aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl_engine.c
Commit message (Collapse)AuthorAgeFilesLines
* engine: fix guards for 'dynamic' and 'cryptodev' enginesky/engine-load-updatesKazuki Yamaguchi2020-02-211-2/+2
| | | | | | | | | | | | | | Those two engines exist as builtin engines even if static engines are disabled with OPENSSL_NO_STATIC_ENGINE. This is the default with recent OpenSSL. This has prevented Engine.load("dynamic") from working and required the user to call OpenSSL::Engine.load with no arguments, which loads all builtin engines including 'dynamic'. Note that OpenSSL 1.1.0 and newer calls (the equivalent of) ENGINE_load_builtin_engines() on its initialization. This includes 'dynamic' and 'cryptodev' engines (if available).
* engine: do not check for ENGINE_load_builtin_engines()Kazuki Yamaguchi2020-02-211-4/+0
| | | | | | Remove dead code. The function, or a macro in OpenSSL 1.1.0 and newer, always exists unless the whole engine code is disabled with OPENSSL_NO_ENGINE.
* engine: remove really outdated static enginesKazuki Yamaguchi2020-02-211-6/+0
| | | | | | | | | | | | | | | | | | | | They no longer exists in OpenSSL 1.0.1, which is the oldest version Ruby/OpenSSL currently compiles with. Note that OpenSSL 1.0.2 and older is already in EOL state. The following engines should also be removed when we completely drop support for those versions as they were removed in OpenSSL 1.1.0. - 4758cca - aep - atalla - chil - cswift - nuron - sureware - ubsec - gmp - gost
* engine: revert OpenSSL::Engine.load changes for cloudhsmky/engine-load-revert-cloudhsmKazuki Yamaguchi2020-02-201-3/+0
| | | | | | | | | | | | | | | | Revert two commits: - ea49ccc82aa4 Add cloudhsm to extconf.rb - 33ed3ba10424 Add cloudhsm to ossl_engine.c OpenSSL::Engine.load is a binding for ENGINE_load_*() functions which are provided by OpenSSL itself, so-called "static engines". Since the AWS CloudHSM engine is a dynamic engine, which is provided as a shared library, this change is not a correct solution for the issue. Reference: https://github.com/ruby/openssl/issues/189 Reference: https://github.com/ruby/openssl/pull/190
* Add cloudhsm to ossl_engine.cKyle Oliveira2020-01-251-0/+3
| | | to support the CloudHSM OpenSSL library
* Fix build failure against OpenSSL 1.1 built with no-deprecatedMark Wright2017-11-041-20/+34
| | | | Thanks rhenium for the code review and fixes.
* Remove SafeGet*() macrosKazuki Yamaguchi2017-05-021-4/+0
| | | | | | They are no longer useful since we use the TypedData_Get_Struct() which also performs type checking (based on the rb_data_type_t) for the non-safe Get*() macros. Just use them instead.
* Fix RDoc markuptopic/fix-rdoc-markupKazuki Yamaguchi2017-02-241-43/+47
| | | | | Ruby core uses _str_ for emphasizing argument names and +str+ for codes. Match with the rule for better rendering.
* Fix a typo in ossl_engine.cKoichi ITO2016-12-091-1/+1
|
* engine: undef alloc functionKazuki Yamaguchi2016-11-161-18/+1
| | | | | | This prevents users from allocating OpenSSL::Engine instance using OpenSSL::Engine.allocate. Undef'ing alloc function also allows us to remove explicit undef of OpenSSL::Engine.new and #initialize_copy.
