summaryrefslogtreecommitdiff
path: root/lib/webrick/ssl.rb
AgeCommit message (Collapse)Author
2020-06-29Avoid deprecated OpenSSL::Digest constantsBart de Water
Notes: Merged: https://github.com/ruby/ruby/pull/3270
2020-04-03webrick/ssl: More keyUsage for self-signed certsSorah Fukumori
Chrome 75+ started to strictly enforce X.509 keyUsage against TLS server certificates. Webrick supports generating instant self-signed certificates for debugging purpose and these certificates lacks required keyUsage for modern TLS. So adding the following keyUsages: - digitalSignature (for server authentication) - keyAgreement (for DH key exchange) - dataEncipherment (for data encryption) References: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 - https://crbug.com/795089 - https://boringssl-review.googlesource.com/c/34604
2018-12-03webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1anormal
OpenSSL complains abour our keys being small and weak :< Make them big and strong with 2048-bit RSA keys and SHA256 digests git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-07-18webrick: fix SNI supportnormal
* lib/webrick/https.rb: check ssl context of virtual host. * lib/webrick/ssl.rb: ensure to return ssl context. * test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173] Author: Tietew <tietew@gmail.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-07-07webrick: add Server Name Indication (SNI)normal
* lib/webrick/https.rb: servername_cb implementation. * lib/webrick/ssl.rb: abstract servername_cb. * test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew <tietew@gmail.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59281 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-07* lib/webrick/ssl.rb: Accept string value for SSLCertName. It is usedhsbt
to invoke ssl server with command line. [fix GH-1329] Patch by @kerlin * test/webrick/test_ssl_server.rb: Added test for GH-1329 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-04-22* lib/webrick/ssl.rb: Support to add SSLCiphers option.hsbt
[fix GH-1321] Patch by @rhadoo git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54669 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16Add frozen_string_literal: false for all filesnaruse
When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-01-02* lib/webrick/utils.rb: removed unused argument variable.hsbt
[fix GH-356] Patch by @vipulnsward * lib/webrick/server.rb: ditto. * lib/webrick/ssl.rb: ditto. * test/webrick/test_utils.rb: added test for WEBrick::Utils#create_listeners. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49101 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-11-10* lib/webrick/server.rb: Setup shutdown pipe in listen method.akr
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48362 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-12-25* lib/webrick/ssl.rb: [DOC] Fix typoa_matsuda
s/willbe/will be/ [ci skip] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-01-26* lib/webrick/accesslog.rb: Improved WEBrick documentation.drbrain
* lib/webrick/cgi.rb: ditto. * lib/webrick/config.rb: ditto. * lib/webrick/cookie.rb: ditto. * lib/webrick/httpauth/authenticator.rb: ditto. * lib/webrick/httpauth/basicauth.rb: ditto. * lib/webrick/httpauth/digestauth.rb: ditto. * lib/webrick/httpproxy.rb: ditto. * lib/webrick/httprequest.rb: ditto. * lib/webrick/httpresponse.rb: ditto. * lib/webrick/https.rb: ditto. * lib/webrick/httpserver.rb: ditto. * lib/webrick/httpservlet/cgihandler.rb: ditto. * lib/webrick/httpservlet/filehandler.rb: ditto. * lib/webrick/httpservlet/prochandler.rb: ditto. * lib/webrick/httputils.rb: ditto. * lib/webrick/httpversion.rb: ditto. * lib/webrick/log.rb: ditto. * lib/webrick/server.rb: ditto. * lib/webrick/ssl.rb: ditto. * lib/webrick/utils.rb: ditto. * lib/webrick/version.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-09-02Fix typo of r36878naruse
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-09-01* lib/webrick/ssl.rb (WEBrick::Config::SSL): add new keynaruse
SSLTmpDhCallback to set SSLContext#tmp_dh_calback. * lib/webrick/ssl.rb (WEBrick::GenericServer#setup_ssl_context): follow above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36878 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-07-30 * lib/webrick/ssl.rb (WEBrick::Utils.create_self_signed_cert):nahi
merged r28784 from ruby_1_8: wrongly created dummy SSL certificate with version == 3 (no such version) and serial == 0 (must be >0). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28803 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-01-17* lib/webrick/https.rb (parse_uri, meta_vars): suppress warnings.nobu
* lib/webrick/ssl.rb (listen): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26334 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2009-03-06* {ext,lib,test}/**/*.rb: removed trailing spaces.nobu
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-01-10* lib/webrick/cgi.rb (WEBrick::CGI::Socket#request_line): shouldgotoyuzo
escape SCRIPT_NAME and PATH_INFO before being parsed as a URI. * lib/webrick/httputils.rb (WEBrick::HTTPUtils#escape_path): add new method to escape URI path component. * lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value of :SSLEnable is false. * test/webrick/{test_cgi.rb,webrick.cgi}: new file. * test/webrick/utils.rb: require "webrick/https.h". git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7758 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2003-11-01* lib/webrick/ssl.rb: new option :SSLExtraChainCert.gotoyuzo
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4888 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2003-08-19* lib/webrick/ssl.rb: new file; SSL/TLS enhancement for GenericServer.gotoyuzo
* lib/webrick/https.rb: SSLSocket handling is moved to webrick/ssl.rb. * lib/webrick/compat.rb (File::fnmatch): remove old migration code. * lib/webrick/httpserver.rb (HTTPServer#run): ditto. * lib/webrick/server.rb (GenericServer#listen): the body of this method is pull out as Utils::create_lisnteners. * lib/webrick/utils.rb (Utils::create_lisnteners): new method. * lib/webrick/server.rb (GenericServer#start): should not through unknown errors. and refine comments. * ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): should close socket if SSLSocket raises error. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 14:58:59 +0000