| Age | Commit message (Collapse) | Author |
|---|
|
The socket is called ssl_connection, not connection
https://github.com/ruby/openssl/commit/642783aeda
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
values
SSLContext's verify_mode expects an SSL_VERIFY_* constant (an integer)
and verify_hostname expects either true or false. However, they are set
to nil after calling OpenSSL::SSL::SSLContext.new, which is surprising.
Set a proper value to them by default: verify_mode is set to
OpenSSL::SSL::VERIFY_NONE and verify_hostname is set to false by
default.
Note that this does not change the default behavior. The certificate
verification was never performed unless verify_mode is set to
OpenSSL::SSL::VERIFY_PEER by a user. The same applies to
verify_hostname.
https://github.com/ruby/openssl/commit/87d869352c
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Explicitly check for type given some conflicting statements within openssl's
documentation around EVP_PKEY_cmp and EVP_PKEY_ASN1_METHOD(3).
Add documentation with an example for compare?
https://github.com/ruby/openssl/commit/0bf51da6e2
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
We ran into some Linux-based systems not accepting the upper case variant
https://github.com/ruby/openssl/commit/7bc49121d5
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
OpenSSL::HMAC implements the similar interface as ::Digest. Let's add
base64digest methods to OpenSSL::HMAC, too, for feature parity.
https://github.com/ruby/openssl/commit/098bcb68af
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Use the EVP API instead of the low-level HMAC API. Use of the HMAC API
has been discouraged and is being marked as deprecated starting from
OpenSSL 3.0.0.
The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest
are now in lib/openssl/hmac.rb.
https://github.com/ruby/openssl/commit/0317e2fc02
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Deprecate it for future removal. However, I do not expect any
application is affected by this.
The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains
untouched.
PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs
are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the
feature and OpenSSL 3.0 which is planned to be released in 2020 will
also deprecate the function as there is no real use-case.
https://github.com/ruby/openssl/commit/812de4253d
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
appropriate
IO.read may mangle line separator, which will corrupt binary data
including DER-encoded X.509 certificates and such.
Fixes: https://github.com/ruby/openssl/issues/243
https://github.com/ruby/openssl/commit/93213b2730
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
PKey::EC#dh_compute_key
Use the new OpenSSL::PKey::PKey#derive instead of the raw
{EC,}DH_compute_key(), mainly to reduce amount of the C code.
https://github.com/ruby/openssl/commit/28edf6bafc
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive().
This is useful for pkey types that we don't have dedicated classes, such
as X25519.
https://github.com/ruby/openssl/commit/28f0059bea
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
OpenSSL 1.1.1 added EVP_DigestSign() and EVP_DigestVerify() functions
to the interface. Some EVP_PKEY methods such as PureEdDSA algorithms
do not support the streaming mechanism and require us to use them.
https://github.com/ruby/openssl/commit/ae19454592
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
interface
Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the
old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL
1.0.0.
Also, allow the digest to be specified as nil, as certain EVP_PKEY types
don't expect a digest algorithm.
https://github.com/ruby/openssl/commit/9ff6e5143b
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Add two methods to create a PKey using the generic EVP interface. This
is useful for the PKey types we don't have a dedicated class.
https://github.com/ruby/openssl/commit/d8e8e57de9
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
The EVP interface cannot tell whether if a pkey contains the private
components or not. Assume it does if it does not respond to #private?.
This fixes the NoMethodError on calling #sign on a generic PKey.
https://github.com/ruby/openssl/commit/f4c717bcb2
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Add ossl_pkey_export_traditional() and ossl_pkey_export_spki() helper
functions, and use them. This reduces code duplication.
https://github.com/ruby/openssl/commit/56f0d34d63
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Export the flow used by OpenSSL::PKey.read and let the subclasses call
it before attempting other formats.
https://github.com/ruby/openssl/commit/d963d4e276
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
https://github.com/ruby/openssl/commit/cf92a3ffba
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Try PEM_read_bio_Parameters(). Only PEM format is supported at the
moment since corresponding d2i_* functions are not provided by OpenSSL.
https://github.com/ruby/openssl/commit/867e5c021b
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Merge the code into the callers so that the wrapping Ruby object is
allocated before the raw key object is allocated. This prevents possible
memory leak on Ruby object allocation failure, and also reduces the
lines of code.
https://github.com/ruby/openssl/commit/1eb1366615
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
ossl_{rsa,dsa,dh,ec}_new() called from this function are not used
anywhere else. Inline them into pkey_new0() and reduce code
duplication.
https://github.com/ruby/openssl/commit/94aeab2f26
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Now that OpenSSL::Config wraps a real CONF object, the caller can just
borrow it rather than creating a new temporary CONF object. CONF object
is usually treated as immutable.
