aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl_ssl.c
Commit message (Collapse)AuthorAgeFilesLines
* TLS Fallback Signaling Cipher Suite Valueaeris2017-11-031-0/+23
| | | | | | | Support for fallback SCSV [RFC 7507](https://tools.ietf.org/html/rfc7507). Expected behaviour is to refuse connection if the client signals a protocol with the fallback flag but the server supports a better one (downgrade attack detection).
* ssl: extract rb_intern("call")Kazuki Yamaguchi2017-10-161-10/+11
|
* Merge branch 'maint'Kazuki Yamaguchi2017-09-241-9/+13
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * maint: Ruby/OpenSSL 2.0.6 test/test_engine: check if RC4 is supported test/test_engine: suppress stderr ossl.c: make legacy locking callbacks reentrant ossl.c: use struct CRYPTO_dynlock_value for non-dynamic locks ssl: prevent SSLSocket#sysread* from leaking uninitialized data test/test_pair: replace sleep with IO.select tool/ruby-openssl-docker: update test/test_ssl: do not run NPN tests for LibreSSL >= 2.6.1 test/test_ssl: skip tmp_ecdh_callback test for LibreSSL >= 2.6.1 test/test_pair: disable compression test/test_ssl: suppress warning in test_alpn_protocol_selection_cancel ruby.h: unnormalized Fixnum value test/test_pair: fix test_write_nonblock{,_no_exceptions}
| * ssl: prevent SSLSocket#sysread* from leaking uninitialized dataky/ssl-read-fix-leak-uninitializedKazuki Yamaguchi2017-09-231-9/+13
| | | | | | | | | | | | Set the length of the buffer string to 0 first, and adjust to the size successfully read by the SSL_read() call later. This is needed because the buffer string may be provided by the caller.
* | ssl: rework SSLContext#ssl_version=Kazuki Yamaguchi2017-09-031-95/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reimplement SSLContext#ssl_version= as a wrapper around SSLContext#min_version= and #max_version=. SSLContext#ssl_version= used to call SSL_CTX_set_ssl_version() which replaces the SSL method used for the connections created from the SSL context. This is mainly used for forcing a specific SSL/TLS protocol version. As of OpenSSL 1.1.0, however, use of the version-specific SSL methods such as TLSv1_method() is deprecated. Follow the current recommendation -- to use the generic SSL method always and to control the supported version range by SSL_CTX_set_{min,max}_proto_version(). Actually, we have already started doing a similar thing when the extension is compiled with OpenSSL 1.1.0. OpenSSL::SSL::SSLContext::METHODS, which contained the possible names of SSL methods, is not useful anymore. It is now deprecate_constant-ed.
* | ssl: add SSLContext#min_version= and #max_version=Kazuki Yamaguchi2017-09-031-0/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | Add methods that set the minimum and maximum supported protocol versions for the SSL context. If the OpenSSL library supports, use SSL_CTX_set_{min,max}_proto_version() that do the exact thing. Otherwise, simulate by combining SSL_OP_NO_{SSL,TLS}v* flags. The new methods are meant to replace the deprecated #ssl_version= that cannot support multiple protocol versions. SSLContext::DEFAULT_PARAMS is also updated to use the new SSLContext#min_version=.
* | ssl: prefer TLS_method() over SSLv23_method()Kazuki Yamaguchi2017-09-021-0/+4
| | | | | | | | | | | | OpenSSL 1.1.0 replaced SSLv23_method() with TLS_method(). SSLv23_method which still exists in 1.1.0, as a macro around TLS_method, will eventually be removed. Use the new name if possible.
* | ssl: update OpenSSL::SSL::OP_* flagsKazuki Yamaguchi2017-09-021-38/+81
| | | | | | | | | | Reorder, expand ossl_ssl_def_const() macro so RDoc can parse and render better, and add new flags that are in recent versions of OpenSSL.
* | ssl: ensure that SSL option flags are non-negativeKazuki Yamaguchi2017-09-021-3/+7
| | | | | | | | | | | | SSL_CTX_{get,set,clear}_options() are made separate functions and they now treat flags as unsigned long. Fix possible RangeError on platforms with sizeof(long)==4.
