summaryrefslogtreecommitdiff
path: root/ext
Commit message (Collapse)AuthorAgeFilesLines
...
* [ci skip] Fix a typo s/certificiate/certificate/wonda-tea-coffee2021-04-251-1/+1
|
* [Doc] Fix a typo s/daguten/dakuten/wonda-tea-coffee2021-04-251-3/+3
|
* [Doc] Fix a typo s/arround/around/wonda-tea-coffee2021-04-251-1/+1
|
* [ruby/io-console] Move FFI console under libCharles Oliver Nutter2021-04-221-8/+8
| | | | | | | | Having the separate dir makes testing difficult and doesn't reflect the structure the gem will eventually have. We can filter these files out if necessary when building the CRuby gem. https://github.com/ruby/io-console/commit/881010447c
* [ruby/io-console] Enable building the C extension on TruffleRuby.Duncan MacGregor2021-04-221-1/+1
| | | | https://github.com/ruby/io-console/commit/c17b8cf3a9
* [ruby/io-wait] gemspec: Explicitly list 0 executablesOlle Jonsson2021-04-211-1/+1
| | | | | | This gem exposes no executables, and this clarifies this. https://github.com/ruby/io-wait/commit/f491c6cc64
* [ruby/zlib] gemspec: Remove unused filesOlle Jonsson2021-04-201-2/+2
| | | | | | Remove the list of executables. https://github.com/ruby/zlib/commit/6a70725b8e
* [ruby/gdbm] gemspec: Set executables to the empty listOlle Jonsson2021-04-201-1/+1
| | | | | | This gem exposes zero executables. https://github.com/ruby/gdbm/commit/d51cf47f65
* [ruby/dbm] gemspec: add README & LICENSEOlle Jonsson2021-04-201-1/+1
| | | | https://github.com/ruby/dbm/commit/c86b94b781
* [ruby/date] Bump version to 3.1.1Hiroshi SHIBATA2021-04-201-1/+1
| | | | https://github.com/ruby/date/commit/e574cc9048
* dependency updates卜部昌平2021-04-1390-204/+0
|
* [ruby/openssl] Use #ifdef consistently for HAVE_RB_EXT_RACTOR_SAFETom Stuart2021-03-312-3/+3
| | | | | | | We previously used a mix of both `#if` and `#ifdef`, but the latter is more reliable because it will still work if the macro is undefined. https://github.com/ruby/openssl/commit/e4a622e67e
* [ruby/openssl] Fix OpenSSL::Engine build on DebianTom Stuart2021-03-311-14/+14
| | | | | | | | | | | | | | | On Debian 9 (“stretch”) the `OPENSSL_NO_STATIC_ENGINE` macro is not defined, which causes all the `#if HAVE_ENGINE_LOAD_…` directives to fail with `error: 'HAVE_ENGINE_LOAD_…' is not defined, evaluates to 0 [-Werror,-Wundef]` while building TruffleRuby. We can accomplish the same thing with `#ifdef`, which (of course) works fine when the `HAVE_ENGINE_LOAD…` macros are also undefined. Upstreamed from oracle/truffleruby#2255, which fixed oracle/truffleruby#2254. https://github.com/ruby/openssl/commit/65e2adf1ac
* [ruby/openssl] pkcs7: keep private key when duplicating PKCS7_SIGNER_INFOKazuki Yamaguchi2021-03-311-48/+33
| | | | | | | | | | | | | | | ASN1_dup() will not copy the 'pkey' field of a PKCS7_SIGNER_INFO object by design; it is a temporary field kept until the PKCS7 structure is finalized. Let's bump reference counter of the pkey in the original object and use it in the new object, too. This commit also removes PKCS7#add_signer's routine to add the content-type attribute as a signed attribute automatically. This behavior was not documented or tested. This change should not break any working user code since the method was completely useless without the change above. https://github.com/ruby/openssl/commit/20ca7a27a8
* Enclose the code that was accidentally a link in "tt"aycabta2021-03-311-1/+1
|
* Text files should end with a newlineNobuyoshi Nakada2021-03-301-1/+1
|
* [ruby/io-console] bump up to 0.5.9Nobuyoshi Nakada2021-03-281-1/+1
| | | | | https://github.com/ruby/io-console/commit/302e86a28c https://github.com/ruby/io-console/commit/0690862526
* [ruby/pathname] Fix segfault of Pathname#splitKenichi Kamiya2021-03-281-1/+1
| | | | | | | | Fix segmentation fault of Pathname#split when File.split returns non array value [Bug #17755] https://github.com/ruby/pathname/commit/e29b49e3b1 https://github.com/ruby/pathname/commit/1db7479a74
