From b9bd8eaf3b973268b898df22ee4cdadca7d15730 Mon Sep 17 00:00:00 2001 From: emboss Date: Thu, 20 Dec 2012 07:42:56 +0000 Subject: * ext/openssl/ossl_cipher.c: fix errors for installations that do not feature Authenticated Encryption. * ext/openssl/extconf.rb: detect presence of EVP_CTRL_GCM_GET_TAG to determine whether Authenticated Encryption can be used. [Feature #6980] [ruby-core:47426] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38492 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 8 ++++++++ ext/openssl/extconf.rb | 1 + ext/openssl/ossl_cipher.c | 7 +++++++ 3 files changed, 16 insertions(+) diff --git a/ChangeLog b/ChangeLog index 2208777498..d34e9d58c1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +Thu Dec 20 16:39:04 2012 Martin Bosslet + + * ext/openssl/ossl_cipher.c: fix errors for installations that do not + feature Authenticated Encryption. + * ext/openssl/extconf.rb: detect presence of EVP_CTRL_GCM_GET_TAG to + determine whether Authenticated Encryption can be used. + [Feature #6980] [ruby-core:47426] + Thu Dec 20 15:55:46 2012 Martin Bosslet * ext/openssl/ossl.c: do not use FIPS_mode_set if not available. diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 3d411e0da6..848e1f2bdc 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -148,6 +148,7 @@ have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h") have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h") have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h") have_macro("OPENSSL_FIPS", ['openssl/opensslconf.h']) && $defs.push("-DHAVE_OPENSSL_FIPS") +have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTHENTICATED_ENCRYPTION") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 832cce9953..03374372ad 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -482,6 +482,7 @@ ossl_cipher_set_iv(VALUE self, VALUE iv) return iv; } +#ifdef HAVE_AUTHENTICATED_ENCRYPTION /* * call-seq: * cipher.auth_data = string -> string @@ -644,6 +645,12 @@ ossl_cipher_is_authenticated(VALUE self) return Qfalse; } } +#else +#define ossl_cipher_set_auth_data rb_f_notimplement +#define ossl_cipher_get_auth_tag rb_f_notimplement +#define ossl_cipher_set_auth_tag rb_f_notimplement +#define ossl_cipher_is_authenticated rb_f_notimplement +#endif /* * call-seq: -- cgit v1.2.3