summaryrefslogtreecommitdiff
path: root/ext/openssl
diff options
context:
space:
mode:
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-12-10 08:12:02 +0000
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-12-10 08:12:02 +0000
commit0c83666c6ceb9dae06055150da02d16ed20f4781 (patch)
tree05cb0b815f8e891636940286391ecaf105155eb1 /ext/openssl
parent8e1293730e372b0cb5ebad818129f7bbe295477d (diff)
openssl: import v2.0.1
Import Ruby/OpenSSL 2.0.1. The full commit history since 2.0.0 (imported at r56946) can be found at: https://github.com/ruby/openssl/compare/v2.0.0...v2.0.1 This release contains only bug fixes. Note, the first two commits since v2.0.0 are already imported at r56953 to make Travis and RubyCI green. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57041 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl')
-rw-r--r--ext/openssl/openssl.gemspec6
-rw-r--r--ext/openssl/ossl_asn1.c12
-rw-r--r--ext/openssl/ossl_bn.c36
-rw-r--r--ext/openssl/ossl_bn.h4
-rw-r--r--ext/openssl/ossl_engine.c2
-rw-r--r--ext/openssl/ossl_pkey_ec.c10
-rw-r--r--ext/openssl/ossl_ssl.c5
-rw-r--r--ext/openssl/ossl_version.h2
8 files changed, 49 insertions, 28 deletions
diff --git a/ext/openssl/openssl.gemspec b/ext/openssl/openssl.gemspec
index 2390da4..e8fd20f 100644
--- a/ext/openssl/openssl.gemspec
+++ b/ext/openssl/openssl.gemspec
@@ -1,15 +1,15 @@
# -*- encoding: utf-8 -*-
-# stub: openssl 2.0.0 ruby lib
+# stub: openssl 2.0.1 ruby lib
# stub: ext/openssl/extconf.rb
Gem::Specification.new do |s|
s.name = "openssl".freeze
- s.version = "2.0.0"
+ s.version = "2.0.1"
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
s.require_paths = ["lib".freeze]
s.authors = ["Martin Bosslet".freeze, "SHIBATA Hiroshi".freeze, "Zachary Scott".freeze, "Kazuki Yamaguchi".freeze]
- s.date = "2016-11-30"
+ s.date = "2016-12-10"
s.description = "It wraps the OpenSSL library.".freeze
s.email = ["ruby-core@ruby-lang.org".freeze]
s.extensions = ["ext/openssl/extconf.rb".freeze]
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index af8ae2a..534796f 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -47,9 +47,15 @@ asn1time_to_time(const ASN1_TIME *time)
}
break;
case V_ASN1_GENERALIZEDTIME:
- if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
- &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
- ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" );
+ count = sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min,
+ &tm.tm_sec);
+ if (count == 5) {
+ tm.tm_sec = 0;
+ }
+ else if (count != 6) {
+ ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format: \"%s\"",
+ time->data);
}
break;
default:
diff --git a/ext/openssl/ossl_bn.c b/ext/openssl/ossl_bn.c
index eaf6254..4e371cb 100644
--- a/ext/openssl/ossl_bn.c
+++ b/ext/openssl/ossl_bn.c
@@ -120,30 +120,34 @@ integer_to_bnptr(VALUE obj, BIGNUM *orig)
return bn;
}
-static BIGNUM *
-try_convert_to_bnptr(VALUE obj)
+static VALUE
+try_convert_to_bn(VALUE obj)
{
- BIGNUM *bn = NULL;
- VALUE newobj;
+ BIGNUM *bn;
+ VALUE newobj = Qnil;
- if (rb_obj_is_kind_of(obj, cBN)) {
- GetBN(obj, bn);
- }
- else if (RB_INTEGER_TYPE_P(obj)) {
+ if (rb_obj_is_kind_of(obj, cBN))
+ return obj;
+ if (RB_INTEGER_TYPE_P(obj)) {
newobj = NewBN(cBN); /* Handle potencial mem leaks */
bn = integer_to_bnptr(obj, NULL);
SetBN(newobj, bn);
}
- return bn;
+ return newobj;
}
BIGNUM *
-GetBNPtr(VALUE obj)
+ossl_bn_value_ptr(volatile VALUE *ptr)
{
- BIGNUM *bn = try_convert_to_bnptr(obj);
- if (!bn)
+ VALUE tmp;
+ BIGNUM *bn;
+
+ tmp = try_convert_to_bn(*ptr);
+ if (NIL_P(tmp))
ossl_raise(rb_eTypeError, "Cannot convert into OpenSSL::BN");
+ GetBN(tmp, bn);
+ *ptr = tmp;
return bn;
}
