Merge branch 'maint-2.0' into maint

* maint-2.0:
  ssl: set verify error code in the case of verify_hostname failure
  x509: add error code and verify flags constants
  Remove taint support
  Restore compatibility with older versions of Ruby.
  Fix keyword argument separation issues in OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock
  config: support .include directive

7 files changed, 262 insertions, 42 deletions

diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c
index c9585706..4a4f9dd5 100644
--- a/ext/openssl/ossl_rand.c
+++ b/ext/openssl/ossl_rand.c
@@ -67,8 +67,6 @@ ossl_rand_add(VALUE self, VALUE str, VALUE entropy)
 static VALUE
 ossl_rand_load_file(VALUE self, VALUE filename)
 {
-    rb_check_safe_obj(filename);
-
     if(!RAND_load_file(StringValueCStr(filename), -1)) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -86,8 +84,6 @@ ossl_rand_load_file(VALUE self, VALUE filename)
 static VALUE
 ossl_rand_write_file(VALUE self, VALUE filename)
 {
-    rb_check_safe_obj(filename);
-
     if (RAND_write_file(StringValueCStr(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -164,8 +160,6 @@ ossl_rand_pseudo_bytes(VALUE self, VALUE len)
 static VALUE
 ossl_rand_egd(VALUE self, VALUE filename)
 {
-    rb_check_safe_obj(filename);
-
     if (RAND_egd(StringValueCStr(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -186,8 +180,6 @@ ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
 {
     int n = NUM2INT(len);
 
-    rb_check_safe_obj(filename);
-
     if (RAND_egd_bytes(StringValueCStr(filename), n) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index a85be17f..3e38bd13 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -357,7 +357,14 @@ ossl_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 	    rb_ivar_set(ssl_obj, ID_callback_state, INT2NUM(status));
 	    return 0;
 	}
-	preverify_ok = ret == Qtrue;
+        if (ret != Qtrue) {
+            preverify_ok = 0;
+#if defined(X509_V_ERR_HOSTNAME_MISMATCH)
+            X509_STORE_CTX_set_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH);
+#else
+            X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
+#endif
+        }
     }
 
     return ossl_verify_cb_call(cb, preverify_ok, ctx);
@@ -1826,7 +1833,6 @@ ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
 	else
 	    rb_str_modify_expand(str, ilen - RSTRING_LEN(str));
     }
-    OBJ_TAINT(str);
     rb_str_set_len(str, 0);
     if (ilen == 0)
 	return str;
@@ -1875,13 +1881,24 @@ ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
         }
     }
     else {
-	ID meth = nonblock ? rb_intern("read_nonblock") : rb_intern("sysread");
-
-	rb_warning("SSL session is not started yet.");
-	if (nonblock)
-	    return rb_funcall(io, meth, 3, len, str, opts);
-	else
-	    return rb_funcall(io, meth, 2, len, str);
+        ID meth = nonblock ? rb_intern("read_nonblock") : rb_intern("sysread");
+
+        rb_warning("SSL session is not started yet.");
+#if defined(RB_PASS_KEYWORDS)
+        if (nonblock) {
+            VALUE argv[3];
+            argv[0] = len;
+            argv[1] = str;
+            argv[2] = opts;
+            return rb_funcallv_kw(io, meth, 3, argv, RB_PASS_KEYWORDS);
+        }
+#else
+        if (nonblock) {
+            return rb_funcall(io, meth, 3, len, str, opts);
+        }
+#endif
+        else
+            return rb_funcall(io, meth, 2, len, str);
     }
 
   end:
@@ -1968,11 +1985,21 @@ ossl_ssl_write_internal(VALUE self, VALUE str, VALUE opts)
 	ID meth = nonblock ?
 	    rb_intern("write_nonblock") : rb_intern("syswrite");
 
-	rb_warning("SSL session is not started yet.");
-	if (nonblock)
-	    return rb_funcall(io, meth, 2, str, opts);
-	else
-	    return rb_funcall(io, meth, 1, str);
+        rb_warning("SSL session is not started yet.");
+#if defined(RB_PASS_KEYWORDS)
+        if (nonblock) {
+            VALUE argv[2];
+            argv[0] = str;
+            argv[1] = opts;
+            return rb_funcallv_kw(io, meth, 2, argv, RB_PASS_KEYWORDS);
+        }
+#else
+        if (nonblock) {
+            return rb_funcall(io, meth, 2, str, opts);
+        }
+#endif
+        else
+            return rb_funcall(io, meth, 1, str);
     }
 
   end:
diff --git a/ext/openssl/ossl_x509.c b/ext/openssl/ossl_x509.c
index 8a061b06..4fc06486 100644
--- a/ext/openssl/ossl_x509.c
+++ b/ext/openssl/ossl_x509.c
@@ -44,7 +44,13 @@ Init_ossl_x509(void)
     Init_ossl_x509revoked();
     Init_ossl_x509store();
 
