| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
The existing #to_s does not interact well with distinguished names
containing multi-byte UTF-8 characters since the OpenSSL function
X509_NAME_print_ex() escapes bytes with MSB set by default.
Unfortunately we can't fix it without breaking backwards compatibility.
It takes options as a bit field that is directly passed to
X509_NAME_print_ex(). Let's add a new method instead.
Fixes: https://github.com/ruby/openssl/issues/26
|
|
|
|
|
|
|
| |
Extract the body into a function in preparation for adding #to_utf8.
Also a potential memory leak is fixed: the GetX509Name() macro can
raise TypeError.
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This also restores 'if defined?(OpenSSL)-end' wrapping the test code.
They have been removed erroneously by commit 4eb4b3297a92 ("Remove
support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30).
* maint:
test/test_ssl: explicitly accept TLS 1.1 in corresponding test
ssl: remove useless call to rb_thread_wait_fd()
test/test_pair, test/test_ssl: fix for TLS 1.3
test/test_ssl_session: rearrange tests
test/test_ssl: move test_multibyte_read_write to test_pair
test/test_ssl: remove test_invalid_shutdown_by_gc
test/utils: do not use DSA certificates in SSL tests
test/utils: add OpenSSL::TestUtils.openssl? and .libressl?
test/utils: improve error handling in start_server
test/utils: let server_loop close socket
test/utils: do not set ecdh_curves in start_server
test/utils: have start_server yield only the port number
test/utils: add SSLTestCase#tls12_supported?
test/utils: remove OpenSSL::TestUtils.silent
test: fix formatting
Rakefile: let sync:to_ruby know about test/openssl/fixtures
cipher: update the documentation for Cipher#auth_tag=
Backport "Merge branch 'topic/test-memory-leak'" to maint
ssl: do not call session_remove_cb during GC
|
| |\
| | |
| | | |
ssl: remove useless call to rb_thread_wait_fd()
|
| | |
| | |
| | |
| | |
| | |
| | | |
That there is no immediately readable data in the SSL instance does not
imply it has to read more bytes from the underlying socket. Just call
SSL_read() and check the return value.
|
| |\ \
| | |/
| |/| |
Fix test failures with TLS 1.3-capable OpenSSL
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/test-memory-leak:
Enable OSSL_MDEBUG on CI builds
Add OpenSSL.print_mem_leaks
test: prepare test PKey instances on demand
test: let OpenSSL::TestCase include OpenSSL::TestUtils
Don't define main() when built with --enable-debug
(cherry picked from commit 5c586acc387834ab4e09260937dc21064fc59de4)
Note that fix for new test cases that use the old constants removed by
this is squashed in.
|
| |/
| |
| |
| |
| |
| |
| | |
The authentication tag can be set after starting the decryption, if
only it is before Cipher#final is called.
Fixes: https://github.com/ruby/openssl/issues/74
|
| |
| |
| |
| |
| |
| |
| | |
As noted in the SSL_CTX_sess_set_remove_cb(3) manpage, SSL_CTX_free()
will call the callback function for each session in the internal session
store. We can't call the callback Proc since it may do a new object
allocation which is prohibited during GC.
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint:
Ruby/OpenSSL 2.0.5
ssl: fix compile error with OpenSSL 1.0.0
ssl: remove unsupported TLS versions from SSLContext::METHODS
Add msys2 library dependency tag in gem metadata
ossl_pem_passwd_cb: handle nil from the block explicitly
ossl_pem_passwd_cb: do not check for taintedness
ossl_pem_passwd_cb: relax passphrase length constraint
appveyor.yml: test against Ruby 2.4
Rakefile: install_dependencies: install only when needed
bio: do not use the FILE BIO method in ossl_obj2bio()
bio: prevent possible GC issue in ossl_obj2bio()
test/test_ssl: allow 3DES cipher suites in test_sslctx_set_params
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
OpenSSL <= 1.0.0 did not support TLS 1.1/1.2, and thus we must still
check the existence of the symbols. This fixes the previous commit,
3e5a009966bd ("ssl: remove unsupported TLS versions from
SSLContext::METHODS", 2017-08-08).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Check for all version-specific SSL methods. We do check for existence of
TLSv1_1_method() and TLSv1_2_method(), but not for TLSv1_method(). This
fixes compile error when OpenSSL is configured with no-tls1-method.
Also check the OPENSSL_NO_TLS{1,1_1,1_2} macros for whether OpenSSL
supports the corresponding versions or not. This prevents :TLSv1 from
being in SSLContext::METHODS when OpenSSL is compiled with no-tls1.
