| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
According to the manpage, the "siglen" parameter must be initialized
beforehand.
|
| |\
| |
| | |
pkey: deprecate PKey::*#set_* and PKey::{DH,EC}#generate_key!
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const
pointer of the low level struct and the following methods can no longer
be provided when linked against OpenSSL 3.0:
- OpenSSL::PKey::RSA#set_key
- OpenSSL::PKey::RSA#set_factors
- OpenSSL::PKey::RSA#set_crt_params
- OpenSSL::PKey::DSA#set_pqg
- OpenSSL::PKey::DSA#set_key
- OpenSSL::PKey::DH#set_pqg
- OpenSSL::PKey::DH#set_key
- OpenSSL::PKey::EC#group=
- OpenSSL::PKey::EC#private_key=
- OpenSSL::PKey::EC#public_key=
There is no direct replacement for this functionality at the moment.
I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes
all key components at once to construct an EVP_PKEY.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL::PKey::EC#generate_key! will not work on OpenSSL 3.0 because
keys are made immutable. Users should use OpenSSL::PKey.generate_key
instead.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL::PKey::DH#generate_key! will not work on OpenSSL 3.0 because
keys are made immutable. Users should use OpenSSL::PKey.generate_key
instead.
|
| |\ \
| | |
| | | |
pkey: allocate EVP_PKEY on #initialize
|
| | | |
| | |
| | |
| | |
| | | |
We can use it to implement OpenSSL::PKey::PKey#initialize_copy. This
should work on all key types, not just DH/DSA/EC/RSA types.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Allocate an EVP_PKEY when the content is ready: when #initialize
or #initialize_copy is called, rather than when a T_DATA is allocated.
This is more natural because the lower level API has been deprecated
and an EVP_PKEY is becoming the minimum unit of handling keys.
|
| | |/
| |
| |
| |
| | |
Passing NULL to ossl_pkey_new() makes no sense in the first place, and
in fact it is ensured not to be NULL in all cases.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 3.0 has rewritten routines to load pkeys (PEM_read_bio_* and
d2i_* functions) around the newly introduced OSSL_DECODER API.
This comes with a slight behavior change. They now decrypt and parse
each encountered PEM block, then check the kind of the block. This used
to be the reverse: they checked the PEM header to see the kind, and then
decrypted the content. This means that the password callback may now be
called repeatedly.
Let's use the OSSL_DECODER API directly on OpenSSL 3.0 so that the
return value from the password callback will be reused automatically.
|
| | |
|
| |\
| |
| | |
ssl: disallow reading/writing to unstarted SSL socket
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OpenSSL::SSL::SSLSocket allowed #read and #write to be called before an
SSL/TLS handshake is completed. They passed unencrypted data to the
underlying socket.
This behavior is very odd to have in this library. A verbose mode
warning "SSL session is not started yet" was emitted whenever this
happened. It also didn't behave well with OpenSSL::Buffering. Let's
just get rid of it.
Fixes: https://github.com/ruby/openssl/issues/9
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add docs for X509::Name.parse_openssl and X509::Name.parse_rfc2253,
which are currently undocumented despite being widely used.
Small changes are also made to #to_s and the class description to
recommend using RFC 2253-based methods.
Fixes: https://github.com/ruby/openssl/issues/470
|
| | |
| |
| |
| |
| | |
Now that BN.pseudo_rand{,_range} are alias, those macros are only used
once. Let's expand the macros for better readability.
|
| | |
| |
| |
| |
| |
| | |
BN_pseudo_rand() and BN_pseudo_rand_range() are deprecated in
OpenSSL 3.0. Since they are identical to their non-'pseudo' version
anyway, let's make them alias.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 renamed EVP_PKEY_cmp() to EVP_PKEY_eq() because that was a
confusing name.
|
| | |
| |
| |
| |
| |
| |
| | |
EC_GROUP_clear_free() is deprecated in OpenSSL 3.0.
EC_GROUP does not include any sensitive data, so we can safely use
EC_GROUP_free() instead.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
It converts the internal representation of the point object to the
affine coordinate system. However, it had no real use case because the
difference in the internal representation has not been visible from
Ruby/OpenSSL at all.
