| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | | |
| | | | |
| | | | |
| | | | | |
All usages can be replaced with GetX509ExtPtr().
|
| | | | | |
| | | | |
| | | | |
| | | | | |
OCSP_CERTID can leak in case OCSP_request_add0_id() fails.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
X509_REVOKED can leak when X509_CRL_add0_revoked() fails.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The BIO returned by PKCS7_dataInit() must be free'd using
BIO_free_all().
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
ossl_obj2bio() must be called after other functions that may raise.
Also, the variable `x509s` is not free'd when PKCS7_verify() fails.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It leaks when invalid value is passed as the `cipher` or `pass`
argument.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
ossl_*_ary2sk() function must be called after any other functions that
may raise.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
X509_REVOKED_add_ext() dups the X509_EXTENSION.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
X509_REQ_add1_attr() dups the X509_ATTRIBUTE given as the argument, so
we don't need to duplicate beforehand.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
ASN1_OBJECT returned by OBJ_txt2obj() must be free'd.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
X509_EXTENSION_set_data() dups the ASN1_OCTET_STRING, so we must free
the temporary ASN1_OCTET_STRING object. However we can retrieve the
current ASN1_OCTET_STRING object by X509_EXTENSION_get_data() and modify
it directly.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
X509_EXTENSION_set_object() dups the ASN1_OBJECT passed via the
argument so we need to free.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
X509V3_set_nconf() sets the CONF passed via the argument to X509V3_CTX,
but it doesn't free CONF. However we don't actually need it so replace
with a simple Ruby-level attribute.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
The CONF returned by DupConfigPtr() must be free'd by the caller.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make it follow the convention. Other Get*Ptr() functions return a
pointer to OpenSSL object that the caller doesn't need to free.
Indeed DupConfigPtr() is not the best name (OpenSSL::Config does not
actually wrap a CONF object), but should be better than GetConfigPtr().
|
| | |_|/
|/| |
| | |
| | |
| | | |
Add a note about GCM mode - warn of the risk of reusing nonce and
authentication tag truncation. [GH ruby/openssl#63]
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
SSL_CTX_set_tmp_ecdh() increments the reference counter of EC_KEY so we
must decrement with EC_KEY_free().
Fixes: fcb9b4a6b5c6 (openssl: add SSLContext#ecdh_curves=)
|
| | | |
| | |
| | |
| | |
| | | |
Since openssl.so itself doesn't have the funtionality of memory leak
check, there is no point doing it.
|
| | | |
| | |
| | |
| | |
| | | |
Fixes cad3226a06a1 (openssl: adapt to OpenSSL 1.1.0 opaque structs,
2016-06-05).
|
| | |/
|/|
| |
| | |
The input may not be a Fixnum.
|
| | |
| |
| |
| | |
Their return type was void in ancient versions of OpenSSL but no longer.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SSL_write(3ssl) manpage has this in the WARNINGS section:
When calling SSL_write() with num=0 bytes to be sent the
behaviour is undefined.
And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.
* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
avoid undefined behavior
* test/openssl/test_pair.rb (test_write_zero): new test
[ruby-core:76751] [Bug #12660]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| | |
| |
| |
| |
| | |
A workaround so that the OpenSSL version doesn't affect
ext/openssl/depend generated by Ruby's tool/update-deps script.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We currently always pass 20 random bytes generated by RAND_bytes(). It
is fine when generating parameters <= 1024 bits, because OpenSSL
requires a seed with the same length as the prime q, which is 160 bits.
FIPS 186-3 allowed the parameters to be >= 2048 bits. For them, OpenSSL
generates a 256 bits long q. We can pass 32 bytes long random bytes
instead, but the function is able to generate on its own. So just give
NULL.
|
| | |
| |
| |
| | |
This removes unnecessary @_protocols instance variable.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement initialize_copy for:
- OpenSSL::PKCS12
- OpenSSL::SSL::SSLSession
- OpenSSL::X509::Attribute
- OpenSSL::X509::Extension
- OpenSSL::X509::Name
- OpenSSL::X509::Revoked
Remove initialize_copy from:
- OpenSSL::SSL::SSLContext
- OpenSSL::SSL::SSLSocket
- OpenSSL::Engine
- OpenSSL::X509::Store
- OpenSSL::X509::StoreContext
[Bug #12381]
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/ssl-verify-hostname:
ssl: add verify_hostname option to SSLContext
test/test_ssl: avoid SSLContext#set_params where not required
Refactor common verify callback code
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a client sets this to true and enables SNI with SSLSocket#hostname=,
the hostname verification on the server certificate is performed
automatically during the handshake using
OpenSSL::SSL.verify_certificate_identity().
Currently an user who wants to do the hostname verification needs to
call SSLSocket#post_connection_check explicitly after the TLS connection
is established.
This commit also enables the option in SSLContext::DEFAULT_PARAMS.
Applications using SSLContext#set_params may be affected by this.
[GH ruby/openssl#8]
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is a function ossl_verify_cb() that fetches the custom callback
Proc from X509_STORE/X509_STORE_CTX and calls it, but it was not very
useful for SSL code. It's only used in ossl_x509store.c and ossl_ssl.c
so move X509::Store specific code to ossl_x509store.c.
