| Age | Commit message (Collapse) | Author |
|---|
|
feature Authenticated Encryption.
* ext/openssl/extconf.rb: detect presence of EVP_CTRL_GCM_GET_TAG to
determine whether Authenticated Encryption can be used.
[Feature #6980] [ruby-core:47426]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38492 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/digest/*/extconf.rb, ext/openssl/extconf.rb: get git rid of
post-1.8 feature require_relative for cross compilation.
[ruby-core:50160] [Bug #7439]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37878 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to
indicate whether OpenSSL runs in FIPS mode.
test/openssl/test_pkey_dh.rb: Generate 256 bit keys for
non-FIPS installations to improve test performance (e.g. for
rubyci).
test/openssl/utils.rb: Replace DSS1 as certificate signature
digest with SHA1 for FIPS installations when using DSA by
introducing TestUtils::DSA_SIGNATURE_DIGEST.
test/openssl/test_x509cert.rb:
test/openssl/test_x509crl.rb:
test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST
NEWS: Introduce OpenSSL::OPENSSL_FIPS
These changes allow running the OpenSSL tests in FIPS mode
while keeping a high performance for non-FIPS installations.
Introduction of OpenSSL::OPENSSL_FIPS allows for applications
to react to special requirements when using OpenSSL in FIPS mode.
[Feature #6946] [ruby-core:47345]
- Diese und die folgenden Zeilen werden ignoriert --
M ext/openssl/extconf.rb
M ext/openssl/ossl.c
M NEWS
M ChangeLog
M test/openssl/utils.rb
M test/openssl/test_x509crl.rb
M test/openssl/test_x509req.rb
M test/openssl/test_x509cert.rb
M test/openssl/test_pkey_dh.rb
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
advertised by the server can be set in the SSLContext by using
SSLContext#npn_protocols=, protocol selection on the client is
supported by providing a selection callback with
SSLContext#npn_select_cb. The protocol that was finally negotiated
is available through SSL#npn_protocol.
test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
NEWS: add news about NPN support.
[Feature #6503] [ruby-core:45272]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/zlib/extconf.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35705 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
OpenSSL issue.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Use exception raising instead of message
and/or abort. We want to display error message to console _and_
logging into mkmf.log.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
SSLContext#version to inspect the version that was negotiated for
a given connection.
* ext/openssl/extconf.rb: detect TLS 1.1 & 1.2 support.
* test/openssl/test_ssl.rb: add tests for TLS 1.1 & 1.2 given they
are supported by the native OpenSSL being used.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35549 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
openssl. [ruby-core:44755][Bug #6379]
* ext/openssl/deprecation.rb: extract check for broken Apple OpenSSL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35504 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: add --with-broken-apple-openssl option.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35443 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35427 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
CPPFLAGS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35426 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
from OpenSSL added by Apple.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@34823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/missing.h: ditto.
Thanks, Tim Mooney for reporting this!
[Bug #5432] [ruby-core:40088]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_engine.c: add some missing OpenSSL engines.
Thanks, Yui Naruse, for providing the patch!
[Bug #5548] [ruby-core:40670]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33631 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
GCC.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33529 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
t = Thread.new { print "."; sleep 0.1 }
key = OpenSSL::PKey::RSA.new(2048)
#=> Thread t works in parallel with public key generation if
OS/machine allows it.
This works with OpenSSL >= 0.9.8. From this version, it has new
public key generation function which allows us to interrupt the
execution while pkey generation iterations.
* ext/openssl/extconf.rb: Check existence of OpenSSL's new public key
generation function. (DH_generate_parameters_ex,
DSA_generate_parameters_ex and RSA_generate_key_ex.
* ext/openssl/ossl_pkey.{h,c} (ossl_generate_cb_2,
ossl_generate_cb_stop): Added new callback function for OpenSSL pkey
generation which handles Thread interruption by Ruby.
ossl_generate_cb_stop is the unblock function(ubf) for Ruby which
sets a stop flag. New pkey generation callback ossl_generate_cb_2
checks the stop flag at each iterations of OpenSSL and interrupts
pkey generation when the flag is set.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): Call
rb_thread_blocking_region with the above unblock function to release
GVL while pkey generation.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): ditto.
* test/openssl/test_pkey_{dh,dsa,rsa}.rb: Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_missing.h/.c: add ASN1_put_eoc if missing.
* ext/openssl/ossl_asn1.c: introduce ossl_asn1_object_size and
ossl_asn1_put_object to wrap functionality depending on OpenSSL
version in use.
Fixes [ Ruby 1.9 - Bug #4916 ] reported by Hiroshi Nakamura.
[ruby-core:37286]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32230 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
for X509_NAME_hash_old in OpenSSL 1.0.0. See #4805
* test/openssl/test_x509name.rb (test_hash): Make test pass with
OpenSSL 1.0.0.
* NEWS: Add it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
openssl compiled with "no-ssl2" the extconf don't fail
when running `make' having this compilation errors.
Patched by Laurent Arnoud. fixes #4562, #4556
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31346 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
normal have_library, etc. Thanks Erik Hollensbe. [ruby-core:32406]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: use try_static_assert for version check.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28292 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: check some functions added/removed at
OpenSSL 1.0.0.
* ext/openssl/ossl_engine.c (ossl_engine_s_load): use engines which
exists.
* ext/openssl/ossl_ssl_session (SSL_SESSION_cmp): removed at 1.0.0,
so implement compatible fuction here.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@24861 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl.h (OSSL_Debug): don't use gcc extention for
variadic macro.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
new methods SSLContext#server_name_cb=, SSLSocket#hostname=.
