| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
They are no longer receiving security updates from the OpenSSL
development team since 2015-12.
We have kept basic compatibility until now because RHEL 5 still uses an
(heavily modified) OpenSSL 0.9.8e. The RHEL 5 will reach EOL on 2017-03,
thus it is now safe to assume nobody is still using such old versions of
OpenSSL.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix 'unsupported key type' error if OpenSSL::SSL::SSLSocket#tmp_key is
called when X25519 is used for key exchange.
EVP_PKEY may have a key type that we don't have have a dedicated
subclass. Let's allow instantiating OpenSSL::PKey::PKey with such an
EVP_PKEY, although the resulting instance is not so useful because it
can't be exported at the moment.
|
|
|
|
|
|
|
|
| |
Restore the old behavior of OpenSSL::SSL::Session#==.
SSL_SESSION_get_protocol_version() was missing in OpenSSL master at the
time r55287 (cad3226a06a1, "openssl: adapt to OpenSSL 1.1.0 opaque
structs", 2016-06-05).
|
|
|
|
|
| |
To avoid symbol conflict that would occur if two versions of OpenSSL are
loaded at the same time.
|
|
|
|
|
|
|
| |
SSL_CTX_clear_options() first appeared in OpenSSL 0.9.8m. Add
alternative macro definition for ancient versions of OpenSSL.
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/78693
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| | |
* ruby-trunk r56927..r56953: (3 commits)
(r56953) openssl: import fixes from upstream
(r56948) ossl.c: cast
(r56946) openssl: import v2.0.0
Sync-with-trunk: r56953
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Import the following two commits from upstream:
commit 72126d6c8b88abd69c3565fc3bbbd5ed1e401611
Author: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu Dec 1 22:27:03 2016 +0900
pkey: check existence of EVP_PKEY_get0()
EVP_PKEY_get0() did not exist in early OpenSSL 0.9.8 series. So define
ourselves if needed.
commit 94a1c4e0c5705ad1e9a4ca08cacaa6cba8b1e6f5
Author: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu Dec 1 22:13:22 2016 +0900
test/test_cipher: fix test with OpenSSL 1.0.1 before 1.0.1d
Set the authentication tag before the AAD when decrypting.
Before OpenSSL commit 96f7fafa2431 ("Don't require tag before ciphertext
in AESGCM mode", 2012-10-16, at OpenSSL_1_0_1-stable branch, included in
OpenSSL 1.0.1d), the authentication tag must be set before any calls of
EVP_CipherUpdate().
They should fix build on CentOS 5 and Ubuntu 12.04 respectively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56953 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
| |
| |
| |
| |
| |
| | |
* ext/openssl/ossl.c (ossl_pem_passwd_cb): cast to int. it's safe
because len does not exceed int max_len.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56948 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|\ \
| | |
| | | |
asn1: handle GENERALIZEDTIME without seconds
|
| | | |
|
| |/ |
|
|\ \
| | |
| | | |
Fix a typo in ossl_engine.c
|
| |/ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
SSLContext#setup encodes the protocol list set in @npn_protocols into a
String. The String is passed to SSL_CTX_set_next_protos_advertised_cb()
and OpenSSL invokes the callback function with the String. However since
Ruby's GC can't find the reference to the String from the inside of
OpenSSL, it can be free'd before the callback is invoked. So store the
String in an instance variable to prevent this.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GetBNPtr() accepts both OpenSSL::BN and Ruby integers. In the latter
case, it creates a temporary OpenSSL::BN internally. The OpenSSL::BN
object immediately disappears from the stack and is not protected from
GC.
Fixes: https://github.com/ruby/openssl/issues/87
|
|/
|
|
|
| |
EVP_PKEY_get0() did not exist in early OpenSSL 0.9.8 series. So define
ourselves if needed.
|
|
|
|
|
|
|
|
| |
Remove the comment added by commit 072d53ecf984 ("ssl: workaround for
new behavior of SSL_read() in OpenSSL >= 1.1.0c"). The breaking change
in OpenSSL 1.1.0c has been reverted in the 1.1.0 branch. However, for
the sake of safety, ensure that we never call rb_sys_fail() with
errno == 0. So there is no change in the actual code.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSLSocket#setup uses the frozen state as "SSL_CTX is already set up".
If an user manually freeze the context, it misunderstands as if #setup
is already called, leading to unexpected behaviors because parameters
the user set won't be actually set to the underlying SSL_CTX and thus
ignored.
Ideally, #setup should go and be replaced with setters. But we don't
do this now because it is not that simple: some of them would produce
new ordering issues, e.g. 'ca_file' property which loads a file into
SSL_CTX::cert_store and 'cert_store' which replaces SSL_CTX::cert_store
would conflict. Fixing this properly would require deprecating 'ca_file'
first.
So, let's take the second best way: make it "just work" instead of
break silently.
Fixes: https://github.com/ruby/openssl/issues/85
|
|
|
|
|
|
|
|
|
|
|
| |
rb_ary_new_from_args() is called from non-protected callback function
which will be directly called from OpenSSL. It may raise NoMemoryError
and may corrupt the internal state of SSL object. So, avoid creating
Array here and pass raw values to the protected function instead.
