ruby.git/test, branch ruby_1_9_2 The Ruby Programming Language Backport security fixes for RubyGems 1.3.7: 2012-04-20T00:10:09+00:00 drbrain drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-04-20T00:10:09+00:00 6253fbea8a7f267e91c3f8c8303297725c8de9d3 * lib/rubygems: Apply the following security fixes to RubyGems 1.3.7: RubyGems now disallows redirection from HTTPS to HTTP. RubyGems now verifies SSL connections. Patch by Hiroshi Nakamura. * test/rubygems: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@35407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/rubygems:  Apply the following security fixes to RubyGems 1.3.7:

  RubyGems now disallows redirection from HTTPS to HTTP.

  RubyGems now verifies SSL connections.

  Patch by Hiroshi Nakamura.
* test/rubygems:  ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@35407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* backport r34482 from trunk 2012-02-09T17:20:52+00:00 emboss emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-02-09T17:20:52+00:00 85fd9aadd13fdf685395cf605007e3fcdf40336f * ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL option to prevent BEAST attack. See [Bug #5353]. In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent TLS-CBC-IV vulunerability described at http://www.openssl.org/~bodo/tls-cbc.txt It's known issue of TLSv1/SSLv3 but it attracts lots of attention these days as BEAST attack. (CVE-2011-3389) Until now ossl sets OP_ALL at SSLContext allocation and call SSL_CTX_set_options at connection. SSL_CTX_set_options updates the value by using |= so bits set by OP_ALL cannot be unset afterwards. This commit changes to call SSL_CTX_set_options only 1 time for each SSLContext. It sets the specified value if SSLContext#options= are called and sets OP_ALL if not. To help users to unset bits in OP_ALL, this commit also adds several constant to SSL such as OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. These constants were not exposed in Ruby because there's no way to unset bits in OP_ALL before. Following is an example to enable 0/n split for BEAST prevention. ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS * test/openssl/test_ssl.rb: Test above option exists. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34525 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL
  option to prevent BEAST attack. See [Bug #5353].

  In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent
  TLS-CBC-IV vulunerability described at
  http://www.openssl.org/~bodo/tls-cbc.txt
  It's known issue of TLSv1/SSLv3 but it attracts lots of attention
  these days as BEAST attack. (CVE-2011-3389)

  Until now ossl sets OP_ALL at SSLContext allocation and call
  SSL_CTX_set_options at connection.  SSL_CTX_set_options updates the
  value by using |= so bits set by OP_ALL cannot be unset afterwards.
  This commit changes to call SSL_CTX_set_options only 1 time for each
  SSLContext. It sets the specified value if SSLContext#options= are
  called and sets OP_ALL if not.

  To help users to unset bits in OP_ALL, this commit also adds several
  constant to SSL such as
  OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS.  These constants were
  not exposed in Ruby because there's no way to unset bits in OP_ALL
  before.

  Following is an example to enable 0/n split for BEAST prevention.

    ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS

* test/openssl/test_ssl.rb: Test above option exists.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34525 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/optparse.rb (Regexp): fix incorrect options when casting to 2012-01-16T07:42:01+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-01-16T07:42:01+00:00 2a1b0f247d92ce859f9d1793dac3127ccac560cb a Regexp, and suppress encoding option warnings. https://github.com/ruby/ruby/pull/82 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34316 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  a Regexp, and suppress encoding option warnings.
  https://github.com/ruby/ruby/pull/82


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34316 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/ruby/test_enumerator.rb (test_nested_iteration): fix typo. 2012-01-10T07:13:04+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2012-01-10T07:13:04+00:00 1e0e3b168b36f28356588b67e30f411c531c4726 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* doc/ChangeLog-1.9.3, test/gdbm/test_gdbm.rb: fixed mingw typo. 2011-12-28T02:40:28+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-12-28T02:40:28+00:00 8b75c2fc5f16fda6f07eb8e0614cefce81267f17 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merges r32334 and r32335 from trunk into ruby_1_9_2. 2011-08-11T00:39:04+00:00 yugui yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-08-11T00:39:04+00:00 3360e3e7eafd0a7c19af8dc13b9adba4baee0c48 -- * vm_insnhelper.c (vm_call_bmethod): fix to hook call/return event for methods defined by define_method(). * thread.c (call_trace_proc): Fix to skip if class is not given (0). Note that ID and Class object are passed for call/return event if the called method was defined by define_method(). If you are author of tracer/profiler/debugger, this may be an important change. You should check passed class as zero or non-zero instead of checking the event type. * test/ruby/test_settracefunc.rb: add a test for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32924 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
--
* vm_insnhelper.c (vm_call_bmethod): fix to hook call/return event
  for methods defined by define_method().
* thread.c (call_trace_proc): Fix to skip if class is not given (0).
  Note that ID and Class object are passed for call/return event
  if the called method was defined by define_method().
  If you are author of tracer/profiler/debugger, this may be an
  important change.  You should check passed class as zero or
  non-zero instead of checking the event type.
* test/ruby/test_settracefunc.rb: add a test for above.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32924 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merges r32327 from trunk into ruby_1_9_2. 2011-08-11T00:38:53+00:00 yugui yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-08-11T00:38:53+00:00 31a5ce34cdc4af831860fea87500f3870b42f90a -- * test/ruby/test_module.rb: tests for [Bug #3422] and [Bug #3423]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32922 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
--
* test/ruby/test_module.rb: tests for [Bug #3422] and [Bug #3423].

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32922 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merges r32254 from trunk into ruby_1_9_2. 2011-08-11T00:37:58+00:00 yugui yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-08-11T00:37:58+00:00 78a7866ee11a62a77250bd60113df757c609825a -- fix [Bug #4409]. add DRbServer#here? git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32912 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
--
fix [Bug #4409]. add DRbServer#here?

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32912 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merges r32242 from trunk into ruby_1_9_2. 2011-08-11T00:37:50+00:00 yugui yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-08-11T00:37:50+00:00 9d46a8085e643b4dee91a558d5a8d32ba331925a -- * test/etc/test_etc.rb (TestEtc#test_get{pw,gr}nam): skip entries start with + sign, which means NIS. these are returned in the case that passwd and group entries in /etc/nsswitch.conf are set to use "nis" explicitly on Debian. fixed #3683 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32910 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
--
* test/etc/test_etc.rb (TestEtc#test_get{pw,gr}nam): skip entries
  start with + sign, which means NIS.  these are returned in the
  case that passwd and group entries in /etc/nsswitch.conf are set
  to use "nis" explicitly on Debian.  fixed #3683

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32910 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merges 32227 from trunk into ruby_1_9_2. 2011-08-07T10:03:32+00:00 yugui yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2011-08-07T10:03:32+00:00 c88e3861e16c4a0cbf8e4ffb0bca4be193fa1268 -- * vm_insnhelper.c (vm_search_superclass): avoid control frame stack overrun. currently super() in Proc created in a method defined by Module#define_method raise NoMethodError. [Bug #4881] * test/ruby/test_method.rb t_super_in_proc_from_define_method): add test for it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
--
* vm_insnhelper.c (vm_search_superclass): avoid control frame
  stack overrun. currently super() in Proc created in a method
  defined by Module#define_method raise NoMethodError. [Bug #4881]
* test/ruby/test_method.rb t_super_in_proc_from_define_method):
  add test for it.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e