+    /* Constants are up-to-date with 1.1.1. */
+
+    /* Certificate verification error code */
     DefX509Const(V_OK);
+#if defined(X509_V_ERR_UNSPECIFIED) /* 1.0.1r, 1.0.2f, 1.1.0 */
+    DefX509Const(V_ERR_UNSPECIFIED);
+#endif
     DefX509Const(V_ERR_UNABLE_TO_GET_ISSUER_CERT);
     DefX509Const(V_ERR_UNABLE_TO_GET_CRL);
     DefX509Const(V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE);
@@ -76,8 +82,73 @@ Init_ossl_x509(void)
     DefX509Const(V_ERR_AKID_SKID_MISMATCH);
     DefX509Const(V_ERR_AKID_ISSUER_SERIAL_MISMATCH);
     DefX509Const(V_ERR_KEYUSAGE_NO_CERTSIGN);
+    DefX509Const(V_ERR_UNABLE_TO_GET_CRL_ISSUER);
+    DefX509Const(V_ERR_UNHANDLED_CRITICAL_EXTENSION);
+    DefX509Const(V_ERR_KEYUSAGE_NO_CRL_SIGN);
+    DefX509Const(V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION);
+    DefX509Const(V_ERR_INVALID_NON_CA);
+    DefX509Const(V_ERR_PROXY_PATH_LENGTH_EXCEEDED);
+    DefX509Const(V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE);
+    DefX509Const(V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED);
+    DefX509Const(V_ERR_INVALID_EXTENSION);
+    DefX509Const(V_ERR_INVALID_POLICY_EXTENSION);
+    DefX509Const(V_ERR_NO_EXPLICIT_POLICY);
+    DefX509Const(V_ERR_DIFFERENT_CRL_SCOPE);
+    DefX509Const(V_ERR_UNSUPPORTED_EXTENSION_FEATURE);
+    DefX509Const(V_ERR_UNNESTED_RESOURCE);
+    DefX509Const(V_ERR_PERMITTED_VIOLATION);
+    DefX509Const(V_ERR_EXCLUDED_VIOLATION);
+    DefX509Const(V_ERR_SUBTREE_MINMAX);
     DefX509Const(V_ERR_APPLICATION_VERIFICATION);
+    DefX509Const(V_ERR_UNSUPPORTED_CONSTRAINT_TYPE);
+    DefX509Const(V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX);
+    DefX509Const(V_ERR_UNSUPPORTED_NAME_SYNTAX);
+    DefX509Const(V_ERR_CRL_PATH_VALIDATION_ERROR);
+#if defined(X509_V_ERR_PATH_LOOP)
+    DefX509Const(V_ERR_PATH_LOOP);
+#endif
+#if defined(X509_V_ERR_SUITE_B_INVALID_VERSION)
+    DefX509Const(V_ERR_SUITE_B_INVALID_VERSION);
+    DefX509Const(V_ERR_SUITE_B_INVALID_ALGORITHM);
+    DefX509Const(V_ERR_SUITE_B_INVALID_CURVE);
+    DefX509Const(V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM);
+    DefX509Const(V_ERR_SUITE_B_LOS_NOT_ALLOWED);
+    DefX509Const(V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256);
+#endif
+#if defined(X509_V_ERR_HOSTNAME_MISMATCH)
+    DefX509Const(V_ERR_HOSTNAME_MISMATCH);
+    DefX509Const(V_ERR_EMAIL_MISMATCH);
+    DefX509Const(V_ERR_IP_ADDRESS_MISMATCH);
+#endif
+#if defined(X509_V_ERR_DANE_NO_MATCH)
+    DefX509Const(V_ERR_DANE_NO_MATCH);
+#endif
+#if defined(X509_V_ERR_EE_KEY_TOO_SMALL)
+    DefX509Const(V_ERR_EE_KEY_TOO_SMALL);
+    DefX509Const(V_ERR_CA_KEY_TOO_SMALL);
+    DefX509Const(V_ERR_CA_MD_TOO_WEAK);
+#endif
+#if defined(X509_V_ERR_INVALID_CALL)
+    DefX509Const(V_ERR_INVALID_CALL);
+#endif
+#if defined(X509_V_ERR_STORE_LOOKUP)
+    DefX509Const(V_ERR_STORE_LOOKUP);
+#endif
+#if defined(X509_V_ERR_NO_VALID_SCTS)
+    DefX509Const(V_ERR_NO_VALID_SCTS);
+#endif
+#if defined(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION)
+    DefX509Const(V_ERR_PROXY_SUBJECT_NAME_VIOLATION);
+#endif
+#if defined(X509_V_ERR_OCSP_VERIFY_NEEDED)
+    DefX509Const(V_ERR_OCSP_VERIFY_NEEDED);
+    DefX509Const(V_ERR_OCSP_VERIFY_FAILED);
+    DefX509Const(V_ERR_OCSP_CERT_UNKNOWN);
+#endif
 
