| Age | Commit message (Collapse) | Author |
|---|
|
* lib/rubygems: Apply the following security fixes to RubyGems 1.3.7:
RubyGems now disallows redirection from HTTPS to HTTP.
RubyGems now verifies SSL connections.
Patch by Hiroshi Nakamura.
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@35407 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/openssl/ossl_ssl.c: Add SSL constants and allow to unset SSL
option to prevent BEAST attack. See [Bug #5353].
In OpenSSL, OP_DONT_INSERT_EMPTY_FRAGMENTS is used to prevent
TLS-CBC-IV vulunerability described at
http://www.openssl.org/~bodo/tls-cbc.txt
It's known issue of TLSv1/SSLv3 but it attracts lots of attention
these days as BEAST attack. (CVE-2011-3389)
Until now ossl sets OP_ALL at SSLContext allocation and call
SSL_CTX_set_options at connection. SSL_CTX_set_options updates the
value by using |= so bits set by OP_ALL cannot be unset afterwards.
This commit changes to call SSL_CTX_set_options only 1 time for each
SSLContext. It sets the specified value if SSLContext#options= are
called and sets OP_ALL if not.
To help users to unset bits in OP_ALL, this commit also adds several
constant to SSL such as
OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. These constants were
not exposed in Ruby because there's no way to unset bits in OP_ALL
before.
Following is an example to enable 0/n split for BEAST prevention.
ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS
* test/openssl/test_ssl.rb: Test above option exists.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34525 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
a Regexp, and suppress encoding option warnings.
https://github.com/ruby/ruby/pull/82
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34316 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@34149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* vm_insnhelper.c (vm_call_bmethod): fix to hook call/return event
for methods defined by define_method().
* thread.c (call_trace_proc): Fix to skip if class is not given (0).
Note that ID and Class object are passed for call/return event
if the called method was defined by define_method().
If you are author of tracer/profiler/debugger, this may be an
important change. You should check passed class as zero or
non-zero instead of checking the event type.
* test/ruby/test_settracefunc.rb: add a test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32924 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/ruby/test_module.rb: tests for [Bug #3422] and [Bug #3423].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32922 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
fix [Bug #4409]. add DRbServer#here?
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32912 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/etc/test_etc.rb (TestEtc#test_get{pw,gr}nam): skip entries
start with + sign, which means NIS. these are returned in the
case that passwd and group entries in /etc/nsswitch.conf are set
to use "nis" explicitly on Debian. fixed #3683
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32910 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* vm_insnhelper.c (vm_search_superclass): avoid control frame
stack overrun. currently super() in Proc created in a method
defined by Module#define_method raise NoMethodError. [Bug #4881]
* test/ruby/test_method.rb t_super_in_proc_from_define_method):
add test for it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32881 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
argument type with NUM2LONG if the arg is not a Time object.
See #4919.
* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
type with NUM2LONG. Time as an arg is not allowed. See #4919.
* test/openssl/test_ssl.rb (test_session_time,
test_session_timeout): Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/webrick/httprequest.rb (setup_forwarded_info): Parsing request
header failed when the request is from 2 or more Apache reverse
proxies. It's said that all X-Forwarded-* headers will contain more
than one (comma-separated) value if the original request already
contained one of these headers. Since we could use these values as
Host header, we choose the initial(first) value. See #4922.
* test/webrick/test_httprequest.rb (test_forwarded): Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32879 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* parse.y (parser_parse_string): flush delayed token. based on a
patch by Masaya Tarui in [ruby-dev:43762]. Bug #4544
* parse.y (yylex): revert r24557. delayed token at the end of
string should be flushed already by the above change.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32384 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/socket/unixsocket.c (unix_send_io): race condition fixed.
