| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const
pointer of the low level struct and the following methods can no longer
be provided when linked against OpenSSL 3.0:
- OpenSSL::PKey::RSA#set_key
- OpenSSL::PKey::RSA#set_factors
- OpenSSL::PKey::RSA#set_crt_params
- OpenSSL::PKey::DSA#set_pqg
- OpenSSL::PKey::DSA#set_key
- OpenSSL::PKey::DH#set_pqg
- OpenSSL::PKey::DH#set_key
- OpenSSL::PKey::EC#group=
- OpenSSL::PKey::EC#private_key=
- OpenSSL::PKey::EC#public_key=
There is no direct replacement for this functionality at the moment.
I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes
all key components at once to construct an EVP_PKEY.
|
| |
|
|
|
|
| |
OpenSSL::PKey::EC#generate_key! will not work on OpenSSL 3.0 because
keys are made immutable. Users should use OpenSSL::PKey.generate_key
instead.
|
| |
|
|
|
|
| |
OpenSSL::PKey::DH#generate_key! will not work on OpenSSL 3.0 because
keys are made immutable. Users should use OpenSSL::PKey.generate_key
instead.
|
| |
|
|
|
|
| |
Similarly to DH#compute_key, work around it by constructing a
SubjectPublicKeyInfo. This should be considered as a temporary
implementation.
|
| |
|
|
|
|
|
|
|
|
| |
DH#set_key will not work on OpenSSL 3.0 because keys are immutable.
For now, let's reimplement DH#compute_key by manually constructing a
DER-encoded SubjectPublicKeyInfo structure and feeding it to
OpenSSL::PKey.read.
Eventually, we should implement a new method around EVP_PKEY_fromdata()
and use it instead.
|
| |\
| |
| | |
Fix typos [ci skip]
|
| |/ |
|
| |\
| |
| | |
ssl: disallow reading/writing to unstarted SSL socket
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenSSL::SSL::SSLSocket allowed #read and #write to be called before an
SSL/TLS handshake is completed. They passed unencrypted data to the
underlying socket.
This behavior is very odd to have in this library. A verbose mode
warning "SSL session is not started yet" was emitted whenever this
happened. It also didn't behave well with OpenSSL::Buffering. Let's
just get rid of it.
Fixes: https://github.com/ruby/openssl/issues/9
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add docs for X509::Name.parse_openssl and X509::Name.parse_rfc2253,
which are currently undocumented despite being widely used.
Small changes are also made to #to_s and the class description to
recommend using RFC 2253-based methods.
Fixes: https://github.com/ruby/openssl/issues/470
|
| |\ \
| |/
|/| |
Miscellaneous changes for OpenSSL 3.0 support
|
| | |
| |
| |
| |
| | |
Now that BN.pseudo_rand{,_range} are alias, those macros are only used
once. Let's expand the macros for better readability.
|
| | |
| |
| |
| |
| |
| | |
BN_pseudo_rand() and BN_pseudo_rand_range() are deprecated in
OpenSSL 3.0. Since they are identical to their non-'pseudo' version
anyway, let's make them alias.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 renamed EVP_PKEY_cmp() to EVP_PKEY_eq() because that was a
confusing name.
|
| | |
| |
| |
| |
| |
| |
| | |
EC_GROUP_clear_free() is deprecated in OpenSSL 3.0.
EC_GROUP does not include any sensitive data, so we can safely use
EC_GROUP_free() instead.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
It converts the internal representation of the point object to the
affine coordinate system. However, it had no real use case because the
difference in the internal representation has not been visible from
Ruby/OpenSSL at all.
EC_POINT_make_affine() is marked as deprecated in OpenSSL 3.0.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL 3.0 renamed EVP_MD_CTX_pkey_ctx() to include "get" in the
function name. Adjust compatibility macro so that we can use the new
function name for all OpenSSL 1.0.2-3.0.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function was renamed in OpenSSL 3.0 due to the change of the
lifetime of EVP_MD objects. They are no longer necessarily statically
allocated and can be reference-counted -- when an EVP_MD_CTX is free'd,
the associated EVP_MD can also become inaccessible.
Currently Ruby/OpenSSL only handles builtin algorithms, so no special
handling is needed except for adapting to the rename.
|
| | |
| |
| |
| |
| | |
In OpenSSL 3.0, BN_is_prime_ex() and BN_is_prime_fasttest_ex() are
deprecated in favor of BN_check_prime().
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Use SSL_get_rbio() instead of SSL_get_fd(). SSL_get_fd() internally
calls SSL_get_rbio() and it's enough for our purpose.
In OpenSSL 3.0, SSL_get_fd() leaves an entry in the OpenSSL error queue
if BIO has not been set up yet, and we would have to clean it up.
|
| | |
| |
| |
| |
| | |
SSL_CTX_load_verify_locations() is deprecated in OpenSSL 3.0 and
replaced with those two separate functions. Use them if they exist.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 fixed the typo in the function name and replaced the
current 'CTS' version with a macro.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 deprecated ERR_get_error_line_data() in favor of
ERR_get_error_all(), as part of the error queue structure changes.
|
| |/
|
|
|
|
|
|
| |
Add following convenient macros:
- OSSL_IS_LIBRESSL
- OSSL_OPENSSL_PREREQ(maj, min, pat)
- OSSL_LIBRESSL_PREREQ(maj, min, pat)
|
| |
|
|
| |
The Ruby tree disallows assert_raises.
|
| |\
| |
| | |
Raise an exception if the IO object passed to SSLSocket isn't a file
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SSLSocket#connect eventually calls `GetOpenFile` in order to get the
underlying file descriptor for the IO object passed in on
initialization. `GetOpenFile` assumes that the Ruby object passed in is
a T_FILE object and just casts it to a T_FILE without any checks. If
you pass an object that *isn't* a T_FILE to that function, the program
will segv.
