| Age | Commit message (Collapse) | Author |
|---|
|
Among functions named ossl_*_new(), ossl_pkey_new() is now the only one
that takes ownership of the passed OpenSSL object instead of making a
copy or incrementing its reference counter. Rename it to make this
behavior easier to understand.
https://github.com/ruby/openssl/commit/54c1c26eb5
|
|
Likewise, let it take a const pointer and not the ownership of the
OpenSSL object.
This fixes potential memory leak in OpenSSL::OCSP::BasicResponse#status.
https://github.com/ruby/openssl/commit/7e0288ebbd
|
|
Similar to most of the other ossl_*_new() functions, let it take a const
pointer and make a copy of the object.
This also fixes a potential memory leak when the wrapper object
allocation fails.
https://github.com/ruby/openssl/commit/eaabf6d8a3
|
|
These functions are not actually called with NULL.
https://github.com/ruby/openssl/commit/c089301e56
|
|
These functions are not actually called with NULL. It also doesn't make
sense to do so, so let's simplify the definitions.
https://github.com/ruby/openssl/commit/ef277083ba
|
|
Currently, calling ossl_bn_new() with a NULL argument allocates a new
OpenSSL::BN instance representing 0. This behavior is confusing. Raise
an exception if this is attempted, instead.
https://github.com/ruby/openssl/commit/6fa793d997
|
|
This list was originally in alphabetical order. Sort it again.
This change should be safe since the .rb sources should only depend on
the extension and not each other.
https://github.com/ruby/openssl/commit/eb3998728a
|
|
https://github.com/ruby/json/commit/1988a3ae4c
|
|
If `load_uint8x16_4` has an external linkage, it is defined in
both `generator` and `parser` extension libraries. This duplicate
symbol causes a linker error when `--with-static-linked-ext` is
given, on some platforms.
https://github.com/ruby/json/commit/020693b17a
|
|
https://github.com/ruby/json/commit/cfe9337eda
|
|
Fix: https://github.com/ruby/json/issues/827
On very old compilers it might not exist, at that point
might as well skip SIMD entirely.
https://github.com/ruby/json/commit/da878435dc
|
|
Found by wbcheck
WBCHECK ERROR: Missed write barrier detected!
Parent object: 0x7b7b8487c450 (wb_protected: true)
rb_obj_info_dump: 0x00007b7b8487c450 JSON/Generator/State/JSON::Ext::Generator::State JSON/Generator/State
Reference counts - snapshot: 1, writebarrier: 0, current: 6, missed: 5
Missing reference to: 0x7b7b82f35a10
rb_obj_info_dump: 0x00007b7b82f35a10 T_STRING/String len: 1, capa: 15 "1"
Missing reference to: 0x7b7b82f35e90
rb_obj_info_dump: 0x00007b7b82f35e90 T_STRING/String len: 1, capa: 15 "2"
Missing reference to: 0x7b7b83629e50
rb_obj_info_dump: 0x00007b7b83629e50 T_STRING/String len: 1, capa: 15 "3"
Missing reference to: 0x7b7b83b62190
rb_obj_info_dump: 0x00007b7b83b62190 T_STRING/String len: 1, capa: 15 "4"
Missing reference to: 0x7b7b83629490
rb_obj_info_dump: 0x00007b7b83629490 T_STRING/String len: 1, capa: 15 "5"
https://github.com/ruby/json/commit/c24342d801
|
|
|
|
|
|
ipsocket.c:57:1: warning: old-style function definition [-Wold-style-definition]
57 | current_clocktime()
| ^~~~~~~~~~~~~~~~~
|
|
These methods are useful to test post-quantum cryptography (PQC) cases.
https://github.com/ruby/openssl/commit/434ef74452
|
|
https://github.com/ruby/json/commit/8d08494dee
|
|
This suppresses this warning:
../../../ext/socket/ipsocket.c: In function ‘rsock_raise_user_specified_timeout’:
../../../ext/socket/ipsocket.c:30:1: warning: function might be candidate for attribute ‘noreturn’ [-Wsuggest-attribute=noreturn]
30 | rsock_raise_user_specified_timeout()
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
`TCPSocket.new` (#13909)
* [Feature #21347] Add `open_timeout` as an overall timeout option for `TCPSocket.new`
With this change, `TCPSocket.new` now accepts the `open_timeout` option.
