| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* maint-3.2:
Fix modular square root test with LibreSSL >= 3.8
pkcs7: raise PKCS7Error for PKCS7 without content in PKCS7.read_smime
pkcs7: raise ArgumentError for PKCS7 with no content in PKCS7.new
cipher: fix buffer overflow in Cipher#update
ssl: allow failure on test_connect_certificate_verify_failed_exception_message
.github/workflows/test.yml: synchronize with master
Only CSR version 1 (encoded as 0) is allowed by PKIX standards
test_asn1.rb: Remove the assertions of the time string format without second.
test/openssl/test_asn1.rb: skip failing tests on LibreSSL 3.6.0
Use EVP_Digest{Sign,Verify} when available
Fix performance regression in do_write(s)
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* maint-3.1:
Fix modular square root test with LibreSSL >= 3.8
pkcs7: raise PKCS7Error for PKCS7 without content in PKCS7.read_smime
pkcs7: raise ArgumentError for PKCS7 with no content in PKCS7.new
cipher: fix buffer overflow in Cipher#update
ssl: allow failure on test_connect_certificate_verify_failed_exception_message
.github/workflows/test.yml: synchronize with master
Only CSR version 1 (encoded as 0) is allowed by PKIX standards
test_asn1.rb: Remove the assertions of the time string format without second.
test/openssl/test_asn1.rb: skip failing tests on LibreSSL 3.6.0
Use EVP_Digest{Sign,Verify} when available
Fix performance regression in do_write(s)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[ This is a backport to the 3.1 branch. ]
If x is a modular square root of a (mod p) then so is (p - x). Both
answers are valid. In particular, both 2 and 3 are valid square roots
of 4 (mod 5). Do not assume that a particular square root is chosen by
the algorithm. Indeed, the algorithm in OpenSSL and LibreSSL <= 3.7
returns a non-deterministic answer in many cases. LibreSSL 3.8 and
later will always return the smaller of the two possible answers. This
breaks the current test case.
Instead of checking for a particular square root, check that the square
of the claimed square root is the given value. This is always true. Add
the simplest test case where the answer is indeed non-deterministic.
(cherry picked from commit 93548ae9597ba40d3f8b564f6a948ce55b432e30)
|
| | | |\
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* maint-3.0:
pkcs7: raise PKCS7Error for PKCS7 without content in PKCS7.read_smime
pkcs7: raise ArgumentError for PKCS7 with no content in PKCS7.new
cipher: fix buffer overflow in Cipher#update
ssl: allow failure on test_connect_certificate_verify_failed_exception_message
.github/workflows/test.yml: synchronize with master
Only CSR version 1 (encoded as 0) is allowed by PKIX standards
test_asn1.rb: Remove the assertions of the time string format without second.
test/openssl/test_asn1.rb: skip failing tests on LibreSSL 3.6.0
Use EVP_Digest{Sign,Verify} when available
Fix performance regression in do_write(s)
|
| | | | |\
| | | | |
| | | | | |
Handle missing content in PKCS7
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
[pkuzco: expanded the fix for other content types]
[ky: adjusted formatting and the exception type]
Co-authored-by: pkuzco <b.naamneh@gmail.com>
Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes [Bug #19974]
[pkuzco: expanded the fix for other content types]
[ky: adjusted formatting and the exception type]
Co-authored-by: pkuzco <b.naamneh@gmail.com>
Co-authored-by: Kazuki Yamaguchi <k@rhe.jp>
|
| | | | |/
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
OpenSSL::Cipher#update currently allocates the output buffer with size
(input data length)+(the block size of the cipher). This is insufficient
for the id-aes{128,192,256}-wrap-pad (AES keywrap with padding) ciphers.
They have a block size of 8 bytes, but the output may be up to 15 bytes
larger than the input.
Use (input data length)+EVP_MAX_BLOCK_LENGTH (== 32) as the output
buffer size, instead. OpenSSL doesn't provide a generic way to tell the
maximum required buffer size for ciphers, but this is large enough for
all algorithms implemented in current versions of OpenSSL.
Fixes: https://bugs.ruby-lang.org/issues/20236
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[ This patch only applies to the 3.0 and 3.1 branch. ]
It is a test case for SSLSocket generating an informative error message
on a certificate verification failure. A change in OpenSSL 3.1 broke it
and a generic error message is currently generated.
This is fixed in the 3.2 branch by commit 5113777e8271, but I decided
not to backport the commit to the 3.0 branch because the diff doesn't
apply cleanly.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[ This is a backport to the 3.0 branch. ]
RFC 2986, section 4.1 only defines version 1 for CSRs. This version
is encoded as a 0. Starting with OpenSSL 3.3, setting the CSR version
to anything but 1 fails.
