aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/openssl/buffering.rb2
-rw-r--r--lib/openssl/digest.rb5
-rw-r--r--lib/openssl/ssl.rb55
3 files changed, 17 insertions, 45 deletions
diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb
index d0821990..61e1f43e 100644
--- a/lib/openssl/buffering.rb
+++ b/lib/openssl/buffering.rb
@@ -132,7 +132,6 @@ module OpenSSL::Buffering
buf.replace(ret)
ret = buf
end
- raise EOFError if ret.empty?
ret
end
@@ -182,7 +181,6 @@ module OpenSSL::Buffering
buf.replace(ret)
ret = buf
end
- raise EOFError if ret.empty?
ret
end
diff --git a/lib/openssl/digest.rb b/lib/openssl/digest.rb
index 1240bf59..1a236cc7 100644
--- a/lib/openssl/digest.rb
+++ b/lib/openssl/digest.rb
@@ -15,7 +15,10 @@
module OpenSSL
class Digest
- alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
+ alg = %w(MD2 MD4 MD5 MDC2 RIPEMD160 SHA1)
+ if OPENSSL_VERSION_NUMBER < 0x10100000
+ alg += %w(DSS DSS1 SHA)
+ end
if OPENSSL_VERSION_NUMBER > 0x00908000
alg += %w(SHA224 SHA256 SHA384 SHA512)
end
diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb
index 39ddf8a8..1c0ca94d 100644
--- a/lib/openssl/ssl.rb
+++ b/lib/openssl/ssl.rb
@@ -53,19 +53,16 @@ module OpenSSL
}.join(":"),
:options => -> {
opts = OpenSSL::SSL::OP_ALL
- opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
+ opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
- opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
- opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
+ opts |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
opts
}.call
}
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
DEFAULT_CERT_STORE.set_default_paths
- if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
- DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
- end
+ DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
INIT_VARS = ["cert", "key", "client_ca", "ca_file", "ca_path",
"timeout", "verify_mode", "verify_depth", "renegotiation_cb",
@@ -247,47 +244,21 @@ module OpenSSL
include Buffering
include SocketForwarder
- if ExtConfig::OPENSSL_NO_SOCK
- def initialize(io, ctx = nil); raise NotImplementedError; end
- else
- if ExtConfig::HAVE_TLSEXT_HOST_NAME
- attr_accessor :hostname
- end
-
- attr_reader :io, :context
- attr_accessor :sync_close
- alias :to_io :io
-
- # call-seq:
- # SSLSocket.new(io) => aSSLSocket
- # SSLSocket.new(io, ctx) => aSSLSocket
- #
- # Creates a new SSL socket from +io+ which must be a real ruby object (not an
- # IO-like object that responds to read/write).
- #
- # If +ctx+ is provided the SSL Sockets initial params will be taken from
- # the context.
- #
- # The OpenSSL::Buffering module provides additional IO methods.
- #
- # This method will freeze the SSLContext if one is provided;
- # however, session management is still allowed in the frozen SSLContext.
-
- def initialize(io, context = OpenSSL::SSL::SSLContext.new)
- @io = io
- @context = context
- @sync_close = false
- @hostname = nil
- @io.nonblock = true if @io.respond_to?(:nonblock=)
- context.setup
- super()
- end
+ if ExtConfig::HAVE_TLSEXT_HOST_NAME
+ attr_reader :hostname
end
+ attr_reader :io, :context
+ attr_accessor :sync_close
+ alias :to_io :io
+
# call-seq:
# ssl.sysclose => nil
#
- # Shuts down the SSL connection and prepares it for another connection.
+ # Sends "close notify" to the peer and tries to shut down the SSL
+ # connection gracefully.
+ #
+ # If sync_close is set to +true+, the underlying IO is also closed.
def sysclose
return if closed?
stop
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 16:25:20 +0000