aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl
Commit message (Collapse)AuthorAgeFilesLines
* ssl: set verify error code in the case of verify_hostname failureky/ssl-fix-verify-hostname-set-error-codeKazuki Yamaguchi2020-02-241-1/+8
| | | | | | | | | | | | | | | When the verify_hostname option is enabled, the hostname verification is done before calling verify_callback provided by the user. The callback should be notified of the hostname verification failure. OpenSSL::X509::StoreContext's error code must be set to an appropriate value rather than OpenSSL::X509::V_OK. If the constant X509_V_ERR_HOSTNAME_MISMATCH is available (OpenSSL >= 1.0.2), use it. Otherwise use the generic X509_V_ERR_CERT_REJECTED. Reference: https://github.com/ruby/openssl/issues/244 Fixes: 028e495734e9 ("ssl: add verify_hostname option to SSLContext", 2016-06-27)
* x509: add error code and verify flags constantsKazuki Yamaguchi2020-02-241-0/+91
| | | | | Add missing constant declarations for certificate verification flags and the error codes, to match with OpenSSL 1.1.1.
* Remove taint supportJeremy Evans2020-02-243-11/+0
| | | | | | | | | | [ This is a backport to the 2.0 branch. ] Ruby 2.7 deprecates taint and it no longer has an effect. The lack of taint support should not cause a problem in previous Ruby versions. (cherry picked from commit e7ed01b580a139ad0fb320ad5f29bbb40ef2ddc2)
* Restore compatibility with older versions of Ruby.Samuel Williams2020-02-241-9/+21
| | | | | | | [ Originally landed on as commit b4e96fc4abc3. This is a backport to the 2.0 branch. ] `RB_PASS_KEYWORDS` is not always available.
* Fix keyword argument separation issues in ↵Jeremy Evans2020-02-241-4/+13
| | | | | | | | | | | | | OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock [ Originally landed on ruby.git as commit 3959469f240e, then was merged into ruby/openssl.git as commit b4e96fc4abc3. This is a backport to the 2.0 branch. ] It's unlikely anyone would actually hit these. The methods are private, you only hit this code path if calling these methods before performing the SSL connection, and there is already a verbose warning issued.
* Ruby/OpenSSL 2.0.9v2.0.9Kazuki Yamaguchi2018-10-171-1/+1
|
* needs openssl/opensslv.hnobu2018-10-171-1/+1
| | | | | | | | * ext/openssl/extconf.rb: LIBRESSL_VERSION_NUMBER is defined in openssl/opensslv.h. fix up r64101. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64236 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r64236
* Merge branch 'ky/x509name-cmp-bugfix' into maint-2.0Kazuki Yamaguchi2018-10-171-1/+1
|\ | | | | | | | | * ky/x509name-cmp-bugfix: x509name: fix OpenSSL::X509::Name#{cmp,<=>}
| * x509name: fix OpenSSL::X509::Name#{cmp,<=>}ky/x509name-cmp-bugfixKazuki Yamaguchi2018-10-171-1/+1
| | | | | | | | | | | | | | | | | | Fix wrong use of X509_NAME_cmp() return value. OpenSSL::X509::Name#<=> could return 0 when the two objects aren't identical. Reported by Tyler Eckstein. CVE-2018-16395. Reference: https://hackerone.com/reports/387250
* | x509name: fix handling of X509_NAME_{oneline,print_ex}() return valueky/x509name-to-s-emptyKazuki Yamaguchi2018-08-081-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | X509_NAME_print_ex() behaves differently depending on the passed flags. When XN_FLAG_COMPAT is specified, it returns either 1 on success or 0 on error. Otherwise, it returns the byte size written or -1 on error. This means 0 return is not necessarily an error. Also, X509_NAME_oneline() return value needs to be checked as it may fail with a NULL return. Fixes: https://github.com/ruby/openssl/issues/200
* | x509name: refactor OpenSSL::X509::Name#to_sKazuki Yamaguchi2018-08-081-18/+22
| | | | | | | | | | | | | | | | | | Extract the body into a function in preparation for adding #to_utf8. Also a potential memory leak is fixed: the GetX509Name() macro can raise TypeError. (cherry picked from commit 58964733f7d1f9646ecc344d127150aa7115760e)
* | Merge pull request #205 from rhenium/ky/pkey-generate-interrupt-resumeKazuki Yamaguchi2018-08-082-4/+26
|\ \ | | | | | | pkey: resume key generation after interrupt [Bug #14882]
| * | pkey: resume key generation after interruptky/pkey-generate-interrupt-resumeKazuki Yamaguchi2018-07-272-4/+26
