| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Similar to 0789643d7333 or 9af69abcec15, EVP_VerifyFinal() may put an
error to the error queue when the verification failed.
|
|
|
|
| |
All usages can be replaced with GetX509ExtPtr().
|
|
|
|
| |
OCSP_CERTID can leak in case OCSP_request_add0_id() fails.
|
|
|
|
| |
X509_REVOKED can leak when X509_CRL_add0_revoked() fails.
|
|
|
|
|
| |
The BIO returned by PKCS7_dataInit() must be free'd using
BIO_free_all().
|
|
|
|
|
| |
ossl_obj2bio() must be called after other functions that may raise.
Also, the variable `x509s` is not free'd when PKCS7_verify() fails.
|
|
|
|
|
| |
It leaks when invalid value is passed as the `cipher` or `pass`
argument.
|
|
|
|
|
| |
ossl_*_ary2sk() function must be called after any other functions that
may raise.
|
|
|
|
| |
X509_REVOKED_add_ext() dups the X509_EXTENSION.
|
|
|
|
|
| |
X509_REQ_add1_attr() dups the X509_ATTRIBUTE given as the argument, so
we don't need to duplicate beforehand.
|
|
|
|
| |
ASN1_OBJECT returned by OBJ_txt2obj() must be free'd.
|
|
|
|
|
|
|
| |
X509_EXTENSION_set_data() dups the ASN1_OCTET_STRING, so we must free
the temporary ASN1_OCTET_STRING object. However we can retrieve the
current ASN1_OCTET_STRING object by X509_EXTENSION_get_data() and modify
it directly.
|
|
|
|
|
| |
X509_EXTENSION_set_object() dups the ASN1_OBJECT passed via the
argument so we need to free.
|
|
|
|
|
|
| |
X509V3_set_nconf() sets the CONF passed via the argument to X509V3_CTX,
but it doesn't free CONF. However we don't actually need it so replace
with a simple Ruby-level attribute.
|
|
|
|
| |
The CONF returned by DupConfigPtr() must be free'd by the caller.
|
|
|
|
|
|
|
| |
Make it follow the convention. Other Get*Ptr() functions return a
pointer to OpenSSL object that the caller doesn't need to free.
Indeed DupConfigPtr() is not the best name (OpenSSL::Config does not
actually wrap a CONF object), but should be better than GetConfigPtr().
|
|
|
|
|
| |
Add a note about GCM mode - warn of the risk of reusing nonce and
authentication tag truncation. [GH ruby/openssl#63]
|
|
|
|
|
|
|
| |
SSL_CTX_set_tmp_ecdh() increments the reference counter of EC_KEY so we
must decrement with EC_KEY_free().
Fixes: fcb9b4a6b5c6 (openssl: add SSLContext#ecdh_curves=)
|
|
|
|
|
| |
Since openssl.so itself doesn't have the funtionality of memory leak
check, there is no point doing it.
|
|
|
|
|
| |
Fixes cad3226a06a1 (openssl: adapt to OpenSSL 1.1.0 opaque structs,
2016-06-05).
|
|
|
|
| |
The input may not be a Fixnum.
|
|
|
|
| |
Their return type was void in ancient versions of OpenSSL but no longer.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSL_write(3ssl) manpage has this in the WARNINGS section:
When calling SSL_write() with num=0 bytes to be sent the
behaviour is undefined.
And indeed, the new test case demonstrates failures when
empty strings are used. So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.
* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
avoid undefined behavior
* test/openssl/test_pair.rb (test_write_zero): new test
[ruby-core:76751] [Bug #12660]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55822 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
| |
A workaround so that the OpenSSL version doesn't affect
ext/openssl/depend generated by Ruby's tool/update-deps script.
|
|
|
|
|
|
|
|
|
|
| |
We currently always pass 20 random bytes generated by RAND_bytes(). It
is fine when generating parameters <= 1024 bits, because OpenSSL
requires a seed with the same length as the prime q, which is 160 bits.
FIPS 186-3 allowed the parameters to be >= 2048 bits. For them, OpenSSL
generates a 256 bits long q. We can pass 32 bytes long random bytes
instead, but the function is able to generate on its own. So just give
NULL.
|
|
|
|
| |
This removes unnecessary @_protocols instance variable.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement initialize_copy for:
- OpenSSL::PKCS12
- OpenSSL::SSL::SSLSession
- OpenSSL::X509::Attribute
- OpenSSL::X509::Extension
- OpenSSL::X509::Name
- OpenSSL::X509::Revoked
Remove initialize_copy from:
- OpenSSL::SSL::SSLContext
- OpenSSL::SSL::SSLSocket
- OpenSSL::Engine
- OpenSSL::X509::Store
- OpenSSL::X509::StoreContext
[Bug #12381]
|
|\
| |
| |
| |
| |
| |
| | |
* topic/ssl-verify-hostname:
ssl: add verify_hostname option to SSLContext
test/test_ssl: avoid SSLContext#set_params where not required
Refactor common verify callback code
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If a client sets this to true and enables SNI with SSLSocket#hostname=,
the hostname verification on the server certificate is performed
automatically during the handshake using
OpenSSL::SSL.verify_certificate_identity().