* | ssl: fix NPN supportKazuki Yamaguchi2017-08-261-6/+6
| | | | | | | | | | | | | | | | | | As of commit 4eb4b3297a92 ("Remove support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30), ext/openssl/extconf.rb don't check for existence of SSL_CTX_set_next_proto_select_cb() function, but the code still refers to the HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB macro. NPN is available in all supported versions of OpenSSL and LibreSSL, unless it's disabled by their configure options. Check OPENSSL_NO_NEXTPROTONEG macro instead.
* | Merge branch 'maint'Kazuki Yamaguchi2017-08-261-2/+7
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This also restores 'if defined?(OpenSSL)-end' wrapping the test code. They have been removed erroneously by commit 4eb4b3297a92 ("Remove support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30). * maint: test/test_ssl: explicitly accept TLS 1.1 in corresponding test ssl: remove useless call to rb_thread_wait_fd() test/test_pair, test/test_ssl: fix for TLS 1.3 test/test_ssl_session: rearrange tests test/test_ssl: move test_multibyte_read_write to test_pair test/test_ssl: remove test_invalid_shutdown_by_gc test/utils: do not use DSA certificates in SSL tests test/utils: add OpenSSL::TestUtils.openssl? and .libressl? test/utils: improve error handling in start_server test/utils: let server_loop close socket test/utils: do not set ecdh_curves in start_server test/utils: have start_server yield only the port number test/utils: add SSLTestCase#tls12_supported? test/utils: remove OpenSSL::TestUtils.silent test: fix formatting Rakefile: let sync:to_ruby know about test/openssl/fixtures cipher: update the documentation for Cipher#auth_tag= Backport "Merge branch 'topic/test-memory-leak'" to maint ssl: do not call session_remove_cb during GC
| * ssl: remove useless call to rb_thread_wait_fd()ky/ssl-sysread-dont-check-ssl-pendingKazuki Yamaguchi2017-08-251-2/+0
| | | | | | | | | | | | That there is no immediately readable data in the SSL instance does not imply it has to read more bytes from the underlying socket. Just call SSL_read() and check the return value.
| * ssl: do not call session_remove_cb during GCKazuki Yamaguchi2017-08-231-0/+7
| | | | | | | | | | | | | | As noted in the SSL_CTX_sess_set_remove_cb(3) manpage, SSL_CTX_free() will call the callback function for each session in the internal session store. We can't call the callback Proc since it may do a new object allocation which is prohibited during GC.
| * ssl: fix compile error with OpenSSL 1.0.0Kazuki Yamaguchi2017-08-081-2/+2
| | | | | | | | | | | | | | OpenSSL <= 1.0.0 did not support TLS 1.1/1.2, and thus we must still check the existence of the symbols. This fixes the previous commit, 3e5a009966bd ("ssl: remove unsupported TLS versions from SSLContext::METHODS", 2017-08-08).
| * ssl: remove unsupported TLS versions from SSLContext::METHODSKazuki Yamaguchi2017-08-081-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Check for all version-specific SSL methods. We do check for existence of TLSv1_1_method() and TLSv1_2_method(), but not for TLSv1_method(). This fixes compile error when OpenSSL is configured with no-tls1-method. Also check the OPENSSL_NO_TLS{1,1_1,1_2} macros for whether OpenSSL supports the corresponding versions or not. This prevents :TLSv1 from being in SSLContext::METHODS when OpenSSL is compiled with no-tls1. In particular, Debian sid has disabled TLS 1.0/1.1 support recently. The changes in ext/openssl are partial backport of 4eb4b3297a92 ("Remove support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30).
* | ssl: return nil in SSL::SSLSocket#cipher if session is not startedKazuki Yamaguchi2017-07-061-10/+9
| | | | | | | | | | | | | | | | SSL_get_current_cipher() returns NULL if no session is established yet. Return nil in that case rather than an useless value like ["(NONE)", "(NONE)", 0, 32722]. Also, keep the constness of the SSL_CIPHER.