EC_POINT_make_affine() is marked as deprecated in OpenSSL 3.0.
|
| | |
| |
| |
| |
| |
| | |
OpenSSL 3.0 renamed EVP_MD_CTX_pkey_ctx() to include "get" in the
function name. Adjust compatibility macro so that we can use the new
function name for all OpenSSL 1.0.2-3.0.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function was renamed in OpenSSL 3.0 due to the change of the
lifetime of EVP_MD objects. They are no longer necessarily statically
allocated and can be reference-counted -- when an EVP_MD_CTX is free'd,
the associated EVP_MD can also become inaccessible.
Currently Ruby/OpenSSL only handles builtin algorithms, so no special
handling is needed except for adapting to the rename.
|
| | |
| |
| |
| |
| | |
In OpenSSL 3.0, BN_is_prime_ex() and BN_is_prime_fasttest_ex() are
deprecated in favor of BN_check_prime().
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Use SSL_get_rbio() instead of SSL_get_fd(). SSL_get_fd() internally
calls SSL_get_rbio() and it's enough for our purpose.
In OpenSSL 3.0, SSL_get_fd() leaves an entry in the OpenSSL error queue
if BIO has not been set up yet, and we would have to clean it up.
|
| | |
| |
| |
| |
| | |
SSL_CTX_load_verify_locations() is deprecated in OpenSSL 3.0 and
replaced with those two separate functions. Use them if they exist.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 fixed the typo in the function name and replaced the
current 'CTS' version with a macro.
|
| | |
| |
| |
| |
| | |
OpenSSL 3.0 deprecated ERR_get_error_line_data() in favor of
ERR_get_error_all(), as part of the error queue structure changes.
|
| |/
|
|
|
|
|
|
| |
Add following convenient macros:
- OSSL_IS_LIBRESSL
- OSSL_OPENSSL_PREREQ(maj, min, pat)
- OSSL_LIBRESSL_PREREQ(maj, min, pat)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSLSocket#connect eventually calls `GetOpenFile` in order to get the
underlying file descriptor for the IO object passed in on
initialization. `GetOpenFile` assumes that the Ruby object passed in is
a T_FILE object and just casts it to a T_FILE without any checks. If
you pass an object that *isn't* a T_FILE to that function, the program
will segv.
Since we assume the IO object is a file in the `connect` method, this
commit adds a `CheckType` in the initialize method to ensure that the IO
object is actually a T_FILE. If the object *isn't* a T_FILE, this class
will segv on `connect`, so I think this is a backwards compatible
change.
|
| |
|
|
|
|
|
|
| |
Drop support for Ruby 2.3, 2.4, and 2.5.
As of 2021-10, Ruby 2.6 is the oldest version that still receives
security fixes from the Ruby core team, so it doesn't make much sense
to keep code for those ancient versions.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint-2.2: (43 commits)
Ruby/OpenSSL 2.2.1
openssl is ractor-safe
Fixed the results of OpenSSL::Timestamp::Response#failure_info
Don't redefine #rb_intern over and over again
Use rb_intern_const instead of rb_intern in Init functions
Remove trailing spaces [ci skip]
test/openssl/test_ssl: use TLS 1.2 for finished_messages on LibreSSL
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
fix segv in Timestamp::{Request,Response,TokenInfo}.new
ts: libressl build fix warning
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
...
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
ossl_bn_ctx is C's global variable and it should be ractor-local
to make it ractor-safe.
ruby/ruby@b5588edc0a538de840c79e0bbc9d271ba0c5a711
(cherry picked from commit 9e7cf9e930cb986a04e312cb576814254dff13be and
commit f2db943e8f19d4fa7bf871b9914dd9b92a5fbe6f)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
Made stored values `Symbol`s instead of `ID`s.
Fixes https://bugs.ruby-lang.org/issues/17625
Co-Authored-By: xtkoba (Tee KOBAYASHI) <xtkoba+ruby@gmail.com>
(cherry picked from commit f2d004679a62408a89d7304b229c24e789b94776)
|
| | |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
(cherry picked from commit 03304838c931d9600617241909974df5ef58d06b)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ This is a backport to the 2.2 branch. ]
```
find . -name \*.o -exec nm {} + |&
sed '/Init_.*\.rbimpl_id/!d;s/^.* b //;s/\.[1-9][0-9]*$//;s/\.rbimpl_id$//' |
uniq
```
should be empty.