Do not attempt to generate a CSR with invalid version (which now fails)
and invalidate the CSR in test_sign_and_verify_rsa_sha1 by changing its
subject rather than using an invalid version.
This commit fixes the following error.
```
2) Error: test_version(OpenSSL::TestX509Request): OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `version='
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `issue_csr'
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:43:in
`test_version'
40: req = OpenSSL::X509::Request.new(req.to_der)
41: assert_equal(0, req.version)
42:
=> 43: req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))
44: assert_equal(1, req.version)
45: req = OpenSSL::X509::Request.new(req.to_der)
46: assert_equal(1, req.version)
```
(cherry picked from commit c06fdeb0912221d9a2888369bbf9c10704af021e)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[ This is a backport to the 3.0 branch. ]
This commit fixes the following errors in the tests.
Because the OpenSSL project changed the code to make the time string format
without second invalid. So, we drop the assertions.
```
1) Error: test_generalizedtime(OpenSSL::TestASN1): OpenSSL::ASN1::ASN1Error: generalizedtime is too short
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode_test'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:433:in `test_generalizedtime'
430: OpenSSL::ASN1::GeneralizedTime.new(Time.utc(9999, 9, 8, 23, 43, 39))
431: # LibreSSL 3.6.0 requires the seconds element
432: return if libressl?
=> 433: decode_test B(%w{ 18 0D }) + "201612081934Z".b,
434: OpenSSL::ASN1::GeneralizedTime.new(Time.utc(2016, 12, 8, 19, 34, 0))
435: # not implemented
436: # decode_test B(%w{ 18 13 }) + "20161208193439+0930".b,
2) Error: test_utctime(OpenSSL::TestASN1): OpenSSL::ASN1::ASN1Error: utctime is too short
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode_test'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:411:in `test_utctime'
408: end
409: # Seconds is omitted. LibreSSL 3.6.0 requires it
410: return if libressl?
=> 411: decode_test B(%w{ 17 0B }) + "1609082343Z".b,
412: OpenSSL::ASN1::UTCTime.new(Time.utc(2016, 9, 8, 23, 43, 0))
413: # not implemented
414: # decode_test B(%w{ 17 11 }) + "500908234339+0930".b,
```
(cherry picked from commit 2e826d571546cdc3beaa884f9e522a102d531641)
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[ This is a backport to the 3.0 branch. ]
LibreSSL 3.6.0 expects the seconds part in UTCTime and GeneralizedTime
to be always present. LibreSSL 3.6.0 release note [1] says:
> - The ASN.1 time parser has been refactored and rewritten using CBS.
> It has been made stricter in that it now enforces the rules from
> RFC 5280.
[1] https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txt
(cherry picked from commit bbc540fe83195e2a54cf40fab448cea2afe4df1d)
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Add OpenSSL::Digest.digests to get a list of available digests
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
RFC 2986, section 4.1 only defines version 1 for CSRs. This version
is encoded as a 0. Starting with OpenSSL 3.3, setting the CSR version
to anything but 1 fails.
Do not attempt to generate a CSR with invalid version (which now fails)
and invalidate the CSR in test_sign_and_verify_rsa_sha1 by changing its
subject rather than using an invalid version.
This commit fixes the following error.
```
2) Error: test_version(OpenSSL::TestX509Request): OpenSSL::X509::RequestError:
X509_REQ_set_version: passed invalid argument
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `version='
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:18:in `issue_csr'
/home/runner/work/openssl/openssl/test/openssl/test_x509req.rb:43:in
`test_version'
40: req = OpenSSL::X509::Request.new(req.to_der)
41: assert_equal(0, req.version)
42:
=> 43: req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))
44: assert_equal(1, req.version)
45: req = OpenSSL::X509::Request.new(req.to_der)
46: assert_equal(1, req.version)
```
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We use the following site for that now:
* https://tools.ietf.org/ or http
* https://datatracker.ietf.org or http
Today, IETF said the official site of RFC is www.rfc-editor.org.
FYI: https://authors.ietf.org/en/references-in-rfcxml
I replaced them to www.rfc-editor.org.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Note that I created the `dsa2048.pem` and signature text
(`signature_encoded.txt`), that is used as a text to create the `signature0` in
the `test_sign_verify` by the following steps with the `openssl` CLI on FIPS
module.
```
$ OPENSSL_DIR="${HOME}/.local/openssl-3.3.0-dev-fips-debug-1f03d33ef5"
$ export OPENSSL_CONF="${OPENSSL_DIR}/ssl/openssl_fips.cnf"
$ "${OPENSSL_DIR}/bin/openssl" dsaparam -out dsaparam2048.pem 2048
$ "${OPENSSL_DIR}/bin/openssl" gendsa -out dsa2048.pem dsaparam2048.pem
$ echo -n "Sign me!" > data.txt
$ "${OPENSSL_DIR}/bin/openssl" dgst -sha256 -sign dsa2048.pem data.txt > signature.txt
$ cat signature.txt | base64 > signature_encoded.txt
```
Skip the `test_DSAPrivateKey_encrypted` on FIPS because AES-128-CBC, the
password based encryption used in the PEM format uses MD5 for deriving the
encryption key from the password, and MD5 is not FIPS-approved.
