Age | Commit message (Collapse) | Author |
|
* ext/openssl/extconf.rb: check for broken OpenSSL only on mac OS.
[ruby-core:79475] [Bug #13200]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57591 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Import Ruby/OpenSSL 2.0.3. Only bugfixes. The full commit log since
2.0.2 (imported at r57146) can be found at:
https://github.com/ruby/openssl/compare/v2.0.2...v2.0.3
----------------------------------------------------------------
Corey Bonnell (1):
Fix for ASN1::Constructive 'each' implementation
Kazuki Yamaguchi (10):
Fix build with static OpenSSL libraries on Windows
([ruby-core:78878] [Bug #13080])
Merge pull request #96 from CBonnell/master
Merge branch 'topic/windows-static-linking-without-pkg-config' into maint
appveyor.yml: update OpenSSL version to 1.0.2j
buffering: fix typo in doc
test/envutil: fix assert_raise_with_message
x509: fix OpenSSL::X509::Name#eql?
([ruby-core:79310] [Bug #13170])
ruby-openssl-docker: update versions of Ruby and OpenSSL
.travis.yml: test with Ruby 2.4
Ruby/OpenSSL 2.0.3
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57482 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Import Ruby/OpenSSL 2.0.2. This release contains only bugfixes. The full
commit log since 2.0.1 (imported at r57041) can be found at:
https://github.com/ruby/openssl/compare/v2.0.1...v2.0.2
----------------------------------------------------------------
Kazuki Yamaguchi (5):
ssl: check for SSL_CTX_clear_options()
Rename functions in openssl_missing.c
ssl: use SSL_SESSION_get_protocol_version()
pkey: allow instantiating OpenSSL::PKey::PKey with unsupported key type
Ruby/OpenSSL 2.0.2
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Import the following two commits from upstream:
commit 72126d6c8b88abd69c3565fc3bbbd5ed1e401611
Author: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu Dec 1 22:27:03 2016 +0900
pkey: check existence of EVP_PKEY_get0()
EVP_PKEY_get0() did not exist in early OpenSSL 0.9.8 series. So define
ourselves if needed.
commit 94a1c4e0c5705ad1e9a4ca08cacaa6cba8b1e6f5
Author: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu Dec 1 22:13:22 2016 +0900
test/test_cipher: fix test with OpenSSL 1.0.1 before 1.0.1d
Set the authentication tag before the AAD when decrypting.
Before OpenSSL commit 96f7fafa2431 ("Don't require tag before ciphertext
in AESGCM mode", 2012-10-16, at OpenSSL_1_0_1-stable branch, included in
OpenSSL 1.0.1d), the authentication tag must be set before any calls of
EVP_CipherUpdate().
They should fix build on CentOS 5 and Ubuntu 12.04 respectively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56953 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2
(imported at r56098) can be found at:
https://github.com/ruby/openssl/compare/v2.0.0.beta.2...v2.0.0
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56946 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* {ext,test}/openssl: Import Ruby/OpenSSL 2.0.0.beta.2. The full commit
history since v2.0.0.beta.1 can be found at:
https://github.com/ruby/openssl/compare/v2.0.0.beta.1...v2.0.0.beta.2
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* NEWS, {ext,test,sample}/openssl: Import Ruby/OpenSSL 2.0.0.beta.1.
ext/openssl is now converted into a default gem. The full commit
history since r55538 can be found at:
https://github.com/ruby/openssl/compare/08e1881f5663...v2.0.0.beta.1
[Feature #9612]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56027 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check for CRYPTO_malloc() and SSL_new().
OpenSSL_add_all_digests() and SSL_library_init() are deprecated and
converted to macros in OpenSSL 1.1.0.
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55335 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check for SSL_CTX_get_security_level().
OpenSSL 1.1.0 introduced "security level".
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c (ossl_sslctx_{get,set}_security_level): Add
SSLContext#security_level and #security_level=.
* test/openssl/test_ssl.rb (test_security_level): Add test. ...but this
doesn't actually test it. Because #security_level= is necessary in
order to run other tests on OpenSSL 1.1.0, go without tests for now.
Will fix after converting SSLContext#key= and #cert= to normal methods.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check for SSL_CTX_set_min_proto_version()
macro added in OpenSSL 1.1.0. Version-specific methods, such as
TLSv1_method(), are deprecated in OpenSSL 1.1.0. We need to use
version-flexible methods (TLS_*method() or SSLv23_*method()) and
disable other protocol versions as necessary.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_ssl.c: Use SSL_CTX_set_{min,max}_proto_version() to
fix the protocol version.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55304 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check existence of SSL_is_server(). This
function was introduced in OpenSSL 1.0.2.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.h: Implement SSL_is_server() if missing.
