| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Non-forward-secrecy cipher suites may be disabled when OpenSSL's
security level is set to 3 or higher.
|
|
|
|
|
|
| |
Reapply commit ca77d5504f0a ("Remove out-of-scope test.", 2019-12-29).
Private methods are not to be used by users and the behavior should not
be tested.
|
|
|
|
|
|
|
|
|
| |
Fix possible test failure in test_add_certificate_multiple_certs. In
environment with OpenSSL's security level set to 3, RSA keys with 2048
bits will be rejected.
Since the test case does not require the exact size of a key, just use
the generic rsa-3 key.
|
|
|
|
|
| |
Let test_socket_open_with_local_address_port_context use a random high
port number and also ignore Errno::EADDRINUSE in case it is in use.
|
|
|
|
|
| |
Ensure that the handshake fully completes by sending data each other
rather than by inserting 50ms sleep.
|
|\
| |
| | |
extconf.rb: get rid of -Werror=deprecated-declarations
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
No function needs -Werror=deprecated-declarations flag to check
availability any more.
This also fixes -Werror=deprecated-declarations erroneously carrying on
to the actual compilation, resulting in an compilation error on some
environment.
Fixes: https://github.com/ruby/openssl/pull/331
|
| |
| |
| |
| |
| |
| |
| |
| | |
The default implementation of RAND_pseudo_bytes() uses the same routine
as RAND_bytes().
Note that OpenSSL::Random.pseudo_bytes has been available only when it
is compiled with EOL versions of OpenSSL.
|
|\ \
| | |
| | | |
ts: simplify OpenSSL::Timestamp::Request#algorithm
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Stop the special treatment of invalid hashAlgorithm of the message
imprint. Those invalid values can only appear after the object is
instantiated, before the user sets an actual message digest algorithm.
OpenSSL::Timestamp::TokenInfo#algorithm already does the same.
Also, remove the test case "test_create_request" since it does not make
much sense. Those fields are to be set by the user after creation of
the object and checking the initial value is pointless.
Fixes: https://github.com/ruby/openssl/issues/335
|
|\ \ \
| | | |
| | | | |
test/openssl/test_ssl: skip test_fallback_scsv if necessary
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Run the test case only when the OpenSSL supports both TLS 1.1 and TLS
1.2. Note that the fallback SCSV mechanism is for TLS 1.2 or older and
not for 1.3.
Fixes: https://github.com/ruby/openssl/issues/336
|
|\ \ \
| |/ /
|/| | |
.travis.yml - remove 2.3/1.0.2, 2.5/1.1.1, head/1.0.2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Two jobs in Travis are duplicates of Actions jobs, and one is unlikely.
The below two jobs are running in Actions on all OS's
Ruby 2.3 and OpenSSL 1.0.2, Ruby 2.5 and OpenSSL 1.1.1
Ruby head and OpenSSL 1.0.2 - OpenSSL 1.0.2 is EOL, and the CI is running 1.0.2g, last release was 1.0.2u.
|
| | | |
|
|\ \ \
| |_|/
|/| | |
Make OpenSSL::OSSL#test_memcmp_timing robust
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The test was too fragile. Actually, it fails on one of our CIs
immediately after it was merged to ruby/ruby.
https://gist.github.com/ko1/7ea4a5826641f79e2f9e041d83e45dba#file-brlog-trunk_clang_40-20200216-101730-L532-L535
https://gist.github.com/ko1/1c657746092b871359d8bf9e0ad28921#file-brlog-trunk-test4-20200216-104518-L473-L476
* Two measurements, a-b and a-c, must be interative instead of
sequential; the execution time will be easily affected by disturbance
(say, cron job or some external process invoked during measurement)
* The comparison of the two results must be relative instead of
absolute; slow machine may take several tens of seconds for each
execution, and one delta second is too small. The test cases of a, b,
and c are very extreme, so if the target method has a bug, the two
execution times would be very different. So I think it is enough to
check if the difference is less than 10 times.
|
|\ \ \
| |/ /
|/| | |
Guard for OpenSSL::PKey::EC::Group::Error with unsupported platforms
|
|/ / |
|
|\ \
| |/
|/| |
Drop to reference OpenSSL::VERSION on gemspec
|
| |
| |
| |
| | |
core repository
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
private exp not set"
This reverts commit e30b9a27f00338b065e90c6172d1c4509edc2853 (#255)
except the added test code.
The 'd' value can be NULL when the RSA private key is backed by an
OpenSSL engine, such as an HSM. In that case, only 'n' and 'e' are
visible from the OpenSSL API.
The original issue has been fixed by Pull Request #258 in another way.
Reference: https://github.com/ruby/openssl/pull/255
Reference: https://github.com/ruby/openssl/pull/258
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Revert SSLContext#add_certificate_chain_file changes
* 0da0dfaf09f549b2b2cd984627b321b7908d1186.
* 8d12f0f6ca944212cb8000e689469d7aaa8190d7.
* 49f42ad5f82f8b61f51a16e3a6df1ab0d5307d5f.
* 5ee295ab8e37c8ffc6eb8c1b7b79ec024f3253e4.
* 8b4fa5e336c7544ea677ccee160ec6d221559e10.
* 443d13e9b2c127230fde2733959eaa4d41eb355d.
* 5d866038920edf2729865653d6dc9309589f089a.
* f18559acf97a6f6aaf3d253417eb0100b262cbc6.
|
|\
| |
| | |
Removed appveyor configuration and badge
|
|/ |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Zero-size arrays not playing nicely with visual studio / mingw,
see: https://github.com/ruby/ruby/pull/2693
Also see related discussion pertaining to using NULL pointer
here: https://github.com/ruby/openssl/pull/315
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Support Ruby repository
|
| | |
|
|/ |
|
|
|
| |
to support the CloudHSM OpenSSL library
|
|
|
| |
to support the CloudHSM OpenSSL library
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
self
add test_add_certificate_chain_file_multiple_certs
|
|
|
|
| |
ssl.peer_cert_chain
|
| |
|
|\
| |
| | |
Fix typo of `OpenSSL::OCSP` extern var
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
1. Add Ubuntu rvm master and 2.3.8
2. Add MinGW master and 2.3.3 (last MinGW build)
3. Switch from Windows helper MSP-Greg/msys2-action to MSP-Greg/actions-ruby
4. MinGW installs current Rubies, not outdated Actions builds.
|
| |
|