See also the comment on the `test/openssl/utils.rb#omit_on_fips`.
|
| |\ \ \ \
| | | | |
| | | | | |
test_provider.rb: Make a legacy provider test optional.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In some cases such as OpenSSL package in FreeBSD[1], the legacy provider is not
installed intentionally. So, we omit a test depending the legacy provider if the
legacy provider is not loadable.
For the test_openssl_provider_names test, we use base provider[2] instead of
legacy provider, because we would expect the base provider is always loadable
in OpenSSL 3 for now.
* [1] https://www.freshports.org/security/openssl/
* [2] https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 9b7543d58869ae359eb745d7feafbb522ad1fd1e.
The case not providing the legacy provider can happen not only in FreeBSD but
also in other platforms. The fix is addressed in the next commit.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commit fixes the following errors in the tests.
Because the OpenSSL project changed the code to make the time string format
without second invalid. So, we drop the assertions.
```
1) Error: test_generalizedtime(OpenSSL::TestASN1): OpenSSL::ASN1::ASN1Error: generalizedtime is too short
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode_test'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:433:in `test_generalizedtime'
430: OpenSSL::ASN1::GeneralizedTime.new(Time.utc(9999, 9, 8, 23, 43, 39))
431: # LibreSSL 3.6.0 requires the seconds element
432: return if libressl?
=> 433: decode_test B(%w{ 18 0D }) + "201612081934Z".b,
434: OpenSSL::ASN1::GeneralizedTime.new(Time.utc(2016, 12, 8, 19, 34, 0))
435: # not implemented
436: # decode_test B(%w{ 18 13 }) + "20161208193439+0930".b,
2) Error: test_utctime(OpenSSL::TestASN1): OpenSSL::ASN1::ASN1Error: utctime is too short
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:698:in `decode_test'
/home/runner/work/ruby-openssl/ruby-openssl/test/openssl/test_asn1.rb:411:in `test_utctime'
408: end
409: # Seconds is omitted. LibreSSL 3.6.0 requires it
410: return if libressl?
=> 411: decode_test B(%w{ 17 0B }) + "1609082343Z".b,
412: OpenSSL::ASN1::UTCTime.new(Time.utc(2016, 9, 8, 23, 43, 0))
413: # not implemented
414: # decode_test B(%w{ 17 11 }) + "500908234339+0930".b,
```
|
| | | | |
| | | |
| | | |
| | | | |
d95d3484a90a985b971ef4c55762847d92b6c81a
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It failed with recent update of FreeBSD
https://rubyci.s3.amazonaws.com/freebsd13/ruby-master/log/20240207T023002Z.fail.html.gz
|
| |\ \ \ \
| | | | |
| | | | | |
test/openssl/test_ocsp.rb: fix flaky test
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Fixes: https://github.com/ruby/openssl/issues/695
|
| | | | | |
| | | | |
| | | | |
| | | | | |
* Add support for IO#timeout.
|
| |/ / / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We use dh2048_ffdhe2048.pem file (DH 2048 bits) instead of dh1024.pem file in
both non-FIPS and FIPS cases. Because the following command fails to generate
the pem file with 1024 bits. And the OpenSSL FIPS 140-2 security policy
document explains the DH public keys are allowed from 2048 bits.[1]
```
$ OPENSSL_CONF=/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/ssl/openssl_fips.cnf \
/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/bin/openssl \
dhparam -out dh1024.pem 1024
Generating DH parameters, 1024 bit long safe prime
dhparam: Generating DH key parameters failed
```
The dh2048_ffdhe2048.pem file was created by the following command with the
OpenSSL FIPS configuration file. The logic to generate the DH pem file is
different between non-FIPS and FIPS cases. In FIPS, it seems that the command
always returns the text defined as ffdhe2048 in the FFDHE groups in RFC 7919
unlike non-FIPS.[2]
As the generated pem file is a normal and valid PKCS#3-style group parameter, we
use the file for the non-FIPS case too.
```
$ OPENSSL_CONF=/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/ssl/openssl_fips.cnf \
/home/jaruga/.local/openssl-3.3.0-dev-fips-debug-1aa08644ec/bin/openssl \
dhparam -out dh2048_ffdhe2048.pem 2048
```
Note that the hard-coded PEM-encoded string in the `test_DHparams` is
intentional to avoid modifying the content unintentionally.
