Correctly verify abbreviated IPv6 SANs

IPv6 SAN-verification accommodates ["zero-compression"](https://tools.ietf.org/html/rfc5952#section-2.2). It also accommodates non-compressed addresses. Previously the verification of IPv6 addresses would fail unless the address syntax matched a specific format (no zero-compression, no leading zeroes). As an example, the IPv6 loopback address, if represented as `::1`, would not verify. Nor would it verify if represented as `0000:0000:0000:0000:0000:0000:0000:0001`; however, both representations are valid, RFC-compliant representations. The library would only accept a very specific representation (i.e. `0:0:0:0:0:0:0:1`). This commit addresses that shortcoming, and ensures that any valid IPv6 representation will correctly verify.
author: Brian Cunnie <brian.cunnie@gmail.com> 2018-01-29 20:08:49 -0800
committer: Brian Cunnie <brian.cunnie@gmail.com> 2018-02-06 06:37:50 -0800
commit: 9322a104d16b02c7a79f9ab589859c9d63fabf52 (patch)
tree: ea63f2d604f0e23b7990ef4e55d82bff04113548 /openssl.gemspec
parent: f707996f80ab5e63fd584d576b9a39f091b22dca (diff)
download: ruby-openssl-9322a104d16b02c7a79f9ab589859c9d63fabf52.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/openssl.gemspec b/openssl.gemspec
index 40525c4a..4896eac3 100644
--- a/openssl.gemspec
+++ b/openssl.gemspec
@@ -17,6 +17,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = ">= 2.3.0"
 
+  spec.add_runtime_dependency "ipaddr"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rake-compiler"
   spec.add_development_dependency "test-unit", "~> 3.0"
author	Brian Cunnie <brian.cunnie@gmail.com>	2018-01-29 20:08:49 -0800
committer	Brian Cunnie <brian.cunnie@gmail.com>	2018-02-06 06:37:50 -0800
commit	9322a104d16b02c7a79f9ab589859c9d63fabf52 (patch)
tree	ea63f2d604f0e23b7990ef4e55d82bff04113548 /openssl.gemspec
parent	f707996f80ab5e63fd584d576b9a39f091b22dca (diff)
download	ruby-openssl-9322a104d16b02c7a79f9ab589859c9d63fabf52.tar.gz