* | ssl: remove a needless NULL check in SSL::SSLContext#ciphersKazuki Yamaguchi2017-07-061-5/+0
| |
* | Merge branch 'maint'bpointKazuki Yamaguchi2017-06-141-1/+2
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * maint: Ruby/OpenSSL 2.0.4 History.md: add entries for 2.0.1-2.0.3 History.md: wrap at 80 characters extconf.rb: simplify searching libraries logic Search SSL libraries by testing various filename patterns openssl: fix broken openssl check openssl: fix broken openssl check x509store: clear error queue after calling X509_LOOKUP_load_file() tool/sync-with-trunk: 'LASY' -> 'LAST' Update .travis.yml and Dockerfile test/test_x509store: skip OpenSSL::TestX509Store#test_set_errors Fix documentation for OpenSSL::Cipher#final Fix typos ssl: check return value of SSL_set_fd() test/test_ssl: fix typo in test_sysread_and_syswrite Fix typos test/test_pkey_ec: do not use dummy 0 order
| * ssl: check return value of SSL_set_fd()Kazuki Yamaguchi2017-03-311-1/+2
| | | | | | | | | | SSL_set_fd() may fail with 0 return if malloc() fails. Check that and raise an exception to avoid potential crash.
* | Remove SafeGet*() macrosKazuki Yamaguchi2017-05-021-4/+4
| | | | | | | | | | | | They are no longer useful since we use the TypedData_Get_Struct() which also performs type checking (based on the rb_data_type_t) for the non-safe Get*() macros. Just use them instead.
* | Merge branch 'topic/expand-ruby-missing-h'Kazuki Yamaguchi2017-04-281-8/+8
|\ \ | | | | | | | | | | | | | | | * topic/expand-ruby-missing-h: Expand FPTR_TO_FD() macro Expand rb_define_copy_func() macro
| * | Expand FPTR_TO_FD() macrotopic/expand-ruby-missing-hKazuki Yamaguchi2017-04-281-8/+8
| |/ | | | | | | | | It was introduced for compatibility with Ruby 1.8. Ruby 1.8 has gone long ago and we will never support it.
* | ssl: suppress compiler warningKazuki Yamaguchi2017-03-031-1/+0
| | | | | | | | Remove an unused variable declaration.
* | Fix RDoc markuptopic/fix-rdoc-markupKazuki Yamaguchi2017-02-241-17/+17
| | | | | | | | | | Ruby core uses _str_ for emphasizing argument names and +str+ for codes. Match with the rule for better rendering.
* | Revert r57690 except for read_nonblocknobu2017-02-241-4/+2
| | | | | | | | | | | | https://github.com/ruby/ruby/pull/1527#issuecomment-281867551 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57694 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* | [DOC] mark up literalsnobu2017-02-241-4/+6
| | | | | | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57693 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* | [DOC] keyword argument _exception_nobu2017-02-241-2/+2
| | | | | | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57692 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* | [DOC] {read,write}_nonblock with exception: falsenobu2017-02-241-2/+2
| | | | | | | | | | | | | | | | | | | | Update docs to reflect EOF behavior change of read_nonblock and write_nonblock when using `exception: false`. [Fix GH-1527] Author: Russell Davis <russell-stripe@users.noreply.github.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57690 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* | Merge branch 'topic/ssl-fixup-ex_data-handling'Kazuki Yamaguchi2017-02-191-27/+26
|\ \ | | | | | | | | | | | | | | | * topic/ssl-fixup-ex_data-handling: ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object ssl: do not confuse different ex_data index registries
| * | ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby objecttopic/ssl-fixup-ex_data-handlingKazuki Yamaguchi2017-02-191-20/+5
| | | | | | | | | | | | It is impossible that they don't.
| * | ssl: do not confuse different ex_data index registriesKazuki Yamaguchi2017-02-191-8/+22
| | | | | | | | | | | | | | | | | | | | | Register necessary indices for these two independently. Similar to r55074 (76e933a5a517, "openssl: register ex_data index for X509_STORE{_CTX,} respectively", 2016-05-19), we can't blindly use the same ex_data index number for SSL and SSL_CTX.
* | | ssl: remove OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384topic/ssl-remove-TLS_DH_anon_WITH_AES_256_GCM_SHA384Kazuki Yamaguchi2017-02-191-6/+0
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | The constant was initially introduced just to skip test cases that do not work with old versions without AES-GCM cipher suites support (< 1.0.1). However, the value of the constant has been always `false' because the macro TLS_DH_anon_WITH_AES_256_GCM_SHA384 does not exist in any version of OpenSSL. We no longer use it as of commit c9d1659f4027 ("test/utils: remove use_anon_cipher option from SSLTestCase#start_server", 2016-09-06). Let's just remove the constant.
