| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the verify_hostname option is enabled, the hostname verification is
done before calling verify_callback provided by the user.
The callback should be notified of the hostname verification failure.
OpenSSL::X509::StoreContext's error code must be set to an appropriate
value rather than OpenSSL::X509::V_OK.
If the constant X509_V_ERR_HOSTNAME_MISMATCH is available (OpenSSL >=
1.0.2), use it. Otherwise use the generic X509_V_ERR_CERT_REJECTED.
Reference: https://github.com/ruby/openssl/issues/244
Fixes: 028e495734e9 ("ssl: add verify_hostname option to SSLContext", 2016-06-27)
|
|
|
|
|
| |
Add missing constant declarations for certificate verification flags and
the error codes, to match with OpenSSL 1.1.1.
|
|
|
|
|
|
|
|
|
|
| |
[ This is a backport to the 2.0 branch. ]
Ruby 2.7 deprecates taint and it no longer has an effect.
The lack of taint support should not cause a problem in
previous Ruby versions.
(cherry picked from commit e7ed01b580a139ad0fb320ad5f29bbb40ef2ddc2)
|
|
|
|
|
|
|
| |
[ Originally landed on as commit b4e96fc4abc3. This is a backport to the
2.0 branch. ]
`RB_PASS_KEYWORDS` is not always available.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL::SSL::SSLSocket#sys{read,write}_nonblock
[ Originally landed on ruby.git as commit 3959469f240e, then was merged
into ruby/openssl.git as commit b4e96fc4abc3. This is a backport to
the 2.0 branch. ]
It's unlikely anyone would actually hit these. The methods are
private, you only hit this code path if calling these methods
before performing the SSL connection, and there is already a
verbose warning issued.
|
| |
|
|
|
|
|
|
|
|
| |
* ext/openssl/extconf.rb: LIBRESSL_VERSION_NUMBER is defined in
openssl/opensslv.h. fix up r64101.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64236 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r64236
|
|\
| |
| |
| |
| | |
* ky/x509name-cmp-bugfix:
x509name: fix OpenSSL::X509::Name#{cmp,<=>}
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix wrong use of X509_NAME_cmp() return value. OpenSSL::X509::Name#<=>
could return 0 when the two objects aren't identical.
Reported by Tyler Eckstein. CVE-2018-16395.
Reference: https://hackerone.com/reports/387250
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
X509_NAME_print_ex() behaves differently depending on the passed flags.
When XN_FLAG_COMPAT is specified, it returns either 1 on success or 0
on error. Otherwise, it returns the byte size written or -1 on error.
This means 0 return is not necessarily an error.
Also, X509_NAME_oneline() return value needs to be checked as it may
fail with a NULL return.
Fixes: https://github.com/ruby/openssl/issues/200
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Extract the body into a function in preparation for adding #to_utf8.
Also a potential memory leak is fixed: the GetX509Name() macro can
raise TypeError.
(cherry picked from commit 58964733f7d1f9646ecc344d127150aa7115760e)
|
|\ \
| | |
| | | |
pkey: resume key generation after interrupt [Bug #14882]
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Key/parameter generation (OpenSSL::PKey::*.{new,generate}) immediately
aborts when it is done with GVL released (in other words, no block is
given) and the thread is interrupted (e.g., by a signal) during the
operation.
Have ossl_generate_cb_2() acquire GVL and call rb_thread_check_ints()
if needed to process the pending interrupt rather than abort the
operation completely by returning 0.
Reference: https://bugs.ruby-lang.org/issues/14882
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* ext/openssl/extconf.rb: LibreSSL headers emit "overriding WinCrypt
defines" warnings if wincrypt.h has been included (except for
x509.h) on Windows. get rid of including the header by defining
NOCRYPT macro.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64101 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r64101
|
| |
| |
| |
| |
| |
| |
| |
| | |
* ext/openssl/openssl_missing.h (IMPL_KEY_ACCESSOR{2,3}):
constified obj argument getters.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63684 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r63684
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* ext/openssl/extconf.rb: on Windows search winsock library
always, regardless pkg-config. direct use of winsock is not
region of OpenSSL. [ruby-core:85895] [Bug #14568]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62637 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r62637
|
| |
| |
| |
| |
| | |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62628 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r62628
|
|/
|
|
|
|
|
| |
Init functions are called only once, cache is useless.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62429 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r62429
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Our compat implementation of accessor functions that were introduced in
OpenSSL 1.1.0 conflicts with those from LibreSSL 2.7.0. Use the
HAVE_OPAQUE_OPENSSL code path when LibreSSL 2.7 or newer is detected.
