Age | Commit message (Collapse) | Author |
|
Drop support for Ruby 2.3, 2.4, and 2.5.
As of 2021-10, Ruby 2.6 is the oldest version that still receives
security fixes from the Ruby core team, so it doesn't make much sense
to keep code for those ancient versions.
https://github.com/ruby/openssl/commit/3436bd040d
|
|
https://github.com/ruby/openssl/commit/baa83a8a57
|
|
https://github.com/ruby/openssl/commit/65e7207a07
|
|
https://github.com/ruby/openssl/commit/e8ee01b22c
|
|
On the server side, the serialized list of protocols is stored in
SSL_CTX as a String object reference. We utilize a hidden instance
variable to prevent it from being GC'ed, but this is not enough because
it can also be relocated by GC.compact.
https://github.com/ruby/openssl/commit/5eb68ba778
|
|
Store/StoreContext
We store the reverse reference to the Ruby object in the OpenSSL
struct for use from OpenSSL callback functions. To prevent the Ruby
object from being relocated by GC.compact, we must "pin" it by calling
rb_gc_mark().
https://github.com/ruby/openssl/commit/a6ba9f894f
|
|
SSLContext/SSLSocket objects
We store the reverse reference to the Ruby object in the OpenSSL
struct for use from OpenSSL callback functions. To prevent the Ruby
object from being relocated by GC.compact, we must "pin" it by calling
rb_gc_mark().
https://github.com/ruby/openssl/commit/022b7ceada
|
|
The digest library is a default gem now, too. Therefore we can't simply
use rb_require() to load it, but we should use Kernel#require instead.
This change is based on the suggestion by David Rodríguez in
https://github.com/ruby/digest/commit/16172612d56ac42f57e5788465791329303ac5d0#commitcomment-57778397
https://github.com/ruby/openssl/commit/157f80794b
|
|
prevent `ossl_ts_*_free()` from calling when `d2i_TS_*_bio()` failed.
https://github.com/ruby/openssl/commit/b29e215786
|
|
TS_time_cb on libressl expects an long long/time_t 64 bits long instead.
https://github.com/ruby/openssl/commit/4c99f577b2
|
|
Similarly to SSLSocket#syswrite, the blocking SSLSocket#sysread allows
context switches. We must prevent other threads from modifying the
string buffer.
We can use rb_str_locktmp() and rb_str_unlocktmp() to temporarily
prohibit modification of the string.
https://github.com/ruby/openssl/commit/d38274949f
|
|
Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.
Reference: https://github.com/ruby/openssl/issues/452
https://github.com/ruby/openssl/commit/aea874bc6e
|
|
Provide a wrapper of SSL_set0_tmp_dh_pkey()/SSL_CTX_set_tmp_dh(), which
sets the DH parameters used for ephemeral DH key exchange.
SSLContext#tmp_dh_callback= already exists for this purpose, as a
wrapper around SSL_CTX_set_tmp_dh_callback(), but it is considered
obsolete and the OpenSSL API is deprecated for future removal. There is
no practical use case where an application needs to use different DH
parameters nowadays. This was originally introduced to support export
grade ciphers.
RDoc for #tmp_dh_callback= is updated to recommend the new #tmp_dh=.
Note that current versions of OpenSSL support automatic ECDHE curve
selection which is enabled by default. SSLContext#tmp_dh= should only be
necessary if you must allow ancient clients which don't support ECDHE.
https://github.com/ruby/openssl/commit/aa43da4f04
|
|
Commit ee037e146037 ("ssl: remove SSL::SSLContext#tmp_ecdh_callback",
2020-08-12) forgot to remove the method.
https://github.com/ruby/openssl/commit/bef9ea84e4
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4909
|
|
https://github.com/ruby/openssl/commit/258e30b640
|
|
https://github.com/ruby/openssl/commit/0f91e2a6ee
|
|
Just append OpenSSL error reason to the given message string
object, which would be alreadly formatted.
Suppress -Wformat-security warning in `ossl_tsfac_create_ts`.
https://github.com/ruby/openssl/commit/11b1d8a6b8
|
|
* Add `printf` format attribute to `ossl_raise`.
* Fix a format specifier in `config_load_bio`.