In particular, Debian sid has disabled TLS 1.0/1.1 support recently.
The changes in ext/openssl are partial backport of 4eb4b3297a92 ("Remove
support for OpenSSL 0.9.8 and 1.0.0", 2016-11-30).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is code that returns nil in the passphrase block on purpose (to
prevent OpenSSL from prompting on stdin):
OpenSSL::PKey.read(File.read("file.pem")) { nil }
This is working just by chance because the TypeError from StringValue()
is silently ignored. Let's short circuit in that case and save raising
a needless exception, as this pattern has become too common.
|
| |
| |
| |
| | |
It is perfectly permissible to take passwords from an untrusted source.
|
| |
| |
| |
| |
| |
| | |
The minimum passphrase length of 4 bytes is only a limitation of
PEM_def_callback() which isn't relevant here. Commit f38501249f33
introduced this bug.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Read everything from an IO object into a String first and use the
memory buffer BIO method just as we do for String inputs.
For MSVC builds, the FILE BIO method uses the "UPLINK" interface that
requires the application to provide OPENSSL_Applink() function. For us,
the "application" means ruby.exe, in which we can't do anything. As a
workaround, avoid using the FILE BIO method at all.
Usually private keys or X.509 certificates aren't that large and the
temporarily increased memory usage hopefully won't be an issue.
Fixes: https://github.com/ruby/openssl/issues/128
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prevent the new object created by StringValue() from being GCed.
Luckily, as none of the callers of ossl_obj2bio() reads from the
returned BIO after possible triggering GC, this has not been a real
problem.
As a bonus, ossl_protect_obj2bio() function which is no longer used
anywhere is removed.
|
|\ \
| | |
| | |
| | |
| | | |
* ky/x509name-add-entry-options:
x509name: add 'loc' and 'set' kwargs to OpenSSL::X509::Name#add_entry
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a way to specify these arguments for X509_NAME_add_entry_by_txt().
We currently always use -1 and 0 respectively, which will result in
appending a new single-valued RDN to the end.
Fixes: https://github.com/ruby/openssl/issues/94
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* topic/asn1-overhaul:
asn1: do not treat EOC octets as part of content octets
asn1: prevent EOC octets from being in the middle of the content
asn1: harmonize OpenSSL::ASN1::*#to_der
asn1: clean up OpenSSL::ASN1::Constructive#to_der
asn1: use ossl_asn1_tag()
asn1: allow tag number to be >= 32 for universal tag class
asn1: prohibit indefinite length form for primitive encoding
asn1: allow constructed encoding with definite length form
asn1: avoid truncating OID in OpenSSL::ASN1::ObjectId#oid
asn1: disallow NULL to be passed to asn1time_to_time()
asn1: check for illegal 'unused_bits' value of BitString
asn1: initialize 'unused_bits' attribute of BitString with 0
asn1: require tag information when instantiating generic type
asn1: remove an unnecessary function prototype
asn1: rearrange tests
asn1: infinite length -> indefinite length
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We currently treat end-of-contents octets as a BER encoding of a value
whose tag is universal class and the number is zero, and require users
to put one in the end of 'value' array when encoding using indefinite
length form. However, the end-of-contents are just a marker indicating
the end of the contents and not really part of the contents.
Do not require users to put an EOC object in the content when encoding,
and don't produce an EOC object when decoding an encoding that uses
indefinite length form.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Encoding with indefinite length form produces an invalid encoding if the
contents array contains an EOC object in the middle. Raise an exception
in that case.
|
| | | |
| | | |
| | | |
| | | | |
Extract the common paths for code reduction.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove a mysterious behavior in Constructive#to_der: if the 'tagging'
attribute is set to :EXPLICIT and it is not an instance of universal
tag class classes, it "searches" the original tag from the first value
whose encoding is primitive.
ary = [
OpenSSL::ASN1.Sequence([
OpenSSL::ASN1.OctetString("abc")
])
]
cons = OpenSSL::ASN1::Constructive.new(ary, 1, :EXPLICIT)
cons.to_der
#=> "\xA1\x09\x24\x07\x30\x05\x04\x03\x61\x62\x63"
# ^
# This 4 comes from the OctetString
This is really confusing and nobody seems to be using this behavior.
Let's make it raise error instead.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Use ossl_asn1_tag() instead of the combination of ossl_asn1_get_tag()
and NUM2INT().
|
| | | |
| | | |
| | | |
| | | |
| | | | |
There are actually high-tag universal types such as the time-of-day
type.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The setter method #indefinite_length= for OpenSSL::ASN1::Primitive is
undef-ed, but we can still set 'indefinite_length' to true illegally
when constructing an object with the raw OpenSSL::ASN1::ASN1Data.