Currently an user who wants to do the hostname verification needs to
call SSLSocket#post_connection_check explicitly after the TLS connection
is established.
This commit also enables the option in SSLContext::DEFAULT_PARAMS.
Applications using SSLContext#set_params may be affected by this.
[GH ruby/openssl#8]
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There is a function ossl_verify_cb() that fetches the custom callback
Proc from X509_STORE/X509_STORE_CTX and calls it, but it was not very
useful for SSL code. It's only used in ossl_x509store.c and ossl_ssl.c
so move X509::Store specific code to ossl_x509store.c.
Also make struct ossl_verify_cb_args and ossl_call_verify_cb_proc()
local to ossl.c.
|
| | |
|
| |
| |
| |
| | |
Fixes c0548c94e499.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function ossl_cipher_update_long() was added to fix this in r48923
(ossl_cipher.c: workaround of OpenSSL API, 2014-12-23), but it didn't
work well. [Bug #10633]
This can be tested by running:
$ fallocate -l 2G data.img
$ ruby -ropenssl <<EOF
cipher = OpenSSL::Cipher.new("aes-128-ecb").encrypt
cipher.key = "\x00" * 16
ct = cipher.update(File.read("data.img")) << cipher.final
p ct.bytesize
EOF
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/ssl-check-pkey-private:
ssl: reject keys without private components
ssl: remove unneeded instance variable x509 and key from SSL::SSLSocket
pkey: remove unused things
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenSSL checks if the PKey's public key matches with the certificate,
but does not check that the PKey contains the private components. As a
result, OpenSSL does a NULL dereference while doing SSL/TLS negotiation.
[Bug #8673]
|
| | |
| | |
| | |
| | |
| | |
| | | |
They are only used to pass two objects across rb_protect(). So just
remove them and use temporary array instead. Since they are not public
attributes, this should be safe.
|
| | |
| | |
| | |
| | |
| | | |
Make id_private_q local to ossl_pkey.c, and remove unused
DupPrivPKeyPtr() function.
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
* topic/cipher-iv-len:
cipher: allow setting IV length when using AEAD ciphers
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add OpenSSL::Cipher#iv_len=. For interoperability with other
applications, it is sometimes required. Normally 'IV' is fixed-length,
but in OpenSSL, some ciphers such as aes-128-gcm make use of it as
'nonce', which is variable-length.
Changing the IV length in Cipher#iv= is also an option but I decided not
to choose it. Because in Ruby <= 2.3 Cipher#iv= truncates the input when
the length is longer than the current IV length, changing the behavior
might cause unexpected encryption result.
[Bug #8667] [Bug #10420] [GH ruby/ruby#569]
|
|\ \
| | |
| | | |
Make PKey.read raise PKey::PKeyError rather than ArgumentError
|
| |/
| |
| |
| |
| |
| |
| |
| | |
PKey.read is a generic method to load an arbitrary PKey structure from a
PEM or DER encoded String. Each PKey classes's constructor also can load
from a String, but the behavior on error is different. While they raises
its own exception (are subclasses of PKey::PKeyError), PKey.read raises
ArgumentError. [Bug #11774]
|
|\ \
| | |
| | | |
Improve 'Loading a key' section of the documentation
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Show the return values of both PKey::RSA#public? and #private? for each
two .pem files. The current example is not technically incorrect, but
very confusing.
This is based on the reports by Rob Nichols and Brett Goulder.
[Bug #10115] [GH ruby/openssl#52]
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* topic/rdoc-fixes:
Fix RDoc style
Update .gitignore
Add RDoc task to Rakefile
|
| |/ |
|
|\ \
| | |
| | |
| | |
| | |
| | | |
* topic/ocsp-basic-verify-bug:
ocsp: add workaround for OCSP_basic_verify() bug
ocsp: refactor tests
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Older versions of OpenSSL have a bug that it doesn't use the
certificates passed to OCSP_basic_verify() for verifying the chain. This
can be a problem when the response is signed by a certificate issued by
an intermediate CA.
root_ca
|
intermediate_ca
|-------------|
end_entity ocsp_signer
When the certificate hierarchy is like this, and the response contains
only ocsp_signer certificate, the following code wrongly fails.
store = OpenSSL::X509::Store.new; store.add_cert(root_ca)
basic_response.verify([intermediate_ca], store)
So duplicate the OCSP_BASICRESP and add the certificates to the embedded
list first.
|
|/
|
|
|
| |
Add rdoc for OpenSSL::SSL::SSLSocket#sync_close, and mention it in the
example code in the rdoc for OpenSSL namespace. [GH ruby/openssl#11]
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_ocsp.c: The "reuse" behavior of d2i_ functions does
not work well with OpenSSL 1.0.0t. So avoid it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55538 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Suppress warning on Solaris with Oracle Solaris Studio 12.
[ruby-dev:49692] [Bug #12524]
* ext/digest/md5/md5cc.h: ditto.
* ext/digest/sha1/sha1cc.h: ditto.
* ext/digest/sha1/sha1ossl.h: ditto.
* ext/digest/sha2/sha2cc.h: ditto.
* ext/digest/sha2/sha2ossl.h: ditto.
* ext/openssl/ossl_pkey_rsa.c: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55523 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|