@@ -893,10 +897,12 @@ ossl_bn_eq(VALUE self, VALUE other)
BIGNUM *bn1, *bn2;
GetBN(self, bn1);
- /* BNPtr may raise, so we can't use here */
- bn2 = try_convert_to_bnptr(other);
+ other = try_convert_to_bn(other);
+ if (NIL_P(other))
+ return Qfalse;
+ GetBN(other, bn2);
- if (bn2 && !BN_cmp(bn1, bn2)) {
+ if (!BN_cmp(bn1, bn2)) {
return Qtrue;
}
return Qfalse;
diff --git a/ext/openssl/ossl_bn.h b/ext/openssl/ossl_bn.h
index 4cd9d06..a19ba19 100644
--- a/ext/openssl/ossl_bn.h
+++ b/ext/openssl/ossl_bn.h
@@ -15,8 +15,10 @@ extern VALUE eBNError;
extern BN_CTX *ossl_bn_ctx;
+#define GetBNPtr(obj) ossl_bn_value_ptr(&(obj))
+
VALUE ossl_bn_new(const BIGNUM *);
-BIGNUM *GetBNPtr(VALUE);
+BIGNUM *ossl_bn_value_ptr(volatile VALUE *);
void Init_ossl_bn(void);
diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c
index e73bfb3..e840bfd 100644
--- a/ext/openssl/ossl_engine.c
+++ b/ext/openssl/ossl_engine.c
@@ -287,7 +287,7 @@ ossl_engine_finish(VALUE self)
* This returns an OpenSSL::Cipher by +name+, if it is available in this
* engine.
*
- * A EngineError will be raised if the cipher is unavailable.
+ * An EngineError will be raised if the cipher is unavailable.
*
* e = OpenSSL::Engine.by_id("openssl")
* => #<OpenSSL::Engine id="openssl" name="Software engine support">
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
index 5191c0f..fc3f034 100644
--- a/ext/openssl/ossl_pkey_ec.c
+++ b/ext/openssl/ossl_pkey_ec.c
@@ -1635,7 +1635,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
* points | self | arg2[0] | arg2[1] | ...
*/
long i, num;
- VALUE tmp_p, tmp_b;
+ VALUE bns_tmp, tmp_p, tmp_b;
const EC_POINT **points;
const BIGNUM **bignums;
@@ -1645,9 +1645,13 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
ossl_raise(rb_eArgError, "bns must be 1 longer than points; see the documentation");
num = RARRAY_LEN(arg1);
+ bns_tmp = rb_ary_tmp_new(num);
bignums = ALLOCV_N(const BIGNUM *, tmp_b, num);
- for (i = 0; i < num; i++)
- bignums[i] = GetBNPtr(RARRAY_AREF(arg1, i));
+ for (i = 0; i < num; i++) {
+ VALUE item = RARRAY_AREF(arg1, i);
+ bignums[i] = GetBNPtr(item);
+ rb_ary_push(bns_tmp, item);
+ }
points = ALLOCV_N(const EC_POINT *, tmp_p, num);
points[0] = point_self; /* self */
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 609ffdc..eef7dbe 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -32,7 +32,8 @@ VALUE cSSLSocket;
static VALUE eSSLErrorWaitReadable;
static VALUE eSSLErrorWaitWritable;
-static ID ID_callback_state, id_tmp_dh_callback, id_tmp_ecdh_callback;
+static ID ID_callback_state, id_tmp_dh_callback, id_tmp_ecdh_callback,
+ id_npn_protocols_encoded;
static VALUE sym_exception, sym_wait_readable, sym_wait_writable;
static ID id_i_cert_store, id_i_ca_file, id_i_ca_path, id_i_verify_mode,
@@ -892,6 +893,7 @@ ossl_sslctx_setup(VALUE self)
val = rb_attr_get(self, id_i_npn_protocols);
if (!NIL_P(val)) {
VALUE encoded = ssl_encode_npn_protocols(val);
+ rb_ivar_set(self, id_npn_protocols_encoded, encoded);
SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *)encoded);
OSSL_Debug("SSL NPN advertise callback added");
}
@@ -2712,6 +2714,7 @@ Init_ossl_ssl(void)
id_tmp_dh_callback = rb_intern("tmp_dh_callback");
id_tmp_ecdh_callback = rb_intern("tmp_ecdh_callback");
+ id_npn_protocols_encoded = rb_intern("npn_protocols_encoded");
#define DefIVarID(name) do \
id_i_##name = rb_intern("@"#name); while (0)
diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h
index 1744c1c..2566b67 100644
--- a/ext/openssl/ossl_version.h
+++ b/ext/openssl/ossl_version.h
@@ -10,6 +10,6 @@
#if !defined(_OSSL_VERSION_H_)
#define _OSSL_VERSION_H_
-#define OSSL_VERSION "2.0.0"
+#define OSSL_VERSION "2.0.1"
#endif /* _OSSL_VERSION_H_ */