Age | Commit message (Collapse) | Author |
|
* lib/net/http.rb, lib/open-uri.rb: remove
Net::HTTP#enable_post_connection_check. [ruby-dev:31960]
* lib/net/imap.rb: hostname should be verified against server's
indentity as persented in the server's certificate. [ruby-dev:31960]
* ext/openssl/lib/net/telnets.rb, ext/openssl/lib/net/ftptls.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16876 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/net/http.rb: an SSL verification (the server hostname should
be matched with its certificate's commonName) is added.
this verification can be skipped by
"Net::HTTP#enable_post_connection_check=(false)".
suggested by Chris Clark <cclark at isecpartners.com>
* lib/net/open-uri.rb: use Net::HTTP#enable_post_connection_check to
perform SSL post connection check.
* ext/openssl/lib/openssl/ssl.c
(OpenSSL::SSL::SSLSocket#post_connection_check): refine error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13502 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@11599 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method
OpenSSL::Cipher.ciphers. it returns all the cipher names.
* ext/openssl/lib/openssl/cipher.rb:
- add constants AES128, AES192, AES256. [ruby-dev:28610]
- reimplement without eval()
* ext/openssl/lib/openssl/digest.rb: reimplement without eval().
* test/openssl/test_cipher.rb, test_digest: fix about reimplemented
features.
* sample/openssl/cipher.rb: rewrite all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10339 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(OpenSSL::SSL::SocketForwarder#setsockopt,getsockopt): typo fixed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10183 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(OpenSSL::SSL::SSLSocket#post_connection_chech):
treat wildcard character in commonName. [ruby-dev:28121]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@9742 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(again), [ruby-dev:26617] (again), [ruby-dev:27062]
* ext/openssl/lib/net/https.rb: removed.
* ext/openssl/lib/net/protocols.rb: removed.
* lib/net/http.rb: #use_ssl?, #use_ssl are moved from net/https.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@9152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
these features are enabled if this library is compiled with
OpenSSL 0.9.8 or later.
* test/openssl/test_digest.rb: add test for new digests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@9111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
should clear data from the buffer which already been output.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@9077 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
should initialize session id context. [ruby-core:4663]
* ext/openssl/ossl_ssl.c (ossl_sslctx_setup): add session id support.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@8498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
rb_sys_fail if errno isn't 0. [ruby-dev:25831]
* ext/openssl/lib/openssl/cipher.rb: fix typo. [ruby-dev:24285]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@8130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ossl_ssl_write):
- need to set errno on Win32 platform.
- should call rb_sys_fail instead of rasing SSLError if
SSL_ERROR_SYSCALL occured.
- should wait for that the underlying IO become readable or
writable if the error was SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE. [ruby-dev:25795]
* ext/openssl/lib/openssl/buffering.rb
(Buffering#initialize): should set @eof and @rbuffer.
(Buffering#fill_rbuff): should rescue Errno::EAGAIN.
(Buffering#consume_rbuf): pointless eof flag resetting is deleted.
(Buffering#read): should return an empty string if the specified
size is zero.
(Buffering#readpartial): new method.
(Buffering#readline): fix typo.
(Buffering#getc): return the first character of string correctly.
(Buffering#each): fix typo. suggested by Brian Ollenberger.
(Buffering#readchar): fix typo.
(Buffering#eof?): should read again it the input buffer is empty.
(Buffering#do_write): should rescue Errno::EAGAIN.
(Buffering#puts): use "\n" as the output field separator.
* ext/openssl/lib/openssl/ssl.rb: set non-blocking flag to the
underlying IO.
* ext/openssl/extconf.rb: get rid of GNUmakefile generation.
* text/openssl/test_pair.rb: test for IO like methods.
* test/ruby/ut_eof.rb: test about empty file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@8104 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(OpenSSL::SSL::SSLSocket#post_connection_check): new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
doc and code about SSLContext#{key_file,cert_file}.
fixed: [ruby-dev:25243]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7609 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(ossl_x509store_set_time): add OpenSSL::X509::Store#time=.
(ossl_x509stctx_set_time): add OpenSSL::X509::StoreContext#time=.
* test/openssl/ossl_x509store.rb: test certificate validity times.
* ext/openssl/ossl_x509name.c (ossl_x509name_to_s): add optional
second argument to specify the output format (see also
X509_NAME_print_ex).
* ext/openssl/ossl_x509name.c (ossl_x509name_init): new constants:
OpenSSL::X509::Name::COMPAT, OpenSSL::X509::Name::RFC2253,
OpenSSL::X509::ONELINE, OpenSSL::X509::MULTILINE.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name::RFC2253DN):
new module to provide the parse for RFC2253 DN format.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name.parse_rfc2253):
new method to parse RFC2253 DN format.
* test/openssl/ossl_x509name.rb: add tests about RFC2253 DN.
* text/openssl/ssl_server.rb: try to listen ports from 20443 to 20542
while EADDRINUSE is raised.