(cherry picked from commit 9e4d4704e65bccd3cedeb9a07c9101f3c2eb02e9)
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* maint-2.1:
Ruby/OpenSSL 2.1.3
ssl: avoid directly storing String object in NPN callback
x509store: explicitly call rb_gc_mark() against Store/StoreContext
ssl: explicitly call rb_gc_mark() against SSLContext/SSLSocket objects
digest: load digest library using Kernel#require
pkey: use RSTRING_LENINT() instead of casting to int
ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3
.github/workflows: update OpenSSL/LibreSSL versions
test: adjust test cases for LibreSSL 3.2.4
ssl: temporary lock string buffer while reading
ssl: create a temporary frozen string buffer when writing
Use rb_block_call() instead of the deprecated rb_iterate() in OpenSSL
|
| | | | |
|
| | | |\
| | | |
| | | | |
Fix GC.compact compatibility
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
On the server side, the serialized list of protocols is stored in
SSL_CTX as a String object reference. We utilize a hidden instance
variable to prevent it from being GC'ed, but this is not enough because
it can also be relocated by GC.compact.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We store the reverse reference to the Ruby object in the OpenSSL
struct for use from OpenSSL callback functions. To prevent the Ruby
object from being relocated by GC.compact, we must "pin" it by calling
rb_gc_mark().
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We store the reverse reference to the Ruby object in the OpenSSL
struct for use from OpenSSL callback functions. To prevent the Ruby
object from being relocated by GC.compact, we must "pin" it by calling
rb_gc_mark().
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The digest library is a default gem now, too. Therefore we can't simply
use rb_require() to load it, but we should use Kernel#require instead.
This change is based on the suggestion by David Rodríguez in
https://github.com/ruby/digest/commit/16172612d56ac42f57e5788465791329303ac5d0#commitcomment-57778397
|
| | | |\
| | | |
| | | | |
pkey: use RSTRING_LENINT() instead of casting to int
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
RSTRING_LENINT() checks the range of int and raises an exception as
necessary. OpenSSL::PKey::EC#dsa_verify_asn1 currently does not do this,
and giving a too big string to it can trigger a surprising behavior:
ec.dsa_verify_asn1(digest, signature) #=> true
ec.dsa_verify_asn1(digest, signature + "x" * 2**32) #=> true
Reference: https://hackerone.com/reports/1246050
|
| | | |\ \
| | | |/
| | |/| |
ssl: prevent string buffers from being modified outside #sys{read,write}
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Similarly to SSLSocket#syswrite, the blocking SSLSocket#sysread allows
context switches. We must prevent other threads from modifying the
string buffer.
We can use rb_str_locktmp() and rb_str_unlocktmp() to temporarily
prohibit modification of the string.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since a blocking SSLSocket#syswrite call allows context switches while
waiting for the underlying socket to be ready, we must freeze the string
buffer to prevent other threads from modifying it.
Reference: https://github.com/ruby/openssl/issues/452
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[ This is a backport to the 2.1 branch. ]
* See https://bugs.ruby-lang.org/issues/18025
and https://github.com/ruby/ruby/pull/4629
(cherry picked from commit b8e4852dcc7cd4b954556001b2bfb1d01b802d0a)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ruby/OpenSSL 2.1.x and 2.2.x will not support OpenSSL 3.0 API. Let's
make extconf.rb explicitly check the version number to be within the
acceptable range, since it will not compile anyway.
Reference: https://bugs.ruby-lang.org/issues/18192
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | | |
This is a backport to the 2.1 branch of the following commits:
- a0e98d48c91f ("Enhance TLS 1.3 support on LibreSSL 3.2/3.3", 2020-12-03)
- a9954bac22ba ("test: adjust test cases for LibreSSL 3.2.4", 2021-02-25)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is a combined commit of the following commits by mame and nobu:
- 0d7d8b2989e1 ("ext/openssl/extconf.rb: do not use -Werror=deprecated-declarations", 2019-12-05)
- c3abbc1b2f52 ("ext/openssl/extconf.rb: check with -Werror=deprecated-declarations", 2019-12-05)
-Werror=deprecated-declarations should only be used while checking
available features, and not for compiling the extension itself.
This is a backport to the 2.1 branch from ruby.git. Note that current
master (targeting 3.0) completely removed ext/openssl/deprecation.rb.
|