* Use `ASSUME` for the unreachable condition.
https://github.com/ruby/openssl/commit/41da2955db
|
|
https://github.com/ruby/openssl/commit/68fa9c86f1
|
|
[ky: fixed compatibility with older versions of Ruby]
(cherry picked from commit ruby/ruby@45e65f302b663b2c6ab69df06d3b6f219c1797b2)
https://github.com/ruby/openssl/commit/8d928e0fb9
|
|
OpenSSL
* See https://bugs.ruby-lang.org/issues/18025
and https://github.com/ruby/ruby/pull/4629
https://github.com/ruby/openssl/commit/b8e4852dcc
|
|
(https://github.com/ruby/openssl/pull/447)
The values from RFC 5869
https://datatracker.ietf.org/doc/html/rfc5869#appendix-A.1
https://github.com/ruby/openssl/commit/ec14a87f4f
|
|
Back in 2016, we chose not to use Bundler in Ruby/OpenSSL development
because Bundler depended on openssl and could not be used for testing
openssl itself - "bundle exec rake test" would end up with loading two
different versions of openssl at the same time.
This has been resolved long time ago. We can now safely use it for
development dependency management and for Rake tasks.
https://github.com/ruby/openssl/commit/47283d9161
|
|
https://github.com/ruby/openssl/commit/8a1e3f5085
|
|
Also, OpenSSL::BN::CONSTTIME is added.
OpenSSL itself had a feature that was vulnerable against a side-channel
attack. The OpenSSL authors determined that it was not a security issue,
and they have already fixed the issue by using BN_set_flags.
https://github.com/openssl/openssl/pull/13888
If a Ruby OpenSSL user was faced with a similar issue, they couldn't
prevent the issue because Ruby OpenSSL lacks a wrapper to BN_set_flags.
For the case, this change introduces the wrapper.
https://github.com/ruby/openssl/commit/1e565eba89
|
|
PKey#{sign,verify}_raw
With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw,
OpenSSL::PKey::DSA's low level signing operation methods can be
implemented in Ruby. The definitions are now in lib/openssl/pkey.rb.
https://github.com/ruby/openssl/commit/ce805adf0c
|
|
PKey#{sign,verify}_raw
With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw,
OpenSSL::PKey::EC's low level signing operation methods can be
implemented in Ruby. The definitions are now in lib/openssl/pkey.rb.
https://github.com/ruby/openssl/commit/1f9da0cd9d
|
|
EVP API
Implement these methods using the new OpenSSL::PKey::PKey#{encrypt,sign}
family. The definitions are now in lib/openssl/pkey.rb.
Also, recommend using those generic methods in the documentation.
https://github.com/ruby/openssl/commit/2dfc1779d3
|
|
Add a variant of PKey#sign and #verify that do not hash the data
automatically.
Sometimes the caller has the hashed data only, but not the plaintext
to be signed. In that case, users would have to use the low-level API
such as RSA#private_encrypt or #public_decrypt directly.
OpenSSL 1.0.0 and later supports EVP_PKEY_sign() and EVP_PKEY_verify()
which provide the same functionality as part of the EVP API. This patch
adds wrappers for them.
https://github.com/ruby/openssl/commit/16cca4e0c4
|
|
The next release is decided to be 3.0 rather than 2.3.
https://github.com/ruby/openssl/commit/b8a434e462
|
|
Support public key encryption and decryption operations using the EVP
API.
https://github.com/ruby/openssl/commit/75326d4bbc
|
|
Remove the following methods, which have been marked as deprecated and
produced a warning since version 2.0, commit 7ea72f1f5084 ("adapt
OpenSSL::PKey to OpenSSL 1.1.0 opaque structs", 2016-06-05).
- OpenSSL::PKey::RSA#n=, #e=, #d=, #p=, #q=, #dmp1=, #dmq1=, #iqmp=
- OpenSSL::PKey::DSA#p=, #q=, #g=, #priv_key=, #pub_key=
- OpenSSL::PKey::DH#p=, #g=, #priv_key=, #pub_key=
These methods could only work with OpenSSL 1.0.2 or older, which is now
EOL.
https://github.com/ruby/openssl/commit/2334862cc0
|
|
(https://github.com/ruby/openssl/pull/441)
* Add feature for loading the chained certificate into Certificate array.
https://github.com/ruby/openssl/commit/05e1c015d6
Co-authored-by: Sao I Kuan <saoikuan@gmail.com>
|
|
Methods that take both PEM-encoding and DER-encoding have not been
consistent in the order in which encoding to attempt to parse.
A DER-encoding may contain a valid PEM block ("\n-----BEGIN ..-----" to
"-----END ...-----") embedded within it. Also, the PEM-encoding parser
allows arbitrary data around the PEM block and silently skips it. As a
result, attempting to parse data in DER-encoding as PEM-encoding first
can incorrectly finds the embedded PEM block instead.
This commit ensures that DER encoding will always be attempted before
PEM encoding. OpenSSL::X509::Certificate is one of the updated classes.