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Key/parameter generation (OpenSSL::PKey::*.{new,generate}) immediately aborts when it is done with GVL released (in other words, no block is given) and the thread is interrupted (e.g., by a signal) during the operation. Have ossl_generate_cb_2() acquire GVL and call rb_thread_check_ints() if needed to process the pending interrupt rather than abort the operation completely by returning 0. Reference: https://bugs.ruby-lang.org/issues/14882
* | reduce LibreSSL warningsnobu2018-08-081-0/+4
| | | | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: LibreSSL headers emit "overriding WinCrypt defines" warnings if wincrypt.h has been included (except for x509.h) on Windows. get rid of including the header by defining NOCRYPT macro. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64101 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r64101
* | openssl_missing.h: constifiednobu2018-08-081-2/+2
| | | | | | | | | | | | | | | | * ext/openssl/openssl_missing.h (IMPL_KEY_ACCESSOR{2,3}): constified obj argument getters. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63684 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r63684
* | openssl: search winsocknobu2018-08-081-1/+3
| | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: on Windows search winsock library always, regardless pkg-config. direct use of winsock is not region of OpenSSL. [ruby-core:85895] [Bug #14568] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62637 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r62637
* | search winsock libraries explicitlynobu2018-08-081-0/+1
| | | | | | | | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62628 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r62628
* | no ID cache in Init functionsnobu2018-08-089-0/+9
|/ | | | | | | Init functions are called only once, cache is useless. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62429 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Sync-with-trunk: r62429
* Ruby/OpenSSL 2.0.8v2.0.8Kazuki Yamaguchi2018-05-121-1/+1
|
* extconf.rb: fix build with LibreSSL 2.7.0ky/libressl-2.7Kazuki Yamaguchi2018-03-241-1/+4
| | | | | | | | | | Our compat implementation of accessor functions that were introduced in OpenSSL 1.1.0 conflicts with those from LibreSSL 2.7.0. Use the HAVE_OPAQUE_OPENSSL code path when LibreSSL 2.7 or newer is detected. Fix suggested by Joel Sing. Fixes: https://github.com/ruby/openssl/issues/192
* cipher: validate iterations argument for Cipher#pkcs5_keyivgenky/cipher-pkcs5-keyivgen-validate-iterKazuki Yamaguchi2018-01-121-0/+2
| | | | | | | EVP_BytesToKey() internally converts the iteration count given as an "int" into an "unsigned int". Calling that with a negative integer will result in a hang. This is surprising, so let's validate the value by ourselves and raise ArgumentError as necessary.
* Ruby/OpenSSL 2.0.7v2.0.7ky/release-2.0.7Kazuki Yamaguchi2017-12-141-1/+1
|
* asn1: fix docsKazuki Yamaguchi2017-12-141-2/+2
| | | | | | | The value of 'value' attribute of OpenSSL::ASN1::{Integer,Enumerated} should be an instance of OpenSSL::BN. Reference: https://github.com/ruby/openssl/issues/176
* ssl: remove unreachable codeKazuki Yamaguchi2017-12-081-9/+0
| | | | GetSSLCTX() never returns NULL.
* x509cert, x509crl, x509req, ns_spki: check sanity of public keyky/pkey-check-sanityKazuki Yamaguchi2017-11-134-24/+32
| | | | | | | | | | | | | | | | The pub_encode routine of an EVP_PKEY_ASN1_METHOD seems to assume the parameters and public key component(s) to be set properly. Calling that, for example, through X509_set_pubkey(), with an incomplete object may cause segfault. Use ossl_pkey_check_public_key() to check that. It doesn't look pretty, but unfortunately there isn't a generic way to do that with the EVP API. Something similar applies to the verify routine of an EVP_PKEY_METHOD. Do the same check before calling *_verify(). Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83688 Reference: https://bugs.ruby-lang.org/issues/14087
* pkey: make pkey_check_public_key() non-staticKazuki Yamaguchi2017-11-112-4/+6
| | | | Also make it take const pointer as it never modifies the pkey.
