| Age | Commit message (Collapse) | Author |
|---|
|
Let's consistently use the word "password". Although they are considered
synonymous, the mixed usage in the rdoc can cause confusion.
OpenSSL::KDF.scrypt is an exception. This is because RFC 7914 refers to
the input parameter as "passphrase".
https://github.com/ruby/openssl/commit/06d67640e9
|
|
SSL_ERROR_SYSCALL
Enrich SSLError's message with the low-level certificate verification
result, even if SSL_get_error() returns SSL_ERROR_SYSCALL. This is
currently done on SSL_ERROR_SSL only.
According to the man page of SSL_get_error(), SSL_ERROR_SYSCALL may be
returned for "other errors, check the error queue for details". This
apparently means we have to treat SSL_ERROR_SYSCALL, if errno is not
set, as equivalent to SSL_ERROR_SSL.
https://github.com/ruby/openssl/commit/5113777e82
|
|
Expand tabs, insert some spaces, and adjust indentation of switch-case
to match Ruby's style.
https://github.com/ruby/openssl/commit/10833aa8f6
|
|
(https://github.com/ruby/zlib/pull/55)
zstream_discard_input was encoding and character-aware when given input is user-provided, so this discards `len` chars instead of `len` bytes.
Also Zlib.gunzip explains in its rdoc that it is equivalent with the following code, but this doesn't fail for UTF-8 String.
```ruby
string = %w[1f8b0800c28000000003cb48cdc9c9070086a6103605000000].pack("H*").force_encoding('UTF-8')
sio = StringIO.new(string)
p gz.read #=> "hello"
gz&.close
p Zlib.gunzip(string) #=> Zlib::DataError
```
Reported and discovered by eagletmt at https://twitter.com/eagletmt/status/1689692467929694209
https://github.com/ruby/zlib/commit/c5e58bc62a
|
|
Both for being closer to real IOs and also because it's a convenient API
in multithreaded scenarios.
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
|
|
https://github.com/ruby/fiddle/commit/c313a74632
|
|
https://github.com/ruby/fiddle/commit/69ff680bf6
|
|
GitHub: fix https://github.com/ruby/fiddle/pull/130
Reported by Benoit Daloze. Thanks!!!
https://github.com/ruby/fiddle/commit/bc6c66bbb9
|
|
https://github.com/ruby/fiddle/commit/6cdf53726d
|
|
[ci skip]
|
|
rb_reg_onig_match performs preparation, error handling, and cleanup for
matching a regex against a string. This reduces repetitive code and
removes the need for StringScanner to access internal data of regex.
Notes:
Merged: https://github.com/ruby/ruby/pull/8123
|
|
Syncs commit ruby/strscan@76b377a5d875ec77282d9319d62d8f24fe283b40.
|
|
truffle/openssl-prefix on TruffleRuby
* See https://github.com/ruby/openssl/issues/650#issuecomment-1645699608
https://github.com/ruby/openssl/commit/ca738e7e13
|
|
https://github.com/flori/json/commit/82a75ba98e
Notes:
Merged: https://github.com/ruby/ruby/pull/8091
|
|
In `JSON#generate` and `JSON#fast_generate`:
- When the given `opts` is a `JSON::State` the variable is set to
`nil`.
- But it will be never used as the next `if` blocks will not be
executed.
- `JSON::State#configure` does the conversion to `Hash`, the
conversions in the `if` block are just duplication.