* rb_enc_interned_str: handle autoloaded encodingsJean Boussier2021-03-222-0/+18
| | | | | | | | If called with an autoloaded encoding that was not yet initialized, `rb_enc_interned_str` would crash with a NULL pointer exception. See: https://github.com/ruby/ruby/pull/4119#issuecomment-800189841
* Adjusted indents [ci skip]Nobuyoshi Nakada2021-03-171-5/+5
|
* zlib: fix Gzip{Writer,Reader}.new fails with a O_TMPFILE fileSorah Fukumori2021-03-171-4/+14
|
* [ruby/openssl] bn: check -1 return from BIGNUM functionsKazuki Yamaguchi2021-03-161-12/+22
| | | | | | | | | | | | Although the manpage says that BIGNUM functions return 0 on error, OpenSSL versions before 1.0.2n and current LibreSSL versions may return -1 instead. Note that the implementation of OpenSSL::BN#mod_inverse is extracted from BIGNUM_2c() macro as it didn't really share the same function signature with others. https://github.com/ruby/openssl/commit/9b59f34345
* [ruby/openssl] Fixed the results of OpenSSL::Timestamp::Response#failure_infoNobuyoshi Nakada2021-03-161-11/+11
| | | | | | | | | | Made stored values `Symbol`s instead of `ID`s. Fixes https://bugs.ruby-lang.org/issues/17625 Co-Authored-By: xtkoba (Tee KOBAYASHI) <xtkoba+ruby@gmail.com> https://github.com/ruby/openssl/commit/f2d004679a
* [ruby/openssl] Enhance TLS 1.3 support on LibreSSL 3.2/3.3Jeremy Evans2021-03-161-0/+6
| | | | | | | | | | | | | | | | | | | | This defines TLS1_3_VERSION when using LibreSSL 3.2+. LibreSSL 3.2/3.3 doesn't advertise this by default, even though it will use TLS 1.3 in both client and server modes. Changes between LibreSSL 3.1 and 3.2/3.3 broke a few tests, Defining TLS1_3_VERSION by itself fixes 1 test failure. A few tests now fail on LibreSSL 3.2/3.3 unless TLS 1.2 is set as the maximum version, and this adjusts those tests. The client CA test doesn't work in LibreSSL 3.2+, so I've marked that as pending. For the hostname verification, LibreSSL 3.2.2+ has a new stricter hostname verifier that doesn't like subjectAltName such as c*.example.com and d.*.example.com, so adjust the related tests. With these changes, the tests pass on LibreSSL 3.2/3.3. https://github.com/ruby/openssl/commit/a0e98d48c9
* [ruby/openssl] pkey/ec: remove OpenSSL::PKey::EC::Group.new(ec_method) formKazuki Yamaguchi2021-03-161-42/+2
| | | | | | | | | | | | | | | | | | | The form created an empty EC_GROUP object with the specified EC_METHOD. However, the feature was unfinished and not useful in any way because OpenSSL::PKey::EC::Group did not implement wrappers for necessary functions to set actual parameters for the group, namely EC_GROUP_set_curve() family. EC_GROUP object creation with EC_METHOD explicitly specified is deprecated in OpenSSL 3.0, as it was apparently not intended for use outside OpenSSL. It is still possible to create EC_GROUP, but without EC_METHOD explicitly specified - OpenSSL chooses the appropriate EC_METHOD for the curve type. The OpenSSL::PKey::EC::Group.new(<:GFp|:GF2m>, p, a, b) form will continue to work. https://github.com/ruby/openssl/commit/df4bec841f
* [ruby/openssl] ssl: remove SSL::SSLContext#tmp_ecdh_callbackKazuki Yamaguchi2021-03-162-70/+3
| | | | | | | | | | | | The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not supported by any non-EOL versions of OpenSSL. The wrapper was initially implemented in Ruby 2.3 and has been deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit warning with rb_warn(). https://github.com/ruby/openssl/commit/ee037e1460
* [ruby/openssl] ssl: retry write on EPROTOTYPE on macOSKazuki Yamaguchi2021-03-161-0/+15
| | | | | | | | | | | | Errno::EPROTOTYPE is not supposed to be raised by SSLSocket#write. However, on macOS, send(2) which is called via SSL_write() can occasionally return EPROTOTYPE. Retry SSL_write() so that we get a proper error, just as ext/socket does. Reference: https://bugs.ruby-lang.org/issues/14713 Reference: https://github.com/ruby/openssl/issues/227 https://github.com/ruby/openssl/commit/2e700c80bf