Also make struct ossl_verify_cb_args and ossl_call_verify_cb_proc()
local to ossl.c.
|
| | | |
|
| | |
| |
| |
| | |
Fixes c0548c94e499.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function ossl_cipher_update_long() was added to fix this in r48923
(ossl_cipher.c: workaround of OpenSSL API, 2014-12-23), but it didn't
work well. [Bug #10633]
This can be tested by running:
$ fallocate -l 2G data.img
$ ruby -ropenssl <<EOF
cipher = OpenSSL::Cipher.new("aes-128-ecb").encrypt
cipher.key = "\x00" * 16
ct = cipher.update(File.read("data.img")) << cipher.final
p ct.bytesize
EOF
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/ssl-check-pkey-private:
ssl: reject keys without private components
ssl: remove unneeded instance variable x509 and key from SSL::SSLSocket
pkey: remove unused things
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenSSL checks if the PKey's public key matches with the certificate,
but does not check that the PKey contains the private components. As a
result, OpenSSL does a NULL dereference while doing SSL/TLS negotiation.
[Bug #8673]
|
| | | |
| | |
| | |
| | |
| | |
| | | |
They are only used to pass two objects across rb_protect(). So just
remove them and use temporary array instead. Since they are not public
attributes, this should be safe.
|
| | | |
| | |
| | |
| | |
| | | |
Make id_private_q local to ossl_pkey.c, and remove unused
DupPrivPKeyPtr() function.
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
* topic/cipher-iv-len:
cipher: allow setting IV length when using AEAD ciphers
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add OpenSSL::Cipher#iv_len=. For interoperability with other
applications, it is sometimes required. Normally 'IV' is fixed-length,
but in OpenSSL, some ciphers such as aes-128-gcm make use of it as
'nonce', which is variable-length.
Changing the IV length in Cipher#iv= is also an option but I decided not
to choose it. Because in Ruby <= 2.3 Cipher#iv= truncates the input when
the length is longer than the current IV length, changing the behavior
might cause unexpected encryption result.
[Bug #8667] [Bug #10420] [GH ruby/ruby#569]
|
| |\ \
| | |
| | | |
Make PKey.read raise PKey::PKeyError rather than ArgumentError
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
PKey.read is a generic method to load an arbitrary PKey structure from a
PEM or DER encoded String. Each PKey classes's constructor also can load
from a String, but the behavior on error is different. While they raises
its own exception (are subclasses of PKey::PKeyError), PKey.read raises
ArgumentError. [Bug #11774]
|
| |\ \
| | |
| | | |
Improve 'Loading a key' section of the documentation
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Show the return values of both PKey::RSA#public? and #private? for each
two .pem files. The current example is not technically incorrect, but
very confusing.
This is based on the reports by Rob Nichols and Brett Goulder.
[Bug #10115] [GH ruby/openssl#52]
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/rdoc-fixes:
Fix RDoc style
Update .gitignore
Add RDoc task to Rakefile
|
| | |/ |
|
| |\ \
| | |
| | |
| | |
| | |
| | | |
* topic/ocsp-basic-verify-bug:
ocsp: add workaround for OCSP_basic_verify() bug
ocsp: refactor tests
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Older versions of OpenSSL have a bug that it doesn't use the
certificates passed to OCSP_basic_verify() for verifying the chain. This
can be a problem when the response is signed by a certificate issued by
an intermediate CA.
root_ca
|
intermediate_ca
|-------------|
end_entity ocsp_signer
When the certificate hierarchy is like this, and the response contains
only ocsp_signer certificate, the following code wrongly fails.
store = OpenSSL::X509::Store.new; store.add_cert(root_ca)
basic_response.verify([intermediate_ca], store)
So duplicate the OCSP_BASICRESP and add the certificates to the embedded
list first.
|
| |/
|
|
|
| |
Add rdoc for OpenSSL::SSL::SSLSocket#sync_close, and mention it in the
example code in the rdoc for OpenSSL namespace. [GH ruby/openssl#11]
|
| |
|
|
|
|
|
| |
* ext/openssl/ossl_ocsp.c: The "reuse" behavior of d2i_ functions does
not work well with OpenSSL 1.0.0t. So avoid it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55538 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Suppress warning on Solaris with Oracle Solaris Studio 12.
[ruby-dev:49692] [Bug #12524]
* ext/digest/md5/md5cc.h: ditto.
* ext/digest/sha1/sha1cc.h: ditto.
* ext/digest/sha1/sha1ossl.h: ditto.
* ext/digest/sha2/sha2cc.h: ditto.
* ext/digest/sha2/sha2ossl.h: ditto.
* ext/openssl/ossl_pkey_rsa.c: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55523 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_ocsp.c: Add OCSP::SingleResponse that represents an
OCSP SingleResponse structure. Also add two new methods #responses
and #find_response to OCSP::BasicResponse. A BasicResponse has one or
more SingleResponse. We have OCSP::BasicResponse#status that returns
them as an array of arrays, each containing the content of a
SingleResponse, but this is not useful. When validating an OCSP
response, we need to look into the each SingleResponse and check their
validity but it is not simple. For example, when validating for a
certificate 'cert', the code would be like:
# certid_target is an OpenSSL::OCSP::CertificateId for cert
basic = res.basic
result = basic.status.any? do |ary|
ary[0].cmp(certid_target) &&
ary[4] <= Time.now && (!ary[5] || Time.now <= ary[5])
end
Adding OCSP::SingleResponse at the same time allows exposing
OCSP_check_validity(). With this, the code above can be rewritten as:
basic = res.basic
single = basic.find_response(certid_target)
result = single.check_validity
* test/openssl/test_ocsp.rb: Test this.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
