aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ocsp: add OpenSSL::OCSP::Request#signed?topic/ocsp-request-is-signedKazuki Yamaguchi2017-06-192-0/+35
| | | | | | Add a method to check whether the OpenSSL::OCSP::Request is signed or not. Currently there is no way to distinguish them except inspecting DER encoding or parsing verification error message.
* Merge branch 'maint'bpointKazuki Yamaguchi2017-06-1416-41/+172
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * maint: Ruby/OpenSSL 2.0.4 History.md: add entries for 2.0.1-2.0.3 History.md: wrap at 80 characters extconf.rb: simplify searching libraries logic Search SSL libraries by testing various filename patterns openssl: fix broken openssl check openssl: fix broken openssl check x509store: clear error queue after calling X509_LOOKUP_load_file() tool/sync-with-trunk: 'LASY' -> 'LAST' Update .travis.yml and Dockerfile test/test_x509store: skip OpenSSL::TestX509Store#test_set_errors Fix documentation for OpenSSL::Cipher#final Fix typos ssl: check return value of SSL_set_fd() test/test_ssl: fix typo in test_sysread_and_syswrite Fix typos test/test_pkey_ec: do not use dummy 0 order
| * Ruby/OpenSSL 2.0.4v2.0.4Kazuki Yamaguchi2017-06-143-2/+14
| |
| * History.md: add entries for 2.0.1-2.0.3Kazuki Yamaguchi2017-06-141-0/+35
| |
| * History.md: wrap at 80 charactersKazuki Yamaguchi2017-06-141-1/+2
| |
| * extconf.rb: simplify searching libraries logicKazuki Yamaguchi2017-06-141-31/+33
| | | | | | | | | | Clarify what it's doing. For non-Windows and MinGW platforms we can just give "crypto" and "ssl" to have_library.
| * Merge changes from Ruby trunk r56953..r58742Kazuki Yamaguchi2017-06-142-7/+47
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commits that went to master are excluded. * ruby-trunk r56953..r58742: (3 commits) (r58742) Search SSL libraries by testing various filename patterns (r57592) openssl: fix broken openssl check (r57591) openssl: fix broken openssl check Sync-with-trunk: r58742
| | * Search SSL libraries by testing various filename patternsusa2017-06-141-5/+45
| | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb (find_openssl_library): should search by more flexible method, especially for LibreSSL on Windows. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58742 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| | * openssl: fix broken openssl checknobu2017-06-141-1/+1
| | | | | | | | | | | | | | | | | | | | | * ext/openssl/deprecation.rb: check for broken OpenSSL only on mac OS. [ruby-core:79475] [Bug #13200] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| | * openssl: fix broken openssl checknobu2017-06-141-1/+1
| | | | | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: check for broken OpenSSL only on mac OS. [ruby-core:79475] [Bug #13200] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57591 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| * | x509store: clear error queue after calling X509_LOOKUP_load_file()Kazuki Yamaguchi2017-06-142-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | X509_LOOKUP_load_file(), which ends up calling X509_load_cert_crl_file() internally, may leave error entries in the queue even when it returns non-zero value (which indicates success). This will be fixed by OpenSSL 1.1.1, but can be worked around by clearing the error queue ourselves. Fixes: https://bugs.ruby-lang.org/issues/11033
| * | tool/sync-with-trunk: 'LASY' -> 'LAST'Kazuki Yamaguchi2017-05-291-4/+4
| | |
| * | Merge pull request #122 from junaruga/feature/update-rubiesKazuki Yamaguchi2017-05-172-12/+21
| |\ \ | | | | | | | | Update .travis.yml and Dockerfile
| | * | Update .travis.yml and DockerfileJun Aruga2017-05-172-12/+21
| |/ / | | | | | | | | | | | | | | | * Updated Rubies to latest version. * Added ruby-head as allow_failures. Because it's good to know new version Ruby's issue as faster before the release.
| * | Merge branch 'topic/test-ssl-fix-typo' into maintKazuki Yamaguchi2017-05-041-1/+1
| |\ \ | | | | | | | | | | | | | | | | * topic/test-ssl-fix-typo: test/test_ssl: fix typo in test_sysread_and_syswrite
| | * | test/test_ssl: fix typo in test_sysread_and_syswritetopic/test-ssl-fix-typoKazuki Yamaguchi2017-03-231-1/+1
| | | | | | | | | | | | | | | | | | | | The test case for second argument of OpenSSL::SSL::SSLSocket#sysread is not testing the behavior correctly because of a typo.