The same change has been applied to ALPN/NPN selection callbacks in
3a926047a729 ("ssl: catch exceptions raised in ALPN/NPN callbacks",
2016-08-30).
|
|
|
|
|
|
|
|
| |
We call SSL_shutdown() four times at most meaninglessly. Since the
underlying socket is in non-blocking mode, if the first call failed
because the underlying socket is not write/readable, the subsequent
calls would just fail with the same error. Just call once, and give up
if it fails.
|
|
|
|
|
|
| |
This prevents users from allocating OpenSSL::Engine instance using
OpenSSL::Engine.allocate. Undef'ing alloc function also allows us to
remove explicit undef of OpenSSL::Engine.new and #initialize_copy.
|
|
|
|
|
| |
Don't blindy assume that the value which can be modified from Ruby code
is always an Array, and just call its #each method.
|
|
|
|
|
|
| |
Delay allocation of EVP_MD_CTX until #initialize or #initialize_copy is
called. This fixes segfault that can occur if OpenSSL::Digest#name is
called before the actual initialization.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 4880672a9b41 of OpenSSL[1] (which then was backported to 1.1.0
branch at 122580ef71e4) changed the bahavior of SSL_read(): it now
returns -1 in the case the underlying BIO reaches EOF unexpectedly. This
means, it is possible that rb_sys_fail() is called with errno == 0,
resulting in [BUG].
So, as a workaround, let's distinguish IO error from the underlying BIO
and EOF in violation of SSL/TLS protocol with the value of errno.
[1] https://git.openssl.org/?p=openssl.git;a=commit;h=4880672a9b41a09a0984b55e219f02a2de7ab75e
|
|\
| |
| |
| |
| | |
* topic/asn1-fix-oob-read-constructed:
asn1: fix out-of-bounds read in decoding constructed objects
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenSSL::ASN1.{decode,decode_all,traverse} have a bug of out-of-bounds
read. int_ossl_asn1_decode0_cons() does not give the correct available
length to ossl_asn1_decode() when decoding the inner components of a
constructed object. This can cause out-of-bounds read if a crafted input
given.
Reference: https://hackerone.com/reports/170316
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
* ruby-trunk r56225..r56492: (1 commits)
(r56492) [DOC] replace Fixnum with Integer [ci skip]
Sync-with-trunk: r56492
|
| |/
| |
| |
| |
| |
| | |
* numeric.c: [DOC] update document for Integer class.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56492 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
| |
| |
| |
| | |
Accordingly, unused functions ossl_x509stctx_new() and
ossl_x509stctx_clear_ptr() are now removed.
|
| |
| |
| |
| |
| | |
It defines the platform specific macros. But it should be included from
other OpenSSL headers.
|
| |
| |
| |
| |
| | |
And also remove alternative declaration of struct timeval. We don't
actually use struct timeval nor struct timespec anymore since r4660.
|
| |
| |
| |
| |
| | |
The Ruby core code uses assert.h without a guard. So, we can assume it
is always available.
|
| |
| |
| |
| |
| |
| |
| | |
As the comment suggests, ossl_ssl.c used to call read() and write() in
the past. However r6806 replaced them with method calls for the
underlying IO object. Anyway, unistd.h will be included by Ruby's
header files if available.
|
| |
| |
| |
| | |
It should be usable regardless of the platform.
|
| |
| |
| |
| |
| |
| |
| | |
Use ERR_peek_error() which does not remove the fetched error from the
queue instead, then clear the queue explicitly with the dedicated
function ossl_clear_error(). OpenSSL may put multiple error items to the
queue in one function call.
|
| |
| |
| |
| |
| |
| |
| | |
Avoid using ossl_exc_new() and rb_exc_raise() but just use ossl_raise().
This simplifies the code with the exactly same effect.
ossl_exc_new() is now removed as it is no longer used anywhere.
|
| |
| |
| |
| |
| |
| | |
The macro RFILE is defined in e_os.h, that is no longer an exported
header in OpenSSL >= 0.9.7. Since OpenSSL < 0.9.8 is not supported, we
can safely remove this.
|
| |
| |
| |
| |
| | |
Remove unnecessary macros defined for compatibility with Ruby < 1.9. We
won't support Ruby versions before 2.3.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Avoid RSTRING_LENINT() which may raise RangeError.
Since ossl_pem_passwd_cb() is supposed to be called from OpenSSL as a
callback, we must not do longjmp from it.
|
| |
| |
| |
| |
| |
| |
| | |
When a too long password is given as the PEM password, an exception with
the message "password must be shorter than 1024 bytes" is raised. But
this is not really accurate. The effective password actually can be up
to PEM_BUFSIZE (== 1024) bytes long.
|
| |
| |
| |
| |
| |
| | |
Print more error data in ossl_clear_error(). OpenSSL's error queue item
can additionally have an associated data. The data may contain helpful
information for debugging.
|
| |
| |
| |
| |
| |
| | |
The ownership of the EVP_PKEY object given as the argument is moved to
ossl_pkey_new(). So, the function must not raise an exception without
freeing it on failure.
|
| |
| |
| |
| |
| |
| | |
The function was added by e10f4de2aeec ("for compatibility with old
SSLSocket", 2001-11-16) and is no longer used since 902312feaae7
(2002-12-22).
|
| |
| |
| |
| |
| |
| | |
Fix a possible memory leak that happens when the given signature is too
long for int. Check that the signature length can be represented in int
before allocating EVP_MD_CTX.
|
| |
| |
| |
| | |
SSL_SESSION_get_{time,timeout}() return long, not time_t.
|
| |
| |
| |
| |
| |
| |
| | |
We are currently not checking the return value of EVP_{Sign,Verify}*()
functions, but of course, this is a bad habit. So do check. Calls for
EVP_{Sign,Verify}Init() are replaced by *_ex() functions as they does
not return error but just ignore.
|