This option raises an exception if the specified number of seconds has elapsed since the start of the method call,
even if the operation is still in the middle of name resolution or connection attempts.
The addition of this option follows the same intent as the previously merged change to `Socket.tcp`.
[Feature #21347](https://bugs.ruby-lang.org/issues/21347)
https://github.com/ruby/ruby/pull/13368
* Tidy up: Extract rsock_raise_user_specified_timeout()
* Added a note to the documentation of `Socket.tcp`
* Fix `rsock_init_inetsock` for `FAST_FALLBACK_INIT_INETSOCK_IMPL`
|
|
https://github.com/ruby/io-wait/commit/1d2b668457
|
|
(https://github.com/ruby/erb/pull/63)
https://github.com/ruby/erb/commit/fdd45c0d89
|
|
|
|
getaddrinfo (#13878)
Socket.tcp_with_fast_fallback: Pass proper addr family to getaddrinfo
Addrinfo.getaddrinfo expects Socket::AF_INET or Socket::AF_INET6 as its
third argument (family). However Socket.tcp_with_fast_fallback was
incorrectly passing :ipv4 or :ipv6.
Repro:
require 'socket'
Socket.tcp_with_fast_fallback('example.com', 80, '127.0.0.1')
Expected behavior: Returns a Socket object
Actual: Raises unknown socket domain: ipv4 (SocketError)
|
|
https://github.com/ruby/etc/commit/c9c9b9d15e
|
|
https://github.com/ruby/io-nonblock/commit/7285725885
|
|
https://github.com/ruby/io-console/commit/01071a174a
|
|
|
|
|
|
https://github.com/ruby/io-wait/commit/c65af887a1
|
|
ASN.1 UTCTime uses two-digit years. While X.680 does not specify how to
map them as far as I can tell, X.509/PKIX uses this type to represent
dates between year 1950-2049.
OpenSSL::ASN1.decode has used 1969-2068 since the initial
implementation. Given that ASN1::UTCTime#to_der relies on OpenSSL
ASN1_UTCTIME type, which assumes the 1950-2049 range, this was likely
unintentional.
Use the range 1950-2049 consistently, and fix decoding of X.509
certificates with dates in 1950-1968.
https://github.com/ruby/openssl/commit/b8b38e1438
|
|
|
|
This change addresses the following ASAN error:
```
==1973462==ERROR: AddressSanitizer: heap-use-after-free on address 0x5110002117dc at pc 0x749c307c8a65 bp 0x7ffc3af331d0 sp 0x7ffc3af331c8
READ of size 4 at 0x5110002117dc thread T0
#0 0x749c307c8a64 in rb_getaddrinfo /tmp/ruby/src/trunk_asan/ext/socket/raddrinfo.c:564:14
#1 0x749c307c8a64 in rsock_getaddrinfo /tmp/ruby/src/trunk_asan/ext/socket/raddrinfo.c:1008:21
#2 0x749c307cac48 in rsock_addrinfo /tmp/ruby/src/trunk_asan/ext/socket/raddrinfo.c:1049:12
#3 0x749c307b10ae in init_inetsock_internal /tmp/ruby/src/trunk_asan/ext/socket/ipsocket.c:62:23
#4 0x562c5b2e327e in rb_ensure /tmp/ruby/src/trunk_asan/eval.c:1080:18
#5 0x749c307aafd4 in rsock_init_inetsock /tmp/ruby/src/trunk_asan/ext/socket/ipsocket.c:1318:12
#6 0x749c307b3b78 in tcp_svr_init /tmp/ruby/src/trunk_asan/ext/socket/tcpserver.c:39:12
```
Fixed to avoid accessing memory that has already been freed after calling `free_getaddrinfo_arg`.
|
|
[Bug #21506] Fix timeout in Addrinfo.getaddrinfo to actually take effect
This change fixes an issue where the timeout option in `Addrinfo.getaddrinfo` was not functioning as expected.
It also addresses a related issue where specifying `fast_fallback: false` with `resolv_timeout` for `Socket.tcp` and`TCPSocket.new` would have no effect.
The timeout option was originally introduced in:
https://github.com/ruby/ruby/commit/6382f5cc91ac9e36776bc854632d9a1237250da7
However, the value was noy used in current implementation:
https://github.com/ruby/ruby/blob/3f0e0d5c8bf9046aee7f262a3f9a7524d51aaf3e/ext/socket/raddrinfo.c#L1282-1308
Therefore, even if a timeout is specified and the duration elapses during name resolution, nothing happens. This is clearly not the intended behavior.
