diff options
| author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-08-18 02:39:09 +0000 |
|---|---|---|
| committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-08-18 02:39:09 +0000 |
| commit | 7e0cafcd2b904c4bb3e86617d9628ee1296f12c0 (patch) | |
| tree | 821285a7a6f90017216c2f277cc81040d81eb56a /ext | |
| parent | d60a7d2e82296450585d84d900c4b334fac21e5f (diff) | |
merge revision(s) 63406: [Backport #14754]
openssl: merge changes in v2.1.1
Commits in upstream repository since v2.1.0 can be found at:
https://github.com/ruby/openssl/compare/v2.1.0...v2.1.1
----------------------------------------------------------------
Kazuki Yamaguchi (7):
test/utils: disable Thread's report_on_exception in start_server
cipher: validate iterations argument for Cipher#pkcs5_keyivgen
extconf.rb: fix build with LibreSSL 2.7.0
test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
test/test_ssl_session: set client protocol version explicitly
Ruby/OpenSSL 2.0.8
Ruby/OpenSSL 2.1.1
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64428 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/History.md | 14 | ||||
| -rw-r--r-- | ext/openssl/extconf.rb | 5 | ||||
| -rw-r--r-- | ext/openssl/openssl.gemspec | 8 | ||||
| -rw-r--r-- | ext/openssl/ossl_cipher.c | 2 | ||||
| -rw-r--r-- | ext/openssl/ossl_version.h | 2 |
5 files changed, 25 insertions, 6 deletions
diff --git a/ext/openssl/History.md b/ext/openssl/History.md index 321a51c819..e2399f4c87 100644 --- a/ext/openssl/History.md +++ b/ext/openssl/History.md @@ -55,6 +55,20 @@ Notable changes [[GitHub #177]](https://github.com/ruby/openssl/pull/177) +Version 2.0.8 +============= + +Bug fixes +--------- + +* OpenSSL::Cipher#pkcs5_keyivgen raises an error when a negative iteration + count is given. + [[GitHub #184]](https://github.com/ruby/openssl/pull/184) +* Fixed build with LibreSSL 2.7. + [[GitHub #192]](https://github.com/ruby/openssl/issues/192) + [[GitHub #193]](https://github.com/ruby/openssl/pull/193) + + Version 2.0.7 ============= diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 5212903b9a..4242f044a7 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -122,8 +122,11 @@ OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") have_func("SSL_is_server") # added in 1.1.0 +if !have_struct_member("SSL", "ctx", "openssl/ssl.h") || + try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x2070000fL", "openssl/opensslv.h") + $defs.push("-DHAVE_OPAQUE_OPENSSL") +end have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") -have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL") have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") diff --git a/ext/openssl/openssl.gemspec b/ext/openssl/openssl.gemspec index 9052e45d10..b9b68fcb0d 100644 --- a/ext/openssl/openssl.gemspec +++ b/ext/openssl/openssl.gemspec @@ -1,16 +1,16 @@ # -*- encoding: utf-8 -*- -# stub: openssl 2.1.0 ruby lib +# stub: openssl 2.1.1 ruby lib # stub: ext/openssl/extconf.rb Gem::Specification.new do |s| s.name = "openssl".freeze - s.version = "2.1.0" + s.version = "2.1.1" s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version= s.metadata = { "msys2_mingw_dependencies" => "openssl" } if s.respond_to? :metadata= s.require_paths = ["lib".freeze] s.authors = ["Martin Bosslet".freeze, "SHIBATA Hiroshi".freeze, "Zachary Scott".freeze, "Kazuki Yamaguchi".freeze] - s.date = "2017-12-14" + s.date = "2018-05-12" s.description = "It wraps the OpenSSL library.".freeze s.email = ["ruby-core@ruby-lang.org".freeze] s.extensions = ["ext/openssl/extconf.rb".freeze] @@ -20,7 +20,7 @@ Gem::Specification.new do |s| s.licenses = ["Ruby".freeze] s.rdoc_options = ["--main".freeze, "README.md".freeze] s.required_ruby_version = Gem::Requirement.new(">= 2.3.0".freeze) - s.rubygems_version = "2.7.3".freeze + s.rubygems_version = "2.7.6".freeze s.summary = "OpenSSL provides SSL, TLS and general purpose cryptography.".freeze if s.respond_to? :specification_version then diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 3038a76687..0840c84a71 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -317,6 +317,8 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self) salt = (unsigned char *)RSTRING_PTR(vsalt); } iter = NIL_P(viter) ? 2048 : NUM2INT(viter); + if (iter <= 0) + rb_raise(rb_eArgError, "iterations must be a positive integer"); digest = NIL_P(vdigest) ? EVP_md5() : ossl_evp_get_digestbyname(vdigest); GetCipher(self, ctx); EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt, diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h index 4167c9c83d..a4dbf3272a 100644 --- a/ext/openssl/ossl_version.h +++ b/ext/openssl/ossl_version.h @@ -10,6 +10,6 @@ #if !defined(_OSSL_VERSION_H_) #define _OSSL_VERSION_H_ -#define OSSL_VERSION "2.1.0" +#define OSSL_VERSION "2.1.1" #endif /* _OSSL_VERSION_H_ */ |