* test/openssl/test_ssl.rb: Tests for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21761 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix ruby-Bugs-11513.
* ext/openssl/ossl_pkey_ec.c
New methods EC::Point.[eql,make_affine!,invert!,on_curve?,infinity?]
By default output the same key form as the openssl command.
* ext/openssl/ossl_rand.c
New method Random.status?
* test/openssl/test_ec.rb
New tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12571 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12501 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c:
Remove redundant module namespace.
* ext/openssl/lib/openssl/{cipher,digest}.rb
Add backwards compatibile classes for rearranged classes.
* ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ruby_missing.h: check per features instead by
checking version code. [ruby-core:10845]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12140 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
they are already checked at configure.
reported by KOBAYASHI Yasuhiro [ruby-list:43225]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl.h, ext/openssl/openssl_missing.h:
include RUBY_EXTCONF_H.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10209 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method
OpenSSL::Cipher.ciphers. it returns all the cipher names.
* ext/openssl/ossl_cipher.c (ossl_cipher_init): refine warning message.
* ext/openssl/lib/openssl/cipher.rb: reimplement without eval() and
add constants AES128, AES192, AES256. [ruby-dev:28610]
* ext/openssl/lib/openssl/digest.rb: reimplement without eval().
* test/openssl/test_cipher.rb, test_digest: fix about reimplemented features.
* sample/openssl/cipher.rb: rewrite all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10137 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_x509ext.c (MakeX509ExtFactory): should use
OPENSSL_malloc to allocate X509V3_CTX.
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_create_ext): use
X509V3_EXT_nconf_nid to avoid SEGV (and to build extensions which
values are placed in separate section).
* test/openssl/test_x509ext.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:27597]
* ext/openssl/ossl.c (ossl_raise): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9488 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/openssl_missing.h: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8335 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
the underlying IO become readable or writable if the error was
SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. [ruby-dev:25795]
* ext/openssl/ossl_ssl.c (ossl_ssl_read, ossl_ssl_write): ditto.
* ext/openssl/lib/openssl/buffering.rb
(Buffering#consume_rbuf): pointless eof flag resetting is deleted.
(Buffering#read): should return an empty string if the specified
size is zero.
(Buffering#readpartial): new method.
(Buffering#readline): fix typo.
(Buffering#getc): return the first character of string correctly.
(Buffering#readchar): fix typo.
(Buffering#eof?): should read again it the input buffer is empty.
(Buffering#do_write): should rescue Errno::EAGAIN.
(Buffering#puts): use "\n" as the output field separator.
* ext/openssl/extconf.rb: get rid of GNUmakefile generation.
* text/openssl/test_pair.rb: test for IO like methods.
* test/ruby/ut_eof.rb: test about empty file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8081 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
of OPENSSL_VERSION_NUMBER. [ruby-list:39056]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5515 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-list:39054]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5509 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
unavailable in OpenSSL-0.9.6.
* lib/ext/openssl/ossl_engine.c: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4698 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_config):
cannot implement if X509V3_set_nconf doesn't exist.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4666 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_asn1.h: add OpenSSL::ASN1 module.
* ext/openssl/ossl.c (Init_openssl): call Init_ossl_asn1.
* ext/openssl/ossl.h: include ossl_asn1.h.
* ext/openssl/extconf.rb: check if X509_ATTRIBUTE has field "single".
* ext/openssl/ossl_x509attr.c (ossl_x509attr_set_value): accept
DER encoded data argument.
* ext/openssl/ossl_x509attr.c (ossl_x509attr_get_value): return
DER encoded data in OpenSSL::ASN1 types.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4660 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
it supports OpenSSL hardware cryptographic engine interface.
* ext/openssl/ossl_engine.h: ditto.
* ext/openssl/MANIFEST: add ossl_engine.c and ossl_engine.h.
* ext/openssl/extconf.rb: add check for openssl/engine.h.
* ext/openssl/ossl.c: call Init_ossl_engine().
* ext/openssl/ossl.h: include openssl/engine.h.
* ext/openssl/ossl_pkey_{rsa,dsa,dh}.c: check if underlying
EVP_PKEY referes engine.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4652 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4559 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: add check for assert.h.
* ext/openssl/ossl.c (ossl_buf2str): new function to convert
C buffer to String and free buffer.
* ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert
Array of OpenSSL::X509 to STACK_OF(X509) with exception safe.
* ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new
functions to convert object to DER string.
* ext/openssl/ossl.h: ditto.
* ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert
BIO to String object and free BIO.
* ext/openssl/ossl_bio.h: ditto.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der".
* ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto.
* ext/openssl/ossl_x509ext.c (create_ext_from_array): removed
and reimplement in openssl/x509.rb.
* ext/openssl/ossl_x509attr.c: reimplemented and disable some
method temporarily. this class doesn't work fine without ASN.1
data support;-) I'll rewrite in near future.
* ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off
unused code.
* ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4402 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* re.c (rb_memsearch): ditto.
* time.c (time_dump): ditto.
* ext/extmk.rb (extmake): not continue making when extconf.rb
failed.
* ext/openssl/extconf.rb: check __VA_ARGS__ macro more precisely.
* ext/openssl/ossl.h: remove version.h dependency.
* ext/openssl/ruby_missing.h: ditto.
* lib/mkmf.rb (pkg_config): use --libs output except with
only-L for other options. [ruby-list:38099]
* lib/mkmf.rb (create_makefile): separate rule for static
library from shared object.
* win32/Makefile.sub, bcc32/Makefile.sub, wince/Makefile.sub:
define exec_prefix and libdir.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4396 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: use pkg_config.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4284 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