+    /* Certificate verify flags */
+    /* Set by Store#flags= and StoreContext#flags=. */
+    DefX509Const(V_FLAG_USE_CHECK_TIME);
     /* Set by Store#flags= and StoreContext#flags=. Enables CRL checking for the
      * certificate chain leaf. */
     DefX509Const(V_FLAG_CRL_CHECK);
@@ -122,6 +193,26 @@ Init_ossl_x509(void)
      * Enabled by default in OpenSSL >= 1.1.0. */
     DefX509Const(V_FLAG_TRUSTED_FIRST);
 #endif
+#if defined(X509_V_FLAG_SUITEB_128_LOS_ONLY)
+    /* Set by Store#flags= and StoreContext#flags=.
+     * Enables Suite B 128 bit only mode. */
+    DefX509Const(V_FLAG_SUITEB_128_LOS_ONLY);
+#endif
+#if defined(X509_V_FLAG_SUITEB_192_LOS)
+    /* Set by Store#flags= and StoreContext#flags=.
+     * Enables Suite B 192 bit only mode. */
+    DefX509Const(V_FLAG_SUITEB_192_LOS);
+#endif
+#if defined(X509_V_FLAG_SUITEB_128_LOS)
+    /* Set by Store#flags= and StoreContext#flags=.
+     * Enables Suite B 128 bit mode allowing 192 bit algorithms. */
+    DefX509Const(V_FLAG_SUITEB_128_LOS);
+#endif
+#if defined(X509_V_FLAG_PARTIAL_CHAIN)
+    /* Set by Store#flags= and StoreContext#flags=.
+     * Allows partial chains if at least one certificate is in trusted store. */
+    DefX509Const(V_FLAG_PARTIAL_CHAIN);
+#endif
 #if defined(X509_V_FLAG_NO_ALT_CHAINS)
     /* Set by Store#flags= and StoreContext#flags=. Suppresses searching for
      * a alternative chain. No effect in OpenSSL >= 1.1.0. */
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index 2909eeda..61543d44 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -304,7 +304,6 @@ ossl_x509store_add_file(VALUE self, VALUE file)
     char *path = NULL;
 
     if(file != Qnil){
-	rb_check_safe_obj(file);
 	path = StringValueCStr(file);
     }
     GetX509Store(self, store);
@@ -340,7 +339,6 @@ ossl_x509store_add_path(VALUE self, VALUE dir)
     char *path = NULL;
 
     if(dir != Qnil){
-	rb_check_safe_obj(dir);
 	path = StringValueCStr(dir);
     }
     GetX509Store(self, store);
diff --git a/lib/openssl/config.rb b/lib/openssl/config.rb
index 48d8be00..78a2da9e 100644
--- a/lib/openssl/config.rb
+++ b/lib/openssl/config.rb
@@ -77,29 +77,44 @@ module OpenSSL
       def parse_config_lines(io)
         section = 'default'
         data = {section => {}}
-        while definition = get_definition(io)
+        io_stack = [io]
+        while definition = get_definition(io_stack)
           definition = clear_comments(definition)
           next if definition.empty?
-          if definition[0] == ?[
+          case definition
+          when /\A\[/
             if /\[([^\]]*)\]/ =~ definition
               section = $1.strip
               data[section] ||= {}
             else
               raise ConfigError, "missing close square bracket"
             end
-          else
-            if /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/ =~ definition
-              if $2
-                section = $1
-                key = $2
-              else
-                key = $1
+          when /\A\.include (\s*=\s*)?(.+)\z/
+            path = $2
+            if File.directory?(path)
+              files = Dir.glob(File.join(path, "*.{cnf,conf}"), File::FNM_EXTGLOB)
+            else
+              files = [path]
+            end
+
+            files.each do |filename|
+              begin
+                io_stack << StringIO.new(File.read(filename))
+              rescue
+                raise ConfigError, "could not include file '%s'" % filename
               end
-              value = unescape_value(data, section, $3)
-              (data[section] ||= {})[key] = value.strip
+            end
+          when /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/
+            if $2
+              section = $1
+              key = $2
             else
-              raise ConfigError, "missing equal sign"
+              key = $1
             end
+            value = unescape_value(data, section, $3)
+            (data[section] ||= {})[key] = value.strip
+          else
+            raise ConfigError, "missing equal sign"
           end
         end
         data
@@ -212,10 +227,10 @@ module OpenSSL
         scanned.join
       end
 
