| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This would have caught some of GC issues like one reported at
[ruby/openssl#87].
|
| |
|
|
|
|
|
| |
Write 4099-bytes blocks instead of 11-bytes blocks to run it faster. The
buffer may be as large as megabytes and it takes too much time to fill
up, especially under GC.stress. I didn't measured but it didn't finish
in an hour.
|
| |
|
|
|
|
| |
Just like we already do for 'teardown' method, though we don't have
OpenSSL::TestCase#setup yet. This will be useful when we want to inject
GC.stress = true.
|
| |
|
|
|
|
|
|
|
| |
SSLContext#setup encodes the protocol list set in @npn_protocols into a
String. The String is passed to SSL_CTX_set_next_protos_advertised_cb()
and OpenSSL invokes the callback function with the String. However since
Ruby's GC can't find the reference to the String from the inside of
OpenSSL, it can be free'd before the callback is invoked. So store the
String in an instance variable to prevent this.
|
| |
|
|
|
|
|
|
|
| |
GetBNPtr() accepts both OpenSSL::BN and Ruby integers. In the latter
case, it creates a temporary OpenSSL::BN internally. The OpenSSL::BN
object immediately disappears from the stack and is not protected from
GC.
Fixes: https://github.com/ruby/openssl/issues/87
|
| |
|
|
|
| |
EVP_PKEY_get0() did not exist in early OpenSSL 0.9.8 series. So define
ourselves if needed.
|
| |
|
|
|
|
|
|
|
| |
Set the authentication tag before the AAD when decrypting.
Before OpenSSL commit 96f7fafa2431 ("Don't require tag before ciphertext
in AESGCM mode", 2012-10-16, at OpenSSL_1_0_1-stable branch, included in
OpenSSL 1.0.1d), the authentication tag must be set before any calls of
EVP_CipherUpdate().
|
| | |
|
| |
|
|
| |
sync:to_ruby Rake task now copies History.md to ext/openssl/History.md.
|
| |
|
|
|
|
|
|
| |
Remove the comment added by commit 072d53ecf984 ("ssl: workaround for
new behavior of SSL_read() in OpenSSL >= 1.1.0c"). The breaking change
in OpenSSL 1.1.0c has been reverted in the 1.1.0 branch. However, for
the sake of safety, ensure that we never call rb_sys_fail() with
errno == 0. So there is no change in the actual code.
|
| |\
| |
| |
| |
| |
| |
| |
| | |
* ruby-trunk r56492..r56927: (2 commits)
(r56927) parse.y: ambiguous parentheses
(r56578) openssl/ut_eof.rb: rename TestEOF
Sync-with-trunk: r56927
|
| | |
| |
| |
| |
| |
| |
| | |
* parse.y (parser_yylex): warn ambiguous parentheses after a space
in method definitions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56927 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| |
| |
| |
| |
| |
| | |
* test/openssl/ut_eof.rb (OpenSSL::TestEOF): move TestEOF module
under OpenSSL to get rid of conflict with test/ruby/ut_eof.rb.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56578 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix the fragile test cases that are sensitive to the difference between
Time.now.to_i and time(2).
When issuing test certificates, we are typically setting the current
time fetched by Time.now to the notBefore field. Time.now uses
clock_gettime(2) with CLOCK_REALTIME. On the other hand, OpenSSL uses
time(2) in its certificate verification code. On Linux/x86-64, time(2)
is implemented not to return the adjusted 'current time' like Time.now,
but to return the wall clock seconds at the last tick. This results in
that time(2) called later may return an earlier time, causing the
certificate verification to fail with 'certificate is not yet valid'
error.
So, create test certificates with notBefore<Time.now to avoid this.
Since it's awful to do "Time.now - 1" everywhere, make the notBefore and
notAfter fields optional with defaults with margin.
|
| |\ \
| | |
| | |
| | |
| | | |
* topic/ssl-make-sslctx-freeze-alias-of-setup:
ssl: make OpenSSL::SSL::SSLContext#freeze an alias of #setup
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SSLSocket#setup uses the frozen state as "SSL_CTX is already set up".
If an user manually freeze the context, it misunderstands as if #setup
is already called, leading to unexpected behaviors because parameters
the user set won't be actually set to the underlying SSL_CTX and thus
ignored.
Ideally, #setup should go and be replaced with setters. But we don't
do this now because it is not that simple: some of them would produce
new ordering issues, e.g. 'ca_file' property which loads a file into
SSL_CTX::cert_store and 'cert_store' which replaces SSL_CTX::cert_store
would conflict. Fixing this properly would require deprecating 'ca_file'
first.
So, let's take the second best way: make it "just work" instead of
break silently.
Fixes: https://github.com/ruby/openssl/issues/85
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
rb_ary_new_from_args() is called from non-protected callback function
which will be directly called from OpenSSL. It may raise NoMemoryError
and may corrupt the internal state of SSL object. So, avoid creating
Array here and pass raw values to the protected function instead.
The same change has been applied to ALPN/NPN selection callbacks in
3a926047a729 ("ssl: catch exceptions raised in ALPN/NPN callbacks",
2016-08-30).