- `JSON::State.new` does the same thing with `configure` when an
argument is given.
https://github.com/flori/json/commit/5d9ab87f8e
Notes:
Merged: https://github.com/ruby/ruby/pull/8091
|
|
https://github.com/flori/json/commit/ed242667b4
Notes:
Merged: https://github.com/ruby/ruby/pull/8091
|
|
This macro is defined since ruby 2.1, which is older than the required
ruby version.
https://github.com/flori/json/commit/dd1d54e78a
Notes:
Merged: https://github.com/ruby/ruby/pull/8091
|
|
https://github.com/flori/json/commit/3dd36c6077
|
|
https://github.com/flori/json/commit/20b80ca317
|
|
Before:
```c
/* First part of user prologue. */
#line 14 "parse.y"
```
After:
```c
/* First part of user prologue. */
#line 14 "ripper.y"
```
Notes:
Merged: https://github.com/ruby/ruby/pull/8083
|
|
In `rb_ruby_ripper_parser_allocate`, `r->p` is NULL between creating
`self` and `parser_params` assignment. As GC can happen there, the
typed-data functions for it need to consider the case.
Notes:
Merged: https://github.com/ruby/ruby/pull/8085
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/8057
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/8066
|
|
Although MinGW provides this header but not the function, Windows
version ruby provides the function.
https://github.com/ruby/etc/commit/f7fa1884fa
|
|
OpenSSL::Cipher#pkcs5_keyivgen
(https://github.com/ruby/openssl/pull/647)
OpenSSL::Cipher#pkcs5_keyivgen should only be used when it is
absolutely necessary for compatibility with ancient applications.
Having an example can be misleading. We already have another example
for OpenSSL::Cipher in which PBKDF2 is used to derive a key.
As described in the rdoc of OpenSSL::Cipher#pkcs5_keyivgen, it is
compatible with PKCS#5 PBES1 (PKCS#5 v1.5) only when used in combination
of a hash function MD2, MD5, or SHA-1, and a cipher DES-CBC or RC2-CBC.
This example uses MD5 as the hash function and combines it with AES.
This is considered insecure and also using a non-standard technique to
derive longer keys.
https://github.com/ruby/openssl/commit/e379cc0cca
|
|
(https://github.com/ruby/openssl/pull/646)
Add OpenSSL::PKey.new_raw_private_key, #raw_private_key and public
equivalents. These methods are useful for importing and exporting keys
that support "raw private/public key". Currently, OpenSSL implements
X25519/X448 and Ed25519/Ed448 keys.
[rhe: rewrote commit message]
https://github.com/ruby/openssl/commit/3f29525618
Co-authored-by: Bart de Water <bartdewater@gmail.com>
|
|
https://github.com/ruby/etc/commit/b95ddef386
|
|
Fixes https://github.com/ruby/etc/pull/22.
Build failure when the ruby installed directory name contains spaces.
https://github.com/ruby/etc/commit/1ab19d5815
|
|
https://github.com/ruby/etc/commit/365398ea47
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/8050
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/8046
|
|
https://github.com/ruby/bigdecimal/commit/8a94a29cf1
|
|
https://github.com/ruby/bigdecimal/commit/f63544d465
|
|
We should leave additional dependency if we leave from them.
https://github.com/ruby/psych/commit/3d0325a774
|
|
https://github.com/ruby/psych/commit/902c292f26
|
|
According to the C99 specification section 7.20.3.2 paragraph 2:
> If ptr is a null pointer, no action occurs.
So we do not need to check that the pointer is a null pointer.
Notes:
Merged: https://github.com/ruby/ruby/pull/8004
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/7999
|
|
The following script leaks memory in Ripper:
```ruby
require "ripper"
20.times do
100_000.times do
Ripper.parse("")
end
puts `ps -o rss= -p #{$$}`
end
```
Notes:
Merged: https://github.com/ruby/ruby/pull/7985
|
|
protected
(https://github.com/ruby/fiddle/pull/129)
They don't have a mark function, so they don't need any change.
https://github.com/ruby/fiddle/commit/9bbc732aef
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
|
|
(https://github.com/ruby/fiddle/pull/127)
Save from having to mark them on every minor.
https://github.com/ruby/fiddle/commit/153c09c99f
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
|
|
https://github.com/ruby/fiddle/commit/4c0c5da1a5
|
|
GitHub: fix https://github.com/ruby/fiddle/pull/96
I wanted to add a test for this but I couldn't find a function that
has a "char" argument in libc...