| * | | test/test_x509store: skip OpenSSL::TestX509Store#test_set_errorsKazuki Yamaguchi2017-04-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | X509_STORE_add_{cert,crl}() will no longer fail with 'cert already in hash table' if they are called twice, since the (unreleased) next version of OpenSSL. Don't test that if we are built with OpenSSL >= 1.1.0.
| * | | Fix documentation for OpenSSL::Cipher#finalVladimir Rybas2017-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | "after after having fed the entire plaintext..." is changed to "after having fed the entire plaintext..."
| * | | Fix typosKazuki Yamaguchi2017-04-205-7/+7
| | | |
| * | | ssl: check return value of SSL_set_fd()Kazuki Yamaguchi2017-03-311-1/+2
| |/ / | | | | | | | | | | | | SSL_set_fd() may fail with 0 return if malloc() fails. Check that and raise an exception to avoid potential crash.
| * | Merge pull request #108 from ruby/typofixKazuki Yamaguchi2017-02-143-4/+4
| |\ \ | | | | | | | | Fix typos
| | * | Fix typosSHIBATA Hiroshi2017-02-143-4/+4
| |/ /
| * / test/test_pkey_ec: do not use dummy 0 orderKazuki Yamaguchi2017-02-031-1/+1
| |/ | | | | | | | | | | | | Ubuntu trusty's OpenSSL package 1.0.1f-1ubuntu2.22 has backported an OpenSSL commit f54be179aa4c that makes EC_GROUP_set_generator() call BN_MONT_CTX_set() which can segfault if an invalid value (== 0) is given. Avoid it.
* | Merge pull request #125 from cwjenkins/feature/add_fips_mode_getKazuki Yamaguchi2017-06-092-1/+28
|\ \ | | | | | | Add fips_mode_get to return fips_mode
| * | Add fips_mode_get to return fips_modeColton Jenkins2017-06-092-1/+28
|/ /
* | Remove unused functions and macrosKazuki Yamaguchi2017-05-229-144/+1
| |
* | bio: simplify ossl_membio2str() using ossl_str_new()Kazuki Yamaguchi2017-05-222-22/+5
| | | | | | | | | | ossl_membio2str0() and ossl_protect_membio2str() are removed as they aren't used anywhere.
* | Add ossl_str_new(), an exception-safe rb_str_new()Kazuki Yamaguchi2017-05-222-7/+26
| | | | | | | | | | | | | | Add a new function ossl_str_new() as an exception-safe wrapper of rb_str_new(). This is useful for the openssl library because we can't always raise NoMemoryError immediately due to the independent memory management of OpenSSL.
* | Merge branch 'topic/rename-get-cipher-digest-ptr'Kazuki Yamaguchi2017-05-0216-28/+29
|\ \ | | | | | | | | | | | | | | | * topic/rename-get-cipher-digest-ptr: digest: rename GetDigestPtr() to ossl_evp_get_digestbyname() cipher: rename GetCipherPtr() to ossl_evp_get_cipherbyname()
| * | digest: rename GetDigestPtr() to ossl_evp_get_digestbyname()Kazuki Yamaguchi2017-05-0212-21/+22
| | | | | | | | | | | | | | | Similar to the previous one for GetCipherPtr(), GetDigest() and GetDigestPtr() have been completely different. Let's disambiguate them.
| * | cipher: rename GetCipherPtr() to ossl_evp_get_cipherbyname()Kazuki Yamaguchi2017-05-026-7/+7
|/ / | | | | | | | | | | | | | | While GetCipherPtr() function gets a const EVP_CIPHER * from algorithm name, GetCipher() macro that is locally defined in ext/openssl/ossl_cipher.c gets the EVP_CIPHER_CTX from an OpenSSL::Cipher object. They are completely different things. Rename GetCipherPtr() for disambiguation.
* | Remove SafeGet*() macrosKazuki Yamaguchi2017-05-0222-186/+71
| | | | | | | | | | | | They are no longer useful since we use the TypedData_Get_Struct() which also performs type checking (based on the rb_data_type_t) for the non-safe Get*() macros. Just use them instead.