`Addrinfo.getaddrinfo` has been made interruptible as of Feature #19965.
This change uses that feature to interrupt name resolution when the specified timeout period elapses, raising a user-specified timeout error.
The timeout can be specified in milliseconds.
The same issue affects `Socket.tcp` and `TCPSocket.new` when `resolv_timeout` is set along with `fast_fallback: false`.
`resolv_timeout` was introduced in the following commits:
https://github.com/ruby/ruby/commit/6382f5cc91ac9e36776bc854632d9a1237250da7
https://github.com/ruby/ruby/commit/511fe23fa2bdf1f17faa91e0558be47b5bb62b2a
The reason is that with `fast_fallback: false`, these methods internally call the same `rsock_getaddrinfo()` as `Addrinfo.getaddrinfo`.
This change addresses that as well.
|
|
This reverts commit https://github.com/ruby/io-wait/commit/2eb3841e9c8f.
Ruby 2.6 support has been dropped.
https://github.com/ruby/io-wait/commit/bcc343683e
|
|
the gem a noop on Rubies older than
2.6"
This reverts commit https://github.com/ruby/io-wait/commit/75fcb74c327f.
The version that does nothing with pre-ruby 2.6 has already been
released, so there is no longer need to consider older rubies in newer
versions.
https://github.com/ruby/io-wait/commit/930d2f0d07
|
|
io-wait became a default gem at ruby 3.0.
Even it can be installed on earlier versions, but the standard library
will be loaded instead of the installed gem.
https://github.com/ruby/io-wait/commit/15b96736cd
|
|
io-nonblock became a default gem at ruby 3.0.
Even it can be installed on earlier versions, but the standard library
will be loaded instead of the installed gem.
https://github.com/ruby/io-nonblock/commit/c86d0d37af
|
|
https://github.com/ruby/json/commit/a497c71960
|
|
Compare by the VALUE value instead of ID. Calling SYM2ID() on a dynamic
symbol will pin a permanent ID.
These methods only accept known static symbols, and passing anything
else is an incorrect usage that results in an exception. Nonetheless,
avoiding SYM2ID() seems to be a good idea since there is no runtime
cost.
https://github.com/ruby/openssl/commit/0d66296cdc
|
|
TLS 1.3 renamed the "elliptic_curves" extension to "supported_groups"
to reflect that it now covers more than just ECDH groups. OpenSSL 1.1.1
followed this change by renaming the corresponding API from
SSL_CTX_set1_curves_list() to SSL_CTX_set1_groups_list().
Update ruby/openssl to use the new name, too. The current method name
SSLContext#ecdh_curves= is retained as an alias for #group=.
https://github.com/ruby/openssl/commit/59e98604e0
|
|
|
|
otherwise, gcc 15 will complain:
> init.c:573:19: error: too many arguments to function ‘Rconnect’; expected 0, have 3
> 573 | return (VALUE)Rconnect(arg->fd, arg->sockaddr, arg->len);
> | ^~~~~~~~ ~~~~~~~
> In file included from init.c:11:
> rubysocket.h:294:5: note: declared here
> 294 | int Rconnect();
> | ^~~~~~~~
> sockssocket.c:33:9: error: too many arguments to function ‘SOCKSinit’; expected 0, have 1
> 33 | SOCKSinit("ruby");
> | ^~~~~~~~~ ~~~~~~
> In file included from sockssocket.c:11:
> rubysocket.h:293:6: note: declared here
> 293 | void SOCKSinit();
> | ^~~~~~~~~
Signed-off-by: Z. Liu <zhixu.liu@gmail.com>
|
|
https://github.com/ruby/json/commit/95fb084027
|
|
It's only needed if using GCC `ifunc` mecanism, which
we don't.
https://github.com/ruby/json/commit/d3317b9f82
|
|
https://github.com/ruby/strscan/commit/18c0a59b65
|
|
https://github.com/ruby/openssl/commit/b6f56c4540
|
|
https://github.com/ruby/io-wait/commit/48309d7877
|
|
https://github.com/ruby/io-nonblock/commit/70909f5362
|
|
https://github.com/ruby/io-console/commit/dd013030dd
|