* [ruby/openssl] x509store: update rdoc for X509::Store and X509::StoreContextKazuki Yamaguchi2021-03-161-13/+111
| | | | | | | Add more details about each method, and add reference to OpenSSL man pages. https://github.com/ruby/openssl/commit/02b6f82c73
* [ruby/openssl] x509store: fix memory leak in X509::StoreContext.newKazuki Yamaguchi2021-03-161-5/+16
| | | | | | | The certificate passed as the second argument was not properly free'd in the error paths. https://github.com/ruby/openssl/commit/9561199b9f
* [ruby/openssl] x509store: avoid ossl_raise() calls with NULL messageKazuki Yamaguchi2021-03-161-19/+14
| | | | | | | Use the OpenSSL function name that caused the error to generate a better error message. https://github.com/ruby/openssl/commit/b31809ba3d
* [ruby/openssl] x509store: refactor X509::StoreContext#chainKazuki Yamaguchi2021-03-161-18/+5
| | | | | | | Use ossl_x509_sk2ary() to create an array of OpenSSL::X509::Certificate from STACK_OF(X509). https://github.com/ruby/openssl/commit/fa1da69f92
* [ruby/openssl] x509store: emit warning if arguments are given to X509::Store.newKazuki Yamaguchi2021-03-161-1/+2
| | | | | | | Anything passed to OpenSSL::X509::Store.new was always ignored. Let's emit an explicit warning to not confuse users. https://github.com/ruby/openssl/commit/d173700eeb
* [ruby/openssl] x509store: let X509::Store#add_file raise TypeError if nil is ↵Kazuki Yamaguchi2021-03-161-16/+12
| | | | | | | | | | | | given Undo special treatment of nil and simply pass the value to StringValueCStr(). nil was never a valid argument for the method; OpenSSL::X509::StoreError with an unhelpful error message "system lib" was raised in that case. https://github.com/ruby/openssl/commit/fb2fcbb137
* [ruby/openssl] [DOC] Fix RDoc markupNobuhiro IMAI2021-03-161-1/+1
| | | | https://github.com/ruby/openssl/commit/f36af95519
* [ruby/openssl] Fix typo in documentationClaus Lensbøl2021-03-161-3/+3
| | | | | | The socket is called ssl_connection, not connection https://github.com/ruby/openssl/commit/642783aeda
* [ruby/openssl] ssl: initialize verify_mode and verify_hostname with default ↵Kazuki Yamaguchi2021-03-161-0/+2
| | | | | | | | | | | | | | | | | | | values SSLContext's verify_mode expects an SSL_VERIFY_* constant (an integer) and verify_hostname expects either true or false. However, they are set to nil after calling OpenSSL::SSL::SSLContext.new, which is surprising. Set a proper value to them by default: verify_mode is set to OpenSSL::SSL::VERIFY_NONE and verify_hostname is set to false by default. Note that this does not change the default behavior. The certificate verification was never performed unless verify_mode is set to OpenSSL::SSL::VERIFY_PEER by a user. The same applies to verify_hostname. https://github.com/ruby/openssl/commit/87d869352c
* [ruby/openssl] Add compare? method to OpenSSL::PKey that wraps EVP_PKEY_cmp.Colton Jenkins2021-03-161-0/+39
| | | | | | | | Explicitly check for type given some conflicting statements within openssl's documentation around EVP_PKEY_cmp and EVP_PKEY_ASN1_METHOD(3). Add documentation with an example for compare? https://github.com/ruby/openssl/commit/0bf51da6e2
* [ruby/openssl] User lower case cipher names for maximum compatibilityBart de Water2021-03-162-13/+13
| | | | | | We ran into some Linux-based systems not accepting the upper case variant https://github.com/ruby/openssl/commit/7bc49121d5
* [ruby/openssl] hmac: implement base64digest methodsKazuki Yamaguchi2021-03-161-0/+25
| | | | | | | OpenSSL::HMAC implements the similar interface as ::Digest. Let's add base64digest methods to OpenSSL::HMAC, too, for feature parity. https://github.com/ruby/openssl/commit/098bcb68af