* cipher: disallow setting AAD for non-AEAD ciphersKazuki Yamaguchi2017-10-181-0/+2
| | | | | | | | | EVP_CipherUpdate() must not be call with the output parameter set to NULL when the cipher does not support AEAD. Check the flag of EVP_CIPHER, and raise an exception as necessary. Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83337 Reference: https://bugs.ruby-lang.org/issues/14024
* test/test_ssl_session: skip tests for session_remove_cbky/skip-session-remove-cb-testsKazuki Yamaguchi2017-10-101-0/+4
| | | | | | | | | | | | | | | | | In OpenSSL < 1.1.0, the session_remove_cb callback is called inside the global lock for CRYPTO_LOCK_SSL_CTX which is shared across the entire process, not just for the specific SSL_CTX object. It is possible that the callback releases GVL while the lock for CRYPTO_LOCK_SSL_CTX is held, causing another thread calling an OpenSSL function that tries to acquire the same lock stuck forever. Add a note about the possible deadlock to the docs for SSLContext#session_remove_cb=, and skip the relevant test cases unless the OSSL_TEST_ALL environment variable is set to 1. A deadlock due to this issue is observed: http://ci.rvm.jp/results/trunk-test@frontier/104428
* Ruby/OpenSSL 2.0.6v2.0.6ky/release-2.0.6Kazuki Yamaguchi2017-09-241-1/+1
|
* Merge pull request #155 from rhenium/ky/fix-legacy-locking-callback-relockKazuki Yamaguchi2017-09-241-26/+40
|\ | | | | ossl.c: make legacy locking callbacks reentrant
| * ossl.c: make legacy locking callbacks reentrantky/fix-legacy-locking-callback-relockKazuki Yamaguchi2017-09-241-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | Although it's not documented explicitly that the locking callbacks must provide reentrant mutexes, it seems to be required. Specifically, the session_remove_cb callback function of an SSL_CTX is called in a critical section for CRYPTO_LOCK_SSL_CTX, which is shared across the library. This leads, if the callback function calls another OpenSSL function that will attempt to lock CRYPTO_LOCK_SSL_CTX, to deadlock. SSL_CTX_free() is one example of such a function. http://ci.rvm.jp/results/trunk@P895/64001
| * ossl.c: use struct CRYPTO_dynlock_value for non-dynamic locksKazuki Yamaguchi2017-09-241-26/+28
| | | | | | | | | | In preparation for making the mutexes reentrant. It is common to the non-dynamic and the dynamic locking callbacks.
* | ssl: prevent SSLSocket#sysread* from leaking uninitialized dataky/ssl-read-fix-leak-uninitializedKazuki Yamaguchi2017-09-231-9/+13
|/ | | | | | Set the length of the buffer string to 0 first, and adjust to the size successfully read by the SSL_read() call later. This is needed because the buffer string may be provided by the caller.
* ruby.h: unnormalized Fixnum valuenobu2017-09-082-3/+9
| | | | | | | | | | * include/ruby/ruby.h (ST2FIX): fix unnormalized Fixnum value bug on mingw/mswin. [ruby-core:82687] [Bug #13877] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59765 b2dd03c8-39d4-4d8f-98ff-823fe69b080e [ky: add ST2FIX() definition to ext/openssl/ruby_missing.h, and adapt the test case to the 2.0 branch.] Sync-with-trunk: r59765
* Merge pull request #139 from rhenium/ky/ssl-sysread-dont-check-ssl-pendingKazuki Yamaguchi2017-08-251-2/+0
|\ | | | | ssl: remove useless call to rb_thread_wait_fd()
| * ssl: remove useless call to rb_thread_wait_fd()ky/ssl-sysread-dont-check-ssl-pendingKazuki Yamaguchi2017-08-251-2/+0
| | | | | | | | | | | | That there is no immediately readable data in the SSL instance does not imply it has to read more bytes from the underlying socket. Just call SSL_read() and check the return value.
* | Merge pull request #138 from rhenium/ky/maint-fix-test-with-tls13Kazuki Yamaguchi2017-08-251-9/+100
|\ \ | |/ |/| Fix test failures with TLS 1.3-capable OpenSSL
| * Backport "Merge branch 'topic/test-memory-leak'" to maintKazuki Yamaguchi2017-08-241-9/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * topic/test-memory-leak: Enable OSSL_MDEBUG on CI builds Add OpenSSL.print_mem_leaks test: prepare test PKey instances on demand test: let OpenSSL::TestCase include OpenSSL::TestUtils Don't define main() when built with --enable-debug (cherry picked from commit 5c586acc387834ab4e09260937dc21064fc59de4) Note that fix for new test cases that use the old constants removed by this is squashed in.