* Implement missing initialize_copytopic/fix-initialize-copyKazuki Yamaguchi2016-08-041-0/+1
| | | | | | | | | | | | | | | | | | | | | Implement initialize_copy for: - OpenSSL::PKCS12 - OpenSSL::SSL::SSLSession - OpenSSL::X509::Attribute - OpenSSL::X509::Extension - OpenSSL::X509::Name - OpenSSL::X509::Revoked Remove initialize_copy from: - OpenSSL::SSL::SSLContext - OpenSSL::SSL::SSLSocket - OpenSSL::Engine - OpenSSL::X509::Store - OpenSSL::X509::StoreContext [Bug #12381]
* Fix RDoc styletopic/rdoc-fixesKazuki Yamaguchi2016-07-091-2/+5
|
* openssl: adjust tests for OpenSSL 1.1.0rhe2016-06-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes `make test-all TESTS=openssl` with OpenSSL master. * test/openssl/test_x509name.rb: Don't register OID for 'emailAddress' and 'serialNumber'. A recent change in OpenSSL made OBJ_create() reject an already existing OID. They were needed to run tests with OpenSSL 0.9.6 which is now unsupported. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25 [ruby-core:75225] [Feature #12324] * test/openssl/test_ssl_session.rb (test_server_session): Duplicate SSL::Session before re-adding to the session store. OpenSSL 1.1.0 starts rejecting SSL_SESSION once removed by SSL_CTX_remove_session(). https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75 * test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519 is new in OpenSSL 1.1.0 but this is for key agreement and not for signing. * test/openssl/test_pair.rb, test/openssl/test_ssl.rb, test/openssl/utils.rb: Set security level to 0 when using aNULL cipher suites. * test/openssl/utils.rb: Use 1024 bits DSA key for client certificates. * test/openssl/test_engine.rb: Run each test in separate process. We can no longer cleanup engines explicitly as ENGINE_cleanup() was removed. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6d4fb1d59e61aacefa25edc4fe5acfe1ac93f743 * ext/openssl/ossl_engine.c (ossl_engine_s_cleanup): Add a note to the RDoc for Engine.cleanup. * ext/openssl/lib/openssl/digest.rb: Don't define constants for DSS, DSS1 and SHA(-0) when using with OpenSSL 1.1.0. They are removed. * test/openssl/test_digest.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_ssl.rb, test/openssl/test_x509cert.rb, test/openssl/test_x509req.rb: Don't test unsupported hash functions. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55314 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: drop OpenSSL 0.9.6/0.9.7 supportrhe2016-05-311-23/+1
| | | | | | * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: use StringValueCStr() where NUL-terminated string is expectedrhe2016-05-311-19/+13
| | | | | | | | | | | | | | * ext/openssl/ossl_asn1.c, ext/openssl/ossl_bn.c, ext/openssl/ossl_cipher.c, ext/openssl/ossl_digest.c ext/openssl/ossl_engine.c, ext/openssl/ossl_ns_spki.c ext/openssl/ossl_pkcs12.c, ext/openssl/ossl_pkcs7.c ext/openssl/ossl_pkey.c, ext/openssl/ossl_pkey_ec.c ext/openssl/ossl_rand.c, ext/openssl/ossl_ssl.c ext/openssl/ossl_x509attr.c, ext/openssl/ossl_x509cert.c ext/openssl/ossl_x509ext.c, ext/openssl/ossl_x509store.c: Use StringValueCStr() where NUL-terminated string is expected. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55134 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: report errors in OpenSSL error queue when clear itrhe2016-05-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl.c (ossl_clear_error): Extracted from ossl_make_error(). This prints errors in the OpenSSL error queue if OpenSSL.debug is true, and clears the queue. (ossl_make_error): use ossl_clear_error(). * ext/openssl/ossl.h: add prototype declaration of ossl_make_error(). (OSSL_BIO_reset) use ossl_clear_error() to clear the queue. Clearing silently makes debugging difficult. * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): ditto. * ext/openssl/ossl_ns_spki.c (ossl_spki_initialize): ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_verify): ditto. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. (ossl_ec_group_initialize): ditto. * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55050 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Sync with ruby trunkZachary Scott2015-09-231-1/+0
|
* Upstream ruby/ruby@451fe26 from r50673Zachary Scott2015-06-031-5/+10
|
* Apply ruby/ruby@325a50fc572516a171d640765d6ddf9b20be14dc to fix typosZachary Scott2015-05-041-1/+1
| | | | See also r50351 from ruby/ruby#876
* Sync with ruby trunkZachary Scott2015-01-051-2/+16
|
* import ruby trunkSHIBATA Hiroshi2014-10-271-0/+584
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-25 02:36:48 +0000