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We call SSL_shutdown() four times at most meaninglessly. Since the
underlying socket is in non-blocking mode, if the first call failed
because the underlying socket is not write/readable, the subsequent
calls would just fail with the same error. Just call once, and give up
if it fails.
|
| | |
| |
| |
| |
| |
| | |
This prevents users from allocating OpenSSL::Engine instance using
OpenSSL::Engine.allocate. Undef'ing alloc function also allows us to
remove explicit undef of OpenSSL::Engine.new and #initialize_copy.
|
| | |
| |
| |
| |
| | |
Don't blindy assume that the value which can be modified from Ruby code
is always an Array, and just call its #each method.
|
| | |
| |
| |
| |
| |
| | |
Delay allocation of EVP_MD_CTX until #initialize or #initialize_copy is
called. This fixes segfault that can occur if OpenSSL::Digest#name is
called before the actual initialization.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 4880672a9b41 of OpenSSL[1] (which then was backported to 1.1.0
branch at 122580ef71e4) changed the bahavior of SSL_read(): it now
returns -1 in the case the underlying BIO reaches EOF unexpectedly. This
means, it is possible that rb_sys_fail() is called with errno == 0,
resulting in [BUG].
So, as a workaround, let's distinguish IO error from the underlying BIO
and EOF in violation of SSL/TLS protocol with the value of errno.
[1] https://git.openssl.org/?p=openssl.git;a=commit;h=4880672a9b41a09a0984b55e219f02a2de7ab75e
|
| |\ \
| | |
| | |
| | |
| | | |
* topic/asn1-fix-oob-read-constructed:
asn1: fix out-of-bounds read in decoding constructed objects
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenSSL::ASN1.{decode,decode_all,traverse} have a bug of out-of-bounds
read. int_ossl_asn1_decode0_cons() does not give the correct available
length to ossl_asn1_decode() when decoding the inner components of a
constructed object. This can cause out-of-bounds read if a crafted input
given.
Reference: https://hackerone.com/reports/170316
|
| |\ \ \
| | | |
| | | | |
Add "for Ruby" to the README title
|
| |/ / /
| | |
| | |
| | | |
It's not immediately clear from the README exactly what this project is
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
* topic/rake-install-dependencies:
Add install_dependencies rake task that installs testing dependencies
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Parse the dependency gems from openssl.gemspec and install them. This is
extracted from tool/ruby-openssl-docker/init.sh.
.travis.yml, appveyor.yml and CONTRIBUTING.md are also updated to use
the new task.
|
| |\ \ \
| | | |
| | | | |
Appveyor status badge
|
| |/ / / |
|
| | |/
|/| |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* ruby-trunk r56225..r56492: (1 commits)
(r56492) [DOC] replace Fixnum with Integer [ci skip]
Sync-with-trunk: r56492
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* numeric.c: [DOC] update document for Integer class.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56492 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | | |
| | |
| | |
| | |
| | | |
Accordingly, unused functions ossl_x509stctx_new() and
ossl_x509stctx_clear_ptr() are now removed.
|
| | | |
| | |
| | |
| | |
| | | |
It defines the platform specific macros. But it should be included from
other OpenSSL headers.
|
| | | |
| | |
| | |
| | |
| | | |
And also remove alternative declaration of struct timeval. We don't
actually use struct timeval nor struct timespec anymore since r4660.
|
| | | |
| | |
| | |
| | |
| | | |
The Ruby core code uses assert.h without a guard. So, we can assume it
is always available.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
As the comment suggests, ossl_ssl.c used to call read() and write() in
the past. However r6806 replaced them with method calls for the
underlying IO object. Anyway, unistd.h will be included by Ruby's
header files if available.
|
| | | |
| | |
| | |
| | | |
It should be usable regardless of the platform.
|
| |\ \ \
| | | |
| | | | |
Enabled appveyor for Windows build
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
* To use oneclick-rubyinstaller for configuration.
* To use openssl binary provided onclick-rubyinstaller
* https://github.com/oneclick/knapsack-recipes/tree/master/openssl
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use ERR_peek_error() which does not remove the fetched error from the
queue instead, then clear the queue explicitly with the dedicated
function ossl_clear_error(). OpenSSL may put multiple error items to the
queue in one function call.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Avoid using ossl_exc_new() and rb_exc_raise() but just use ossl_raise().
This simplifies the code with the exactly same effect.
ossl_exc_new() is now removed as it is no longer used anywhere.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
The macro RFILE is defined in e_os.h, that is no longer an exported
header in OpenSSL >= 0.9.7. Since OpenSSL < 0.9.8 is not supported, we
can safely remove this.
|
| | | |
| | |
| | |
| | |
| | | |
Remove unnecessary macros defined for compatibility with Ruby < 1.9. We
won't support Ruby versions before 2.3.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
It was added as a workaround for "bad write retry" error that occurs
when SSLSocket#write_nonblock is retried with a different String. This
is now fixed by r54466 ("openssl: accept moving write buffer for
write_nonblock", 2016-03-31).
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* lib/openssl/buffering.rb
(read_nonblock, write_nonblock): document `exception: false'
[ruby-core:73882] [Feature #12085]
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Avoid RSTRING_LENINT() which may raise RangeError.
Since ossl_pem_passwd_cb() is supposed to be called from OpenSSL as a
callback, we must not do longjmp from it.
|