Fix suggested by Joel Sing.
Fixes: https://github.com/ruby/openssl/issues/192
|
|
|
|
|
|
|
| |
EVP_BytesToKey() internally converts the iteration count given as an
"int" into an "unsigned int". Calling that with a negative integer will
result in a hang. This is surprising, so let's validate the value by
ourselves and raise ArgumentError as necessary.
|
| |
|
|
|
|
|
|
|
| |
The value of 'value' attribute of OpenSSL::ASN1::{Integer,Enumerated}
should be an instance of OpenSSL::BN.
Reference: https://github.com/ruby/openssl/issues/176
|
|
|
|
| |
GetSSLCTX() never returns NULL.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pub_encode routine of an EVP_PKEY_ASN1_METHOD seems to assume the
parameters and public key component(s) to be set properly. Calling that,
for example, through X509_set_pubkey(), with an incomplete object may
cause segfault.
Use ossl_pkey_check_public_key() to check that. It doesn't look pretty,
but unfortunately there isn't a generic way to do that with the EVP API.
Something similar applies to the verify routine of an EVP_PKEY_METHOD.
Do the same check before calling *_verify().
Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83688
Reference: https://bugs.ruby-lang.org/issues/14087
|
|
|
|
| |
Also make it take const pointer as it never modifies the pkey.
|
|
|
|
|
|
|
|
|
| |
EVP_CipherUpdate() must not be call with the output parameter set to
NULL when the cipher does not support AEAD. Check the flag of
EVP_CIPHER, and raise an exception as necessary.
Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83337
Reference: https://bugs.ruby-lang.org/issues/14024
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In OpenSSL < 1.1.0, the session_remove_cb callback is called inside the
global lock for CRYPTO_LOCK_SSL_CTX which is shared across the entire
process, not just for the specific SSL_CTX object. It is possible that
the callback releases GVL while the lock for CRYPTO_LOCK_SSL_CTX is
held, causing another thread calling an OpenSSL function that tries to
acquire the same lock stuck forever.
Add a note about the possible deadlock to the docs for
SSLContext#session_remove_cb=, and skip the relevant test cases unless
the OSSL_TEST_ALL environment variable is set to 1.
A deadlock due to this issue is observed:
http://ci.rvm.jp/results/trunk-test@frontier/104428
|
| |
|
|\
| |
| | |
ossl.c: make legacy locking callbacks reentrant
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Although it's not documented explicitly that the locking callbacks must
provide reentrant mutexes, it seems to be required.
Specifically, the session_remove_cb callback function of an SSL_CTX is
called in a critical section for CRYPTO_LOCK_SSL_CTX, which is shared
across the library. This leads, if the callback function calls another
OpenSSL function that will attempt to lock CRYPTO_LOCK_SSL_CTX, to
deadlock. SSL_CTX_free() is one example of such a function.
http://ci.rvm.jp/results/trunk@P895/64001
|
| |
| |
| |
| |
| | |
In preparation for making the mutexes reentrant. It is common to the
non-dynamic and the dynamic locking callbacks.
|
|/
|
|
|
|
| |
Set the length of the buffer string to 0 first, and adjust to the size
successfully read by the SSL_read() call later. This is needed because
the buffer string may be provided by the caller.
|
|
|
|
|
|
|
|
|
|
| |
* include/ruby/ruby.h (ST2FIX): fix unnormalized Fixnum value bug
on mingw/mswin. [ruby-core:82687] [Bug #13877]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59765 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
[ky: add ST2FIX() definition to ext/openssl/ruby_missing.h, and adapt
the test case to the 2.0 branch.]