* all changes in this entry are backport from 1.9.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7599 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
- should return an empty string if specified length to read is 0.
- should check for pending data and wait for fd before reading.
- call underlying IO's sysread if SSL session is not started.
[ruby-dev:24072], [ruby-dev:24075]
* ext/openssl/ossl_ssl.c (ossl_ssl_write):
- call underlying IO's syswrite if SSL session is not started.
* ext/openssl/ossl_ssl.c (ossl_ssl_pending): new method
OpenSSL::SSL#pending.
* ext/openssl/lib/openssl/buffering.rb: should not use select.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@6809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
to specify a string to be written.
* ext/openssl/lib/openssl/buffering.rb (OpenSSL::Buffering#read):
take optional second argument to specify a string to be written.
* ext/openssl/lib/openssl/buffering.rb (OpenSSL::Buffering#gets):
refine regexp for end-of-line.
* ext/opnessl/lib/openssl/ssl.rb
(OpenSSL::SSL::SocketForwarder#listen): fix typo.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@6550 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_x509hame.c (ossl_x509name_initialize): change
second argument. it expected to be a Hash not an Integer.
* ext/openssl/ossl_x509name.c (ossl_x509name_add_entry): add new
function for OpenSSL::X509::Name#add_entry.
* ext/openssl/ossl_x509name.c (ossl_x509name_to_a): append ASN.1
tag number to each element of return value.
* ext/openssl/ossl_x509name.c (Init_ossl_x509name): add constants
OpenSSL::X509::Name::DEFAULT_OBJECT_TYPE and OBJECT_TYPE_TEMPLATE.
* ext/openssl/lib/openssl/x509.rb (OpenSSL::X509::Name#initialize):
second argument takes OBJECT_TYPE_TEMPLATE by default.
* sample/openssl/gen_csr.rb: use OpenSSL::X509::Name.parse.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@5575 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
add new method to inherit @sync from @io.sync.
* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): no need to
set sync flag explicitly.
* ext/openssl/ossl_ssl.c (ossl_sslctx_initialize): call super.
* ext/openssl/ossl_ssl.c (ossl_sslctx_setup): set extra chain
certificates in @extra_chain_cert.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4859 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
optional argument to specify the DirectoryString type
(ASN1::UTF8STRING by default). RFC3280 deprecates PrintableString
for DirectoryString, and strongly requires to use UTF8String for
all certificates issued after December, 31 2003.
* ext/openssl/lib/openssl/x509.rb (X509::Name::parse): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4733 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/extconf.rb: add check for assert.h.
* ext/openssl/ossl.c (ossl_buf2str): new function to convert
C buffer to String and free buffer.
* ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert
Array of OpenSSL::X509 to STACK_OF(X509) with exception safe.
* ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new
functions to convert object to DER string.
* ext/openssl/ossl.h: ditto.
* ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert
BIO to String object and free BIO.
* ext/openssl/ossl_bio.h: ditto.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der".
* ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto.
* ext/openssl/ossl_x509ext.c (create_ext_from_array): removed
and reimplement in openssl/x509.rb.
* ext/openssl/ossl_x509attr.c: reimplemented and disable some
method temporarily. this class doesn't work fine without ASN.1
data support;-) I'll rewrite in near future.
* ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off
unused code.
* ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_digest.c: add ossl_digest_new().
* ext/openssl/ossl_digest.h: ditto.
* ext/openssl/ossl_cipher.c: add ossl_cipher_new().
* ext/openssl/ossl_cipher.h: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4511 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
for skipping server verification.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4482 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/https.rb: SSLSocket handling is moved to webrick/ssl.rb.
* lib/webrick/compat.rb (File::fnmatch): remove old migration code.
* lib/webrick/httpserver.rb (HTTPServer#run): ditto.
* lib/webrick/server.rb (GenericServer#listen): the body of this
method is pull out as Utils::create_lisnteners.
* lib/webrick/utils.rb (Utils::create_lisnteners): new method.
* lib/webrick/server.rb (GenericServer#start): should not
through unknown errors. and refine comments.
* ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): should close
socket if SSLSocket raises error.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
a builtin.
* ext/openssl/lib/openssl/buffering.rb (Buffering#close): ditto.
* ext/openssl/lib/openssl/buffering.rb (Buffering#puts): should
add a return to the tails of each line.
* ext/openssl/lib/openssl/ssl.rb: new class OpenSSL::SSL::SSLServer.
* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): use sync_close.
* ext/openssl/sample/echo_svr.rb: use SSLServer.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
method to specify if the underlying IO will be closed in
SSLSocket#close.
* ext/openssl/lib/openssl/buffering.rb: add forwarders to
setsockopt, getsockopt and fcntl.
* ext/openssl/lib/net/protocols.rb: enable sync for SSLSocket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4400 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
from 1k to 16k bytes. [ruby-talk:78603]
* ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): enable
partial write to allow interruption in SSLSocket#sysread.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
connection is set up already.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4198 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|