diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2018-05-12 15:52:57 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2018-05-12 15:52:57 +0900 |
commit | fdcda971a26895ea5c5015a90671ee73039d55e8 (patch) | |
tree | edb16e27616ec50c31e4f404a22d492fa9625de6 /ext | |
parent | 3f64119bf301e0ad43bb0c04ae64d214cbfa09df (diff) | |
parent | 2d6719910020d00444329161a5ff8a01fbdad2e6 (diff) | |
download | ruby-openssl-fdcda971a26895ea5c5015a90671ee73039d55e8.tar.gz |
Merge branch 'maint'
* maint:
Ruby/OpenSSL 2.1.1
Ruby/OpenSSL 2.0.8
test/test_ssl_session: set client protocol version explicitly
test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
extconf.rb: fix build with LibreSSL 2.7.0
cipher: validate iterations argument for Cipher#pkcs5_keyivgen
test/utils: disable Thread's report_on_exception in start_server
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/extconf.rb | 5 | ||||
-rw-r--r-- | ext/openssl/ossl_cipher.c | 2 | ||||
-rw-r--r-- | ext/openssl/ossl_version.h | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 5212903b..4242f044 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -122,8 +122,11 @@ OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") have_func("SSL_is_server") # added in 1.1.0 +if !have_struct_member("SSL", "ctx", "openssl/ssl.h") || + try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x2070000fL", "openssl/opensslv.h") + $defs.push("-DHAVE_OPAQUE_OPENSSL") +end have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") -have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL") have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 3038a766..0840c84a 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -317,6 +317,8 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self) salt = (unsigned char *)RSTRING_PTR(vsalt); } iter = NIL_P(viter) ? 2048 : NUM2INT(viter); + if (iter <= 0) + rb_raise(rb_eArgError, "iterations must be a positive integer"); digest = NIL_P(vdigest) ? EVP_md5() : ossl_evp_get_digestbyname(vdigest); GetCipher(self, ctx); EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt, diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h index 4167c9c8..a4dbf327 100644 --- a/ext/openssl/ossl_version.h +++ b/ext/openssl/ossl_version.h @@ -10,6 +10,6 @@ #if !defined(_OSSL_VERSION_H_) #define _OSSL_VERSION_H_ -#define OSSL_VERSION "2.1.0" +#define OSSL_VERSION "2.1.1" #endif /* _OSSL_VERSION_H_ */ |