Sync-with-trunk: r59765
|
|\
| |
| | |
ssl: remove useless call to rb_thread_wait_fd()
|
| |
| |
| |
| |
| |
| | |
That there is no immediately readable data in the SSL instance does not
imply it has to read more bytes from the underlying socket. Just call
SSL_read() and check the return value.
|
|\ \
| |/
|/| |
Fix test failures with TLS 1.3-capable OpenSSL
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* topic/test-memory-leak:
Enable OSSL_MDEBUG on CI builds
Add OpenSSL.print_mem_leaks
test: prepare test PKey instances on demand
test: let OpenSSL::TestCase include OpenSSL::TestUtils
Don't define main() when built with --enable-debug
(cherry picked from commit 5c586acc387834ab4e09260937dc21064fc59de4)
Note that fix for new test cases that use the old constants removed by
this is squashed in.
|
|/
|
|
|
|
|
| |
The authentication tag can be set after starting the decryption, if
only it is before Cipher#final is called.
Fixes: https://github.com/ruby/openssl/issues/74
|
|
|
|
|
|
|
| |
As noted in the SSL_CTX_sess_set_remove_cb(3) manpage, SSL_CTX_free()
will call the callback function for each session in the internal session
store. We can't call the callback Proc since it may do a new object
allocation which is prohibited during GC.
|
| |
|
|
|
|
|
|
|
| |
OpenSSL <= 1.0.0 did not support TLS 1.1/1.2, and thus we must still
check the existence of the symbols. This fixes the previous commit,
3e5a009966bd ("ssl: remove unsupported TLS versions from
SSLContext::METHODS", 2017-08-08).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Check for all version-specific SSL methods. We do check for existence of
TLSv1_1_method() and TLSv1_2_method(), but not for TLSv1_method(). This
fixes compile error when OpenSSL is configured with no-tls1-method.
Also check the OPENSSL_NO_TLS{1,1_1,1_2} macros for whether OpenSSL
supports the corresponding versions or not. This prevents :TLSv1 from
being in SSLContext::METHODS when OpenSSL is compiled with no-tls1.
In particular, Debian sid has disabled TLS 1.0/1.1 support recently.
The changes in ext/openssl are partial backport of 4eb4b3297a92 ("Remove
support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30).
|
|
|
|
|
|
|
|
|
|
|
| |
There is code that returns nil in the passphrase block on purpose (to
prevent OpenSSL from prompting on stdin):
OpenSSL::PKey.read(File.read("file.pem")) { nil }
This is working just by chance because the TypeError from StringValue()
is silently ignored. Let's short circuit in that case and save raising
a needless exception, as this pattern has become too common.
|
|
|
|
| |
It is perfectly permissible to take passwords from an untrusted source.
|
|
|
|
|
|
| |
The minimum passphrase length of 4 bytes is only a limitation of
PEM_def_callback() which isn't relevant here. Commit f38501249f33
introduced this bug.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Read everything from an IO object into a String first and use the
memory buffer BIO method just as we do for String inputs.
For MSVC builds, the FILE BIO method uses the "UPLINK" interface that
requires the application to provide OPENSSL_Applink() function. For us,
the "application" means ruby.exe, in which we can't do anything. As a
workaround, avoid using the FILE BIO method at all.
Usually private keys or X.509 certificates aren't that large and the
temporarily increased memory usage hopefully won't be an issue.
Fixes: https://github.com/ruby/openssl/issues/128
|
|
|
|
|
|
|
|
|
|
| |
Prevent the new object created by StringValue() from being GCed.
Luckily, as none of the callers of ossl_obj2bio() reads from the
returned BIO after possible triggering GC, this has not been a real
problem.
As a bonus, ossl_protect_obj2bio() function which is no longer used
anywhere is removed.
|
| |
|
|
|
|
|
| |
Clarify what it's doing. For non-Windows and MinGW platforms we can
just give "crypto" and "ssl" to have_library.
|