aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ssl: avoid declarations after statementsky/ssl-avoid-mixed-declarationsKazuki Yamaguchi2020-02-191-12/+12
| | | | | | We cannot use C99 features yet, as we still support Ruby 2.6 and older. Fixes: debaca25604c ("Adds support for the 'get_finished' and 'get_peer_finished' functions", 2019-06-25)
* Merge pull request #333 from rhenium/ky/remove-wdeprecated-declarationsKazuki Yamaguchi2020-02-173-66/+8
|\ | | | | extconf.rb: get rid of -Werror=deprecated-declarations
| * extconf.rb: get rid of -Werror=deprecated-declarationsky/remove-wdeprecated-declarationsKazuki Yamaguchi2020-02-162-33/+6
| | | | | | | | | | | | | | | | | | | | | | No function needs -Werror=deprecated-declarations flag to check availability any more. This also fixes -Werror=deprecated-declarations erroneously carrying on to the actual compilation, resulting in an compilation error on some environment. Fixes: https://github.com/ruby/openssl/pull/331
| * random: make OpenSSL::Random.pseudo_bytes alias of .random_bytesKazuki Yamaguchi2020-02-162-33/+2
| | | | | | | | | | | | | | | | The default implementation of RAND_pseudo_bytes() uses the same routine as RAND_bytes(). Note that OpenSSL::Random.pseudo_bytes has been available only when it is compiled with EOL versions of OpenSSL.
* | Merge pull request #339 from rhenium/ky/ts-simplify-tsreq-get-algorithmKazuki Yamaguchi2020-02-172-16/+1
|\ \ | | | | | | ts: simplify OpenSSL::Timestamp::Request#algorithm
| * | ts: simplify OpenSSL::Timestamp::Request#algorithmky/ts-simplify-tsreq-get-algorithmKazuki Yamaguchi2020-02-172-16/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Stop the special treatment of invalid hashAlgorithm of the message imprint. Those invalid values can only appear after the object is instantiated, before the user sets an actual message digest algorithm. OpenSSL::Timestamp::TokenInfo#algorithm already does the same. Also, remove the test case "test_create_request" since it does not make much sense. Those fields are to be set by the user after creation of the object and checking the initial value is pointless. Fixes: https://github.com/ruby/openssl/issues/335
* | | Merge pull request #338 from rhenium/ky/ssl-test-fix-fallback-scsvKazuki Yamaguchi2020-02-171-0/+4
|\ \ \ | | | | | | | | test/openssl/test_ssl: skip test_fallback_scsv if necessary
| * | | test/openssl/test_ssl: skip test_fallback_scsv if necessaryky/ssl-test-fix-fallback-scsvKazuki Yamaguchi2020-02-171-0/+4
| |/ / | | | | | | | | | | | | | | | | | | | | | Run the test case only when the OpenSSL supports both TLS 1.1 and TLS 1.2. Note that the fallback SCSV mechanism is for TLS 1.2 or older and not for 1.3. Fixes: https://github.com/ruby/openssl/issues/336
* | | Merge pull request #326 from MSP-Greg/travis-pruneKazuki Yamaguchi2020-02-171-13/+0
|\ \ \ | |/ / |/| | .travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2
| * | .travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2MSP-Greg2020-02-151-13/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | Two jobs in Travis are duplicates of Actions jobs, and one is unlikely. The below two jobs are running in Actions on all OS's Ruby 2.3 and OpenSSL 1.0.2, Ruby 2.5 and OpenSSL 1.1.1 Ruby head and OpenSSL 1.0.2 - OpenSSL 1.0.2 is EOL, and the CI is running 1.0.2g, last release was 1.0.2u.
