ruby.git/test/openssl, branch ruby_2_2 The Ruby Programming Language asn1: fix out-of-bounds read in decoding constructed objects 2017-09-14T11:41:59+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-14T11:41:59+00:00 5450329ad1778d72f117b68e5edb97ae1bf4d438 * OpenSSL::ASN1.{decode,decode_all,traverse}: have a bug of out-of-bounds read. int_ossl_asn1_decode0_cons() does not give the correct available length to ossl_asn1_decode() when decoding the inner components of a constructed object. This can cause out-of-bounds read if a crafted input given. Reference: https://hackerone.com/reports/170316 https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@59903 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* OpenSSL::ASN1.{decode,decode_all,traverse}: have a bug of
  out-of-bounds read. int_ossl_asn1_decode0_cons() does not give the
  correct available length to ossl_asn1_decode() when decoding the
  inner components of a constructed object. This can cause
  out-of-bounds read if a crafted input given.

Reference: https://hackerone.com/reports/170316
https://github.com/ruby/openssl/commit/1648afef33c1d97fb203c82291b8a61269e85d3b


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@59903 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 55822: [Backport #12660] 2016-09-30T15:03:15+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-09-30T15:03:15+00:00 c880452b7cdb1132a86974f621deb49388aad1fb * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior * test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@56300 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
	  avoid undefined behavior

	* test/openssl/test_pair.rb (test_write_zero): new test
	  [ruby-core:76751] [Bug #12660]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@56300 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 55047: [Backport #12441] 2016-08-16T11:55:03+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-08-16T11:55:03+00:00 a1af71552fbeb839939cb66a04aff9a1e4a46db2 * ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from GetBNPtr(). This doesn't raise exception but returns NULL on error. (GetBNPtr): Raise TypeError if conversion fails. (ossl_bn_eq): Implement BN#==. (ossl_bn_eql): #eql? should not raise TypeError even if the argument is not compatible with BN. (ossl_bn_hash): Implement BN#hash. * ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash. * test/openssl/test_bn.rb: Test BN#eql?, #== and #hash git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@55937 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from
	  GetBNPtr(). This doesn't raise exception but returns NULL on error.
	  (GetBNPtr): Raise TypeError if conversion fails.
	  (ossl_bn_eq): Implement BN#==.
	  (ossl_bn_eql): #eql? should not raise TypeError even if the argument
	  is not compatible with BN.
	  (ossl_bn_hash): Implement BN#hash.

	* ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash.

	* test/openssl/test_bn.rb: Test BN#eql?, #== and #hash


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@55937 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 53718: [Backport #12320] 2016-06-10T06:41:31+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-06-10T06:41:31+00:00 ddc47a94756381c9bc56a918728631209099669d Skip SHA from test_digest_constants for LibreSSL 2.3 The first one of ruby/openssl#40 https://github.com/ruby/openssl/issues/40#issuecomment-159839338 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@55349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	Skip SHA from test_digest_constants for LibreSSL 2.3

	The first one of ruby/openssl#40
	https://github.com/ruby/openssl/issues/40#issuecomment-159839338

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@55349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 54258: [Backport #12182] 2016-03-29T20:36:59+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-29T20:36:59+00:00 6ee7fcf3097d82ee134f8a7a549d7244ac0a0a26 * ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb function rather than OPENSSL_NPN_NEGOTIATED macro. it exists even if it is disabled by OpenSSL configuration. [ruby-core:74384] [Bug #12182] * ext/openssl/ossl_ssl.c: update #ifdef(s) as above. * test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54428 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb
	  function rather than OPENSSL_NPN_NEGOTIATED macro. it exists
	  even if it is disabled by OpenSSL configuration.
	  [ruby-core:74384] [Bug #12182]

	* ext/openssl/ossl_ssl.c: update #ifdef(s) as above.

	* test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54428 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 51016,53329: [Backport #11885] 2016-03-08T20:27:01+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-08T20:27:01+00:00 83d705f6a06eef70f9eb219ba7f187555f00ede8 * ext/openssl/ossl_ssl.c (ossl_ssl_read_internal): do not process kwargs in blocking mode * test/openssl/test_ssl.rb: test sysread * io.c (io_getpartial): remove unused kwarg from template * test/ruby/test_io.rb (test_readpartial_bad_args): new [Bug #11885] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54045 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (ossl_ssl_read_internal):
	  do not process kwargs in blocking mode

	* test/openssl/test_ssl.rb: test sysread

	* io.c (io_getpartial): remove unused kwarg from template

	* test/ruby/test_io.rb (test_readpartial_bad_args): new
	  [Bug #11885]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54045 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 53299: [Backport #11870] 2016-03-08T19:02:43+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-08T19:02:43+00:00 0df86c0b0a47f566d6f5abada2af64d91dcb34fe * cont.c, doc, man: fix common misspelling. [ruby-core:72466] [Bug #11870] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54040 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* cont.c, doc, man: fix common misspelling.
	  [ruby-core:72466] [Bug #11870]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@54040 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 51722,51724: [Backport #11376] 2015-11-18T14:38:49+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-11-18T14:38:49+00:00 557ba3fee5b60025cf90aee58d3b4be5ebf53852 * ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support if the SSL library supports it. Thanks Kurt Roeckx <kurt@roeckx.be> [Bug #11376] * ext/openssl/extconf.rb: check for SSLv3 support in the SSL implementation. * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 if there is no support. * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52649 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support
	  if the SSL library supports it.  Thanks Kurt Roeckx <kurt@roeckx.be>
	  [Bug #11376]

	* ext/openssl/extconf.rb: check for SSLv3 support in the SSL
	  implementation.

	* test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3
	  if there is no support.

	* ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52649 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 51569,51649: [Backport #11366] [Backport #11367] 2015-10-31T18:55:07+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-10-31T18:55:07+00:00 a8b1b529f1042c8bf71ce2855147d92305c204f7 test_ssl_session.rb: check SSL method * test/openssl/test_ssl_session.rb (test_ctx_server_session_cb): ensure the method to be tested is supported. * test/openssl/test_ssl_session.rb: Fix tests so that they take in to account OpenSSL installations that have SSLv3 disabled by default. Thanks Jeremy Evans <code@jeremyevans.net> for the patches. [Bug #11366] [Bug #11367] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52414 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	test_ssl_session.rb: check SSL method

	* test/openssl/test_ssl_session.rb (test_ctx_server_session_cb):
  ensure the method to be tested is supported.
	* test/openssl/test_ssl_session.rb: Fix tests so that they take in to
	  account OpenSSL installations that have SSLv3 disabled by default.
	  Thanks Jeremy Evans <code@jeremyevans.net> for the patches.
	  [Bug #11366] [Bug #11367]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52414 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 49099: [Backport #10046] 2015-10-31T18:42:37+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-10-31T18:42:37+00:00 a5a5494d25c6b7a0662a73b27bf1ab88fbbb42d0 * test/openssl/test_ssl_session.rb (OpenSSL#test_ctx_client_session_cb): fix test failure with OpenSSL disabled SSLv3 protocol. [ruby-core:63772] [Bug #10046] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52413 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* test/openssl/test_ssl_session.rb (OpenSSL#test_ctx_client_session_cb):
	  fix test failure with OpenSSL disabled SSLv3 protocol.
	  [ruby-core:63772] [Bug #10046]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_2@52413 b2dd03c8-39d4-4d8f-98ff-823fe69b080e