* ext/openssl/ossl_ssl.c (ssl_info_cb): Use SSL_is_server() to see if
the SSL is server. The state machine in OpenSSL was rewritten and
SSL_get_state() no longer returns SSL_ST_ACCEPT.
(ossl_ssl_cipher_to_ary, ossl_sslctx_session_get_cb): Add some
`const`s to suppress warning.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55289 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check existence of accessor functions that
don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its
structures opaque and requires use of these accessor functions.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.[ch]: Implement them if missing.
* ext/openssl/ossl*.c: Use these accessor functions.
* test/openssl/test_hmac.rb: Add missing test for HMAC#reset.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
{RSA,DSA,EC_KEY,DH}_get0_*() functions.
OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
setter methods for each parameter of each PKey type, for example
PKey::RSA#e=, but this is no longer possible because the new API
RSA_set0_key() requires the 'n' at the same time. This commit adds
deprecation warning to them and adds PKey::*#set_* methods as direct
wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
Emit a warning with rb_warning() when old setter methods are used.
* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
object that are used in tmp_dh_callback. Generating a new key pair
every time should be fine - actually the private exponent is ignored
in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
https://www.openssl.org/news/secadv/20160128.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check absence of CRYPTO_lock() to see if the
OpenSSL has the new threading API. In OpenSSL <= 1.0.2, an application
had to set locking callbacks to use OpenSSL in a multi-threaded
environment. OpenSSL 1.1.0 now finds pthreads or Windows threads so we
don't need to do something special.
[ruby-core:75225] [Feature #12324]
Also check existence of *_up_ref(). Some structures in OpenSSL have
a reference counter. We used to increment it with CRYPTO_add() which
is a part of the old API.
* ext/openssl/openssl_missing.h: Implement *_up_ref() if missing.
* ext/openssl/ossl.c: Don't set locking callbacks if unneeded.
* ext/openssl/ossl_pkey.c, ext/openssl/ossl_ssl.c,
ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509store.c: Use *_up_ref() instead of CRYPTO_add().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55283 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Check if RAND_pseudo_bytes() is usable. It is
marked as deprecated in OpenSSL 1.1.0.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_rand.c: Disable Random.pseudo_bytes if
RAND_pseudo_bytes() is unavailable.
* test/openssl/test_random.rb: Don't test Random.pseudo_bytes if not
defined.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
r55219 didn't fix the entire issue. It only fixed the issue on
environment with sizeof(time_t) == 8 && sizeof(long) == 4.
* ext/openssl/extconf.rb: Check existence of ASN1_TIME_adj(). The old
ASN1_TIME_set() is not Year 2038 ready on sizeof(time_t) == 4
environment. This function was added in OpenSSL 1.0.0.
[ruby-core:45552] [Bug #6571]
* ext/openssl/ossl_asn1.c (ossl_time_split): Added. Split the argument
(Time) into the number of days elapsed since the epoch and the
remainder seconds to conform to ASN1_TIME_adj().
(obj_to_asn1utime, obj_to_asn1gtime): Use ossl_time_split() and
ASN1_*TIME_adj().
* ext/openssl/ossl_asn1.h: Add the function prototype for
ossl_time_split().
* ext/openssl/ossl_x509.[ch]: Add ossl_x509_time_adjust(). Similarly to
obj_to_asn1*time(), use X509_time_adj_ex() instead of X509_time_adj().
* ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509revoked.c: Use ossl_x509_time_adjust().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55249 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): Enable the automatic
curve selection for ECDH by calling SSL_CTX_set_ecdh_auto(). With
this a TLS server automatically selects a curve which both the client
and the server support to use in ECDH. This changes the default
behavior but users can still disable ECDH by excluding 'ECDH' cipher
suites from the cipher list (with SSLContext#ciphers=). This commit
also deprecate #tmp_ecdh_callback=. It was added in Ruby 2.3.0. It
wraps SSL_CTX_set_tmp_ecdh_callback() which will be removed in OpenSSL
1.1.0. Its callback receives two values 'is_export' and 'keylength'
but both are completely useless for determining a curve to use in
ECDH. The automatic curve selection was introduced to replace this.