* [ruby/openssl] hmac: migrate from the low-level HMAC API to the EVP APIKazuki Yamaguchi2021-03-166-170/+89
| | | | | | | | | | | Use the EVP API instead of the low-level HMAC API. Use of the HMAC API has been discouraged and is being marked as deprecated starting from OpenSSL 3.0.0. The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest are now in lib/openssl/hmac.rb. https://github.com/ruby/openssl/commit/0317e2fc02
* [ruby/openssl] pkey/ec: deprecate OpenSSL::PKey::EC::Point#mul(ary, ary [, bn])Kazuki Yamaguchi2021-03-161-0/+8
| | | | | | | | | | | | | | | Deprecate it for future removal. However, I do not expect any application is affected by this. The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains untouched. PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the feature and OpenSSL 3.0 which is planned to be released in 2020 will also deprecate the function as there is no real use-case. https://github.com/ruby/openssl/commit/812de4253d
* [ruby/openssl] digest, hmac, ts, x509: use IO.binread in examples where ↵Kazuki Yamaguchi2021-03-164-18/+18
| | | | | | | | | | | appropriate IO.read may mangle line separator, which will corrupt binary data including DER-encoded X.509 certificates and such. Fixes: https://github.com/ruby/openssl/issues/243 https://github.com/ruby/openssl/commit/93213b2730
* [ruby/openssl] pkey: reimplement PKey::DH#compute_key and ↵Kazuki Yamaguchi2021-03-163-67/+33
| | | | | | | | | PKey::EC#dh_compute_key Use the new OpenSSL::PKey::PKey#derive instead of the raw {EC,}DH_compute_key(), mainly to reduce amount of the C code. https://github.com/ruby/openssl/commit/28edf6bafc
* [ruby/openssl] pkey: add PKey::PKey#deriveKazuki Yamaguchi2021-03-161-0/+52
| | | | | | | | Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive(). This is useful for pkey types that we don't have dedicated classes, such as X25519. https://github.com/ruby/openssl/commit/28f0059bea
* [ruby/openssl] pkey: support 'one-shot' signing and verificationKazuki Yamaguchi2021-03-161-0/+30
| | | | | | | | OpenSSL 1.1.1 added EVP_DigestSign() and EVP_DigestVerify() functions to the interface. Some EVP_PKEY methods such as PureEdDSA algorithms do not support the streaming mechanism and require us to use them. https://github.com/ruby/openssl/commit/ae19454592
* [ruby/openssl] pkey: port PKey::PKey#sign and #verify to the EVP_Digest* ↵Kazuki Yamaguchi2021-03-161-39/+51
| | | | | | | | | | | | | interface Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL 1.0.0. Also, allow the digest to be specified as nil, as certain EVP_PKEY types don't expect a digest algorithm. https://github.com/ruby/openssl/commit/9ff6e5143b
* [ruby/openssl] pkey: add PKey.generate_parameters and .generate_keyKazuki Yamaguchi2021-03-161-0/+222
| | | | | | | Add two methods to create a PKey using the generic EVP interface. This is useful for the PKey types we don't have a dedicated class. https://github.com/ruby/openssl/commit/d8e8e57de9
* [ruby/openssl] pkey: assume generic PKeys contain private componentsKazuki Yamaguchi2021-03-161-4/+11
| | | | | | | | The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it does if it does not respond to #private?. This fixes the NoMethodError on calling #sign on a generic PKey. https://github.com/ruby/openssl/commit/f4c717bcb2
* [ruby/openssl] pkey: refactor #export/#to_pem and #to_derKazuki Yamaguchi2021-03-165-173/+114
| | | | | | | Add ossl_pkey_export_traditional() and ossl_pkey_export_spki() helper functions, and use them. This reduces code duplication. https://github.com/ruby/openssl/commit/56f0d34d63
* [ruby/openssl] pkey: refactor DER/PEM-encoded string parsing codeKazuki Yamaguchi2021-03-165-77/+73
| | | | | | | Export the flow used by OpenSSL::PKey.read and let the subclasses call it before attempting other formats. https://github.com/ruby/openssl/commit/d963d4e276
View Lorry Controller Status