* | | Fixed inconsistency directory structure with ruby/ruby repoHiroshi SHIBATA2020-02-1750-1/+2
| | |
* | | Merge pull request #332 from mame/make-fixed_length_secure_compare-test-tolerantKazuki Yamaguchi2020-02-161-4/+7
|\ \ \ | |_|/ |/| | Make OpenSSL::OSSL#test_memcmp_timing robust
| * | Make OpenSSL::OSSL#test_memcmp_timing robustYusuke Endoh2020-02-161-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The test was too fragile. Actually, it fails on one of our CIs immediately after it was merged to ruby/ruby. https://gist.github.com/ko1/7ea4a5826641f79e2f9e041d83e45dba#file-brlog-trunk_clang_40-20200216-101730-L532-L535 https://gist.github.com/ko1/1c657746092b871359d8bf9e0ad28921#file-brlog-trunk-test4-20200216-104518-L473-L476 * Two measurements, a-b and a-c, must be interative instead of sequential; the execution time will be easily affected by disturbance (say, cron job or some external process invoked during measurement) * The comparison of the two results must be relative instead of absolute; slow machine may take several tens of seconds for each execution, and one delta second is too small. The test cases of a, b, and c are very extreme, so if the target method has a bug, the two execution times would be very different. So I think it is enough to check if the difference is less than 10 times.
* | | Merge pull request #330 from ruby/guard-pkey-ec-addHiroshi SHIBATA2020-02-161-6/+11
|\ \ \ | |/ / |/| | Guard for OpenSSL::PKey::EC::Group::Error with unsupported platforms
| * | Guard for OpenSSL::PKey::EC::Group::Error with unsupported platformsHiroshi SHIBATA2020-02-161-6/+11
|/ /
* | Merge pull request #321 from ruby/revert-ref-version-fileHiroshi SHIBATA2020-02-161-8/+1
|\ \ | |/ |/| Drop to reference OpenSSL::VERSION on gemspec
| * Drop to reference OpenSSL::VERSION on gemspec. It failed to test with ruby ↵Hiroshi SHIBATA2020-02-161-8/+1
| | | | | | | | core repository
* | Revert "Fix segfaults in OpenSSL::PKey::RSA#private_{en,de}crypt when ↵Kazuki Yamaguchi2020-02-161-6/+6
|/ | | | | | | | | | | | | | | | private exp not set" This reverts commit e30b9a27f00338b065e90c6172d1c4509edc2853 (#255) except the added test code. The 'd' value can be NULL when the RSA private key is backed by an OpenSSL engine, such as an HSM. In that case, only 'n' and 'e' are visible from the OpenSSL API. The original issue has been fixed by Pull Request #258 in another way. Reference: https://github.com/ruby/openssl/pull/255 Reference: https://github.com/ruby/openssl/pull/258
* Revert add_certificate_chain_file changes (#320)Hiroshi SHIBATA2020-02-163-185/+7
| | | | | | | | | | | | | Revert SSLContext#add_certificate_chain_file changes * 0da0dfaf09f549b2b2cd984627b321b7908d1186. * 8d12f0f6ca944212cb8000e689469d7aaa8190d7. * 49f42ad5f82f8b61f51a16e3a6df1ab0d5307d5f. * 5ee295ab8e37c8ffc6eb8c1b7b79ec024f3253e4. * 8b4fa5e336c7544ea677ccee160ec6d221559e10. * 443d13e9b2c127230fde2733959eaa4d41eb355d. * 5d866038920edf2729865653d6dc9309589f089a. * f18559acf97a6f6aaf3d253417eb0100b262cbc6.