DupConfigPtr() is now removed, and GetConfig() is exported instead.
https://github.com/ruby/openssl/commit/d9064190ca
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Revert OpenSSL::Config to using the OpenSSL API and remove our own
parser implementation for the config file syntax.
OpenSSL::Config now wraps a CONF object. Accessor methods deal with the
object directly rather than Ruby-level internal state.
This work is based on the old C code we used before 2010.
https://github.com/ruby/openssl/commit/c891e0ea89
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Remove 4 deprecated methods.
The following two methods have been marked as deprecated since 2003,
by r4531 (ruby.git commit 78ff3833fb67c8005a9b851037e74b3eea940aa3).
- OpenSSL::Config#value
- OpenSSL::Config#section
Other two methods are removed because the corresponding functions
disappeared in OpenSSL 1.1.0.
- OpenSSL::Config#add_value
- OpenSSL::Config#[]=
https://github.com/ruby/openssl/commit/9783d7f21c
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Allow specifying just length to #update
CCM mode ciphers need to specify the total plaintext or ciphertext
length to EVP_CipherUpdate.
Update the link to the tests file
Define Cipher#ccm_data_len= for CCM mode ciphers
Add a unit test for CCM mode
Also check CCM is authenticated when testing
https://github.com/ruby/openssl/commit/bb3816953b
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4248
|
|
[Bug #17675] https://bugs.ruby-lang.org/issues/17675
https://github.com/ruby/stringio/commit/1ed61d0cbc
|
|
Gem::Specification#add_development_dependency.
https://github.com/ruby/stringio/commit/157fe9f04d
|
|
Fixes https://bugs.ruby-lang.org/issues/17659
https://github.com/ruby/io-wait/commit/ba338b4764
Notes:
Merged: https://github.com/ruby/ruby/pull/4244
|
|
https://github.com/ruby/io-wait/commit/88db082d60
Notes:
Merged: https://github.com/ruby/ruby/pull/4244
|
|
Before 3.0.0, io-wait has not been gemified.
https://github.com/ruby/io-wait/commit/6fed3da323
Notes:
Merged: https://github.com/ruby/ruby/pull/4244
|
|
https://github.com/ruby/io-wait/commit/0599f6d4d6
https://github.com/ruby/io-wait/commit/4e982aea1b
https://github.com/ruby/io-wait/commit/5b45685eb3
Notes:
Merged: https://github.com/ruby/ruby/pull/4244
|
|
|
|
This lets us cast a Fiddle::Function to a block, allowing is to write
things like:
```ruby
f = Fiddle::Function.new(@libc['strcpy'], [TYPE_VOIDP, TYPE_VOIDP], TYPE_VOIDP)
define_method :strcpy, &f
```
|
|
|
|
Fixes https://bugs.ruby-lang.org/issues/17629
https://github.com/ruby/readline-ext/commit/250d6787ed
|
|
The [] wasn't being displayed, and try to fix formatting for bol?
and << (even if they aren't linked).
Fixes [Bug #17620]
|
|
https://github.com/ruby/zlib/commit/7d3d19710f
|
|
|
|
|
|
|
|
* Rename `rb_scheduler` to `rb_fiber_scheduler`.
* Use public interface if available.
* Use `rb_check_funcall` where possible.
* Don't use `unblock` unless the fiber was non-blocking.
Notes:
Merged-By: ioquatix <samuel@codeotaku.com>
|
|
This reverts commit 478716f49a19cdd86f629c6a0673c1ff53630c96
partially -- "Removed unnecessary parentheses" part -- because of
a lambda, see 9e25eb308d4fae9a10e120c2b4601916cc38336c.
|
|
* Adjusted indentation in license section, and used "(c)"
* Commented out invalid syntax to enable highlighting
* Removed unnecessary parentheses
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4104
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4150
|
|
Stop using logarithm to compute the number of components.
Instead, use the theoretical maximum number of components for buffer,
and count up the actual number of components during conversion.
https://github.com/ruby/bigdecimal/commit/9067b353ac
|
|
https://github.com/ruby/bigdecimal/commit/7479923fdb
|
|
This change is for preventing the false-positive alert by CoverityScan.
See CID-1471770 for the detail.
https://github.com/ruby/bigdecimal/commit/4d5b97125b
|
|
This value should either be pinned, or looked up when needed at runtime.
Without pinning, the GC may move the encoding object, and that could
cause a crash.
In this case it is easier to find the value at runtime, and there is no
performance penalty (as Ruby caches encoding indexes). We can shorten
the code, be compaction friendly, and incur no performance penalty.
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4128
|