* | Merge branch 'topic/ssl-certificate-verify-error-desc'Kazuki Yamaguchi2017-01-261-0/+20
|\ \ | | | | | | | | | | | | | | | * topic/ssl-certificate-verify-error-desc: ssl: show reason of 'certificate verify error' in exception message Make exceptions with the same format regardless of OpenSSL.debug
| * | ssl: show reason of 'certificate verify error' in exception messagetopic/ssl-certificate-verify-error-descKazuki Yamaguchi2017-01-241-0/+20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 'certificate verify error' is one of the most common errors that can be raised by OpenSSL::SSL::SSLSocket#connect. The certificate verification may fail due to many different issues such as misconfigured trusted certificate store or inaccurate system clock. Unfortunately, since the detail is not put to the queue and is only accessible through OpenSSL::SSL::SSLSocket#verify_result, it is sometimes hard to figure out the real reason. Let's include a human readable reason message in the exception message. Like this: require "socket" require "openssl" ctx = OpenSSL::SSL::SSLContext.new ctx.set_params(cert_store: OpenSSL::X509::Store.new) ssl = OpenSSL::SSL::SSLSocket.new(Socket.tcp("www.ruby-lang.org", 443), ctx) ssl.connect #=> -:7:in `connect': SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError) from -:7:in `<main>'
* / Remove support for OpenSSL 0.9.8 and 1.0.0topic/drop-openssl-098-and-100Kazuki Yamaguchi2016-12-221-38/+18
|/ | | | | | | | | | They are no longer receiving security updates from the OpenSSL development team since 2015-12. We have kept basic compatibility until now because RHEL 5 still uses an (heavily modified) OpenSSL 0.9.8e. The RHEL 5 will reach EOL on 2017-03, thus it is now safe to assume nobody is still using such old versions of OpenSSL.
* ssl: prevent encoded NPN advertised protocol list from being GCedKazuki Yamaguchi2016-12-051-1/+4
| | | | | | | | | SSLContext#setup encodes the protocol list set in @npn_protocols into a String. The String is passed to SSL_CTX_set_next_protos_advertised_cb() and OpenSSL invokes the callback function with the String. However since Ruby's GC can't find the reference to the String from the inside of OpenSSL, it can be free'd before the callback is invoked. So store the String in an instance variable to prevent this.
* ssl: follow-up for the workaround for OpenSSL 1.1.0c's SSL_read()Kazuki Yamaguchi2016-11-301-7/+7
| | | | | | | | Remove the comment added by commit 072d53ecf984 ("ssl: workaround for new behavior of SSL_read() in OpenSSL >= 1.1.0c"). The breaking change in OpenSSL 1.1.0c has been reverted in the 1.1.0 branch. However, for the sake of safety, ensure that we never call rb_sys_fail() with errno == 0. So there is no change in the actual code.
* ssl: make OpenSSL::SSL::SSLContext#freeze an alias of #setuptopic/ssl-make-sslctx-freeze-alias-of-setupKazuki Yamaguchi2016-11-291-0/+1
| | | | | | | | | | | | | | | | | | | | SSLSocket#setup uses the frozen state as "SSL_CTX is already set up". If an user manually freeze the context, it misunderstands as if #setup is already called, leading to unexpected behaviors because parameters the user set won't be actually set to the underlying SSL_CTX and thus ignored. Ideally, #setup should go and be replaced with setters. But we don't do this now because it is not that simple: some of them would produce new ordering issues, e.g. 'ca_file' property which loads a file into SSL_CTX::cert_store and 'cert_store' which replaces SSL_CTX::cert_store would conflict. Fixing this properly would require deprecating 'ca_file' first. So, let's take the second best way: make it "just work" instead of break silently. Fixes: https://github.com/ruby/openssl/issues/85
* ssl: fix possible exception from non-protected codeKazuki Yamaguchi2016-11-281-42/+66
| | | | | | | | | | | rb_ary_new_from_args() is called from non-protected callback function which will be directly called from OpenSSL. It may raise NoMemoryError and may corrupt the internal state of SSL object. So, avoid creating Array here and pass raw values to the protected function instead. The same change has been applied to ALPN/NPN selection callbacks in 3a926047a729 ("ssl: catch exceptions raised in ALPN/NPN callbacks", 2016-08-30).
