:51:02+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2014-01-30T15:51:02+00:00 b8231227773bab5e133ac9be7c23378c64011561 * ext/openssl/ossl_ssl.c (Init_ossl_ssl): Declare a constant `OP_MSIE_SSLV2_RSA_PADDING` only if the macro is defined. The `SSL_OP_MSIE_SSLV2_RSA_PADDING` has been removed from latest snapshot of OpenSSL 1.0.1. [Fixes GH-488] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@44768 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (Init_ossl_ssl): Declare a constant
	  `OP_MSIE_SSLV2_RSA_PADDING` only if the macro is defined.  The
	  `SSL_OP_MSIE_SSLV2_RSA_PADDING` has been removed from latest
	  snapshot of OpenSSL 1.0.1.  [Fixes GH-488]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@44768 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 40304: [Backport #8240] 2013-04-19T17:16:37+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2013-04-19T17:16:37+00:00 2e607b7ff3f14ffefb94f171e6f50c3fd120e0da * ext/openssl/ossl_ssl.c: Correct shutdown behavior w.r.t GC. * test/openssl/test_ssl.rb: Add tests to verify correct behavior. [Bug #8240] Patch provided by Shugo Maeda. Thanks! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@40387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c: Correct shutdown behavior w.r.t GC.

	* test/openssl/test_ssl.rb: Add tests to verify correct behavior.
	[Bug #8240] Patch provided by Shugo Maeda. Thanks!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@40387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ssl_npn_encode_protocol_i): fix byte order 2012-11-29T13:54:02+00:00 ngoto ngoto@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-11-29T13:54:02+00:00 36c40166aca9dd59dc867ac2e46f102cc443c4b2 issue on big-endian architecture [ruby-core:50292] [Bug #7463] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37996 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  issue on big-endian architecture [ruby-core:50292] [Bug #7463]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37996 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_sslctx_attrs): add npn_select_db to 2012-09-18T08:52:40+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-18T08:52:40+00:00 e8854f8c62bd4241c77e5b2db82060d94193ea51 suppress warning: instance variable @npn_select_cb not initialized git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36985 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  suppress warning: instance variable @npn_select_cb not initialized

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36985 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
remove trailing spaces. 2012-09-04T00:57:31+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-09-04T00:57:31+00:00 af6c038b23c056fed1a8f5cbb8827b3a5061e893 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36895 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36895 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: Check existence of OPENSSL_NPN_NEGOTIATED. 2012-08-31T09:47:36+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-08-31T09:47:36+00:00 25e6db3e3cb52c1a81e1e4a958a8d520a996812e ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be advertised by the server can be set in the SSLContext by using SSLContext#npn_protocols=, protocol selection on the client is supported by providing a selection callback with SSLContext#npn_select_cb. The protocol that was finally negotiated is available through SSL#npn_protocol. test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation. NEWS: add news about NPN support. [Feature #6503] [ruby-core:45272] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
  advertised by the server can be set in the SSLContext by using
  SSLContext#npn_protocols=, protocol selection on the client is
  supported by providing a selection callback with
  SSLContext#npn_select_cb. The protocol that was finally negotiated
  is available through SSL#npn_protocol.
  test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
  NEWS: add news about NPN support.
  [Feature #6503] [ruby-core:45272]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Introduce SSLContext#renegotiation_cb and 2012-06-09T16:44:12+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-06-09T16:44:12+00:00 14ba7fab58329201aebdc49b83ca96dfbf0b13e6 remove SSLContext#disable_client_renegotiation and related functionality introduced in r35797. The new callback approach gives clients maximum flexibility to decide on their own what to do on renegotiation attempts. Add documentation for SSL module and SSLError. * test/openssl/test_ssl.rb: Add a test for SSLContext#renegotiation_cb. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  remove SSLContext#disable_client_renegotiation and related
  functionality introduced in r35797. The new callback approach
  gives clients maximum flexibility to decide on their own what to
  do on renegotiation attempts.
  Add documentation for SSL module and SSLError. 
* test/openssl/test_ssl.rb: Add a test for
  SSLContext#renegotiation_cb.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Allow disabling client-side renegotiation. 2012-05-26T00:56:33+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-26T00:56:33+00:00 50ba64ab87e1715cc0bf6d6c8bdfa330de4f6699 * test/openssl/test_ssl.rb: Simple tests for this. Client-side renegotiation is still considered problematic, even when used in the context of secure renegotiation (RI, RFC 5746). The changes allow users to either completely disable client renegotiation on the server, or to specify a maximum number of handshakes allowed in total. The number of total handshakes is counted in a callback set as SSL_set_info_callback. If the maximum number of handshakes is exceeded an error will be raised We do not support renegotiation in the OpenSSL extension, therefore this feature can only be tested externally. The feature is opt-in, the default setting will be to allow unlimited client renegotiation, as was the case before. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/test_ssl.rb: Simple tests for this.

  Client-side renegotiation is still considered problematic, even
  when used in the context of secure renegotiation (RI, RFC 5746).
  The changes allow users to either completely disable client
  renegotiation on the server, or to specify a maximum number of
  handshakes allowed in total. The number of total handshakes is
  counted in a callback set as SSL_set_info_callback. If the
  maximum number of handshakes is exceeded an error will be raised
  We do not support renegotiation in the OpenSSL extension, therefore
  this feature can only be tested externally.
  The feature is opt-in, the default setting will be to allow
  unlimited client renegotiation, as was the case before.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: Revert r35583 2012-05-25T13:24:47+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-25T13:24:47+00:00 913827b6afd701f5f5b7461e3acf15c70ab4f22b * test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid the test failing in Ruby CI [1] [1] http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz#test-all git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* test/openssl/test_ssl.rb: Handle ECONNRESET in code instead to avoid
the test failing in Ruby CI [1]
	
[1] http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz#test-all


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c (ossl_start_ssl): remove useless rb_sys_fail 2012-05-07T22:46:15+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-05-07T22:46:15+00:00 c047e1ec12cfb945988a7b243e02b82121880975 before ossl_raise. this cause a test failure on Linux. http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35583 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  before ossl_raise. this cause a test failure on Linux.
  http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20120507T190102Z.log.html.gz

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35583 b2dd03c8-39d4-4d8f-98ff-823fe69b080e