| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint:
History.md: fix a typo
x509cert, x509crl, x509req, ns_spki: check sanity of public key
pkey: make pkey_check_public_key() non-static
test/test_cipher: fix test_non_aead_cipher_set_auth_data failure
cipher: disallow setting AAD for non-AEAD ciphers
test/test_ssl_session: skip tests for session_remove_cb
appveyor.yml: remove 'openssl version' line
|
| | | |
|
| | |\
| | |
| | | |
[Bug #14087] x509cert, x509crl, x509req, ns_spki: check sanity of public key
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The pub_encode routine of an EVP_PKEY_ASN1_METHOD seems to assume the
parameters and public key component(s) to be set properly. Calling that,
for example, through X509_set_pubkey(), with an incomplete object may
cause segfault.
Use ossl_pkey_check_public_key() to check that. It doesn't look pretty,
but unfortunately there isn't a generic way to do that with the EVP API.
Something similar applies to the verify routine of an EVP_PKEY_METHOD.
Do the same check before calling *_verify().
Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83688
Reference: https://bugs.ruby-lang.org/issues/14087
|
| | |/
| |
| |
| | |
Also make it take const pointer as it never modifies the pkey.
|
| | |
| |
| |
| |
| |
| | |
A follow-up to commit bb10767b0570 ("cipher: disallow setting AAD for
non-AEAD ciphers", 2017-10-18). Cipher#auth_data= raises
NotImplementedError if built with OpenSSL < 1.0.1.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
EVP_CipherUpdate() must not be call with the output parameter set to
NULL when the cipher does not support AEAD. Check the flag of
EVP_CIPHER, and raise an exception as necessary.
Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83337
Reference: https://bugs.ruby-lang.org/issues/14024
|
| | |\
| | |
| | | |
test/test_ssl_session: skip tests for session_remove_cb
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In OpenSSL < 1.1.0, the session_remove_cb callback is called inside the
global lock for CRYPTO_LOCK_SSL_CTX which is shared across the entire
process, not just for the specific SSL_CTX object. It is possible that
the callback releases GVL while the lock for CRYPTO_LOCK_SSL_CTX is
held, causing another thread calling an OpenSSL function that tries to
acquire the same lock stuck forever.
Add a note about the possible deadlock to the docs for
SSLContext#session_remove_cb=, and skip the relevant test cases unless
the OSSL_TEST_ALL environment variable is set to 1.
A deadlock due to this issue is observed:
http://ci.rvm.jp/results/trunk-test@frontier/104428
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
It runs the 'openssl' command line tool that is not of the version used
to compile and run the test suite.
Thanks to MSP-Greg for pointing this out.
Fixes: https://github.com/ruby/openssl/issues/157
|
| |\ \
| | |
| | | |
kdf: add HKDF support
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenSSL 1.1.0 supports HKDF through the EVP API. Add OpenSSL::KDF.hkdf
as a wrapper around that.
Reference: https://github.com/ruby/openssl/issues/172
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | | |
* ky/x509-implement-eq:
test/test_x509crl: fix random failure
test/test_x509cert: fix flaky test
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Similarly to the previous one, avoid querying the current time multiple
times.
Fixes: e4727829837a ("x509crl, x509revoked: implement X509::{CRL,Revoked}#==", 2017-10-12)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Specify the notBefore and notAfter fields explicitly to prevent
occasional failure.
Fixes: 432a9f3455f5 ("x509cert: implement X509::Certificate#==", 2017-10-12)
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Merge GitHub Pull Request #167.
* ky/ssl-add-certificate:
test/test_ssl: fix test_security_level
ssl: add SSLContext#add_certificate
test/utils: remove a pointless .public_key call in issue_cert
test/envutil: port assert_warning from Ruby trunk
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix test_security_level using SSLContext#add_certificate. It immediately
sets the certificate to the SSL_CTX, so it is affected by the security
level setting.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add a new method to add a certificate, a corresponding private key, and
extra CA certificates at once.
This has two advantages over the existing {cert,key,extra_cert_chain}
attributes:
1. We can notice the problem with the certificate and/or the private
key. Since the existing attributes are simple instance variables,
they aren't set to the SSL_CTX until #setup which usually happens
on the first connection.
2. For the same reason, existing attributes allowed only one
certificate for a context, even though OpenSSL itself is capable of
handling multiple certificates and selecting the most appropriate
one according to the cipher suite selected.
The documentation for the existing attributes are updated to recommend
using #add_certificate.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
PKey::EC#public_key works differently from other PKey types, making
TestUtils.issue_cert unusable for creating ECDSA certificates.