Since we assume the IO object is a file in the `connect` method, this
commit adds a `CheckType` in the initialize method to ensure that the IO
object is actually a T_FILE. If the object *isn't* a T_FILE, this class
will segv on `connect`, so I think this is a backwards compatible
change.
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* ky/ssl-test-assume-ec-support:
test/openssl/test_pkey_rsa: disable test_no_private_exp on OpenSSL 3.0
test/openssl/test_pkey: use EC keys for PKey.generate_parameters tests
test/openssl/test_ssl: fix illegal SAN extension
test/openssl/test_pkcs12: fix test failures with OpenSSL 3.0
test/openssl/test_ssl: relax regex to match OpenSSL's error message
test/openssl/test_digest: do not test constants for legacy algorithms
test/openssl/test_ssl: assume ECC support
test/openssl/test_ssl: assume TLS 1.2 support
test/openssl/utils: remove dup_public helper method
|
| | |
| |
| |
| |
| | |
OpenSSL::PKey::RSA#set_key does not exist when built with OpenSSL 3.0,
so it is not possible to create an RSA object with incomplete state.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL 3.0 refuses to generate DSA parameters shorter than 2048 bits,
but generating 2048 bits parameters takes very long time. Let's use EC
in these test cases instead.
|
| | |
| |
| |
| |
| |
| | |
A certificate can only have one SubjectAltName extension. OpenSSL 3.0
performs a stricter validation and certificates containing multiple SANs
will be rejected.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenSSL's PKCS12_create() by default uses pbewithSHAAnd40BitRC2-CBC for
encryption of the certificates. However, in OpenSSL 3.0, the algorithm
is part of the legacy provider and is not enabled by default.
Specify another algorithm that is still in the default provider for
these test cases.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL 3.0 slightly changed the error message for a certificate
verification failure when an untrusted self-signed certificate is found
in the chain.
|
| | |
| |
| |
| |
| |
| | |
Remove availability test for MD4 and RIPEMD160 as they are considered
legacy and may be missing depending on the compile-time options of
OpenSSL. OpenSSL 3.0 by default disables them.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Disabling ECC support of OpenSSL is impractical nowadays.
We still try to have the C extension compile on no-ec builds (as well
as no-dh or no-engine, etc.) as long as we can, but keeping test cases
for such an extreme scenario is not worth the effort.
|
| | |
| |
| |
| |
| | |
Current versions of OpenSSL and LibreSSL all support TLS 1.2, so there
is no need for checking the availability.
|
| |/
|
|
|
|
| |
It uses deprecated PKey::{RSA,DSA,DH}#set_* methods, which will not
work with OpenSSL 3.0. The same can easily be achieved using
PKey#public_to_der regardless of the key kind.
|
| |\
| |
| | |
require Ruby 2.6 or later
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Drop support for Ruby 2.3, 2.4, and 2.5.
As of 2021-10, Ruby 2.6 is the oldest version that still receives
security fixes from the Ruby core team, so it doesn't make much sense
to keep code for those ancient versions.
|
| |/ |
|
| |
|
|
| |
(cherry picked from commit ruby/ruby@ecfbf1df33a1e90008baa131369c80cfa6282692)
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint-2.2: (43 commits)
Ruby/OpenSSL 2.2.1
openssl is ractor-safe
Fixed the results of OpenSSL::Timestamp::Response#failure_info
Don't redefine #rb_intern over and over again
Use rb_intern_const instead of rb_intern in Init functions
Remove trailing spaces [ci skip]
test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
fix segv in Timestamp::{Request,Response,TokenInfo}.new
ts: libressl build fix warning
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
...
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
ossl_bn_ctx is C's global variable and it should be ractor-local
to make it ractor-safe.
ruby/ruby@b5588edc0a538de840c79e0bbc9d271ba0c5a711
(cherry picked from commit 9e7cf9e930cb986a04e312cb576814254dff13be and
commit f2db943e8f19d4fa7bf871b9914dd9b92a5fbe6f)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
Made stored values `Symbol`s instead of `ID`s.
Fixes https://bugs.ruby-lang.org/issues/17625
Co-Authored-By: xtkoba (Tee KOBAYASHI) <xtkoba+ruby@gmail.com>
(cherry picked from commit f2d004679a62408a89d7304b229c24e789b94776)
|
| | |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
(cherry picked from commit 03304838c931d9600617241909974df5ef58d06b)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
```
find . -name \*.o -exec nm {} + |&
sed '/Init_.*\.rbimpl_id/!d;s/^.* b //;s/\.[1-9][0-9]*$//;s/\.rbimpl_id$//' |
uniq
```
should be empty.
(cherry picked from commit 9e4d4704e65bccd3cedeb9a07c9101f3c2eb02e9)
|
| | |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
(cherry picked from commit 942bb13afaff7d4ec19b4337c6972476c373c988)
|
| | |
| |
| |
| |
| | |
LibreSSL 2.2.x has a bug in the Finished message handling with TLS 1.3.
This is fixed by LibreSSL 3.3.2.
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* maint-2.1:
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
Use rb_block_call() instead of the deprecated rb_iterate() in OpenSSL
|