* ssl: inline ossl_ssl_shutdown() into ossl_ssl_stop()Kazuki Yamaguchi2016-11-281-20/+15
| | | | | | | | We call SSL_shutdown() four times at most meaninglessly. Since the underlying socket is in non-blocking mode, if the first call failed because the underlying socket is not write/readable, the subsequent calls would just fail with the same error. Just call once, and give up if it fails.
* ssl: workaround for new behavior of SSL_read() in OpenSSL >= 1.1.0cKazuki Yamaguchi2016-11-131-4/+14
| | | | | | | | | | | | | Commit 4880672a9b41 of OpenSSL[1] (which then was backported to 1.1.0 branch at 122580ef71e4) changed the bahavior of SSL_read(): it now returns -1 in the case the underlying BIO reaches EOF unexpectedly. This means, it is possible that rb_sys_fail() is called with errno == 0, resulting in [BUG]. So, as a workaround, let's distinguish IO error from the underlying BIO and EOF in violation of SSL/TLS protocol with the value of errno. [1] https://git.openssl.org/?p=openssl.git;a=commit;h=4880672a9b41a09a0984b55e219f02a2de7ab75e
* Don't include unistd.hKazuki Yamaguchi2016-10-281-4/+0
| | | | | | | As the comment suggests, ossl_ssl.c used to call read() and write() in the past. However r6806 replaced them with method calls for the underlying IO object. Anyway, unistd.h will be included by Ruby's header files if available.
* ssl: avoid using ossl_exc_new()Kazuki Yamaguchi2016-10-271-8/+4
| | | | | | | Avoid using ossl_exc_new() and rb_exc_raise() but just use ossl_raise(). This simplifies the code with the exactly same effect. ossl_exc_new() is now removed as it is no longer used anywhere.
* * ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): Fix compile errorngoto2016-09-171-1/+5
| | | | | | | | | with old version of fcc (Fujitsu C Compiler) on Solaris 10. [Bug #12769] [ruby-dev:49809] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56173 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: import v2.0.0.beta.2rhe2016-09-171-121/+163
| | | | | | | | * {ext,test}/openssl: Import Ruby/OpenSSL 2.0.0.beta.2. The full commit history since v2.0.0.beta.1 can be found at: https://github.com/ruby/openssl/compare/v2.0.0.beta.1...v2.0.0.beta.2 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Avoid using *2FIX() where we don't know if it really fits in FixnumKazuki Yamaguchi2016-08-221-14/+14
|
* ssl: fixup documentationKazuki Yamaguchi2016-08-221-36/+34
|
* ssl: fix memory leak in SSLContext#ecdh_curves=Kazuki Yamaguchi2016-08-131-1/+5
| | | | | | | SSL_CTX_set_tmp_ecdh() increments the reference counter of EC_KEY so we must decrement with EC_KEY_free(). Fixes: fcb9b4a6b5c6 (openssl: add SSLContext#ecdh_curves=)
* openssl: avoid undefined behavior on empty SSL_writenormal2016-08-071-1/+7
| | | | | | | | | | | | | | | | | | | SSL_write(3ssl) manpage has this in the WARNINGS section: When calling SSL_write() with num=0 bytes to be sent the behaviour is undefined. And indeed, the new test case demonstrates failures when empty strings are used. So, match the behavior of IO#write, IO#write_nonblock, and IO#syswrite by returning zero, as the OpenSSL::SSL::SSLSocket API already closely mimics the IO one. * ext/openssl/ossl_ssl.c (ossl_ssl_write_internal): avoid undefined behavior * test/openssl/test_pair.rb (test_write_zero): new test [ruby-core:76751] [Bug #12660] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ssl: refactor ssl_npn_advertise_cb()Kazuki Yamaguchi2016-08-051-4/+3
| | | | This removes unnecessary @_protocols instance variable.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-21 15:57:59 +0000