With this, the following will always be true:
# obj is an OpenSSL::X509::Certificate
obj == OpenSSL::X509::Certificate.new(obj.to_der)
obj == OpenSSL::X509::Certificate.new(obj.to_pem)
https://github.com/ruby/openssl/commit/b280eb1fd0
|
|
https://github.com/ruby/openssl/commit/51b3030b2b
|
|
Normal sockets respond to `getbyte`, so we should make SSLSocket respond
to `getbyte` as well. This way we can substitute SSLSockets for regular
sockets.
https://github.com/ruby/openssl/commit/ac1490b7c9
|
|
Use EVP_PKEY_param_check() instead of DH_check() if available. Also,
use EVP_PKEY_public_check() instead of EC_KEY_check_key().
EVP_PKEY_*check() is part of the EVP API and is meant to replace those
low-level functions. They were added by OpenSSL 1.1.1. It is currently
not provided by LibreSSL.
https://github.com/ruby/openssl/commit/797e9f8e08
|
|
The low-level API that is used to implement #public_key is deprecated
in OpenSSL 3.0. It is actually very simple to implement in another way,
using existing methods only, in much shorter code. Let's do it.
While we are at it, the documentation is updated to recommend against
using #public_key. Now that OpenSSL::PKey::PKey implements public_to_der
method, there is no real use case for #public_key in newly written Ruby
programs.
https://github.com/ruby/openssl/commit/48a6c391ef
|
|
Use EVP_PKEY_print_private() instead of the low-level API *_print()
functions, such as RSA_print().
EVP_PKEY_print_*() family was added in OpenSSL 1.0.0.
Note that it falls back to EVP_PKEY_print_public() and
EVP_PKEY_print_params() as necessary. This is required for EVP_PKEY_DH
type for which _private() fails if the private component is not set in
the pkey object.
Since the new API works in the same way for all key types, we now
implement #to_text in the base class OpenSSL::PKey::PKey rather than in
each subclass.
https://github.com/ruby/openssl/commit/e0b4c56956
|
|
The previous series of commits re-implemented key generation with the
low level API with the EVP API. The BN_GENCB-based callback function is
no longer used.
https://github.com/ruby/openssl/commit/81027b7463
|
|
and keys
Implement PKey::DSA.new(size) and PKey::DSA.generate using
OpenSSL::PKey.generate_parameters and .generate_key instead of the low
level DSA functions.
https://github.com/ruby/openssl/commit/1800a8d5eb
|
|
and keys
Implement PKey::RSA.new(size, exponent) and PKey::RSA.generate using
OpenSSL::PKey.generate_key instead of the low level RSA functions.
https://github.com/ruby/openssl/commit/363fd10713
|
|
and keys
Implement PKey::DH.new(size, gen), PKey::DH.generate(size, gen), and
PKey::DH#generate_key! using PKey.generate_parameters and .generate_key
instead of the low level DH functions.
Note that the EVP interface can enforce additional restrictions - for
example, DH key shorter than 2048 bits is no longer accepted by default
in OpenSSL 3.0. The test code is updated accordingly.
https://github.com/ruby/openssl/commit/c2e9b16f0b
|
|
rb_thread_call_without_gvl() can be interrupted, but it may be able to
resume the operation. Call rb_thread_check_ints() to see if it raises
an exception or not.
https://github.com/ruby/openssl/commit/88b90fb856
|
|
#verify
Similarly to OpenSSL::PKey.generate_key and .generate_parameters, let
OpenSSL::PKey::PKey#sign and #verify take an optional parameter for
specifying control strings for EVP_PKEY_CTX_ctrl_str().
https://github.com/ruby/openssl/commit/faf85d7c1d
|
|
operations
The routine to apply Hash to EVP_PKEY_CTX_ctrl_str() is currently used
by key generation, but it is useful for other operations too. Let's
change it to a slightly more generic name.
https://github.com/ruby/openssl/commit/b2b77527fd
|
|
Fix potential leak of EVP_MD_CTX object in an error path. This path is
normally unreachable, since the size of a signature generated by any
supported algorithms would not be larger than LONG_MAX.
https://github.com/ruby/openssl/commit/99e8630518
|
|
Similarly to OpenSSL >= 1.1.0, LibreSSL 2.9.0 ensures thread safety
without requiring applications to set locking callbacks and made
related functions no-op.
https://github.com/ruby/openssl/commit/7276233e1a
|
|
LibreSSL 2.2.2 introduced TLS_method(), but with different semantics
from OpenSSL: TLS_method() enabled TLS >= 1.0 while SSLv23_method()
enabled all available versions, which included SSL 3.0 in addition.
However, LibreSSL 2.3.0 removed SSL 3.0 support completely and now
TLS_method() and SSLv23_method() are equivalent.
https://github.com/ruby/openssl/commit/3b7d7045b8
|