(unix_recv_io): ditto.
fixed by Eric Wong. [ruby-core:35574]
* test/socket/test_unix.rb: test added for above problem.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32383 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* io.c (io_getc): should be 7bit if ascii. fixes #4557
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32380 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/rexml/formatters/pretty.rb
(REXML::Formatters::Pretty#write_text),
test/rexml/test_core.rb
(Tester#test_pretty_format_long_text_finite): don't ignore
'width' parameter in pretty formatter. fixes #4498
Reported by Michael Frasca. Thanks!!!
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32379 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/rexml/parsers/xpathparser.rb
(REXML::Parsers::XPathParser#parse),
test/rexml/test_elements.rb
(ElementsTester::test_each_with_frozen_condition):
don't modify original XPath. fixes #4164
Reported by Pavel Shved. Thanks!!!
--
* ChangeLog: fix ticket number at r31995. fixes #4161 is correct.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32378 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
as well as test/drb/ut_drb.rb. This fixes the same problem as
[ruby-dev:23078].
* test/drb/ut_array_drbssl.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31929 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/psych/lib/psych/visitors/to_ruby.rb: merge keys are actually
part of YAML 1.1, so they should be supported. Remove warning and
merge keys to parent. [ruby-core:34679]
* test/psych/test_merge_keys.rb: test for merge keys
--
* ext/psych/lib/psych/visitors/to_ruby.rb: fixing merge key support
when multiple merge keys are specified.
* test/psych/test_merge_keys.rb: tests for multi-merge key support
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31856 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* time.c (localtime_with_gmtoff_zone): renamed from
localtime_with_gmtoff and return the timezone abbreviation name.
(guess_local_offset): return the isdst and timezone abbreviation name.
(localtimew): use the returned isdst and timezone abbreviation name.
[ruby-core:31275]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31854 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* time.c (time_zone): use rb_locale_str_new_cstr to set encoding
as locale and convert its content to internal encoding.
[ruby-core:33278]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31853 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* pack.c (pack_unpack): the resulted string of unpack('M') must have
ASCII-8BIT encoding (and ENC_CODERANGE_VALID). [ruby-core:34482]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31852 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* load.c (rb_get_expanded_load_path): always expand load paths.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31849 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31848 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* numeric.c (flo_round): fix for negative value.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31842 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
prevent an error when passing a frozen string to REXML::Text.new
dup the string passed in instead of cloning so that it's frozen state is ignored
Signed-off-by: URABE, Shyouhei <shyouhei@ruby-lang.org>
--
ChangeLog for it
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31840 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/openssl/test_pkey_dsa.rb: Add tests for sign/verify.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31839 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/openssl/test_pkey_rsa.rb: Add tests for sign/verify.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31838 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/test_singleton.rb: Add tests from lib/singleton.rb. Patch by
Pete Higgins. [Ruby 1.9 - Bug #4715]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31836 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* cont.c (cont_init): clear macihne_stack_start/end of saved thread to
prevent mark machine stack of GC'ed Thread. root Fiber is not initialized by
fiber_init(). based on a patch by Serge Balyuk [ruby-core:35891] fixes #4612
* test/ruby/test_fiber.rb (test_gc_root_fiber): add test for it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31834 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* eval.c (frame_func_id): __method__ return different name from
methods defined by Module#define_method with a same block.
[ruby-core:35386] fixes #4606
* eval (method_entry_of_iseq): new helper function. search control
frame stack for a method entry which has given iseq.
* test/ruby/test_method.rb: add tests for #4696
--
* eval.c (frame_func_id): store result of method_entry_of_iseq() to
cfp->me because method_entry_of_iseq() might become expensive.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31830 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/io/wait/test_io_wait.rb: New. for testing ext/io/wait.
the patch was written by Eric Wong. [Feature #4531]
--
fix commit mistake of r31389.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31821 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/dl/test_base.rb (DL::LIBC_SO): its always msvc*.dll on
mswin/mingw.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31820 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/xmlrpc/create.rb (XMLRPC::Create#conv2value):
XML-RPC's int is 32bit int, and Fixnum also may be beyond 32bit.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31813 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/psych/parser.c (parse): strings from psych have proper taint
markings.