Indefinite length form is not possible in primitive encoding. Raise an
exception in OpenSSL::ASN1::ASN1Data#to_der if specified.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Constructed encoding can use the definite length form as well as the
indefinite length form, regardless of the tag number.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
OpenSSL::ASN1::ObjectId#oid, which returns the dotted representation of
the OID, is silently truncating the result if it overflows the 128-bytes
buffer. Although it normally won't be more than 127-characters, it'd be
better to avoid. This can be done by checking the return value of
OBJ_obj2txt().
Previous releases of LibreSSL (< 2.5.1) have a bug in OBJ_obj2txt() and
it does not work if the resulting string would be larger than the
buffer. A workaround is added to the test. It should be removed when we
deprecate support for LibreSSL 2.4.
|
| | | |
| | | |
| | | |
| | | | |
Let the callers check the validity of the ASN1_TIME.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Invalid values such as nil or values not in the range 0 to 7 are
silently coerced into the valid range. This behavior is confusing and
hides user bugs. Raise an exception instead if an illegal value is
specified.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix the initial value of 'unused_bits' attribute of
OpenSSL::ASN1::BitString. The attribute must always contain an Integer
in the range 0 to 7.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Improve the error message of the exception raised when
OpenSSL::ASN1::Primitive.new or OpenSSL::ASN1::Constructive.new is
called with one argument (which is wrong).
|
| | | | |
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
Replace all occurrences of 'infinite' with 'inDEfinite'. Accessor
methods OpenSSL::ASN1::ASN1Data#infinite_length and #infinite_length=
are kept as alias for backwards compatibility.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
SSL_get_current_cipher() returns NULL if no session is established yet.
Return nil in that case rather than an useless value like
["(NONE)", "(NONE)", 0, 32722].
Also, keep the constness of the SSL_CIPHER.
|
| | | |
|
|/ /
| |
| |
| |
| |
| | |
Add a method to check whether the OpenSSL::OCSP::Request is signed or
not. Currently there is no way to distinguish them except inspecting
DER encoding or parsing verification error message.
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint:
Ruby/OpenSSL 2.0.4
History.md: add entries for 2.0.1-2.0.3
History.md: wrap at 80 characters
extconf.rb: simplify searching libraries logic
Search SSL libraries by testing various filename patterns
openssl: fix broken openssl check
openssl: fix broken openssl check
x509store: clear error queue after calling X509_LOOKUP_load_file()
tool/sync-with-trunk: 'LASY' -> 'LAST'
Update .travis.yml and Dockerfile
test/test_x509store: skip OpenSSL::TestX509Store#test_set_errors
Fix documentation for OpenSSL::Cipher#final
Fix typos
ssl: check return value of SSL_set_fd()
test/test_ssl: fix typo in test_sysread_and_syswrite
Fix typos
test/test_pkey_ec: do not use dummy 0 order
|
| | |
|
| |
| |
| |
| |
| | |
Clarify what it's doing. For non-Windows and MinGW platforms we can
just give "crypto" and "ssl" to have_library.
|
| |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Commits that went to master are excluded.
* ruby-trunk r56953..r58742: (3 commits)
(r58742) Search SSL libraries by testing various filename patterns
(r57592) openssl: fix broken openssl check
(r57591) openssl: fix broken openssl check
Sync-with-trunk: r58742
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ext/openssl/extconf.rb (find_openssl_library): should search by more flexible
method, especially for LibreSSL on Windows.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58742 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ext/openssl/deprecation.rb: check for broken OpenSSL only on mac
OS. [ruby-core:79475] [Bug #13200]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57592 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* ext/openssl/extconf.rb: check for broken OpenSSL only on mac OS.
[ruby-core:79475] [Bug #13200]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57591 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
X509_LOOKUP_load_file(), which ends up calling X509_load_cert_crl_file()
internally, may leave error entries in the queue even when it returns
non-zero value (which indicates success).
This will be fixed by OpenSSL 1.1.1, but can be worked around by
clearing the error queue ourselves.
Fixes: https://bugs.ruby-lang.org/issues/11033
|
| | |
| | |
| | |
| | |
| | | |
"after after having fed the entire plaintext..." is changed to
"after having fed the entire plaintext..."
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
SSL_set_fd() may fail with 0 return if malloc() fails. Check that and
raise an exception to avoid potential crash.
|