(ossl_sslctx_setup): Deprecate SSLContext#tmp_ecdh_callback=. Emit a
warning if this is in use.
(ossl_sslctx_set_ecdh_curves): Add SSLContext#ecdh_curves=. Wrap
SSL_CTX_set1_curves_list(). If it is not available, this falls back
to SSL_CTX_set_tmp_ecdh().
(Init_ossl_ssl): Define SSLContext#ecdh_curves=.
* ext/openssl/extconf.rb: Check the existence of EC_curve_nist2nid(),
SSL_CTX_set1_curves_list(), SSL_CTX_set_ecdh_auto() and
SSL_CTX_set_tmp_ecdh_callback().
* ext/openssl/openssl_missing.[ch]: Implement EC_curve_nist2nid() if
missing.
* test/openssl/test_pair.rb (test_ecdh_callback): Use
EnvUtil.suppress_warning to suppress deprecated warning.
(test_ecdh_curves): Test that SSLContext#ecdh_curves= works.
* test/openssl/utils.rb (start_server): Use SSLContext#ecdh_curves=.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Remove check of OPENSSL_FIPS macro. This is
unneeded because we can check the macro directly in source code,
just as we already do for OPENSSL_NO_* macros.
* ext/openssl/ossl.c: Replace occurrences of HAVE_OPENSSL_FIPS with
OPENSSL_FIPS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55160 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: check OPENSSL_NO_SSL{2,3} macros before
checking related functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54959 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
functions when OPENSSL_NO_SSL2 is defined.
Usually openssl's header and the library (libssl) have the same
set of functions, but on some environment the library has functions
whose headers doesn't declare. (openssl/opensslconf.h and libsso.so
aren't be synchronized)
To detect such case explicitly check feature macro and remove
related functions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
TLS session key in case of forward secrecy cipher. Only
available since OpenSSL 1.0.2. [Fix GH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb
function rather than OPENSSL_NPN_NEGOTIATED macro. it exists
even if it is disabled by OpenSSL configuration.
[ruby-core:74384] [Bug #12182]
* ext/openssl/ossl_ssl.c: update #ifdef(s) as above.
* test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54258 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
g -L frozen_string_literal ext/**/*.rb|xargs ruby -Ka -e'ARGV.each{|fn|puts
fn;open(fn,"r+"){|f|s=f.read.sub(/\A(#!.*\n)?(#.*coding.*\n)?/,"\\&#
frozen_string_literal: false\n");f.rewind;f.write s}}'
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53143 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
if the SSL library supports it. Thanks Kurt Roeckx <kurt@roeckx.be>
[Bug #11376]
* ext/openssl/extconf.rb: check for SSLv3 support in the SSL
implementation.
* test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3
if there is no support.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51722 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: detect ALPN support in OpenSSL
* test/openssl/test_ssl.rb: test for ALPN
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51347 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[fix GH-876][ci skip] Patch by @davydovanton
* lib/net/https.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: check RAND_edg to support libressl.
* ext/openssl/ossl_rand.c (ossl_rand_egd): define only if RAND_edg
is available. [Fix GH-829]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49576 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/depend (ossl.o): work around of dependency of
thread_native.h, which depends on headers by THREAD_MODEL.
[ruby-dev:47777]
* ext/openssl/extconf.rb: need THREAD_MODEL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43451 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl.c (ossl_thread_id): use rb_nativethread_self()
implemented at r42137 to allow threads which doesn't associated with
Ruby thread to use openssl functions.
* ext/openssl/ossl.c (Init_ossl_locks): If CRYPTO_THREADID is defined
(OpenSSL 1.0.0 or later has it) use CRYPTO_THREADID_set_callback()
instead of CRYPTO_set_id_callback() because its argument is
unsigned long; it may cause id collision on mswin64
whose sizeof(unsigned long) < sizeof(void*).
http://www.openssl.org/docs/crypto/threads.html
* ext/openssl/ossl.c (ossl_threadid_func): defined for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
feature Authenticated Encryption.
* ext/openssl/extconf.rb: detect presence of EVP_CTRL_GCM_GET_TAG to
determine whether Authenticated Encryption can be used.
[Feature #6980] [ruby-core:47426]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38492 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/digest/*/extconf.rb, ext/openssl/extconf.rb: get git rid of
post-1.8 feature require_relative for cross compilation.