* [1] https://www.openssl.org/source/ - OpenSSL 3.0.8 FIPS 140-2 security
policy document page 25, Table 10 – Public Keys - DH Public
- DH (2048/3072/4096/6144/8192) public key agreement key
* [2] RFC7919 - Appendix A.1: ffdhe2048
https://www.rfc-editor.org/rfc/rfc7919#appendix-A.1
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Where `assert_match` converts string matcher argument to regexp first
with escaping, `assert_include` does the same thing simpler.
|
| |/ / / |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
* Split the test in the FIPS case as another test.
* test/openssl/utils.rb: Add omit_on_fips and omit_on_non_fips methods.
|
| | | |
| | |
| | |
| | |
| | | |
Run the test with `assert_separately` for the `false` value of the
`OpenSSL.fips_mode` not to affect other tests.
|
| |\ \ \
| | | |
| | | | |
Remove OSSL_DEBUG compile-time option
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Remove the OSSL_DEBUG flag and OpenSSL.mem_check_start which is only
compiled when the flag is given. They are meant purely for development
of Ruby/OpenSSL.
OpenSSL.mem_check_start helped us find memory leak bugs in past, but
it is no longer working with the recent OpenSSL versions. Let's just
remove it now.
|
| |\ \ \ \
| |/ / /
|/| | | |
instead of looking of NIDs and then using X509V3_EXT_nconf_nid,
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
instead of looking of NIDs and then using X509V3_EXT_nconf_nid,
instead just pass strings to X509V3_EXT_nconf, which has all the logic for
processing dealing with generic extensions
also process the oid through ln2nid() to retain compatibility.
[rhe: tweaked commit message and added a test case]
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
OpenSSL::X509::ExtensionFactory#create_ext and #create_extensions
accepts both sn (short names) and ln (long names) for registered OIDs.
This is different from the behavior of the openssl command-line utility
which accepts only sn in openssl.cnf keys.
Add a test case to check this.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The test case test_error_data utilizes the error message generated by
X509V3_EXT_nconf_nid(). The next commit will use X509V3_EXT_nconf(),
which generates a slightly different error message. Let's adapt the
check to it.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
String#unpack1 avoids the intermediate array created by String#unpack
for single elements, while also making a call to Array#first/[0]
unnecessary.
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Check that OpenSSL::PKey::EC.builtin_curves returns an array in the
expected format.
Similarly to OpenSSL::Cipher.ciphers, OpenSSL::PKey::EC.builtin_curves
returns a list of known named curves rather than actually usable ones.
https://github.com/ruby/openssl/issues/671 found that the list may
include unapproved (and thus unusable) curves when the FIPS module is
loaded.
|
| | | |
| | |
| | |
| | |
| | | |
test/lib/core_assertions.rb and its dependencies are now packaged in
the gem test-unit-ruby-core. Let's use it instead.
|
| | | |
| | |
| | |
| | | |
Because we will add a workaround to avoid this issue.
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
rhenium/ky/ssl-connect-verify-error-ssl-error-syscall
ssl: adjust "certificate verify failed" error on SSL_ERROR_SYSCALL
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit fc4629d246f2bc92c8c3e9b4352841ae0e95eecc.
The test case "test_connect_certificate_verify_failed_exception_message"
does want to check the reason behind a certificate verification failure
to be included in the exception message.
|
| |\ \ \ \
| | | | |
| | | | | |
ssl: raise SSLError if loading ca_file or ca_path fails
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When compiled with OpenSSL <= 1.1.1, OpenSSL::SSL::SSLContext#setup
does not raise an exception on an error return from
SSL_CTX_load_verify_locations(), but instead only prints a verbose-mode
warning. This is not helpful since it very likely indicates an actual
error, such as the specified file not being readable.
Also, OpenSSL's error queue is not correctly cleared:
$ ruby -w -ropenssl -e'OpenSSL.debug=true; ctx=OpenSSL::SSL::SSLContext.new; ctx.ca_file="bad-path"; ctx.setup; pp OpenSSL.errors'
-e:1: warning: can't set verify locations
["error:02001002:system library:fopen:No such file or directory",
"error:2006D080:BIO routines:BIO_new_file:no such file",
"error:0B084002:x509 certificate routines:X509_load_cert_crl_file: system lib"]
The behavior is currently different when compiled with OpenSSL >= 3.0:
SSLError is raised if SSL_CTX_load_verify_file() or
SSL_CTX_load_verify_dir() fails.
This inconsistency was unintentionally introduced by commit 5375a55ffc35
("ssl: use SSL_CTX_load_verify_{file,dir}() if available", 2020-02-22).
However, raising SSLError seems more appropriate in this situation.
Let's adjust the OpenSSL <= 1.1.1 code so that it behaves the same way
as the OpenSSL >= 3.0 code currently does.
Fixes: https://github.com/ruby/openssl/issues/649
|
