ruby-openssl.git - rhe's working repository

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix RDoc styletopic/rdoc-fixes	Kazuki Yamaguchi	2016-07-09	1	-8/+8
\|
*	openssl: implement initialize_copy method for PKey classes	rhe	2016-06-19	1	-12/+71
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c, ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement initialize_copy method for OpenSSL::PKey::. [ruby-core:75504] [Bug #12381] test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they actually copy the OpenSSL objects, and modifications to cloned object don't affect the original object. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structs	rhe	2016-06-09	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_() and {RSA,DSA,EC_KEY,DH}_get0_() functions. OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide setter methods for each parameter of each PKey type, for example PKey::RSA#e=, but this is no longer possible because the new API RSA_set0_key() requires the 'n' at the same time. This commit adds deprecation warning to them and adds PKey::#set_ methods as direct wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'. [ruby-core:75225] [Feature #12324] * ext/openssl/ossl_pkey.[ch]: Use the new accessor functions. Implement RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}. Emit a warning with rb_warning() when old setter methods are used. test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb, test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH object that are used in tmp_dh_callback. Generating a new key pair every time should be fine - actually the private exponent is ignored in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set. https://www.openssl.org/news/secadv/20160128.txt git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: drop OpenSSL 0.9.6/0.9.7 support	rhe	2016-05-31	1	-2/+0
\| \| \| \| \| \|	* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: add EC.generate	rhe	2016-05-31	1	-51/+96
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_ec.c (ec_key_new_from_group): Create a new EC_KEY on given EC group. Extracted from ossl_ec_key_initialize(). (ossl_ec_key_s_generate): Added. Create a new EC instance and generate a random private and public key. (ossl_ec_key_initialize): Use ec_key_new_from_group(). (Init_ossl_ec): Define the new method EC.generate. This change is for consistency with other PKey types. [ruby-core:45541] [Bug #6567] * test/openssl/test_pkey_ec.rb: Test that EC.generate works. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: rename EC#generate_key to EC#generate_key!	rhe	2016-05-31	1	-3/+12
\| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_generate_key): Fix up RDoc. (Init_ossl_ec): Rename EC#generate_key to EC#generate_key!. Make the old name an alias of #generate_key!. This change is for consistency with other PKey types. [ruby-core:45541] [Bug #6567] * test/openssl/test_pkey_ec.rb: Use EC#generate_key! instead of EC#generate_key. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55151 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: use StringValueCStr() where NUL-terminated string is expected	rhe	2016-05-31	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_asn1.c, ext/openssl/ossl_bn.c, ext/openssl/ossl_cipher.c, ext/openssl/ossl_digest.c ext/openssl/ossl_engine.c, ext/openssl/ossl_ns_spki.c ext/openssl/ossl_pkcs12.c, ext/openssl/ossl_pkcs7.c ext/openssl/ossl_pkey.c, ext/openssl/ossl_pkey_ec.c ext/openssl/ossl_rand.c, ext/openssl/ossl_ssl.c ext/openssl/ossl_x509attr.c, ext/openssl/ossl_x509cert.c ext/openssl/ossl_x509ext.c, ext/openssl/ossl_x509store.c: Use StringValueCStr() where NUL-terminated string is expected. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55134 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: add OpenSSL::PKey::EC#private? and #public?	rhe	2016-05-31	1	-10/+14
\| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and #public_key? to #private? and #public? for consistency with other PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567] * test/openssl/test_pkey_ec.rb (test_check_key): check private? and public? works correctly. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: improve handling of password for encrypted PEM	rhe	2016-05-31	1	-19/+9
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl.c (ossl_pem_passwd_value): Added. Convert the argument to String with StringValue() and validate the length is in 4..PEM_BUFSIZE. PEM_BUFSIZE is a macro defined in OpenSSL headers. (ossl_pem_passwd_cb): When reading/writing encrypted PEM format, we used to pass the password to PEM_def_callback() directly but it was problematic. It is not NUL character safe. And surprisingly, it silently truncates the password to 1024 bytes. [GH ruby/openssl#51] * ext/openssl/ossl.h: Add function prototype declaration of newly added ossl_pem_passwd_value(). * ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): Use ossl_pem_passwd_value() to validate the password String. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize, ossl_dsa_export): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize, ossl_ec_key_to_string): ditto. * ext/openssl/ossl_pkey_rsa.c (ossl_rsa_initialize, ossl_rsa_export): ditto. * test/openssl/test_pkey_{dsa,ec,rsa}.rb: test this. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	ossl_pkey_ec.c: index types	nobu	2016-05-31	1	-1/+1
\| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): fix index types. Array length is long, not int. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55052 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	openssl: report errors in OpenSSL error queue when clear it	rhe	2016-05-31	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl.c (ossl_clear_error): Extracted from ossl_make_error(). This prints errors in the OpenSSL error queue if OpenSSL.debug is true, and clears the queue. (ossl_make_error): use ossl_clear_error(). * ext/openssl/ossl.h: add prototype declaration of ossl_make_error(). (OSSL_BIO_reset) use ossl_clear_error() to clear the queue. Clearing silently makes debugging difficult. * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): ditto. * ext/openssl/ossl_ns_spki.c (ossl_spki_initialize): ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_verify): ditto. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. (ossl_ec_group_initialize): ditto. * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55050 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	ext/openssl: refactor OpenSSL::PKey::EC::Point#mul	rhe	2016-05-31	1	-54/+64
\| \| \| \| \| \| \| \| \| \| \|	* ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): Validate the arguments before passing to EC_POINT(s)_mul(). Add description of this method. [ruby-core:65152] [Bug #10268] * test/openssl/test_pkey_ec.rb (test_ec_point_mul): Test that OpenSSL::PKey::EC::Point#mul works. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
*	Upstream ruby/ruby@451fe26 from r50673	Zachary Scott	2015-06-03	1	-2/+4
\|
*	Sync with ruby trunk	Zachary Scott	2015-01-05	1	-10/+30
\|
*	import ruby trunk	SHIBATA Hiroshi	2014-10-27	1	-0/+1683