| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Drop support for Ruby 2.3, 2.4, and 2.5.
As of 2021-10, Ruby 2.6 is the oldest version that still receives
security fixes from the Ruby core team, so it doesn't make much sense
to keep code for those ancient versions.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint-2.2: (43 commits)
Ruby/OpenSSL 2.2.1
openssl is ractor-safe
Fixed the results of OpenSSL::Timestamp::Response#failure_info
Don't redefine #rb_intern over and over again
Use rb_intern_const instead of rb_intern in Init functions
Remove trailing spaces [ci skip]
test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
fix segv in Timestamp::{Request,Response,TokenInfo}.new
ts: libressl build fix warning
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
...
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* maint-2.1:
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
Use rb_block_call() instead of the deprecated rb_iterate() in OpenSSL
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Back in 2016, we chose not to use Bundler in Ruby/OpenSSL development
because Bundler depended on openssl and could not be used for testing
openssl itself - "bundle exec rake test" would end up with loading two
different versions of openssl at the same time.
This has been resolved long time ago. We can now safely use it for
development dependency management and for Rake tasks.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Clean up old version guards in preparation for the upcoming OpenSSL 3.0
support.
OpenSSL 1.0.1 reached its EOL on 2016-12-31. At that time, we decided
to keep 1.0.1 support because many major Linux distributions were still
shipped with 1.0.1. Now, nearly 4 years later, most Linux distributions
are reaching their EOL and it should be safe to assume nobody uses them
anymore. Major ones that were using 1.0.1:
- Ubuntu 14.04 is EOL since 2019-04-30
- RHEL 6 will reach EOL on 2020-11-30
LibreSSL 3.0 and older versions are no longer supported by the LibreSSL
team as of October 2020.
Note that OpenSSL 1.0.2 also reached EOL on 2019-12-31 and 1.1.0 also
did on 2018-08-31.
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
LibreSSL 3.2.4 made the certificate verification logic back closer to
pre-3.2.2 one, which is more compatible with OpenSSL.
Part of the fixes added by commit a0e98d48c91f ("Enhance TLS 1.3 support
on LibreSSL 3.2/3.3", 2020-12-03) is required for 3.2.2 and 3.2.3 only
(and ~3.3.1, however 3.3 does not have a stable release yet). Since both
releases are security fix, it should be safe to remove those special
treatment from our test suite.
While we are at it, TestSSL#test_ecdh_curves is split into TLS 1.2 and
TLS 1.3 variants for clarity.
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint-2.1:
.github/workflows: update Ruby and OpenSSL/LibreSSL versions
bn: check -1 return from BIGNUM functions
.github/workflows: disable pkg-config on Windows tests
ssl: retry write on EPROTOTYPE on macOS
x509store: fix memory leak in X509::StoreContext.new
.github/workflows/test.yml: use GitHub Actions
Skip one assertion for OpenSSL::PKey::EC::Point#mul on LibreSSL
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let ext/openssl/extconf.rb find the correct OpenSSL installation from
the default include/library paths.
Since some time ago, the test environment contains another OpenSSL
installation and pkg-config from Mingw-w64. However, as pkg-config is
not available in RubyInstaller (Ruby 2.3), simply invoking pkg-config
command from our ext/openssl/extconf.rb ends up with picking up
Mingw-w64's OpenSSL, which is incompatible with RI.
|
| |
|
|
|
|
| |
.github/workflows/test.yml is copied from current master's (last update
by commit 0a2e8c67f252), and then the LibreSSL versions to run test with
are adjusted for Ruby/OpenSSL 2.1.
|
| | |
|
| |
|
|
|
|
| |
1. Using correct MSYS compiler for Windows Ruby 2.3, previous CI used MSYS2
2. Ruby installation is done via a fork of setup-ruby
|
| |
|
|
|
|
|
|
| |
Compile OpenSSL and LibreSSL on-the-fly and run our test suite against
the OpenSSL installation.
Compiling OpenSSL or LibreSSL takes about 1.5 - 2 minutes on a GitHub-
hosted runner.
|
| |
|
|
|
| |
The "Ubuntu-macOS" and "Windows" workflows are both for the same
purpose. Merge them into a single workflow for clarity.
|
| |
|
|
| |
* .github/workflows/ubuntu-macos.yml already tests those.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
1. Add Ubuntu rvm master and 2.3.8
2. Add MinGW master and 2.3.3 (last MinGW build)
3. Switch from Windows helper MSP-Greg/msys2-action to MSP-Greg/actions-ruby
4. MinGW installs current Rubies, not outdated Actions builds.
|
| | |
|
| |
|