Reported by kojix2. Thanks!!!
https://github.com/ruby/fiddle/commit/2c863ef8ba
|
|
https://github.com/ruby/fiddle/commit/2b22bb9d74
|
|
GitHub: fix https://github.com/ruby/fiddle/pull/100
Reported by David M. Lary. Thanks!!!
https://github.com/ruby/fiddle/commit/516333dd78
|
|
(https://github.com/ruby/fiddle/pull/123)
This commit adds two new methods, `Fiddle::Pointer.read` and
`Fiddle::Pointer.write`. Both methods take an address, and will read or
write bytes at that address respectively.
For example we can read from an address without making a Pointer object:
```ruby
Fiddle::Pointer.read(address, 5) # read 5 bytes
```
We can also write to an address without allocating a Pointer object:
```ruby
Fiddle::Pointer.write(address, "bytes") # write 5 bytes
```
This allows us to read / write memory at arbitrary addresses without
instantiating a new `Fiddle::Pointer` object.
Examples where this API would be useful
[1](https://github.com/tenderlove/tenderjit/blob/f03481d28bff4d248746e596929b0841de65f181/lib/tenderjit/fiddle_hacks.rb#L26-L28)
[2](https://github.com/tenderlove/ruby/blob/77c8daa2d40dd58eeb3785ce17dea2ee38f308d1/lib/ruby_vm/rjit/c_pointer.rb#L193)
[3](https://github.com/tenderlove/ruby/blob/77c8daa2d40dd58eeb3785ce17dea2ee38f308d1/lib/ruby_vm/rjit/c_pointer.rb#L284)
I also added a writer method for the same reasons as the reader.
---------
https://github.com/ruby/fiddle/commit/04238cefed
Co-authored-by: Sutou Kouhei <kou@clear-code.com>
|
|
https://github.com/ruby/openssl/commit/189c167e40
[rhe: tool/update-deps --fix to update ext/openssl/depend]
|
|
clang generates a warning:
../../../../ext/openssl/ossl_pkey.c:326:22: error: implicit truncation from 'int' to a one-bit wide bit-field changes value from 1 to -1 [-Werror,-Wsingle-bit-bitfield-constant-conversion]
arg->interrupted = 1;
^ ~
1 error generated.
https://github.com/ruby/openssl/commit/4b2ba7b022
|
|
Ruby 2.6 has reached EOL on 2022-03. Requiring Ruby 2.7 allows us to
use C99 syntax.
https://github.com/ruby/openssl/commit/f6ba75e51e
|
|
features
RUBY_OPENSSL_EXTCFLAGS and RUBY_OPENSSL_EXTLDFLAGS have been added for
the primary purpose of appending custom warning flags during
development and CI.
Since checking programs generated by mkmf may not be completely
warning-free, we don't want to apply -Werror that may be supplied from
those environment variables.
https://github.com/ruby/openssl/commit/2a95b971d5
|
|
the FIPS mode.
This commit is a workaround to avoid the error below that the
`OpenSSL::PKey.read` fails with the OpenSSL 3.0 FIPS mode.
```
$ openssl genrsa -out key.pem 4096
$ ruby -e "require 'openssl'; OpenSSL::PKey.read(File.read('key.pem'))"
-e:1:in `read': Could not parse PKey (OpenSSL::PKey::PKeyError)
from -e:1:in `<main>'
```
The root cause is on the OpenSSL side. The `OSSL_DECODER_CTX_set_selection`
doesn't apply the selection value properly if there are multiple providers, and
a provider (e.g. "base" provider) handles the decoder implementation, and
another provider (e.g. "fips" provider) handles the keys.
The workaround is to create `OSSL_DECODER_CTX` variable each time without using
the `OSSL_DECODER_CTX_set_selection`.
https://github.com/ruby/openssl/commit/5ff4a31621
|