-      def get_definition(io)
-        if line = get_line(io)
+      def get_definition(io_stack)
+        if line = get_line(io_stack)
           while /[^\\]\\\z/ =~ line
-            if extra = get_line(io)
+            if extra = get_line(io_stack)
               line += extra
             else
               break
@@ -225,9 +240,12 @@ module OpenSSL
         end
       end
 
-      def get_line(io)
-        if line = io.gets
-          line.gsub(/[\r\n]*/, '')
+      def get_line(io_stack)
+        while io = io_stack.last
+          if line = io.gets
+            return line.gsub(/[\r\n]*/, '')
+          end
+          io_stack.pop
         end
       end
     end
diff --git a/test/test_config.rb b/test/test_config.rb
index 8096375c..a9339d68 100644
--- a/test/test_config.rb
+++ b/test/test_config.rb
@@ -120,6 +120,49 @@ __EOC__
     assert_equal("error in line 7: missing close square bracket", excn.message)
   end
 
+  def test_s_parse_include
+    in_tmpdir("ossl-config-include-test") do |dir|
+      Dir.mkdir("child")
+      File.write("child/a.conf", <<~__EOC__)
+        [default]
+        file-a = a.conf
+        [sec-a]
+        a = 123
+      __EOC__
+      File.write("child/b.cnf", <<~__EOC__)
+        [default]
+        file-b = b.cnf
+        [sec-b]
+        b = 123
+      __EOC__
+      File.write("include-child.conf", <<~__EOC__)
+        key_outside_section = value_a
+        .include child
+      __EOC__
+
+      include_file = <<~__EOC__
+        [default]
+        file-main = unnamed
+        [sec-main]
+        main = 123
+        .include = include-child.conf
+      __EOC__
+
+      # Include a file by relative path
+      c1 = OpenSSL::Config.parse(include_file)
+      assert_equal(["default", "sec-a", "sec-b", "sec-main"], c1.sections.sort)
+      assert_equal(["file-main", "file-a", "file-b"], c1["default"].keys)
+      assert_equal({"a" => "123"}, c1["sec-a"])
+      assert_equal({"b" => "123"}, c1["sec-b"])
+      assert_equal({"main" => "123", "key_outside_section" => "value_a"}, c1["sec-main"])
+
+      # Relative paths are from the working directory
+      assert_raise(OpenSSL::ConfigError) do
+        Dir.chdir("child") { OpenSSL::Config.parse(include_file) }
+      end
+    end
+  end
+
   def test_s_load
     # alias of new
     c = OpenSSL::Config.load
@@ -299,6 +342,17 @@ __EOC__
     @it['newsection'] = {'a' => 'b'}
     assert_not_equal(@it.sections.sort, c.sections.sort)
   end
+
+  private
+
+  def in_tmpdir(*args)
+    Dir.mktmpdir(*args) do |dir|
+      dir = File.realpath(dir)
+      Dir.chdir(dir) do
+        yield dir
+      end
+    end
+  end
 end
 
 end
diff --git a/test/test_ssl.rb b/test/test_ssl.rb
index 060c1f1c..ea98bec8 100644
--- a/test/test_ssl.rb
+++ b/test/test_ssl.rb
@@ -832,6 +832,46 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
     end
   end
 
+  def test_verify_hostname_failure_error_code
+    ctx_proc = proc { |ctx|
+      exts = [
+        ["keyUsage", "keyEncipherment,digitalSignature", true],
+        ["subjectAltName", "DNS:a.example.com"],
+      ]
+      ctx.cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
+      ctx.key = @svr_key
+    }
+
+    start_server(ctx_proc: ctx_proc, ignore_listener_error: true) do |port|
+      verify_callback_ok = verify_callback_err = nil
+
+      ctx = OpenSSL::SSL::SSLContext.new
+      ctx.verify_hostname = true
+      ctx.cert_store = OpenSSL::X509::Store.new
+      ctx.cert_store.add_cert(@ca_cert)
+      ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      ctx.verify_callback = -> (preverify_ok, store_ctx) {
+        verify_callback_ok = preverify_ok
+        verify_callback_err = store_ctx.error
+        preverify_ok
+      }
+
+      begin
+        sock = TCPSocket.new("127.0.0.1", port)
+        ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
+        ssl.hostname = "b.example.com"
+        assert_handshake_error { ssl.connect }
+        assert_equal false, verify_callback_ok
+        code_expected = openssl?(1, 0, 2) || defined?(OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH) ?
+          OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH :
+          OpenSSL::X509::V_ERR_CERT_REJECTED
+        assert_equal code_expected, verify_callback_err
+      ensure
+        sock&.close
+      end
+    end
+  end
+
   def test_connect_certificate_verify_failed_exception_message
     start_server(ignore_listener_error: true) { |port|
       ctx = OpenSSL::SSL::SSLContext.new