[ruby-core:50160] [Bug #7439]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37878 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to
indicate whether OpenSSL runs in FIPS mode.
test/openssl/test_pkey_dh.rb: Generate 256 bit keys for
non-FIPS installations to improve test performance (e.g. for
rubyci).
test/openssl/utils.rb: Replace DSS1 as certificate signature
digest with SHA1 for FIPS installations when using DSA by
introducing TestUtils::DSA_SIGNATURE_DIGEST.
test/openssl/test_x509cert.rb:
test/openssl/test_x509crl.rb:
test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST
NEWS: Introduce OpenSSL::OPENSSL_FIPS
These changes allow running the OpenSSL tests in FIPS mode
while keeping a high performance for non-FIPS installations.
Introduction of OpenSSL::OPENSSL_FIPS allows for applications
to react to special requirements when using OpenSSL in FIPS mode.
[Feature #6946] [ruby-core:47345]
- Diese und die folgenden Zeilen werden ignoriert --
M ext/openssl/extconf.rb
M ext/openssl/ossl.c
M NEWS
M ChangeLog
M test/openssl/utils.rb
M test/openssl/test_x509crl.rb
M test/openssl/test_x509req.rb
M test/openssl/test_x509cert.rb
M test/openssl/test_pkey_dh.rb
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ext/ossl_ssl.c: Support Next Protocol Negotiation. Protocols to be
advertised by the server can be set in the SSLContext by using
SSLContext#npn_protocols=, protocol selection on the client is
supported by providing a selection callback with
SSLContext#npn_select_cb. The protocol that was finally negotiated
is available through SSL#npn_protocol.
test/openssl/test_ssl.rb: Add tests for Next Protocol Negotiation.
NEWS: add news about NPN support.
[Feature #6503] [ruby-core:45272]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/zlib/extconf.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35705 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
OpenSSL issue.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: Use exception raising instead of message
and/or abort. We want to display error message to console _and_
logging into mkmf.log.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
SSLContext#version to inspect the version that was negotiated for
a given connection.
* ext/openssl/extconf.rb: detect TLS 1.1 & 1.2 support.
* test/openssl/test_ssl.rb: add tests for TLS 1.1 & 1.2 given they
are supported by the native OpenSSL being used.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35549 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
openssl. [ruby-core:44755][Bug #6379]
* ext/openssl/deprecation.rb: extract check for broken Apple OpenSSL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35504 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: add --with-broken-apple-openssl option.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35443 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35427 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
CPPFLAGS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35426 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
from OpenSSL added by Apple.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@34823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/missing.h: ditto.
Thanks, Tim Mooney for reporting this!
[Bug #5432] [ruby-core:40088]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33843 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_engine.c: add some missing OpenSSL engines.
Thanks, Yui Naruse, for providing the patch!
[Bug #5548] [ruby-core:40670]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33631 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
GCC.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33529 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
t = Thread.new { print "."; sleep 0.1 }
key = OpenSSL::PKey::RSA.new(2048)
#=> Thread t works in parallel with public key generation if
OS/machine allows it.
This works with OpenSSL >= 0.9.8. From this version, it has new
public key generation function which allows us to interrupt the
execution while pkey generation iterations.
* ext/openssl/extconf.rb: Check existence of OpenSSL's new public key
generation function. (DH_generate_parameters_ex,
DSA_generate_parameters_ex and RSA_generate_key_ex.
* ext/openssl/ossl_pkey.{h,c} (ossl_generate_cb_2,
ossl_generate_cb_stop): Added new callback function for OpenSSL pkey
generation which handles Thread interruption by Ruby.
ossl_generate_cb_stop is the unblock function(ubf) for Ruby which
sets a stop flag. New pkey generation callback ossl_generate_cb_2
checks the stop flag at each iterations of OpenSSL and interrupts
pkey generation when the flag is set.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): Call
rb_thread_blocking_region with the above unblock function to release
GVL while pkey generation.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): ditto.
* test/openssl/test_pkey_{dh,dsa,rsa}.rb: Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_missing.h/.c: add ASN1_put_eoc if missing.
* ext/openssl/ossl_asn1.c: introduce ossl_asn1_object_size and
ossl_asn1_put_object to wrap functionality depending on OpenSSL
version in use.
Fixes [ Ruby 1.9 - Bug #4916 ] reported by Hiroshi Nakamura.
[ruby-core:37286]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32230 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
for X509_NAME_hash_old in OpenSSL 1.0.0. See #4805
* test/openssl/test_x509name.rb (test_hash): Make test pass with
OpenSSL 1.0.0.
* NEWS: Add it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|