Actually, the #public_key does not have any effect on any other PKey
types. So just remove it.
|
| | | |/ /
| |/| |
| | | |
| | | | |
EnvUtil.verbose_warning used by assert_warning is also ported.
|
| | | | |
| | | |
| | | |
| | | | |
LibreSSL 2.4 reached its EOL in 2017-09.
|
| |\ \ \ \
| | | | |
| | | | | |
[v2] Add RSA sign_pss() and verify_pss() methods
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Support Probabilistic Signature Scheme for RSA key signing.
[ky: the patch was originally submitted as GitHub Pull Request #76.
finish keyword arguments handling, update docs, and fix tests.]
|
| |\ \ \ \
| | | | |
| | | | | |
buffering: let #write accept multiple arguments
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As of Ruby 2.5, IO#write accepts multiple input strings and writes them
at once[1]. Follow that.
[1] https://bugs.ruby-lang.org/issues/9323
|
| |\ \ \ \
| | | | |
| | | | | |
Fix build failure against OpenSSL 1.1 built with no-deprecated
|
| |/ / / /
| | | |
| | | |
| | | | |
Thanks rhenium for the code review and fixes.
|
| |\ \ \ \
| | | | |
| | | | | |
TLS Fallback Signaling Cipher Suite Value
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Support for fallback SCSV [RFC 7507](https://tools.ietf.org/html/rfc7507).
Expected behaviour is to refuse connection if the client signals a protocol with
the fallback flag but the server supports a better one (downgrade attack detection).
|
| |\ \ \ \
| | |/ /
| |/| | |
x509*: implement ==
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | |/ / |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | | |
* ky/ssl-version-min-max:
ssl: fix conflict of options in SSLContext#set_params
Use caller with length to reduce unused strings
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make SSLContext#set_params call #options= first.
SSLContext#set_params by default disables SSL 2.0 and SSL 3.0 by calling
SSLContext#min_version=. After that, it sets the SSL option flags by
calling SSLContext#options=.
This is problematic when built with OpenSSL before 1.1.0 because
SSLContext#min_version= achieves its goal using the SSL_OP_NO_{SSL,TLS}*
options. Since the subsequent SSLContext#options= call replaces the
flags rather than OR together, this results in effectively disabling
min_version setting in SSLContext::DEFAULT_PARAMS.
The issue was first fixed in Ruby trunk tree, as part of r60310 ("fix
OpenSSL::SSL::SSLContext#min_version doesn't work", 2017-10-21).
|
| | | | |
| | | |
| | | |
| | | | |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60288 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | | | | |
|
| | |/ /
|/| | |
|
| |\ \ \
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* maint:
Ruby/OpenSSL 2.0.6
test/test_engine: check if RC4 is supported
test/test_engine: suppress stderr
ossl.c: make legacy locking callbacks reentrant
ossl.c: use struct CRYPTO_dynlock_value for non-dynamic locks
ssl: prevent SSLSocket#sysread* from leaking uninitialized data
test/test_pair: replace sleep with IO.select
tool/ruby-openssl-docker: update
test/test_ssl: do not run NPN tests for LibreSSL >= 2.6.1
test/test_ssl: skip tmp_ecdh_callback test for LibreSSL >= 2.6.1
test/test_pair: disable compression
test/test_ssl: suppress warning in test_alpn_protocol_selection_cancel
ruby.h: unnormalized Fixnum value
test/test_pair: fix test_write_nonblock{,_no_exceptions}
|
| | | | |
|
| | |\ \
| | | |
| | | | |
ossl.c: make legacy locking callbacks reentrant
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Although it's not documented explicitly that the locking callbacks must
provide reentrant mutexes, it seems to be required.
Specifically, the session_remove_cb callback function of an SSL_CTX is
called in a critical section for CRYPTO_LOCK_SSL_CTX, which is shared
across the library. This leads, if the callback function calls another
OpenSSL function that will attempt to lock CRYPTO_LOCK_SSL_CTX, to
deadlock. SSL_CTX_free() is one example of such a function.
http://ci.rvm.jp/results/trunk@P895/64001
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
In preparation for making the mutexes reentrant. It is common to the
non-dynamic and the dynamic locking callbacks.
|
| | |\ \ \
| | | | |
| | | | | |
ssl: prevent SSLSocket#sysread* from leaking uninitialized data
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Set the length of the buffer string to 0 first, and adjust to the size
successfully read by the SSL_read() call later. This is needed because
the buffer string may be provided by the caller.
|
| | | |/ /
| | | |
| | | |
| | | |
| | | | |
The sleep was to ensure that the SSLSocket#read_nonblock will get
close_notify alert. A simple IO.select will suffice.
|