* test/psych/test_tainted.rb: test for string taint
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/ruby/test_range.rb (TestRange#test_step_ruby_core_35753):
avoid float error. [ruby-core:35804]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/uri/generic.rb (#route_from_path): Fix a bug where
URI('http://h/b/').route_to('http://h/b') wrongly returned './'
(should be '../b'). [Bug #4476]
--
Add some more tests for the previous fix.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31804 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* numeric.c (ruby_float_step): wrong loop condition.
fixes [ruby-core:35753], reported by Joey Zhou.
* test/ruby/test_range.rb (TestRange#test_step_ruby_core_35753):
test above change.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31803 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/stringio/stringio.c (strio_getline): check whether str is
a string when str and lim are given.
https://twitter.com/watson1978/status/56225052152168449
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/openssl/ossl_pkey_dh.c (ossl_dh_initialize):
pop pushed error after each try of reading. fixes #4550
* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto.
* ext/openssl/ossl_pkey_ec.c (ossl_ec_initialize): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
Use LOG_PID instead of LOG_PERROR in Syslog.open test
LOG_PERROR isn't a POSIX option for syslog, so it fails on platforms
that don't define it. Solaris 9 and 10 are examples of this.
Use LOG_PID instead.
Signed-off-by: Ben Walton <bwalton@artsci.utoronto.ca>
Signed-off-by: URABE, Shyouhei <shyouhei@ruby-lang.org>
--
Skip syslog tests that rely on LOG_PERROR unless it's defined
Instead of checking looking at the platform to determine if the tests
relying on LOG_PERROR should be run, look for the definition of the
constant as this will be robust against all platforms as long as the
underlying syslog.c code sets it up correctly.
This specifically addresses failures on Solaris 9.
Signed-off-by: Ben Walton <bwalton@artsci.utoronto.ca>
Signed-off-by: URABE, Shyouhei <shyouhei@ruby-lang.org>
--
ChangeLog for it
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31793 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* numeric.c (flo_round): fix inaccurate results.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31790 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/openssl/lib/openssl/buffering.rb (module OpenSSL): #flush should
not change sync mode on exception.
* test/openssl/test_buffering.rb: added
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31777 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/pstore.rb: Fix don't raise "nested transaction" when thread_safe
is true. Patch by Masaki Matsushita (Glass_saga). [ruby-dev:43337]
* test/test_pstore.rb: Test for above.
Patch by Masaki Matsushita (Glass_saga) [ruby-dev:43337]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31776 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/pstore.rb: Delete variable @transaction and fix #4474. Patch by
Masaki Matsushita (Glass_saga).
* test/test_pstore.rb(test_thread_safe): Add test for #4474.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31773 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* test/ruby/test_process.rb (test_execopts_redirect): redirecting fd
>= 3 is not supported on Windows, so should not specify such options
when calling spawn or others.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31771 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
large. [ruby-dev:43284] fixes #4456
based on r31011.
* test/test_time.rb (TestTime#test_huge_precision): test for #4456.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31770 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/psych/lib/psych/scalar_scanner.rb: fix parsing timezone's whose
whose format is (+/-)hhmm. Thanks Gonçalo Silva!
* test/psych/test_scalar_scanner.rb: test for bug.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31769 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* ext/psych/lib/psych/json/stream.rb: do not emit custom tags in maps
or sequences when emitting JSON.
* ext/psych/lib/psych/json/tree_builder.rb: do not emit custom tags in
sequences when emitting JSON.
* test/psych/json/test_stream.rb: tests for custom stream emits.
* test/psych/test_json_tree.rb: tests for JSON emits.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31767 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
--
* lib/date.rb (Date#===): [ruby-core:35127]
--
* test/date/test_date.rb (TestDate#test_coerce):
test for [ruby-core:35127].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@31516 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