* | cipher: update the documentation for Cipher#auth_tag=ky/cipher-aead-set-aead-tag-documentation-fixKazuki Yamaguchi2017-08-241-7/+5
|/ | | | | | | The authentication tag can be set after starting the decryption, if only it is before Cipher#final is called. Fixes: https://github.com/ruby/openssl/issues/74
* ssl: do not call session_remove_cb during GCKazuki Yamaguchi2017-08-231-0/+7
| | | | | | | As noted in the SSL_CTX_sess_set_remove_cb(3) manpage, SSL_CTX_free() will call the callback function for each session in the internal session store. We can't call the callback Proc since it may do a new object allocation which is prohibited during GC.
* Ruby/OpenSSL 2.0.5v2.0.5Kazuki Yamaguchi2017-08-081-1/+1
|
* ssl: fix compile error with OpenSSL 1.0.0Kazuki Yamaguchi2017-08-082-2/+4
| | | | | | | OpenSSL <= 1.0.0 did not support TLS 1.1/1.2, and thus we must still check the existence of the symbols. This fixes the previous commit, 3e5a009966bd ("ssl: remove unsupported TLS versions from SSLContext::METHODS", 2017-08-08).
* ssl: remove unsupported TLS versions from SSLContext::METHODSKazuki Yamaguchi2017-08-082-14/+10
| | | | | | | | | | | | | | | Check for all version-specific SSL methods. We do check for existence of TLSv1_1_method() and TLSv1_2_method(), but not for TLSv1_method(). This fixes compile error when OpenSSL is configured with no-tls1-method. Also check the OPENSSL_NO_TLS{1,1_1,1_2} macros for whether OpenSSL supports the corresponding versions or not. This prevents :TLSv1 from being in SSLContext::METHODS when OpenSSL is compiled with no-tls1. In particular, Debian sid has disabled TLS 1.0/1.1 support recently. The changes in ext/openssl are partial backport of 4eb4b3297a92 ("Remove support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30).
* ossl_pem_passwd_cb: handle nil from the block explicitlyky/pem-passwd-cb-get-rid-of-minlenKazuki Yamaguchi2017-07-221-4/+5
| | | | | | | | | | | There is code that returns nil in the passphrase block on purpose (to prevent OpenSSL from prompting on stdin): OpenSSL::PKey.read(File.read("file.pem")) { nil } This is working just by chance because the TypeError from StringValue() is silently ignored. Let's short circuit in that case and save raising a needless exception, as this pattern has become too common.
* ossl_pem_passwd_cb: do not check for taintednessKazuki Yamaguchi2017-07-221-1/+1
| | | | It is perfectly permissible to take passwords from an untrusted source.
* ossl_pem_passwd_cb: relax passphrase length constraintKazuki Yamaguchi2017-07-221-14/+1
| | | | | | The minimum passphrase length of 4 bytes is only a limitation of PEM_def_callback() which isn't relevant here. Commit f38501249f33 introduced this bug.
* bio: do not use the FILE BIO method in ossl_obj2bio()Kazuki Yamaguchi2017-07-111-26/+6
| | | | | | | | | | | | | | | Read everything from an IO object into a String first and use the memory buffer BIO method just as we do for String inputs. For MSVC builds, the FILE BIO method uses the "UPLINK" interface that requires the application to provide OPENSSL_Applink() function. For us, the "application" means ruby.exe, in which we can't do anything. As a workaround, avoid using the FILE BIO method at all. Usually private keys or X.509 certificates aren't that large and the temporarily increased memory usage hopefully won't be an issue. Fixes: https://github.com/ruby/openssl/issues/128
* bio: prevent possible GC issue in ossl_obj2bio()Kazuki Yamaguchi2017-07-1114-32/+24
| | | | | | | | | | Prevent the new object created by StringValue() from being GCed. Luckily, as none of the callers of ossl_obj2bio() reads from the returned BIO after possible triggering GC, this has not been a real problem. As a bonus, ossl_protect_obj2bio() function which is no longer used anywhere is removed.
* Ruby/OpenSSL 2.0.4v2.0.4Kazuki Yamaguchi2017-06-141-1/+1
|
* extconf.rb: simplify searching libraries logicKazuki Yamaguchi2017-06-141-31/+33
| | | | | Clarify what it's doing. For non-Windows and MinGW platforms we can just give "crypto" and "ssl" to have_library.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-28 02:40:25 +0000