* | Merge branch 'topic/expand-ruby-missing-h'Kazuki Yamaguchi2017-04-2822-39/+34
|\ \ | | | | | | | | | | | | | | | * topic/expand-ruby-missing-h: Expand FPTR_TO_FD() macro Expand rb_define_copy_func() macro
| * | Expand FPTR_TO_FD() macrotopic/expand-ruby-missing-hKazuki Yamaguchi2017-04-283-11/+9
| | | | | | | | | | | | | | | It was introduced for compatibility with Ruby 1.8. Ruby 1.8 has gone long ago and we will never support it.
| * | Expand rb_define_copy_func() macroKazuki Yamaguchi2017-04-2820-28/+25
| | | | | | | | | | | | | | | It's not really "missing". Let's expand that, as it does not improve the readability so much.
* | | Merge branch 'topic/kdf-module'Kazuki Yamaguchi2017-03-2311-278/+405
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | scrypt support is added. * topic/kdf-module: kdf: add scrypt ossl.h: add NUM2UINT64T() macro kdf: introduce OpenSSL::KDF module
| * | | kdf: add scrypttopic/kdf-moduleKazuki Yamaguchi2017-03-233-0/+115
| | | | | | | | | | | | | | | | | | | | Add OpenSSL::KDF.scrypt as a wrapper around EVP_PBE_scrypt(). This is added by OpenSSL 1.1.0.
| * | | ossl.h: add NUM2UINT64T() macroKazuki Yamaguchi2017-03-231-0/+13
| | | | | | | | | | | | | | | | | | | | As a wrapper of NUM2ULONG() or NUM2ULL(). Converts a Ruby object to uint64_t, raising an exception if the conversion fails.
| * | | kdf: introduce OpenSSL::KDF moduleKazuki Yamaguchi2017-03-239-190/+189
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a new OpenSSL::KDF module as a namespace for to-be-added KDFs. This makes it easier to add new KDFs in future. We already have a stand-alone KDF, OpenSSL::PKCS5.pbkdf2_hmac. This is migrated to the new namespace. The backwards compatibility is retained by the method defined in the newly added lib/openssl/pkcs5.rb.
* | | | Rakefile: compile the extension before testKazuki Yamaguchi2017-03-161-1/+3
| | | |
* | | | extconf.rb: print informative message if OpenSSL can't be foundKazuki Yamaguchi2017-03-131-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Describe --with-openssl-dir option that specifies the directory the OpenSSL installed if the libraries could not found, and suggest installing "development package" if just the headers are missing. Also, let it raise an exception instead of writing to Logging and terminating the process. This improves the look of the error message on 'gem install openssl' or 'make' (on the Ruby tree) failure.
* | | | ext/openssl/deprecation.rb: remove broken-apple-opensslKazuki Yamaguchi2017-03-031-3/+0
| | | | | | | | | | | | | | | | | | | | The version bundled with macOS is anyway too old to compile the extension.
* | | | ssl: suppress compiler warningKazuki Yamaguchi2017-03-031-1/+0
| | | | | | | | | | | | | | | | Remove an unused variable declaration.
* | | | Merge branch 'topic/fix-rdoc-markup'Kazuki Yamaguchi2017-02-2426-427/+438
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * topic/fix-rdoc-markup: Fix RDoc markup Revert r57690 except for read_nonblock [DOC] mark up literals [DOC] keyword argument _exception_ [DOC] {read,write}_nonblock with exception: false
| * | | | Fix RDoc markuptopic/fix-rdoc-markupKazuki Yamaguchi2017-02-2426-417/+427
| | | | | | | | | | | | | | | | | | | | | | | | | Ruby core uses _str_ for emphasizing argument names and +str+ for codes. Match with the rule for better rendering.
| * | | | Revert r57690 except for read_nonblocknobu2017-02-242-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/ruby/ruby/pull/1527#issuecomment-281867551 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57694 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| * | | | [DOC] mark up literalsnobu2017-02-242-8/+10
| | | | | | | | | | | | | | | | | | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57693 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| * | | | [DOC] keyword argument _exception_nobu2017-02-242-4/+4
| | | | | | | | | | | | | | | | | | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57692 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| * | | | [DOC] {read,write}_nonblock with exception: falsenobu2017-02-242-4/+6
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update docs to reflect EOF behavior change of read_nonblock and write_nonblock when using `exception: false`. [Fix GH-1527] Author: Russell Davis <russell-stripe@users.noreply.github.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57690 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* | | | Merge branch 'topic/ssl-fixup-ex_data-handling'Kazuki Yamaguchi2017-02-191-27/+26
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | * topic/ssl-fixup-ex_data-handling: ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object ssl: do not confuse different ex_data index registries
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-07 15:31:27 +0000