* Merge pull request #323 from ruby/remove-appveyorSHIBATA Hiroshi2020-02-152-27/+1
|\ | | | | Removed appveyor configuration and badge
| * Removed appveyorHiroshi SHIBATA2020-02-152-27/+1
|/
* Add Actions mswin, update CIMSP-Greg2020-02-095-95/+123
|
* Improve string allocation.Samuel Williams2020-02-071-8/+8
|
* 'finished' messages: expand sizer array to 1-bytesMo Morsi2020-02-061-4/+4
| | | | | | | | Zero-size arrays not playing nicely with visual studio / mingw, see: https://github.com/ruby/ruby/pull/2693 Also see related discussion pertaining to using NULL pointer here: https://github.com/ruby/openssl/pull/315
* Tests are failing sporadically on Darwin with EPIPE.Samuel Williams2020-02-061-2/+2
|
* Merge in changes to tests from upstream.Samuel Williams2020-02-061-0/+13
|
* Ensure that binary buffer is used at all times.Samuel Williams2020-02-062-5/+35
|
* Prefer `frozen_string_literal: true`.Samuel Williams2020-02-0643-66/+65
|
* Merge pull request #311 from ruby/support-ruby-repoSHIBATA Hiroshi2020-01-283-38/+42
|\ | | | | Support Ruby repository
| * Use assert_raise instead of assert_raisesHiroshi SHIBATA2020-01-282-37/+37
| |
| * fallback for ruby core repositoyHiroshi SHIBATA2020-01-281-1/+5
|/
* Add cloudhsm to extconf.rbKyle Oliveira2020-01-251-1/+2
| | | to support the CloudHSM OpenSSL library
* Add cloudhsm to ossl_engine.cKyle Oliveira2020-01-251-0/+3
| | | to support the CloudHSM OpenSSL library
* fix an incorrect method namethekuwayama2020-01-251-2/+2
|
* fix comment; Examplethekuwayama2020-01-251-2/+2
|
* rm GC.disable && add {certs,pkey}.unlinkthekuwayama2020-01-251-2/+6
|
* add X509_free and EVP_PKEY_freethekuwayama2020-01-251-7/+19
|
* check with EVP_PKEY_cmp in advancethekuwayama2020-01-251-2/+33
|
* modify ossl_sslctx_add_certificate_chain_file() to raise Error and to return ↵thekuwayama2020-01-252-11/+88
| | | | | | self add test_add_certificate_chain_file_multiple_certs
* modify test_add_certificate_chain_file to check ssl.peer_cert and ↵thekuwayama2020-01-252-6/+28
| | | | ssl.peer_cert_chain
* add pkey_path argument to ossl_sslctx_add_certificate_chain_file()thekuwayama2020-01-251-5/+35
|
* Merge pull request #310 from thekuwayama/fix__ocsp_extern_varSHIBATA Hiroshi2020-01-171-3/+3
|\ | | | | Fix typo of `OpenSSL::OCSP` extern var
| * Fix typo of `OpenSSL::OCSP` extern varthekuwayama2020-01-161-3/+3
|/
* Use default fetch-depth of 1Bart de Water2020-01-011-4/+0
|
* Update ActionsMSP-Greg2019-12-291-38/+85
| | | | | | | | | | 1. Add Ubuntu rvm master and 2.3.8 2. Add MinGW master and 2.3.3 (last MinGW build) 3. Switch from Windows helper MSP-Greg/msys2-action to MSP-Greg/actions-ruby 4. MinGW installs current Rubies, not outdated Actions builds.
* Remove 2.3 from test workflow.Samuel Williams2019-12-291-11/+5
|
* Remove out-of-scope test.Samuel Williams2019-12-291-12/+0
|
* Merge in changes to tests from ruby/test/openssl.Samuel Williams2019-12-295-13/+36
|
* Simplify handling of version constant.Samuel Williams2019-12-295-22/+9
|
* Prepend slashes to X509::Name.parse argument in examplesJoshua Stowers2019-12-142-3/+3
| | | | | | Addresses [issue 15882](https://bugs.ruby-lang.org/issues/15882) with [Zach Rowe's patch.](https://bugs.ruby-lang.org/attachments/7810) The #parse_openssl method [expects a forward slash at the beginning of the argument](https://github.com/ruby/openssl/blob/master/lib/openssl/x509.rb#L302) if used as the delimiter.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-06 01:28:34 +0000